Aditor utworzono 30 września 2014 utworzono 30 września 2014 Od około dwóch dni mam problem z jakimś softem który miesza mi w google chrome. Na początku usuną mi między innymi adblocka, teraz przekierowuje na strone "antywirusa" yac. Logi: OTL: Extras: [spoiler] Logfile of random's system information tool 1.10 (written by random/random) Run by Adrian at 2014-09-30 21:54:29 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 113 GB (72%) free of 157 GB Total RAM: 4061 MB (20% free) ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-09-30 457712] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-04-17 767200] "CanonSolutionMenuEx"=C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [2010-04-02 1185112] "AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-09-30 4086432] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "GoogleChromeAutoLaunch_257F9E5159429344AA5489535C1FAD3E"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2014-09-23 852808] "Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-08-27 22041192] "ManyCam"=C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe [2013-06-21 5396304] "screenSHU"=C:\Program Files (x86)\screenSHU\screenSHU.exe [2013-09-04 2112000] "Spotify Web Helper"=C:\Users\Adrian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-09-19 1245752] "Spotify"=C:\Users\Adrian\AppData\Roaming\Spotify\spotify.exe [2014-09-19 6342200] "uTorrent"=C:\Users\Adrian\AppData\Roaming\uTorrent\uTorrent.exe [2014-09-25 1943376] C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Dropbox.lnk - C:\Users\Adrian\AppData\Roaming\Dropbox\bin\Dropbox.exe [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvyu"=msyuv.dll "vidc.iyuv"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "vidc.yvu9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm "vidc.cvid"=iccvid.dll "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "aux2"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv "aux3"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-09-30 21:54:29 ----D---- C:\rsit 2014-09-30 21:54:29 ----D---- C:\Program Files (x86)\trend micro 2014-09-30 21:27:02 ----D---- C:\Users\Adrian\AppData\Roaming\AVAST Software 2014-09-30 21:25:20 ----A---- C:\Windows\avastSS.scr 2014-09-30 21:21:33 ----D---- C:\ProgramData\AVAST Software 2014-09-29 22:30:05 ----D---- C:\ProgramData\Trusted Publisher 2014-09-29 22:29:56 ----D---- C:\Program Files (x86)\GS_Booster 2014-09-29 22:29:38 ----D---- C:\ProgramData\GoSaovE 2014-09-29 22:29:36 ----D---- C:\Program Files (x86)\GoSaovE 2014-09-29 14:16:02 ----D---- C:\ProgramData\873995a108fd12ab 2014-09-29 14:15:49 ----D---- C:\ProgramData\ProShoppper 2014-09-28 21:23:14 ----D---- C:\ProgramData\Performance Optimizer 2014-09-25 14:39:28 ----D---- C:\Users\Adrian\AppData\Roaming\uTorrent 2014-09-21 20:39:33 ----D---- C:\Program Files (x86)\SopCast 2014-09-19 15:56:44 ----D---- C:\Users\Adrian\AppData\Roaming\OBS 2014-09-19 15:56:40 ----D---- C:\Program Files (x86)\OBS 2014-09-19 15:54:13 ----A---- C:\Windows\SysWOW64\XAudio2_7.dll 2014-09-19 15:54:13 ----A---- C:\Windows\SysWOW64\XAPOFX1_5.dll 2014-09-19 15:54:13 ----A---- C:\Windows\SysWOW64\xactengine3_7.dll 2014-09-19 15:54:13 ----A---- C:\Windows\SysWOW64\D3DCompiler_43.dll 2014-09-19 15:54:12 ----A---- C:\Windows\SysWOW64\d3dx11_43.dll 2014-09-19 15:54:12 ----A---- C:\Windows\SysWOW64\d3dcsx_43.dll 2014-09-19 15:54:11 ----A---- C:\Windows\SysWOW64\XAudio2_6.dll 2014-09-19 15:54:11 ----A---- C:\Windows\SysWOW64\XAPOFX1_4.dll 2014-09-19 15:54:11 ----A---- C:\Windows\SysWOW64\D3DX9_43.dll 2014-09-19 15:54:11 ----A---- C:\Windows\SysWOW64\d3dx10_43.dll 2014-09-19 15:54:10 ----A---- C:\Windows\SysWOW64\xactengine3_6.dll 2014-09-19 15:54:10 ----A---- C:\Windows\SysWOW64\X3DAudio1_7.dll 2014-09-19 15:54:08 ----A---- C:\Windows\SysWOW64\XAudio2_5.dll 2014-09-19 15:54:07 ----A---- C:\Windows\SysWOW64\xactengine3_5.dll 2014-09-19 15:54:07 ----A---- C:\Windows\SysWOW64\D3DCompiler_42.dll 2014-09-19 15:54:06 ----A---- C:\Windows\SysWOW64\d3dx11_42.dll 2014-09-19 15:54:06 ----A---- C:\Windows\SysWOW64\d3dx10_42.dll 2014-09-19 15:54:06 ----A---- C:\Windows\SysWOW64\d3dcsx_42.dll 2014-09-19 15:54:05 ----A---- C:\Windows\SysWOW64\D3DX9_42.dll 2014-09-19 15:54:05 ----A---- C:\Windows\SysWOW64\D3DX9_41.dll 2014-09-19 15:54:05 ----A---- C:\Windows\SysWOW64\d3dx10_41.dll 2014-09-19 15:54:05 ----A---- C:\Windows\SysWOW64\D3DCompiler_41.dll 2014-09-19 15:54:04 ----A---- C:\Windows\SysWOW64\XAudio2_4.dll 2014-09-19 15:54:04 ----A---- C:\Windows\SysWOW64\XAPOFX1_3.dll 2014-09-19 15:54:04 ----A---- C:\Windows\SysWOW64\xactengine3_4.dll 2014-09-19 15:54:03 ----A---- C:\Windows\SysWOW64\X3DAudio1_6.dll 2014-09-19 15:54:03 ----A---- C:\Windows\SysWOW64\D3DX9_40.dll 2014-09-19 15:54:03 ----A---- C:\Windows\SysWOW64\d3dx10_40.dll 2014-09-19 15:54:03 ----A---- C:\Windows\SysWOW64\D3DCompiler_40.dll 2014-09-19 15:54:01 ----A---- C:\Windows\SysWOW64\XAudio2_3.dll 2014-09-19 15:54:01 ----A---- C:\Windows\SysWOW64\XAPOFX1_2.dll 2014-09-19 15:54:01 ----A---- C:\Windows\SysWOW64\xactengine3_3.dll 2014-09-19 15:54:01 ----A---- C:\Windows\SysWOW64\X3DAudio1_5.dll 2014-09-19 15:54:00 ----A---- C:\Windows\SysWOW64\XAPOFX1_1.dll 2014-09-19 15:53:59 ----A---- C:\Windows\SysWOW64\XAudio2_2.dll 2014-09-19 15:53:59 ----A---- C:\Windows\SysWOW64\xactengine3_2.dll 2014-09-19 15:53:59 ----A---- C:\Windows\SysWOW64\D3DX9_39.dll 2014-09-19 15:53:59 ----A---- C:\Windows\SysWOW64\d3dx10_39.dll 2014-09-19 15:53:59 ----A---- C:\Windows\SysWOW64\D3DCompiler_39.dll 2014-09-19 15:53:57 ----A---- C:\Windows\SysWOW64\XAudio2_1.dll 2014-09-19 15:53:57 ----A---- C:\Windows\SysWOW64\XAPOFX1_0.dll 2014-09-19 15:53:57 ----A---- C:\Windows\SysWOW64\xactengine3_1.dll 2014-09-19 15:53:57 ----A---- C:\Windows\SysWOW64\X3DAudio1_4.dll 2014-09-19 15:53:56 ----A---- C:\Windows\SysWOW64\d3dx10_38.dll 2014-09-19 15:53:56 ----A---- C:\Windows\SysWOW64\D3DCompiler_38.dll 2014-09-19 15:53:55 ----A---- C:\Windows\SysWOW64\XAudio2_0.dll 2014-09-19 15:53:55 ----A---- C:\Windows\SysWOW64\D3DX9_38.dll 2014-09-19 15:53:53 ----A---- C:\Windows\SysWOW64\xactengine3_0.dll 2014-09-19 15:53:53 ----A---- C:\Windows\SysWOW64\X3DAudio1_3.dll 2014-09-19 15:53:53 ----A---- C:\Windows\SysWOW64\D3DX9_37.dll 2014-09-19 15:53:53 ----A---- C:\Windows\SysWOW64\d3dx10_37.dll 2014-09-19 15:53:53 ----A---- C:\Windows\SysWOW64\D3DCompiler_37.dll 2014-09-19 15:53:51 ----A---- C:\Windows\SysWOW64\xactengine2_10.dll 2014-09-19 15:53:51 ----A---- C:\Windows\SysWOW64\d3dx10_36.dll 2014-09-19 15:53:51 ----A---- C:\Windows\SysWOW64\D3DCompiler_36.dll 2014-09-19 15:53:50 ----A---- C:\Windows\SysWOW64\xactengine2_9.dll 2014-09-19 15:53:50 ----A---- C:\Windows\SysWOW64\d3dx9_36.dll 2014-09-19 15:53:50 ----A---- C:\Windows\SysWOW64\d3dx9_35.dll 2014-09-19 15:53:50 ----A---- C:\Windows\SysWOW64\d3dx10_35.dll 2014-09-19 15:53:50 ----A---- C:\Windows\SysWOW64\D3DCompiler_35.dll 2014-09-19 15:53:49 ----A---- C:\Windows\SysWOW64\xinput1_3.dll 2014-09-19 15:53:49 ----A---- C:\Windows\SysWOW64\xactengine2_8.dll 2014-09-19 15:53:49 ----A---- C:\Windows\SysWOW64\X3DAudio1_2.dll 2014-09-19 15:53:49 ----A---- C:\Windows\SysWOW64\d3dx9_34.dll 2014-09-19 15:53:49 ----A---- C:\Windows\SysWOW64\d3dx10_34.dll 2014-09-19 15:53:49 ----A---- C:\Windows\SysWOW64\D3DCompiler_34.dll 2014-09-19 15:53:48 ----A---- C:\Windows\SysWOW64\xactengine2_7.dll 2014-09-19 15:53:48 ----A---- C:\Windows\SysWOW64\d3dx9_33.dll 2014-09-19 15:53:48 ----A---- C:\Windows\SysWOW64\d3dx10_33.dll 2014-09-19 15:53:48 ----A---- C:\Windows\SysWOW64\D3DCompiler_33.dll 2014-09-19 15:53:46 ----A---- C:\Windows\SysWOW64\xactengine2_6.dll 2014-09-19 15:53:45 ----A---- C:\Windows\SysWOW64\xactengine2_5.dll 2014-09-19 15:53:45 ----A---- C:\Windows\SysWOW64\d3dx9_32.dll 2014-09-19 15:53:45 ----A---- C:\Windows\SysWOW64\d3dx10.dll 2014-09-19 15:53:44 ----A---- C:\Windows\SysWOW64\xinput1_2.dll 2014-09-19 15:53:44 ----A---- C:\Windows\SysWOW64\xinput1_1.dll 2014-09-19 15:53:44 ----A---- C:\Windows\SysWOW64\xactengine2_4.dll 2014-09-19 15:53:44 ----A---- C:\Windows\SysWOW64\xactengine2_3.dll 2014-09-19 15:53:44 ----A---- C:\Windows\SysWOW64\xactengine2_2.dll 2014-09-19 15:53:44 ----A---- C:\Windows\SysWOW64\x3daudio1_1.dll 2014-09-19 15:53:44 ----A---- C:\Windows\SysWOW64\d3dx9_31.dll 2014-09-19 15:53:43 ----A---- C:\Windows\SysWOW64\xactengine2_1.dll 2014-09-19 15:53:42 ----A---- C:\Windows\SysWOW64\xactengine2_0.dll 2014-09-19 15:53:42 ----A---- C:\Windows\SysWOW64\x3daudio1_0.dll 2014-09-19 15:53:42 ----A---- C:\Windows\SysWOW64\d3dx9_30.dll 2014-09-19 15:53:40 ----A---- C:\Windows\SysWOW64\d3dx9_29.dll 2014-09-19 15:53:39 ----A---- C:\Windows\SysWOW64\d3dx9_28.dll 2014-09-19 15:53:39 ----A---- C:\Windows\SysWOW64\d3dx9_27.dll 2014-09-19 15:53:39 ----A---- C:\Windows\SysWOW64\d3dx9_26.dll 2014-09-19 15:53:39 ----A---- C:\Windows\SysWOW64\d3dx9_25.dll 2014-09-19 15:53:37 ----A---- C:\Windows\SysWOW64\d3dx9_24.dll 2014-09-19 15:51:12 ----D---- C:\Windows\SysWOW64\directx 2014-09-12 00:28:08 ----A---- C:\Windows\SysWOW64\ieui.dll 2014-09-12 00:28:07 ----A---- C:\Windows\SysWOW64\vbscript.dll 2014-09-12 00:28:07 ----A---- C:\Windows\SysWOW64\msrating.dll 2014-09-12 00:28:07 ----A---- C:\Windows\SysWOW64\MshtmlDac.dll 2014-09-12 00:28:07 ----A---- C:\Windows\SysWOW64\ieUnatt.exe 2014-09-12 00:28:07 ----A---- C:\Windows\SysWOW64\dxtrans.dll 2014-09-12 00:28:07 ----A---- C:\Windows\SysWOW64\dxtmsft.dll 2014-09-12 00:28:06 ----A---- C:\Windows\SysWOW64\mshtmled.dll 2014-09-12 00:28:06 ----A---- C:\Windows\SysWOW64\msfeeds.dll 2014-09-12 00:28:06 ----A---- C:\Windows\SysWOW64\jsproxy.dll 2014-09-12 00:28:06 ----A---- C:\Windows\SysWOW64\jscript9diag.dll 2014-09-12 00:28:06 ----A---- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-09-12 00:28:06 ----A---- C:\Windows\SysWOW64\iesetup.dll 2014-09-12 00:28:06 ----A---- C:\Windows\SysWOW64\iernonce.dll 2014-09-12 00:28:06 ----A---- C:\Windows\SysWOW64\iedkcs32.dll 2014-09-12 00:28:05 ----A---- C:\Windows\SysWOW64\mshtmlmedia.dll 2014-09-12 00:28:05 ----A---- C:\Windows\SysWOW64\ieetwproxystub.dll 2014-09-12 00:28:05 ----A---- C:\Windows\SysWOW64\ieapfltr.dll 2014-09-12 00:28:03 ----A---- C:\Windows\SysWOW64\wininet.dll 2014-09-12 00:28:03 ----A---- C:\Windows\SysWOW64\iertutil.dll 2014-09-12 00:28:02 ----A---- C:\Windows\SysWOW64\urlmon.dll 2014-09-12 00:28:02 ----A---- C:\Windows\SysWOW64\jscript9.dll 2014-09-12 00:28:01 ----A---- C:\Windows\SysWOW64\mshtml.dll 2014-09-12 00:28:01 ----A---- C:\Windows\SysWOW64\ieframe.dll 2014-09-11 18:28:55 ----A---- C:\Windows\SysWOW64\sspicli.dll 2014-09-11 18:28:55 ----A---- C:\Windows\SysWOW64\secur32.dll 2014-09-11 18:28:55 ----A---- C:\Windows\SysWOW64\kerberos.dll 2014-09-10 00:51:35 ----HD---- C:\ProgramData\CanonIJSolutionMenuEX 2014-09-10 00:51:31 ----HD---- C:\ProgramData\CanonIJEPPEX2 2014-09-10 00:51:31 ----HD---- C:\ProgramData\CanonEPP 2014-09-10 00:51:11 ----HD---- C:\ProgramData\CanonIJMyPrinter 2014-09-09 18:40:41 ----D---- C:\ProgramData\CanonIJPLM 2014-09-09 18:37:25 ----D---- C:\ProgramData\CanonIJMSetup 2014-09-09 18:37:15 ----D---- C:\ProgramData\CanonIJWSpt 2014-09-09 18:36:01 ----HD---- C:\ProgramData\CanonBJ 2014-09-09 18:35:56 ----A---- C:\Windows\SysWOW64\CNHMCA.dll 2014-09-09 18:35:56 ----A---- C:\Windows\SysWOW64\CNC280U.dll 2014-09-09 18:35:56 ----A---- C:\Windows\SysWOW64\CNC280L.dll 2014-09-09 18:34:03 ----D---- C:\Program Files (x86)\Canon 2014-09-09 18:23:21 ----D---- C:\Users\Adrian\AppData\Roaming\WinRAR 2014-09-09 18:23:04 ----D---- C:\Program Files (x86)\WinRAR 2014-09-08 18:37:44 ----D---- C:\Users\Adrian\AppData\Roaming\TS3Client 2014-09-08 14:26:58 ----A---- C:\Windows\SysWOW64\d3d10warp.dll 2014-09-08 14:26:58 ----A---- C:\Windows\SysWOW64\d2d1.dll 2014-09-07 21:37:20 ----D---- C:\Users\Adrian\AppData\Roaming\Adobe 2014-09-07 21:33:05 ----D---- C:\Windows\SysWOW64\Wat 2014-09-07 20:09:01 ----A---- C:\Windows\SysWOW64\elshyph.dll 2014-09-07 20:08:59 ----A---- C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2014-09-07 20:08:59 ----A---- C:\Windows\SysWOW64\msls31.dll 2014-09-07 20:08:59 ----A---- C:\Windows\SysWOW64\jsIntl.dll 2014-09-07 20:08:58 ----A---- C:\Windows\SysWOW64\wextract.exe 2014-09-07 20:08:58 ----A---- C:\Windows\SysWOW64\webcheck.dll 2014-09-07 20:08:58 ----A---- C:\Windows\SysWOW64\url.dll 2014-09-07 20:08:58 ----A---- C:\Windows\SysWOW64\pngfilt.dll 2014-09-07 20:08:58 ----A---- C:\Windows\SysWOW64\licmgr10.dll 2014-09-07 20:08:58 ----A---- C:\Windows\SysWOW64\inseng.dll 2014-09-07 20:08:58 ----A---- C:\Windows\SysWOW64\iexpress.exe 2014-09-07 20:08:58 ----A---- C:\Windows\SysWOW64\ieapfltr.dat 2014-09-07 20:08:58 ----A---- C:\Windows\SysWOW64\icardie.dll 2014-09-07 20:08:57 ----A---- C:\Windows\SysWOW64\SetIEInstalledDate.exe 2014-09-07 20:08:57 ----A---- C:\Windows\SysWOW64\occache.dll 2014-09-07 20:08:57 ----A---- C:\Windows\SysWOW64\mshtmler.dll 2014-09-07 20:08:57 ----A---- C:\Windows\SysWOW64\mshta.exe 2014-09-07 20:08:57 ----A---- C:\Windows\SysWOW64\msfeedssync.exe 2014-09-07 20:08:57 ----A---- C:\Windows\SysWOW64\msfeedsbs.dll 2014-09-07 20:08:57 ----A---- C:\Windows\SysWOW64\jscript.dll 2014-09-07 20:08:57 ----A---- C:\Windows\SysWOW64\imgutil.dll 2014-09-07 20:08:57 ----A---- C:\Windows\SysWOW64\iesysprep.dll 2014-09-07 20:08:57 ----A---- C:\Windows\SysWOW64\iepeers.dll 2014-09-07 20:08:57 ----A---- C:\Windows\SysWOW64\IEAdvpack.dll 2014-09-07 20:07:43 ----A---- C:\Windows\SysWOW64\tdh.dll 2014-09-07 20:07:43 ----A---- C:\Windows\SysWOW64\ntdll.dll 2014-09-07 20:07:43 ----A---- C:\Windows\SysWOW64\advapi32.dll 2014-09-07 20:06:57 ----A---- C:\Windows\SysWOW64\mswsock.dll 2014-09-07 20:03:14 ----AH---- C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll 2014-09-07 20:03:14 ----AH---- C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll 2014-09-07 20:03:14 ----AH---- C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2014-09-07 20:03:14 ----AH---- C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2014-09-07 20:03:14 ----AH---- C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll 2014-09-07 20:03:14 ----AH---- C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll 2014-09-07 20:03:14 ----AH---- C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll 2014-09-07 20:03:14 ----AH---- C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll 2014-09-07 20:03:14 ----AH---- C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll 2014-09-07 20:03:14 ----A---- C:\Windows\SysWOW64\XpsPrint.dll 2014-09-07 20:03:14 ----A---- C:\Windows\SysWOW64\XpsGdiConverter.dll 2014-09-07 20:03:14 ----A---- C:\Windows\SysWOW64\WMPhoto.dll 2014-09-07 20:03:14 ----A---- C:\Windows\SysWOW64\WindowsCodecsExt.dll 2014-09-07 20:03:14 ----A---- C:\Windows\SysWOW64\WindowsCodecs.dll 2014-09-07 20:03:14 ----A---- C:\Windows\SysWOW64\UIAnimation.dll 2014-09-07 20:03:14 ----A---- C:\Windows\SysWOW64\msmpeg2vdec.dll 2014-09-07 20:03:14 ----A---- C:\Windows\SysWOW64\dxgi.dll 2014-09-07 20:03:14 ----A---- C:\Windows\SysWOW64\DWrite.dll 2014-09-07 20:03:14 ----A---- C:\Windows\SysWOW64\d3d10level9.dll 2014-09-07 20:03:14 ----A---- C:\Windows\SysWOW64\d3d10core.dll 2014-09-07 20:03:14 ----A---- C:\Windows\SysWOW64\d3d10_1core.dll 2014-09-07 20:03:14 ----A---- C:\Windows\SysWOW64\d3d10_1.dll 2014-09-07 20:03:14 ----A---- C:\Windows\SysWOW64\d3d10.dll 2014-09-07 20:02:12 ----A---- C:\Windows\SysWOW64\d3d11.dll 2014-09-07 12:53:56 ----D---- C:\Program Files (x86)\Microsoft Silverlight 2014-09-07 02:11:05 ----A---- C:\Windows\SysWOW64\infocardapi.dll 2014-09-07 02:11:05 ----A---- C:\Windows\SysWOW64\icardagt.exe 2014-09-07 02:11:03 ----A---- C:\Windows\SysWOW64\icardres.dll 2014-09-07 02:10:55 ----A---- C:\Windows\SysWOW64\TsWpfWrp.exe 2014-09-06 18:43:03 ----D---- C:\Users\Adrian\AppData\Roaming\Spotify 2014-09-06 15:39:32 ----D---- C:\Program Files (x86)\screenSHU 2014-09-06 15:31:54 ----D---- C:\Users\Adrian\AppData\Roaming\Dropbox 2014-09-06 15:19:10 ----D---- C:\ProgramData\374311380 2014-09-06 15:14:30 ----D---- C:\ProgramData\ManyCam 2014-09-06 15:14:28 ----D---- C:\Users\Adrian\AppData\Roaming\ManyCam 2014-09-06 15:14:27 ----D---- C:\Program Files (x86)\ManyCam 2014-09-06 15:13:50 ----D---- C:\ProgramData\IePluginServices 2014-09-06 15:13:47 ----D---- C:\ProgramData\WindowsMangerProtect 2014-09-06 15:10:07 ----A---- C:\Windows\SysWOW64\poqexec.exe 2014-09-06 15:05:38 ----A---- C:\Windows\SysWOW64\tsgqec.dll 2014-09-06 15:05:38 ----A---- C:\Windows\SysWOW64\mstscax.dll 2014-09-06 15:05:38 ----A---- C:\Windows\SysWOW64\aaclient.dll 2014-09-06 15:05:25 ----D---- C:\Users\Adrian\AppData\Roaming\Skype 2014-09-06 15:05:15 ----RD---- C:\Program Files (x86)\Skype 2014-09-06 15:05:15 ----D---- C:\Program Files (x86)\Common Files\Skype 2014-09-06 15:05:11 ----A---- C:\Windows\SysWOW64\comctl32.dll 2014-09-06 15:05:09 ----D---- C:\ProgramData\Skype 2014-09-06 15:05:06 ----A---- C:\Windows\SysWOW64\shell32.dll 2014-09-06 15:04:49 ----A---- C:\Windows\SysWOW64\wintrust.dll 2014-09-06 15:04:34 ----A---- C:\Windows\SysWOW64\odbctrac.dll 2014-09-06 15:04:34 ----A---- C:\Windows\SysWOW64\odbcjt32.dll 2014-09-06 15:04:34 ----A---- C:\Windows\SysWOW64\odbccu32.dll 2014-09-06 15:04:34 ----A---- C:\Windows\SysWOW64\odbccr32.dll 2014-09-06 15:04:34 ----A---- C:\Windows\SysWOW64\odbccp32.dll 2014-09-06 15:04:27 ----A---- C:\Windows\SysWOW64\sbe.dll 2014-09-06 15:04:27 ----A---- C:\Windows\SysWOW64\CPFilters.dll 2014-09-06 15:04:24 ----A---- C:\Windows\SysWOW64\quartz.dll 2014-09-06 15:04:24 ----A---- C:\Windows\SysWOW64\qdvd.dll 2014-09-06 15:04:20 ----A---- C:\Windows\SysWOW64\usp10.dll 2014-09-06 15:04:18 ----A---- C:\Windows\SysWOW64\webio.dll 2014-09-06 15:03:59 ----A---- C:\Windows\SysWOW64\cryptsvc.dll 2014-09-06 15:03:59 ----A---- C:\Windows\SysWOW64\cryptnet.dll 2014-09-06 15:03:59 ----A---- C:\Windows\SysWOW64\crypt32.dll 2014-09-06 15:03:50 ----A---- C:\Windows\SysWOW64\wer.dll 2014-09-06 15:03:46 ----A---- C:\Windows\SysWOW64\wmi.dll 2014-09-06 15:03:46 ----A---- C:\Windows\SysWOW64\imagehlp.dll 2014-09-06 15:03:41 ----A---- C:\Windows\SysWOW64\msxml6r.dll 2014-09-06 15:03:41 ----A---- C:\Windows\SysWOW64\msxml6.dll 2014-09-06 15:03:41 ----A---- C:\Windows\SysWOW64\msxml3r.dll 2014-09-06 15:03:41 ----A---- C:\Windows\SysWOW64\msxml3.dll 2014-09-06 15:03:37 ----A---- C:\Windows\SysWOW64\osk.exe 2014-09-06 15:03:28 ----A---- C:\Windows\SysWOW64\lpk.dll 2014-09-06 15:03:28 ----A---- C:\Windows\SysWOW64\fontsub.dll 2014-09-06 15:03:28 ----A---- C:\Windows\SysWOW64\dciman32.dll 2014-09-06 15:03:28 ----A---- C:\Windows\SysWOW64\atmlib.dll 2014-09-06 15:03:28 ----A---- C:\Windows\SysWOW64\atmfd.dll 2014-09-06 15:03:25 ----A---- C:\Windows\SysWOW64\mfc42u.dll 2014-09-06 15:03:25 ----A---- C:\Windows\SysWOW64\mfc42.dll 2014-09-06 15:03:23 ----A---- C:\Windows\SysWOW64\qedit.dll 2014-09-06 15:03:15 ----A---- C:\Windows\SysWOW64\WMVDECOD.DLL 2014-09-06 15:03:00 ----A---- C:\Windows\SysWOW64\tzres.dll 2014-09-06 15:02:52 ----A---- C:\Windows\SysWOW64\dnscacheugc.exe 2014-09-06 15:02:52 ----A---- C:\Windows\SysWOW64\dnsapi.dll 2014-09-06 15:02:37 ----A---- C:\Windows\SysWOW64\dpnet.dll 2014-09-06 15:02:35 ----A---- C:\Windows\SysWOW64\msihnd.dll 2014-09-06 15:02:35 ----A---- C:\Windows\SysWOW64\msi.dll 2014-09-06 15:02:35 ----A---- C:\Windows\SysWOW64\authui.dll 2014-09-06 15:02:27 ----A---- C:\Windows\SysWOW64\ntoskrnl.exe 2014-09-06 15:02:27 ----A---- C:\Windows\SysWOW64\ntkrnlpa.exe 2014-09-06 15:02:26 ----A---- C:\Windows\SysWOW64\wincredprovider.dll 2014-09-06 15:02:26 ----A---- C:\Windows\SysWOW64\objsel.dll 2014-09-06 15:02:26 ----A---- C:\Windows\SysWOW64\KernelBase.dll 2014-09-06 15:02:26 ----A---- C:\Windows\SysWOW64\dpapiprovider.dll 2014-09-06 15:02:26 ----A---- C:\Windows\SysWOW64\dimsroam.dll 2014-09-06 15:02:26 ----A---- C:\Windows\SysWOW64\cngprovider.dll 2014-09-06 15:02:26 ----A---- C:\Windows\SysWOW64\capiprovider.dll 2014-09-06 15:02:26 ----A---- C:\Windows\SysWOW64\apisetschema.dll 2014-09-06 15:02:26 ----A---- C:\Windows\SysWOW64\adprovider.dll 2014-09-06 15:01:24 ----A---- C:\Windows\SysWOW64\psisdecd.dll 2014-09-06 15:00:43 ----A---- C:\Windows\SysWOW64\synceng.dll 2014-09-06 15:00:39 ----A---- C:\Windows\SysWOW64\shdocvw.dll 2014-09-06 15:00:30 ----A---- C:\Windows\SysWOW64\win32spl.dll 2014-09-06 15:00:27 ----A---- C:\Windows\SysWOW64\drvinst.exe 2014-09-06 15:00:27 ----A---- C:\Windows\SysWOW64\devrtl.dll 2014-09-06 15:00:27 ----A---- C:\Windows\SysWOW64\devobj.dll 2014-09-06 15:00:27 ----A---- C:\Windows\SysWOW64\cfgmgr32.dll 2014-09-06 15:00:24 ----A---- C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2014-09-06 15:00:24 ----A---- C:\Windows\SysWOW64\netapi32.dll 2014-09-06 15:00:24 ----A---- C:\Windows\SysWOW64\browcli.dll 2014-09-06 15:00:23 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2014-09-06 15:00:23 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2014-09-06 15:00:23 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2014-09-06 15:00:23 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2014-09-06 15:00:23 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2014-09-06 15:00:23 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2014-09-06 15:00:23 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2014-09-06 15:00:23 ----A---- C:\Windows\SysWOW64\wow32.dll 2014-09-06 15:00:23 ----A---- C:\Windows\SysWOW64\setup16.exe 2014-09-06 15:00:23 ----A---- C:\Windows\SysWOW64\ntvdm64.dll 2014-09-06 15:00:23 ----A---- C:\Windows\SysWOW64\kernel32.dll 2014-09-06 15:00:23 ----A---- C:\Windows\SysWOW64\instnm.exe 2014-09-06 15:00:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2014-09-06 15:00:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2014-09-06 15:00:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2014-09-06 15:00:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2014-09-06 15:00:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2014-09-06 15:00:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2014-09-06 15:00:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2014-09-06 15:00:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2014-09-06 15:00:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2014-09-06 15:00:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2014-09-06 15:00:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2014-09-06 15:00:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2014-09-06 15:00:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2014-09-06 15:00:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2014-09-06 15:00:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2014-09-06 15:00:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2014-09-06 15:00:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2014-09-06 15:00:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2014-09-06 15:00:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2014-09-06 15:00:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2014-09-06 15:00:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2014-09-06 15:00:22 ----A---- C:\Windows\SysWOW64\user.exe 2014-09-06 15:00:20 ----A---- C:\Windows\SysWOW64\inetcomm.dll 2014-09-06 15:00:19 ----A---- C:\Windows\SysWOW64\msvcrt.dll 2014-09-06 15:00:17 ----A---- C:\Windows\SysWOW64\certutil.exe 2014-09-06 15:00:17 ----A---- C:\Windows\SysWOW64\certenc.dll 2014-09-06 15:00:08 ----A---- C:\Windows\SysWOW64\wscript.exe 2014-09-06 15:00:08 ----A---- C:\Windows\SysWOW64\scrrun.dll 2014-09-06 15:00:08 ----A---- C:\Windows\SysWOW64\cscript.exe 2014-09-06 15:00:07 ----A---- C:\Windows\SysWOW64\wdigest.dll 2014-09-06 15:00:07 ----A---- C:\Windows\SysWOW64\schannel.dll 2014-09-06 15:00:07 ----A---- C:\Windows\SysWOW64\msv1_0.dll 2014-09-06 15:00:06 ----A---- C:\Windows\SysWOW64\TSpkg.dll 2014-09-06 15:00:06 ----A---- C:\Windows\SysWOW64\ncrypt.dll 2014-09-06 15:00:06 ----A---- C:\Windows\SysWOW64\credssp.dll 2014-09-06 14:59:55 ----A---- C:\Windows\SysWOW64\gdi32.dll 2014-09-06 14:58:50 ----A---- C:\Windows\SysWOW64\oleacc.dll 2014-09-06 14:58:49 ----A---- C:\Windows\SysWOW64\oleaut32.dll 2014-09-06 14:58:47 ----A---- C:\Windows\SysWOW64\cdosys.dll 2014-09-06 14:58:23 ----A---- C:\Windows\SysWOW64\EncDec.dll 2014-09-06 14:58:16 ----A---- C:\Windows\SysWOW64\rpcrt4.dll 2014-09-06 14:54:53 ----D---- C:\Users\Adrian\AppData\Roaming\ATI 2014-09-06 14:54:53 ----D---- C:\ProgramData\ATI 2014-09-06 14:51:14 ----D---- C:\Users\Adrian\AppData\Roaming\library_dir 2014-09-06 14:50:32 ----D---- C:\ProgramData\AMD 2014-09-06 14:50:30 ----D---- C:\Program Files (x86)\AMD AVT 2014-09-06 14:50:27 ----D---- C:\Program Files (x86)\Common Files\ATI Technologies 2014-09-06 14:46:54 ----D---- C:\Program Files (x86)\ATI Technologies 2014-09-06 14:46:36 ----D---- C:\ProgramData\Package Cache 2014-09-06 14:44:18 ----A---- C:\Windows\SysWOW64\PerfStringBackup.INI 2014-09-06 14:43:58 ----A---- C:\Windows\SysWOW64\nshwfp.dll 2014-09-06 14:43:58 ----A---- C:\Windows\SysWOW64\FWPUCLNT.DLL 2014-09-06 14:43:29 ----D---- C:\Program Files (x86)\Microsoft.NET 2014-09-06 14:43:05 ----A---- C:\Windows\SysWOW64\packager.dll 2014-09-06 14:41:44 ----D---- C:\AMD 2014-09-06 14:40:00 ----SHD---- C:\Windows\Installer 2014-09-06 14:37:54 ----A---- C:\Windows\SysWOW64\rdpcore.dll 2014-09-06 14:35:19 ----D---- C:\Program Files (x86)\Google 2014-09-06 14:33:18 ----D---- C:\Windows\SysWOW64\RTCOM 2014-09-06 14:33:09 ----D---- C:\Program Files (x86)\Realtek 2014-09-06 14:33:09 ----A---- C:\Windows\SysWOW64\MBAPO32.dll 2014-09-06 14:33:01 ----RA---- C:\Windows\RtlExUpd.dll 2014-09-06 14:33:01 ----HD---- C:\Program Files (x86)\Temp 2014-09-06 14:32:59 ----D---- C:\Program Files (x86)\Common Files\InstallShield 2014-09-06 14:31:51 ----A---- C:\Windows\SysWOW64\wups.dll 2014-09-06 14:31:51 ----A---- C:\Windows\SysWOW64\wudriver.dll 2014-09-06 14:31:51 ----A---- C:\Windows\SysWOW64\wuapi.dll 2014-09-06 14:31:46 ----A---- C:\Windows\SysWOW64\wuwebv.dll 2014-09-06 14:31:46 ----A---- C:\Windows\SysWOW64\wuapp.exe 2014-09-06 14:30:57 ----D---- C:\Windows\SysWOW64\Atheros_L1e 2014-09-06 14:30:54 ----HD---- C:\Program Files (x86)\InstallShield Installation Information 2014-09-05 23:14:44 ----D---- C:\Windows\Panther 2014-09-05 22:27:41 ----D---- C:\Users\Adrian\AppData\Roaming\Identities 2014-09-05 22:27:33 ----SD---- C:\Users\Adrian\AppData\Roaming\Microsoft 2014-09-05 22:27:33 ----D---- C:\Users\Adrian\AppData\Roaming\Media Center Programs 2014-09-05 22:27:30 ----SHD---- C:\Recovery 2014-09-05 22:27:30 ----SHD---- C:\ProgramData\Ulubione 2014-09-05 22:27:30 ----SHD---- C:\ProgramData\Szablony 2014-09-05 22:27:30 ----SHD---- C:\ProgramData\Pulpit 2014-09-05 22:27:30 ----SHD---- C:\ProgramData\Menu Start 2014-09-05 22:27:30 ----SHD---- C:\ProgramData\Dokumenty 2014-09-05 22:27:30 ----SHD---- C:\ProgramData\Dane aplikacji 2014-09-05 22:18:06 ----D---- C:\Windows\SoftwareDistribution 2014-09-05 22:16:00 ----D---- C:\Windows\Prefetch 2014-09-05 22:15:25 ----ASH---- C:\pagefile.sys 2014-09-05 22:15:24 ----SHD---- C:\System Volume Information 2014-09-05 22:15:24 ----ASH---- C:\hiberfil.sys ======List of files/folders modified in the last 1 month====== 2014-09-30 21:54:34 ----D---- C:\Windows\Temp 2014-09-30 21:54:29 ----RD---- C:\Program Files (x86) 2014-09-30 21:26:56 ----D---- C:\Windows\Tasks 2014-09-30 21:25:27 ----D---- C:\Windows\winsxs 2014-09-30 21:25:26 ----D---- C:\Windows\System32 2014-09-30 21:25:24 ----D---- C:\Windows 2014-09-30 21:24:00 ----RD---- C:\Program Files 2014-09-30 21:21:33 ----HD---- C:\ProgramData 2014-09-29 22:29:36 ----D---- C:\Windows\SysWOW64\GroupPolicy 2014-09-29 22:29:35 ----RD---- C:\Users 2014-09-28 21:47:35 ----D---- C:\Windows\rescache 2014-09-19 15:54:13 ----D---- C:\Windows\SysWOW64 2014-09-19 15:53:43 ----RSD---- C:\Windows\assembly 2014-09-19 15:53:35 ----D---- C:\Windows\Microsoft.NET 2014-09-19 15:51:11 ----D---- C:\Windows\Logs 2014-09-14 21:39:28 ----D---- C:\Windows\inf 2014-09-12 14:44:40 ----D---- C:\Windows\SysWOW64\en-US 2014-09-12 14:44:39 ----D---- C:\Program Files (x86)\Internet Explorer 2014-09-09 18:38:06 ----RSD---- C:\Windows\Media 2014-09-09 18:38:05 ----D---- C:\Windows\twain_32 2014-09-09 14:45:59 ----D---- C:\Windows\SysWOW64\pl-PL 2014-09-09 14:45:56 ----D---- C:\Windows\PolicyDefinitions 2014-09-07 21:33:41 ----D---- C:\Windows\ehome 2014-09-07 21:33:41 ----D---- C:\Program Files (x86)\Common Files\System 2014-09-07 21:33:38 ----D---- C:\Windows\SysWOW64\migration 2014-09-07 21:33:32 ----RSD---- C:\Windows\Fonts 2014-09-07 21:33:32 ----D---- C:\Windows\SysWOW64\pt-PT 2014-09-07 21:33:32 ----D---- C:\Windows\SysWOW64\pt-BR 2014-09-07 21:33:32 ----D---- C:\Windows\SysWOW64\it-IT 2014-09-07 21:33:31 ----D---- C:\Windows\SysWOW64\zh-TW 2014-09-07 21:33:31 ----D---- C:\Windows\SysWOW64\zh-HK 2014-09-07 21:33:31 ----D---- C:\Windows\SysWOW64\zh-CN 2014-09-07 21:33:31 ----D---- C:\Windows\SysWOW64\tr-TR 2014-09-07 21:33:31 ----D---- C:\Windows\SysWOW64\sv-SE 2014-09-07 21:33:31 ----D---- C:\Windows\SysWOW64\ru-RU 2014-09-07 21:33:31 ----D---- C:\Windows\SysWOW64\nl-NL 2014-09-07 21:33:31 ----D---- C:\Windows\SysWOW64\nb-NO 2014-09-07 21:33:31 ----D---- C:\Windows\SysWOW64\ko-KR 2014-09-07 21:33:31 ----D---- C:\Windows\SysWOW64\ja-JP 2014-09-07 21:33:31 ----D---- C:\Windows\SysWOW64\hu-HU 2014-09-07 21:33:31 ----D---- C:\Windows\SysWOW64\fr-FR 2014-09-07 21:33:31 ----D---- C:\Windows\SysWOW64\fi-FI 2014-09-07 21:33:31 ----D---- C:\Windows\SysWOW64\es-ES 2014-09-07 21:33:31 ----D---- C:\Windows\SysWOW64\el-GR 2014-09-07 21:33:31 ----D---- C:\Windows\SysWOW64\de-DE 2014-09-07 21:33:31 ----D---- C:\Windows\SysWOW64\da-DK 2014-09-07 21:33:31 ----D---- C:\Windows\SysWOW64\cs-CZ 2014-09-07 21:33:08 ----D---- C:\Program Files (x86)\Windows Defender 2014-09-07 21:32:55 ----D---- C:\Windows\AppPatch 2014-09-07 12:54:01 ----SD---- C:\ProgramData\Microsoft 2014-09-06 15:15:21 ----A---- C:\Windows\win.ini 2014-09-06 15:05:15 ----D---- C:\Program Files (x86)\Common Files 2014-09-06 14:51:24 ----D---- C:\Program Files (x86)\Common Files\microsoft shared 2014-09-06 14:30:17 ----D---- C:\Windows\SysWOW64\drivers 2014-09-05 22:27:39 ----SHD---- C:\$Recycle.Bin 2014-09-05 22:24:54 ----D---- C:\Windows\debug ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 aswVmm;avast! VM Monitor; C:\Windows\SysWOW64\drivers\aswVmm.sys [] R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [] R1 {c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gw64;{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gw64; C:\Windows\system32\drivers\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gw64.sys [] R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [] R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [] R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [] R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [] R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [] R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [] R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [] R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [] R3 ManyCam;ManyCam Virtual Webcam; C:\Windows\system32\DRIVERS\mcvidrv_x64.sys [] R3 mcaudrv_simple;ManyCam Virtual Microphone; C:\Windows\system32\drivers\mcaudrv_x64.sys [] R3 usbscan;Sterownik skanera USB; C:\Windows\system32\DRIVERS\usbscan.sys [] S0 aswRvrt;avast! Revert; C:\Windows\SysWOW64\drivers\aswRvrt.sys [] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [] S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 4d349a54;GS_Sustainer; C:\Windows\system32\rundll32.exe [2009-07-14 44544] R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-09-30 50344] R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176] R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520] R2 IePluginServices;IePlugin Services; C:\ProgramData\IePluginServices\PluginService.exe [2014-09-06 715656] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856] S2 gupdate;Usługa Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc [] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008] S3 gupdatem;Usługa Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc [] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe /V [] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [] S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696] -----------------EOF----------------- [/spoiler] OTL: [spoiler] OTL logfile created on: 2014-09-30 21:47:35 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Adrian\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.17280) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,97 Gb Total Physical Memory | 0,85 Gb Available Physical Memory | 21,37% Memory free 7,93 Gb Paging File | 3,47 Gb Available in Paging File | 43,74% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 153,16 Gb Total Space | 110,33 Gb Free Space | 72,04% Space Free | Partition Type: NTFS Drive D: | 372,61 Gb Total Space | 372,50 Gb Free Space | 99,97% Space Free | Partition Type: NTFS Drive E: | 312,50 Gb Total Space | 310,69 Gb Free Space | 99,42% Space Free | Partition Type: NTFS Drive F: | 276,98 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: ADRIAN-KOMPUTER | User Name: Adrian | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 14 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2014-09-30 21:46:37 | 001,107,968 | ---- | M] () -- C:\Users\Adrian\Downloads\RSIT.exe PRC - [2014-09-30 21:46:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Adrian\Downloads\OTL.exe PRC - [2014-09-30 21:25:19 | 004,086,432 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2014-09-30 21:25:19 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2014-09-25 14:41:31 | 001,943,376 | ---- | M] (BitTorrent Inc.) -- C:\Users\Adrian\AppData\Roaming\uTorrent\uTorrent.exe PRC - [2014-09-23 06:07:06 | 000,852,808 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe PRC - [2014-09-19 13:08:29 | 006,342,200 | ---- | M] (Spotify Ltd) -- C:\Users\Adrian\AppData\Roaming\Spotify\spotify.exe PRC - [2014-09-19 13:08:29 | 001,245,752 | ---- | M] (Spotify Ltd) -- C:\Users\Adrian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe PRC - [2014-09-19 13:08:29 | 000,606,776 | ---- | M] () -- C:\Users\Adrian\AppData\Roaming\Spotify\Data\SpotifyHelper.exe PRC - [2014-09-13 02:52:04 | 036,414,624 | ---- | M] (Dropbox, Inc.) -- C:\Users\Adrian\AppData\Roaming\Dropbox\bin\Dropbox.exe PRC - [2014-09-06 15:13:50 | 000,715,656 | ---- | M] (Cherished Technololgy LIMITED) -- C:\ProgramData\IePluginServices\PluginService.exe PRC - [2014-07-14 18:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe PRC - [2014-07-14 18:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe PRC - [2013-09-04 19:21:42 | 002,112,000 | ---- | M] () -- C:\Program Files (x86)\screenSHU\screenSHU.exe PRC - [2013-06-21 02:26:02 | 005,396,304 | ---- | M] (ManyCam LLC) -- C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe PRC - [2010-04-02 10:18:54 | 001,185,112 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2014-09-30 21:46:37 | 001,107,968 | ---- | M] () -- C:\Users\Adrian\Downloads\RSIT.exe MOD - [2014-09-30 21:25:19 | 019,329,904 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll MOD - [2014-09-30 21:25:19 | 000,301,152 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\aswProperty.dll MOD - [2014-09-30 21:04:40 | 000,043,008 | ---- | M] () -- c:\users\adrian\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpa4yqzf.dll MOD - [2014-09-30 21:04:23 | 000,085,504 | ---- | M] () -- C:\Users\Adrian\AppData\Local\Temp\XTMP1MC3VE\DEM5645.tmp MOD - [2014-09-30 21:04:23 | 000,085,504 | ---- | M] () -- C:\Users\Adrian\AppData\Local\Temp\XTMP1MC3VE\DEM55E5.tmp MOD - [2014-09-30 21:04:22 | 000,120,832 | ---- | M] () -- C:\Users\Adrian\AppData\Local\Temp\XTMP1MC3VE\DEM5281.tmp MOD - [2014-09-30 21:04:22 | 000,120,832 | ---- | M] () -- C:\Users\Adrian\AppData\Local\Temp\XTMP1MC3VE\DEM5251.tmp MOD - [2014-09-30 21:04:22 | 000,120,832 | ---- | M] () -- C:\Users\Adrian\AppData\Local\Temp\XTMP1MC3VE\DEM5220.tmp MOD - [2014-09-30 21:04:22 | 000,120,832 | ---- | M] () -- C:\Users\Adrian\AppData\Local\Temp\XTMP1MC3VE\DEM51DF.tmp MOD - [2014-09-30 21:04:22 | 000,120,832 | ---- | M] () -- C:\Users\Adrian\AppData\Local\Temp\XTMP1MC3VE\DEM5132.tmp MOD - [2014-09-30 21:04:22 | 000,085,504 | ---- | M] () -- C:\Users\Adrian\AppData\Local\Temp\XTMP1MC3VE\DEM5509.tmp MOD - [2014-09-30 21:04:22 | 000,085,504 | ---- | M] () -- C:\Users\Adrian\AppData\Local\Temp\XTMP1MC3VE\DEM54A9.tmp MOD - [2014-09-30 21:04:22 | 000,085,504 | ---- | M] () -- C:\Users\Adrian\AppData\Local\Temp\XTMP1MC3VE\DEM5310.tmp MOD - [2014-09-30 21:04:21 | 000,120,832 | ---- | M] () -- C:\Users\Adrian\AppData\Local\Temp\XTMP1MC3VE\DEM4FE8.tmp MOD - [2014-09-30 21:04:21 | 000,120,832 | ---- | M] () -- C:\Users\Adrian\AppData\Local\Temp\XTMP1MC3VE\DEM4FB7.tmp MOD - [2014-09-30 21:04:21 | 000,120,832 | ---- | M] () -- C:\Users\Adrian\AppData\Local\Temp\XTMP1MC3VE\DEM4EDB.tmp MOD - [2014-09-30 21:04:21 | 000,120,832 | ---- | M] () -- C:\Users\Adrian\AppData\Local\Temp\XTMP1MC3VE\DEM4E9B.tmp MOD - [2014-09-30 21:04:21 | 000,120,832 | ---- | M] () -- C:\Users\Adrian\AppData\Local\Temp\XTMP1MC3VE\DEM4E3B.tmp MOD - [2014-09-30 21:04:21 | 000,120,832 | ---- | M] () -- C:\Users\Adrian\AppData\Local\Temp\XTMP1MC3VE\DEM4D5F.tmp MOD - [2014-09-30 21:04:21 | 000,120,832 | ---- | M] () -- C:\Users\Adrian\AppData\Local\Temp\XTMP1MC3VE\DEM4D4D.tmp MOD - [2014-09-30 21:04:20 | 000,120,832 | ---- | M] () -- C:\Users\Adrian\AppData\Local\Temp\XTMP1MC3VE\DEM4D0D.tmp MOD - [2014-09-30 21:04:20 | 000,120,832 | ---- | M] () -- C:\Users\Adrian\AppData\Local\Temp\XTMP1MC3VE\DEM4CEB.tmp MOD - [2014-09-30 21:04:20 | 000,120,832 | ---- | M] () -- C:\Users\Adrian\AppData\Local\Temp\XTMP1MC3VE\DEM4C9B.tmp MOD - [2014-09-30 21:04:20 | 000,120,832 | ---- | M] () -- C:\Users\Adrian\AppData\Local\Temp\XTMP1MC3VE\DEM4AC3.tmp MOD - [2014-09-30 21:04:20 | 000,120,832 | ---- | M] () -- C:\Users\Adrian\AppData\Local\Temp\XTMP1MC3VE\DEM4AA2.tmp MOD - [2014-09-30 21:04:20 | 000,120,832 | ---- | M] () -- C:\Users\Adrian\AppData\Local\Temp\XTMP1MC3VE\DEM4A81.tmp MOD - [2014-09-30 21:04:20 | 000,120,832 | ---- | M] () -- C:\Users\Adrian\AppData\Local\Temp\XTMP1MC3VE\DEM49E3.tmp MOD - [2014-09-30 21:04:20 | 000,120,832 | ---- | M] () -- C:\Users\Adrian\AppData\Local\Temp\XTMP1MC3VE\DEM4982.tmp MOD - [2014-09-30 21:04:20 | 000,085,504 | ---- | M] () -- C:\Users\Adrian\AppData\Local\Temp\XTMP1MC3VE\DEM4AC5.tmp MOD - [2014-09-30 21:04:19 | 000,072,704 | ---- | M] () -- C:\Users\Adrian\AppData\Local\Temp\XTMP1MC3VE\DEM4816.tmp MOD - [2014-09-30 21:04:19 | 000,072,192 | ---- | M] () -- C:\Users\Adrian\AppData\Local\Temp\XTMP1MC3VE\DEM4896.tmp MOD - [2014-09-30 21:04:19 | 000,072,192 | ---- | M] () -- C:\Users\Adrian\AppData\Local\Temp\XTMP1MC3VE\DEM4894.tmp MOD - [2014-09-30 21:04:19 | 000,072,192 | ---- | M] () -- C:\Users\Adrian\AppData\Local\Temp\XTMP1MC3VE\DEM4787.tmp MOD - [2014-09-30 21:04:19 | 000,057,344 | ---- | M] () -- C:\Users\Adrian\AppData\Local\Temp\XTMP1MC3VE\DEM46E9.tmp MOD - [2014-09-30 21:04:18 | 000,075,776 | ---- | M] () -- C:\Users\Adrian\AppData\Local\Temp\XTMP1MC3VE\DEM43A6.tmp MOD - [2014-09-30 21:04:18 | 000,075,776 | ---- | M] () -- C:\Users\Adrian\AppData\Local\Temp\XTMP1MC3VE\DEM4337.tmp MOD - [2014-09-30 21:04:18 | 000,075,776 | ---- | M] () -- C:\Users\Adrian\AppData\Local\Temp\XTMP1MC3VE\DEM4324.tmp MOD - [2014-09-30 21:04:18 | 000,075,776 | ---- | M] () -- C:\Users\Adrian\AppData\Local\Temp\XTMP1MC3VE\DEM4322.tmp MOD - [2014-09-30 21:04:18 | 000,075,776 | ---- | M] () -- C:\Users\Adrian\AppData\Local\Temp\XTMP1MC3VE\DEM4310.tmp MOD - [2014-09-30 21:04:18 | 000,075,776 | ---- | M] () -- C:\Users\Adrian\AppData\Local\Temp\XTMP1MC3VE\DEM4239.tmp MOD - [2014-09-30 21:04:18 | 000,075,776 | ---- | M] () -- C:\Users\Adrian\AppData\Local\Temp\XTMP1MC3VE\DEM41AB.tmp MOD - [2014-09-30 21:04:18 | 000,064,000 | ---- | M] () -- C:\Users\Adrian\AppData\Local\Temp\XTMP1MC3VE\DEM4456.tmp MOD - [2014-09-30 21:04:18 | 000,056,832 | ---- | M] () -- C:\Users\Adrian\AppData\Local\Temp\XTMP1MC3VE\DEM430E.tmp MOD - [2014-09-30 21:04:18 | 000,056,320 | ---- | M] () -- C:\Users\Adrian\AppData\Local\Temp\XTMP1MC3VE\DEM4326.tmp MOD - [2014-09-30 21:04:18 | 000,053,760 | ---- | M] () -- C:\Users\Adrian\AppData\Local\Temp\XTMP1MC3VE\DEM4468.tmp MOD - [2014-09-30 21:04:18 | 000,053,760 | ---- | M] () -- C:\Users\Adrian\AppData\Local\Temp\XTMP1MC3VE\DEM4416.tmp MOD - [2014-09-30 21:04:18 | 000,033,792 | ---- | M] () -- C:\Users\Adrian\AppData\Local\Temp\YTMP7MC8AA\TAA42FC.tmp MOD - [2014-09-30 21:04:18 | 000,033,792 | ---- | M] () -- C:\Users\Adrian\AppData\Local\Temp\YTMP7MC8AA\TAA42EB.tmp MOD - [2014-09-30 21:04:18 | 000,033,792 | ---- | M] () -- C:\Users\Adrian\AppData\Local\Temp\YTMP7MC8AA\TAA42E9.tmp MOD - [2014-09-30 21:04:18 | 000,033,792 | ---- | M] () -- C:\Users\Adrian\AppData\Local\Temp\YTMP7MC8AA\TAA42D7.tmp MOD - [2014-09-30 21:04:17 | 000,075,776 | ---- | M] () -- C:\Users\Adrian\AppData\Local\Temp\XTMP1MC3VE\DEM4080.tmp MOD - [2014-09-30 21:04:17 | 000,068,608 | ---- | M] () -- C:\Users\Adrian\AppData\Local\Temp\XTMP1MC3VE\DEM4011.tmp MOD - [2014-09-30 21:04:17 | 000,056,320 | ---- | M] () -- C:\Users\Adrian\AppData\Local\Temp\XTMP1MC3VE\DEM3E68.tmp MOD - [2014-09-30 21:04:17 | 000,055,296 | ---- | M] () -- C:\Users\Adrian\AppData\Local\Temp\XTMP1MC3VE\DEM3F73.tmp MOD - [2014-09-30 21:04:16 | 000,075,776 | ---- | M] () -- C:\Users\Adrian\AppData\Local\Temp\XTMP1MC3VE\DEM3C73.tmp MOD - [2014-09-23 06:07:05 | 000,331,592 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll MOD - [2014-09-23 06:07:04 | 014,891,848 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\PepperFlash\pepflashplayer.dll MOD - [2014-09-23 06:07:02 | 008,577,864 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll MOD - [2014-09-23 06:06:58 | 001,098,056 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libglesv2.dll MOD - [2014-09-23 06:06:56 | 000,174,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libegl.dll MOD - [2014-09-23 06:06:55 | 001,660,232 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ffmpegsumo.dll MOD - [2014-09-19 13:08:29 | 036,966,968 | ---- | M] () -- C:\Users\Adrian\AppData\Roaming\Spotify\Data\libcef.dll MOD - [2014-09-19 13:08:29 | 000,886,840 | ---- | M] () -- C:\Users\Adrian\AppData\Roaming\Spotify\Data\libglesv2.dll MOD - [2014-09-19 13:08:29 | 000,867,896 | ---- | M] () -- C:\Users\Adrian\AppData\Roaming\Spotify\Data\ffmpegsumo.dll MOD - [2014-09-19 13:08:29 | 000,606,776 | ---- | M] () -- C:\Users\Adrian\AppData\Roaming\Spotify\Data\SpotifyHelper.exe MOD - [2014-09-19 13:08:29 | 000,108,600 | ---- | M] () -- C:\Users\Adrian\AppData\Roaming\Spotify\Data\libegl.dll MOD - [2014-09-13 02:20:58 | 003,610,624 | ---- | M] () -- C:\Users\Adrian\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll MOD - [2013-09-04 19:21:42 | 002,112,000 | ---- | M] () -- C:\Program Files (x86)\screenSHU\screenSHU.exe MOD - [2013-08-23 21:01:44 | 025,100,288 | ---- | M] () -- C:\Users\Adrian\AppData\Roaming\Dropbox\bin\libcef.dll MOD - [2013-06-21 02:21:22 | 002,010,624 | ---- | M] () -- C:\Program Files (x86)\ManyCam\Bin\opencv_core220.dll MOD - [2013-06-21 02:21:22 | 001,241,088 | ---- | M] () -- C:\Program Files (x86)\ManyCam\Bin\opencv_imgproc220.dll MOD - [2013-06-21 02:21:22 | 000,775,680 | ---- | M] () -- C:\Program Files (x86)\ManyCam\Bin\opencv_highgui220.dll MOD - [2013-06-21 02:21:22 | 000,241,152 | ---- | M] () -- C:\Program Files (x86)\ManyCam\Bin\opencv_objdetect220.dll MOD - [2013-06-21 02:21:22 | 000,201,216 | ---- | M] () -- C:\Program Files (x86)\ManyCam\Bin\opencv_video220.dll MOD - [2011-06-08 09:32:26 | 000,011,362 | ---- | M] () -- C:\Program Files (x86)\screenSHU\mingwm10.dll MOD - [2011-06-08 09:32:24 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\screenSHU\libgcc_s_dw2-1.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2014-09-30 21:25:19 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV:[b]64bit:[/b] - [2014-08-19 00:03:37 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService) SRV:[b]64bit:[/b] - [2014-04-18 03:29:24 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:[b]64bit:[/b] - [2013-05-27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009-07-14 03:39:31 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rundll32.exe -- (4d349a54) SRV - [2014-09-06 15:13:50 | 000,715,656 | ---- | M] (Cherished Technololgy LIMITED) [Auto | Running] -- C:\ProgramData\IePluginServices\PluginService.exe -- (IePluginServices) SRV - [2014-07-14 18:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc) SRV - [2014-07-14 18:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc) SRV - [2014-04-03 20:21:48 | 000,315,008 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2014-03-21 00:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2012-07-09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2014-09-30 21:25:44 | 000,427,360 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP) DRV:[b]64bit:[/b] - [2014-09-30 21:25:20 | 001,041,168 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:[b]64bit:[/b] - [2014-09-30 21:25:20 | 000,224,896 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm) DRV:[b]64bit:[/b] - [2014-09-30 21:25:20 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) DRV:[b]64bit:[/b] - [2014-09-30 21:25:20 | 000,092,008 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm) DRV:[b]64bit:[/b] - [2014-09-30 21:25:20 | 000,079,184 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:[b]64bit:[/b] - [2014-09-30 21:25:20 | 000,065,776 | ---- | M] () [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt) DRV:[b]64bit:[/b] - [2014-09-30 21:25:20 | 000,029,208 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid) DRV:[b]64bit:[/b] - [2014-09-05 14:56:10 | 000,061,072 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gw64.sys -- ({c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gw64) DRV:[b]64bit:[/b] - [2014-04-18 04:36:46 | 015,376,384 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:[b]64bit:[/b] - [2014-04-18 03:07:06 | 000,638,976 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:[b]64bit:[/b] - [2013-12-19 18:45:50 | 000,094,720 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService) DRV:[b]64bit:[/b] - [2013-01-31 11:50:58 | 000,028,160 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcaudrv_x64.sys -- (mcaudrv_simple) DRV:[b]64bit:[/b] - [2012-10-11 05:08:10 | 000,044,928 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcvidrv_x64.sys -- (ManyCam) DRV:[b]64bit:[/b] - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2010-11-21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2010-11-21 05:23:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2010-11-21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010-11-21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:[b]64bit:[/b] - [2010-11-21 05:23:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2010-08-24 11:55:43 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=ds&ts=1410009216&from=cor&uid=WDCXWD5000AAKX-001CA0_WD-WMAYUP43655736557&q={searchTerms} IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1410009216&from=cor&uid=WDCXWD5000AAKX-001CA0_WD-WMAYUP43655736557&q={searchTerms} IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=ds&ts=1410009216&from=cor&uid=WDCXWD5000AAKX-001CA0_WD-WMAYUP43655736557&q={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1410009216&from=cor&uid=WDCXWD5000AAKX-001CA0_WD-WMAYUP43655736557&q={searchTerms} IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll File not found FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-09-30 21:25:20 | 000,000,000 | ---D | M] [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: () CHR - default_search_provider: search_url = CHR - default_search_provider: suggest_url = CHR - homepage: http://googel.pl/ CHR - plugin: Error reading preferences file CHR - Extension: Strong Password Generator = C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\emehklffcaphknhhfhadkjhpfapcbpco\103\ CHR - Extension: Czarny metalik motyw. = C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbhhihkiaeeioepkklgfpdohnemkjcoi\5_1\ CHR - Extension: No name found = C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\neeenomekfoinonlekmpeafkljlgngjm\2.0\ O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:[b]64bit:[/b] - BHO: (GoSaovE) - {62519b7f-cf9f-4c85-acdf-704ff4168594} - C:\Program Files (x86)\GoSaovE\jfZ51g7niBKPJO.x64.dll () O2:[b]64bit:[/b] - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2:[b]64bit:[/b] - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) O2:[b]64bit:[/b] - BHO: (ProShoppper) - {E9254193-6F5B-46EF-F6C3-A14AEAEE2BC7} - C:\ProgramData\ProShoppper\JcDFoyT.x64.dll () O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software) O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [GoogleChromeAutoLaunch_257F9E5159429344AA5489535C1FAD3E] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) O4 - HKCU..\Run: [ManyCam] C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe (ManyCam LLC) O4 - HKCU..\Run: [screenSHU] C:\Program Files (x86)\screenSHU\screenSHU.exe () O4 - HKCU..\Run: [Spotify] C:\Users\Adrian\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd) O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Adrian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd) O4 - HKCU..\Run: [uTorrent] C:\Users\Adrian\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) O4 - Startup: C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Adrian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O9:[b]64bit:[/b] - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6193E08F-6D38-41AC-99CC-FFF54A61999F}: DhcpNameServer = 192.168.0.1 O18:[b]64bit:[/b] - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008-11-13 17:20:10 | 000,000,170 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ] O33 - MountPoints2\{5b9b9483-3539-11e4-8492-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{5b9b9483-3539-11e4-8492-806e6f6e6963}\Shell\AutoRun\command - "" = F:\MSETUP4.EXE -- [2009-11-30 11:26:36 | 000,333,136 | R--- | M] (CANON INC.) O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (aswBoot.exe /M:1b55d4925 /wow /dir:"C:\Program Files\AVAST Software\Avast") O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 14 Days ==========[/color] [2014-09-30 21:27:02 | 000,000,000 | ---D | C] -- C:\Users\Adrian\AppData\Roaming\AVAST Software [2014-09-30 21:25:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast [2014-09-30 21:25:34 | 000,092,008 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys [2014-09-30 21:25:32 | 001,041,168 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2014-09-30 21:25:30 | 000,427,360 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsp.sys [2014-09-30 21:25:30 | 000,426,848 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsp.sys.1412105144409 [2014-09-30 21:25:28 | 000,093,568 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys [2014-09-30 21:25:28 | 000,079,184 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2014-09-30 21:25:26 | 000,307,344 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2014-09-30 21:25:20 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr [2014-09-30 21:24:00 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2014-09-30 21:21:33 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software [2014-09-29 22:30:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Trusted Publisher [2014-09-29 22:29:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GS_Booster [2014-09-29 22:29:38 | 000,000,000 | ---D | C] -- C:\ProgramData\GoSaovE [2014-09-29 22:29:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GoSaovE [2014-09-29 22:29:35 | 000,000,000 | ---D | C] -- C:\Users\Adrian\AppData\Local\Torch [2014-09-29 22:29:35 | 000,000,000 | ---D | C] -- C:\Users\Adrian\AppData\Local\Comodo [2014-09-29 22:29:35 | 000,000,000 | ---D | C] -- C:\Users\Adrian\AppData\Local\Chromatic Browser [2014-09-29 21:38:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth [2014-09-29 16:48:36 | 000,000,000 | ---D | C] -- C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome [2014-09-29 14:16:02 | 000,000,000 | ---D | C] -- C:\ProgramData\873995a108fd12ab [2014-09-29 14:15:49 | 000,000,000 | ---D | C] -- C:\ProgramData\ProShoppper [2014-09-28 21:23:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Performance Optimizer [2014-09-25 14:39:28 | 000,000,000 | ---D | C] -- C:\Users\Adrian\AppData\Roaming\uTorrent [2014-09-21 20:39:33 | 000,000,000 | ---D | C] -- C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SopCast [2014-09-21 20:39:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SopCast [2014-09-21 20:39:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SopCast [2014-09-19 15:56:44 | 000,000,000 | ---D | C] -- C:\Users\Adrian\AppData\Roaming\OBS [2014-09-19 15:56:42 | 000,000,000 | ---D | C] -- C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software [2014-09-19 15:56:41 | 000,000,000 | ---D | C] -- C:\Program Files\OBS [2014-09-19 15:56:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OBS [2014-09-19 15:54:13 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll [2014-09-19 15:54:13 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll [2014-09-19 15:54:13 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll [2014-09-19 15:54:13 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll [2014-09-19 15:54:13 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll [2014-09-19 15:54:13 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll [2014-09-19 15:54:13 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll [2014-09-19 15:54:13 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll [2014-09-19 15:54:12 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll [2014-09-19 15:54:12 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll [2014-09-19 15:54:12 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll [2014-09-19 15:54:12 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll [2014-09-19 15:54:11 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll [2014-09-19 15:54:11 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll [2014-09-19 15:54:11 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll [2014-09-19 15:54:11 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll [2014-09-19 15:54:11 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll [2014-09-19 15:54:11 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll [2014-09-19 15:54:11 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll [2014-09-19 15:54:11 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll [2014-09-19 15:54:10 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll [2014-09-19 15:54:10 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll [2014-09-19 15:54:10 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll [2014-09-19 15:54:10 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll [2014-09-19 15:54:08 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll [2014-09-19 15:54:08 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll [2014-09-19 15:54:07 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll [2014-09-19 15:54:07 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll [2014-09-19 15:54:07 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll [2014-09-19 15:54:07 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll [2014-09-19 15:54:06 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll [2014-09-19 15:54:06 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll [2014-09-19 15:54:06 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll [2014-09-19 15:54:06 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll [2014-09-19 15:54:06 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll [2014-09-19 15:54:06 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll [2014-09-19 15:54:05 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll [2014-09-19 15:54:05 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll [2014-09-19 15:54:05 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll [2014-09-19 15:54:05 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll [2014-09-19 15:54:05 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll [2014-09-19 15:54:05 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll [2014-09-19 15:54:05 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll [2014-09-19 15:54:05 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll [2014-09-19 15:54:04 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll [2014-09-19 15:54:04 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll [2014-09-19 15:54:04 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll [2014-09-19 15:54:04 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll [2014-09-19 15:54:04 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll [2014-09-19 15:54:04 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll [2014-09-19 15:54:03 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll [2014-09-19 15:54:03 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll [2014-09-19 15:54:03 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll [2014-09-19 15:54:03 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll [2014-09-19 15:54:03 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll [2014-09-19 15:54:03 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll [2014-09-19 15:54:03 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll [2014-09-19 15:54:03 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll [2014-09-19 15:54:01 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll [2014-09-19 15:54:01 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll [2014-09-19 15:54:01 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll [2014-09-19 15:54:01 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll [2014-09-19 15:54:01 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll [2014-09-19 15:54:01 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll [2014-09-19 15:54:01 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll [2014-09-19 15:54:01 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll [2014-09-19 15:54:00 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll [2014-09-19 15:54:00 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll [2014-09-19 15:53:59 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll [2014-09-19 15:53:59 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll [2014-09-19 15:53:59 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll [2014-09-19 15:53:59 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll [2014-09-19 15:53:59 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll [2014-09-19 15:53:59 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll [2014-09-19 15:53:59 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll [2014-09-19 15:53:59 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll [2014-09-19 15:53:59 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll [2014-09-19 15:53:59 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll [2014-09-19 15:53:57 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll [2014-09-19 15:53:57 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll [2014-09-19 15:53:57 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll [2014-09-19 15:53:57 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll [2014-09-19 15:53:57 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll [2014-09-19 15:53:57 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll [2014-09-19 15:53:57 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll [2014-09-19 15:53:57 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll [2014-09-19 15:53:56 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll [2014-09-19 15:53:56 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll [2014-09-19 15:53:56 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll [2014-09-19 15:53:56 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll [2014-09-19 15:53:55 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll [2014-09-19 15:53:55 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll [2014-09-19 15:53:55 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll [2014-09-19 15:53:55 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll [2014-09-19 15:53:53 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll [2014-09-19 15:53:53 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll [2014-09-19 15:53:53 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll [2014-09-19 15:53:53 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll [2014-09-19 15:53:53 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll [2014-09-19 15:53:53 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll [2014-09-19 15:53:53 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll [2014-09-19 15:53:53 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll [2014-09-19 15:53:53 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll [2014-09-19 15:53:53 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll [2014-09-19 15:53:51 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll [2014-09-19 15:53:51 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll [2014-09-19 15:53:51 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll [2014-09-19 15:53:51 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll [2014-09-19 15:53:51 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll [2014-09-19 15:53:51 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll [2014-09-19 15:53:50 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll [2014-09-19 15:53:50 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll [2014-09-19 15:53:50 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll [2014-09-19 15:53:50 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll [2014-09-19 15:53:50 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll [2014-09-19 15:53:50 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll [2014-09-19 15:53:50 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll [2014-09-19 15:53:50 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll [2014-09-19 15:53:50 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll [2014-09-19 15:53:50 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll [2014-09-19 15:53:49 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll [2014-09-19 15:53:49 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll [2014-09-19 15:53:49 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll [2014-09-19 15:53:49 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll [2014-09-19 15:53:49 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll [2014-09-19 15:53:49 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll [2014-09-19 15:53:49 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll [2014-09-19 15:53:49 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll [2014-09-19 15:53:49 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll [2014-09-19 15:53:49 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll [2014-09-19 15:53:49 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll [2014-09-19 15:53:49 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll [2014-09-19 15:53:48 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll [2014-09-19 15:53:48 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll [2014-09-19 15:53:48 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll [2014-09-19 15:53:48 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll [2014-09-19 15:53:48 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll [2014-09-19 15:53:48 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll [2014-09-19 15:53:48 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll [2014-09-19 15:53:48 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll [2014-09-19 15:53:46 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll [2014-09-19 15:53:46 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll [2014-09-19 15:53:45 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll [2014-09-19 15:53:45 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll [2014-09-19 15:53:45 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll [2014-09-19 15:53:45 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll [2014-09-19 15:53:45 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll [2014-09-19 15:53:45 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll [2014-09-19 15:53:44 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll [2014-09-19 15:53:44 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll [2014-09-19 15:53:44 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll [2014-09-19 15:53:44 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll [2014-09-19 15:53:44 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll [2014-09-19 15:53:44 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll [2014-09-19 15:53:44 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll [2014-09-19 15:53:44 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll [2014-09-19 15:53:44 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll [2014-09-19 15:53:44 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll [2014-09-19 15:53:44 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll [2014-09-19 15:53:44 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll [2014-09-19 15:53:44 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll [2014-09-19 15:53:44 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll [2014-09-19 15:53:43 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll [2014-09-19 15:53:43 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll [2014-09-19 15:53:42 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll [2014-09-19 15:53:42 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll [2014-09-19 15:53:42 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll [2014-09-19 15:53:42 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll [2014-09-19 15:53:42 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll [2014-09-19 15:53:42 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll [2014-09-19 15:53:40 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll [2014-09-19 15:53:40 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll [2014-09-19 15:53:39 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll [2014-09-19 15:53:39 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll [2014-09-19 15:53:39 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll [2014-09-19 15:53:39 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll [2014-09-19 15:53:39 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll [2014-09-19 15:53:39 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll [2014-09-19 15:53:39 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll [2014-09-19 15:53:39 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll [2014-09-19 15:53:37 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll [2014-09-19 15:53:37 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll [2014-09-19 15:51:12 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx [color=#E56717]========== Files - Modified Within 14 Days ==========[/color] [2014-09-30 21:40:00 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2014-09-30 21:25:52 | 000,001,966 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2014-09-30 21:25:44 | 000,427,360 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsp.sys [2014-09-30 21:25:20 | 001,041,168 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2014-09-30 21:25:20 | 000,426,848 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsp.sys.1412105144409 [2014-09-30 21:25:20 | 000,307,344 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2014-09-30 21:25:20 | 000,224,896 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys [2014-09-30 21:25:20 | 000,093,568 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys [2014-09-30 21:25:20 | 000,092,008 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys [2014-09-30 21:25:20 | 000,079,184 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2014-09-30 21:25:20 | 000,065,776 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys [2014-09-30 21:25:20 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2014-09-30 21:25:20 | 000,029,208 | ---- | M] () -- C:\Windows\SysNative\drivers\aswHwid.sys [2014-09-30 21:11:10 | 000,021,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2014-09-30 21:11:10 | 000,021,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2014-09-30 21:03:24 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2014-09-30 21:03:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2014-09-30 21:03:03 | 3193,831,424 | -HS- | M] () -- C:\hiberfil.sys [2014-09-29 22:32:19 | 006,586,368 | ---- | M] () -- C:\Users\Adrian\Desktop\Malpa-Kilka_Numerow_O_Czyms-Bootleg_CD-PL-2009-211%281%29.rar [2014-09-29 22:29:37 | 000,000,266 | RHS- | M] () -- C:\ProgramData\ntuser.pol [2014-09-29 21:38:56 | 000,002,212 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk [2014-09-29 16:48:36 | 000,002,337 | ---- | M] () -- C:\Users\Adrian\Desktop\Program uruchamiający aplikacje Chrome.lnk [2014-09-28 14:53:32 | 000,313,290 | ---- | M] () -- C:\Users\Adrian\Desktop\zen.png [2014-09-27 13:46:58 | 000,041,099 | ---- | M] () -- C:\Users\Adrian\Desktop\51GCDo3vilL.jpg [2014-09-26 15:03:38 | 000,382,524 | ---- | M] () -- C:\Users\Adrian\Desktop\Bez tytułu.png [2014-09-26 15:02:57 | 004,188,916 | ---- | M] () -- C:\Users\Adrian\Desktop\bp4uyuy.png [2014-09-25 22:01:39 | 000,004,893 | ---- | M] () -- C:\Users\Adrian\Desktop\almbda.png [2014-09-25 14:43:54 | 000,002,189 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2014-09-25 14:41:31 | 000,000,859 | ---- | M] () -- C:\Users\Adrian\Desktop\µTorrent.lnk [2014-09-21 20:39:33 | 000,000,991 | ---- | M] () -- C:\Users\Adrian\Desktop\SopCast.lnk [2014-09-19 15:56:42 | 000,000,935 | ---- | M] () -- C:\Users\Adrian\Desktop\Open Broadcaster Software.lnk [2014-09-18 21:38:18 | 000,001,057 | ---- | M] () -- C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-09-18 21:38:03 | 000,001,027 | ---- | M] () -- C:\Users\Adrian\Desktop\Dropbox.lnk [color=#E56717]========== Files Created - No Company Name ==========[/color] [2014-09-30 21:25:52 | 000,001,966 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2014-09-30 21:25:33 | 000,224,896 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys [2014-09-30 21:25:29 | 000,065,776 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys [2014-09-30 21:25:28 | 000,029,208 | ---- | C] () -- C:\Windows\SysNative\drivers\aswHwid.sys [2014-09-29 22:30:11 | 006,586,368 | ---- | C] () -- C:\Users\Adrian\Desktop\Malpa-Kilka_Numerow_O_Czyms-Bootleg_CD-PL-2009-211%281%29.rar [2014-09-29 22:29:37 | 000,000,266 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2014-09-29 21:38:56 | 000,002,212 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk [2014-09-29 16:48:36 | 000,002,337 | ---- | C] () -- C:\Users\Adrian\Desktop\Program uruchamiający aplikacje Chrome.lnk [2014-09-28 14:53:31 | 000,313,290 | ---- | C] () -- C:\Users\Adrian\Desktop\zen.png [2014-09-27 13:46:48 | 000,041,099 | ---- | C] () -- C:\Users\Adrian\Desktop\51GCDo3vilL.jpg [2014-09-26 15:02:56 | 004,188,916 | ---- | C] () -- C:\Users\Adrian\Desktop\bp4uyuy.png [2014-09-25 21:59:56 | 000,004,893 | ---- | C] () -- C:\Users\Adrian\Desktop\almbda.png [2014-09-25 14:41:31 | 000,000,859 | ---- | C] () -- C:\Users\Adrian\Desktop\µTorrent.lnk [2014-09-21 20:39:33 | 000,000,991 | ---- | C] () -- C:\Users\Adrian\Desktop\SopCast.lnk [2014-09-19 15:56:42 | 000,000,935 | ---- | C] () -- C:\Users\Adrian\Desktop\Open Broadcaster Software.lnk [2014-09-06 14:53:56 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2014-09-06 14:44:18 | 001,640,128 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2014-04-18 04:22:56 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe [2014-04-18 04:22:56 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe [2014-04-18 03:25:52 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2014-04-18 03:25:50 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2014-04-17 22:28:30 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll [color=#E56717]========== ZeroAccess Check ==========[/color] [2009-07-14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2014-03-25 04:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2014-03-25 04:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717]========== LOP Check ==========[/color] [2014-09-30 21:27:02 | 000,000,000 | ---D | M] -- C:\Users\Adrian\AppData\Roaming\AVAST Software [2014-09-30 21:04:58 | 000,000,000 | ---D | M] -- C:\Users\Adrian\AppData\Roaming\Dropbox [2014-09-06 14:51:14 | 000,000,000 | ---D | M] -- C:\Users\Adrian\AppData\Roaming\library_dir [2014-09-06 15:14:40 | 000,000,000 | ---D | M] -- C:\Users\Adrian\AppData\Roaming\ManyCam [2014-09-19 16:24:03 | 000,000,000 | ---D | M] -- C:\Users\Adrian\AppData\Roaming\OBS [2014-09-30 21:04:33 | 000,000,000 | ---D | M] -- C:\Users\Adrian\AppData\Roaming\Spotify [2014-09-13 14:25:25 | 000,000,000 | ---D | M] -- C:\Users\Adrian\AppData\Roaming\TS3Client [2014-09-30 21:53:12 | 000,000,000 | ---D | M] -- C:\Users\Adrian\AppData\Roaming\uTorrent [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 159 bytes -> C:\Users\Adrian\Desktop\zen.png:com.dropbox.attributes < End of report > [/spoiler] RSIT: Info: [spoiler] info.txt logfile of random's system information tool 1.10 2014-09-30 21:54:40 ======MBR====== 0x33C08ED0BC007C8EC08ED8BE007CBF0006B90002FCF3A450681C06CBFBB90400BDBE07807E00007C0B0F850E0183C510E2F1CD1888560055C6461105C6461000B441BBAA55CD135D720F81FB55AA7509F7C101007403FE46106660807E1000742666680000000066FF760868000068007C680100681000B4428A56008BF4CD139F83C4109EEB14B80102BB007C8A56008A76018A4E028A6E03CD136661731CFE4E11750C807E00800F848A00B280EB845532E48A5600CD135DEB9E813EFE7D55AA756EFF7600E88D007517FAB0D1E664E88300B0DFE660E87C00B0FFE664E87500FBB800BBCD1A6623C0753B6681FB54435041753281F90201722C666807BB00006668000200006668080000006653665366556668000000006668007C0000666168000007CD1A5A32F6EA007C0000CD18A0B707EB08A0B607EB03A0B50732E40500078BF0AC3C007409BB0700B40ECD10EBF2F4EBFD2BC9E464EB002402E0F82402C3496E76616C696420706172746974696F6E207461626C65004572726F72206C6F6164696E67206F7065726174696E672073797374656D004D697373696E67206F7065726174696E672073797374656D000000637B9A4111387400008020210007DF130C000800000020030000DF140C07FEFFFF002803000030251300FEFFFF07FEFFFF00582813000010270000000000000000000000000000000055AA ======Uninstall list====== Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\Setup.exe" -runfromtemp -l0x0015 -removeonly avast! Free Antivirus-->C:\Program Files\AVAST Software\Avast\Setup\Instup.exe /control_panel /instop:uninstall Canon Easy-PhotoPrint EX-->C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\uninst.exe Uninst.ini uinstrsc.dll Canon MP Navigator EX 4.0-->"C:\Program Files (x86)\Canon\MP Navigator EX 4.0\Maint.exe" /UninstallRemove C:\Program Files (x86)\Canon\MP Navigator EX 4.0\uninst.ini Canon My Printer-->C:\Program Files\Canon\MyPrinter\uninst.exe uninst.ini uinstrsc.dll Canon Solution Menu EX-->"C:\Program Files (x86)\Canon\Solution Menu EX\uninst.exe" /UninstallRemove C:\Program Files (x86)\Canon\Solution Menu EX\uninst.ini Catalyst Control Center - Branding-->MsiExec.exe /I{25A3B953-1423-3F15-640E-B620DD0F419A} Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\Installer\setup.exe" --uninstall --multi-install --chrome --system-level Google Earth-->MsiExec.exe /X{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E} Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} GS_Sustainer 1.80-->"C:\Windows\system32\RUNDLL32.EXE" "C:\PROGRA~2\GS_BOO~1\ASSIST~1.DLL",_uninstall /un ManyCam 3.1.58-->"C:\Program Files (x86)\ManyCam\uninstall.exe" Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727-->"C:\ProgramData\Package Cache\{15134cb0-b767-4960-a911-f2d16ae54797}\vcredist_x64.exe" /uninstall Open Broadcaster Software-->C:\Program Files (x86)\OBS\uninstall.exe Performance Optimizer-->"C:\Windows\system32\RUNDLL32.EXE" "C:\PROGRA~3\PERFOR~1\PERFOR~1.DLL",_uninstall /un Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly Rejestracja użytkownika drukarki Canon MP280 series-->C:\Program Files (x86)\Canon\IJEREG\MP280 series\UNINST.EXE screenSHU - the fastest screen capture ever.-->"C:\Program Files (x86)\screenSHU\uninstall.exe" Security Update for Microsoft .NET Framework 4.5 (KB2737083)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe /uninstallpatch {00909A54-CC11-3F00-9279-3CE090432A91} Security Update for Microsoft .NET Framework 4.5 (KB2742613)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe /uninstallpatch {36E5C79E-06D3-32C3-9251-D284B9F3F7E7} Security Update for Microsoft .NET Framework 4.5 (KB2789648)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe /uninstallpatch {698F9EB6-6753-318E-8615-53D77414313F} Security Update for Microsoft .NET Framework 4.5 (KB2840642v2)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe /uninstallpatch {4F658047-A12E-38D9-8EA9-D941E4A84B7D} Security Update for Microsoft .NET Framework 4.5 (KB2861208)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe /uninstallpatch {6AF12FE8-C359-3748-BDF6-B437C0A42154} Security Update for Microsoft .NET Framework 4.5 (KB2894854v2)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe /uninstallpatch {F7CBA1C7-E5B5-39E9-9631-459E1FE08C45} Security Update for Microsoft .NET Framework 4.5 (KB2898864)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe /uninstallpatch {FD9140E9-6192-38CC-BCF6-4869B2AEBBCD} Security Update for Microsoft .NET Framework 4.5 (KB2901118)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe /uninstallpatch {D052AECC-7A45-3B76-B62C-F5093799DF8D} Security Update for Microsoft .NET Framework 4.5 (KB2931368)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe /uninstallpatch {599EC629-2679-30CE-B28B-7432EF5FC126} Security Update for Microsoft .NET Framework 4.5 (KB2972216)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe /uninstallpatch {47FA5DCB-D13C-331E-BC32-65E53BDD949C} Skype Click to Call-->MsiExec.exe /X{6D1221A9-17BF-4EC0-81F2-27D30EC30701} Skype™ 6.20-->MsiExec.exe /X{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7} SopCast 3.9.2-->C:\Program Files (x86)\SopCast\uninst.exe WinRAR 5.11 (32-bit)-->C:\Program Files (x86)\WinRAR\uninstall.exe ======System event log====== Computer Name: 37L4247F27-25 Event Code: 7036 Message: Usługa Distributed Link Tracking Client weszła w stan stopped. Record Number: 5 Source Name: Service Control Manager Time Written: 20101121035831.108772-000 Event Type: Informacje User: Computer Name: 37L4247F27-25 Event Code: 7036 Message: Usługa Desktop Window Manager Session Manager weszła w stan stopped. Record Number: 4 Source Name: Service Control Manager Time Written: 20101121035831.108772-000 Event Type: Informacje User: Computer Name: 37L4247F27-25 Event Code: 7036 Message: Usługa Power weszła w stan stopped. Record Number: 3 Source Name: Service Control Manager Time Written: 20101121035831.108772-000 Event Type: Informacje User: Computer Name: 37L4247F27-25 Event Code: 7036 Message: Usługa Windows Event Log weszła w stan stopped. Record Number: 2 Source Name: Service Control Manager Time Written: 20101121035831.093172-000 Event Type: Informacje User: Computer Name: 37L4247F27-25 Event Code: 7036 Message: Usługa Diagnostic Policy Service weszła w stan stopped. Record Number: 1 Source Name: Service Control Manager Time Written: 20101121035831.093172-000 Event Type: Informacje User: =====Application event log===== Computer Name: 37L4247F27-25 Event Code: 5617 Message: Windows Management Instrumentation Service subsystems initialized successfully Record Number: 5 Source Name: Microsoft-Windows-WMI Time Written: 20140905201604.000000-000 Event Type: Informacje User: Computer Name: 37L4247F27-25 Event Code: 5615 Message: Windows Management Instrumentation Service started sucessfully Record Number: 4 Source Name: Microsoft-Windows-WMI Time Written: 20140905201602.000000-000 Event Type: Informacje User: Computer Name: 37L4247F27-25 Event Code: 4625 Message: System podrzędny EventSystem pomija zduplikowane wpisy dziennika zdarzeń przez okres 86400 sekund. Limit czasu pomijania można kontrolować za pomocą wartości REG_DWORD o nazwie SuppressDuplicateDuration w następującym kluczu rejestru: HKLM\Software\Microsoft\EventSystem\EventLog. Record Number: 3 Source Name: Microsoft-Windows-EventSystem Time Written: 20140905201557.000000-000 Event Type: Informacje User: Computer Name: 37L4247F27-25 Event Code: 1531 Message: Usługa profilów użytkowników została uruchomiona pomyślnie. Record Number: 2 Source Name: Microsoft-Windows-User Profiles Service Time Written: 20140905201557.635291-000 Event Type: Informacje User: ZARZĄDZANIE NT\SYSTEM Computer Name: 37L4247F27-25 Event Code: 1532 Message: Usługa profilów użytkowników została zatrzymana. Record Number: 1 Source Name: Microsoft-Windows-User Profiles Service Time Written: 20101121035831.124372-000 Event Type: Informacje User: ZARZĄDZANIE NT\SYSTEM =====Security event log===== Computer Name: 37L4247F27-25 Event Code: 4672 Message: Przypisano specjalne uprawnienia do nowego logowania. Podmiot: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: SYSTEM Domena konta: ZARZĄDZANIE NT Identyfikator logowania: 0x3e7 Uprawnienia: SeAssignPrimaryTokenPrivilege SeTcbPrivilege SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeAuditPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 5 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20140905201545.186469-000 Event Type: Sukcesy inspekcji User: Computer Name: 37L4247F27-25 Event Code: 4624 Message: Użytkownik pomyślnie zalogował się na koncie. Podmiot: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: 37L4247F27-25$ Domena konta: WORKGROUP Identyfikator logowania: 0x3e7 Typ logowania: 5 Nowe logowanie: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: SYSTEM Domena konta: ZARZĄDZANIE NT Identyfikator logowania: 0x3e7 Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000} Informacje o procesie: Identyfikator procesu: 0x1d0 Nazwa procesu: C:\Windows\System32\services.exe Informacje o sieci: Nazwa stacji roboczej: Adres źródłowy sieci: - Port źródłowy: - Szczegółowe informacje o uwierzytelnianiu: Proces logowania: Advapi Pakiet uwierzytelniania: Negotiate Usługi przejściowe: - Nazwa pakietu (tylko NTLM): - Długość klucza: 0 To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do którego został uzyskany dostęp. Pola podmiotu wskazują konto w systemie lokalnym, które zażądało logowania. Najczęściej jest to usługa, na przykład usługa Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe. Pole typu logowania wskazuje rodzaj zaistniałego logowania. Najczęstsze typy to 2 (interakcyjne) i 3 (sieciowe). Pola nowego logowania wskazują konto, dla którego zostało utworzone nowe logowanie, czyli konto, które zostało zalogowane. Pola sieci wskazują lokalizację, z której pochodziło zdalne żądanie logowania. Nazwa stacji roboczej nie zawsze jest dostępna i w niektórych przypadkach może być pusta. Pola informacji o uwierzytelnianiu zawierają szczegółowe informacje o tym konkretnym żądaniu logowania. - Identyfikator GUID logowania to unikatowy identyfikator, za pomocą którego można skorelować to zdarzenie ze zdarzeniem centrum dystrybucji kluczy. - Usługi przejściowe wskazują, które usługi pośrednie uczestniczyły w tym żądaniu logowania. - Nazwa pakietu wskazuje, który protokół podrzędny spośród protokołów NTLM został użyty. - Długość klucza wskazuje długość wygenerowanego klucza sesji. Jeśli nie zażądano klucza sesji, jest to wartość 0. Record Number: 4 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20140905201545.186469-000 Event Type: Sukcesy inspekcji User: Computer Name: 37L4247F27-25 Event Code: 4902 Message: Utworzono tabelę zasad inspekcji użytkownika. Liczba elementów: 0 Identyfikator zasad: 0x31245 Record Number: 3 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20140905201539.320859-000 Event Type: Sukcesy inspekcji User: Computer Name: 37L4247F27-25 Event Code: 4624 Message: Użytkownik pomyślnie zalogował się na koncie. Podmiot: Identyfikator zabezpieczeń: S-1-0-0 Nazwa konta: - Domena konta: - Identyfikator logowania: 0x0 Typ logowania: 0 Nowe logowanie: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: SYSTEM Domena konta: ZARZĄDZANIE NT Identyfikator logowania: 0x3e7 Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000} Informacje o procesie: Identyfikator procesu: 0x4 Nazwa procesu: Informacje o sieci: Nazwa stacji roboczej: - Adres źródłowy sieci: - Port źródłowy: - Szczegółowe informacje o uwierzytelnianiu: Proces logowania: - Pakiet uwierzytelniania: - Usługi przejściowe: - Nazwa pakietu (tylko NTLM): - Długość klucza: 0 To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do którego został uzyskany dostęp. Pola podmiotu wskazują konto w systemie lokalnym, które zażądało logowania. Najczęściej jest to usługa, na przykład usługa Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe. Pole typu logowania wskazuje rodzaj zaistniałego logowania. Najczęstsze typy to 2 (interakcyjne) i 3 (sieciowe). Pola nowego logowania wskazują konto, dla którego zostało utworzone nowe logowanie, czyli konto, które zostało zalogowane. Pola sieci wskazują lokalizację, z której pochodziło zdalne żądanie logowania. Nazwa stacji roboczej nie zawsze jest dostępna i w niektórych przypadkach może być pusta. Pola informacji o uwierzytelnianiu zawierają szczegółowe informacje o tym konkretnym żądaniu logowania. - Identyfikator GUID logowania to unikatowy identyfikator, za pomocą którego można skorelować to zdarzenie ze zdarzeniem centrum dystrybucji kluczy. - Usługi przejściowe wskazują, które usługi pośrednie uczestniczyły w tym żądaniu logowania. - Nazwa pakietu wskazuje, który protokół podrzędny spośród protokołów NTLM został użyty. - Długość klucza wskazuje długość wygenerowanego klucza sesji. Jeśli nie zażądano klucza sesji, jest to wartość 0. Record Number: 2 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20140905201537.745256-000 Event Type: Sukcesy inspekcji User: Computer Name: 37L4247F27-25 Event Code: 4608 Message: Trwa uruchamianie systemu Windows. To zdarzenie jest rejestrowane w momencie uruchamiania programu LSASS.EXE i inicjowania podsystemu inspekcji. Record Number: 1 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20140905201537.651656-000 Event Type: Sukcesy inspekcji User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=AMD64 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\ "NUMBER_OF_PROCESSORS"=4 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 42 Stepping 7, GenuineIntel "PROCESSOR_REVISION"=2a07 "windows_tracing_logfile"=C:\BVTBin\Tests\installpackage\csilogfile.log "windows_tracing_flags"=3 -----------------EOF----------------- [/spoiler] Log: [spoiler] Logfile of random's system information tool 1.10 (written by random/random) Run by Adrian at 2014-09-30 21:54:29 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 113 GB (72%) free of 157 GB Total RAM: 4061 MB (20% free) ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-09-30 457712] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-04-17 767200] "CanonSolutionMenuEx"=C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [2010-04-02 1185112] "AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-09-30 4086432] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "GoogleChromeAutoLaunch_257F9E5159429344AA5489535C1FAD3E"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2014-09-23 852808] "Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-08-27 22041192] "ManyCam"=C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe [2013-06-21 5396304] "screenSHU"=C:\Program Files (x86)\screenSHU\screenSHU.exe [2013-09-04 2112000] "Spotify Web Helper"=C:\Users\Adrian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-09-19 1245752] "Spotify"=C:\Users\Adrian\AppData\Roaming\Spotify\spotify.exe [2014-09-19 6342200] "uTorrent"=C:\Users\Adrian\AppData\Roaming\uTorrent\uTorrent.exe [2014-09-25 1943376] C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Dropbox.lnk - C:\Users\Adrian\AppData\Roaming\Dropbox\bin\Dropbox.exe [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvyu"=msyuv.dll "vidc.iyuv"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "vidc.yvu9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm "vidc.cvid"=iccvid.dll "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "aux2"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv "aux3"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-09-30 21:54:29 ----D---- C:\rsit 2014-09-30 21:54:29 ----D---- C:\Program Files (x86)\trend micro 2014-09-30 21:27:02 ----D---- C:\Users\Adrian\AppData\Roaming\AVAST Software 2014-09-30 21:25:20 ----A---- C:\Windows\avastSS.scr 2014-09-30 21:21:33 ----D---- C:\ProgramData\AVAST Software 2014-09-29 22:30:05 ----D---- C:\ProgramData\Trusted Publisher 2014-09-29 22:29:56 ----D---- C:\Program Files (x86)\GS_Booster 2014-09-29 22:29:38 ----D---- C:\ProgramData\GoSaovE 2014-09-29 22:29:36 ----D---- C:\Program Files (x86)\GoSaovE 2014-09-29 14:16:02 ----D---- C:\ProgramData\873995a108fd12ab 2014-09-29 14:15:49 ----D---- C:\ProgramData\ProShoppper 2014-09-28 21:23:14 ----D---- C:\ProgramData\Performance Optimizer 2014-09-25 14:39:28 ----D---- C:\Users\Adrian\AppData\Roaming\uTorrent 2014-09-21 20:39:33 ----D---- C:\Program Files (x86)\SopCast 2014-09-19 15:56:44 ----D---- C:\Users\Adrian\AppData\Roaming\OBS 2014-09-19 15:56:40 ----D---- C:\Program Files (x86)\OBS 2014-09-19 15:54:13 ----A---- C:\Windows\SysWOW64\XAudio2_7.dll 2014-09-19 15:54:13 ----A---- C:\Windows\SysWOW64\XAPOFX1_5.dll 2014-09-19 15:54:13 ----A---- C:\Windows\SysWOW64\xactengine3_7.dll 2014-09-19 15:54:13 ----A---- C:\Windows\SysWOW64\D3DCompiler_43.dll 2014-09-19 15:54:12 ----A---- C:\Windows\SysWOW64\d3dx11_43.dll 2014-09-19 15:54:12 ----A---- C:\Windows\SysWOW64\d3dcsx_43.dll 2014-09-19 15:54:11 ----A---- C:\Windows\SysWOW64\XAudio2_6.dll 2014-09-19 15:54:11 ----A---- C:\Windows\SysWOW64\XAPOFX1_4.dll 2014-09-19 15:54:11 ----A---- C:\Windows\SysWOW64\D3DX9_43.dll 2014-09-19 15:54:11 ----A---- C:\Windows\SysWOW64\d3dx10_43.dll 2014-09-19 15:54:10 ----A---- C:\Windows\SysWOW64\xactengine3_6.dll 2014-09-19 15:54:10 ----A---- C:\Windows\SysWOW64\X3DAudio1_7.dll 2014-09-19 15:54:08 ----A---- C:\Windows\SysWOW64\XAudio2_5.dll 2014-09-19 15:54:07 ----A---- C:\Windows\SysWOW64\xactengine3_5.dll 2014-09-19 15:54:07 ----A---- C:\Windows\SysWOW64\D3DCompiler_42.dll 2014-09-19 15:54:06 ----A---- C:\Windows\SysWOW64\d3dx11_42.dll 2014-09-19 15:54:06 ----A---- C:\Windows\SysWOW64\d3dx10_42.dll 2014-09-19 15:54:06 ----A---- C:\Windows\SysWOW64\d3dcsx_42.dll 2014-09-19 15:54:05 ----A---- C:\Windows\SysWOW64\D3DX9_42.dll 2014-09-19 15:54:05 ----A---- C:\Windows\SysWOW64\D3DX9_41.dll 2014-09-19 15:54:05 ----A---- C:\Windows\SysWOW64\d3dx10_41.dll 2014-09-19 15:54:05 ----A---- C:\Windows\SysWOW64\D3DCompiler_41.dll 2014-09-19 15:54:04 ----A---- C:\Windows\SysWOW64\XAudio2_4.dll 2014-09-19 15:54:04 ----A---- C:\Windows\SysWOW64\XAPOFX1_3.dll 2014-09-19 15:54:04 ----A---- C:\Windows\SysWOW64\xactengine3_4.dll 2014-09-19 15:54:03 ----A---- C:\Windows\SysWOW64\X3DAudio1_6.dll 2014-09-19 15:54:03 ----A---- C:\Windows\SysWOW64\D3DX9_40.dll 2014-09-19 15:54:03 ----A---- C:\Windows\SysWOW64\d3dx10_40.dll 2014-09-19 15:54:03 ----A---- C:\Windows\SysWOW64\D3DCompiler_40.dll 2014-09-19 15:54:01 ----A---- C:\Windows\SysWOW64\XAudio2_3.dll 2014-09-19 15:54:01 ----A---- C:\Windows\SysWOW64\XAPOFX1_2.dll 2014-09-19 15:54:01 ----A---- C:\Windows\SysWOW64\xactengine3_3.dll 2014-09-19 15:54:01 ----A---- C:\Windows\SysWOW64\X3DAudio1_5.dll 2014-09-19 15:54:00 ----A---- C:\Windows\SysWOW64\XAPOFX1_1.dll 2014-09-19 15:53:59 ----A---- C:\Windows\SysWOW64\XAudio2_2.dll 2014-09-19 15:53:59 ----A---- C:\Windows\SysWOW64\xactengine3_2.dll 2014-09-19 15:53:59 ----A---- C:\Windows\SysWOW64\D3DX9_39.dll 2014-09-19 15:53:59 ----A---- C:\Windows\SysWOW64\d3dx10_39.dll 2014-09-19 15:53:59 ----A---- C:\Windows\SysWOW64\D3DCompiler_39.dll 2014-09-19 15:53:57 ----A---- C:\Windows\SysWOW64\XAudio2_1.dll 2014-09-19 15:53:57 ----A---- C:\Windows\SysWOW64\XAPOFX1_0.dll 2014-09-19 15:53:57 ----A---- C:\Windows\SysWOW64\xactengine3_1.dll 2014-09-19 15:53:57 ----A---- C:\Windows\SysWOW64\X3DAudio1_4.dll 2014-09-19 15:53:56 ----A---- C:\Windows\SysWOW64\d3dx10_38.dll 2014-09-19 15:53:56 ----A---- C:\Windows\SysWOW64\D3DCompiler_38.dll 2014-09-19 15:53:55 ----A---- C:\Windows\SysWOW64\XAudio2_0.dll 2014-09-19 15:53:55 ----A---- C:\Windows\SysWOW64\D3DX9_38.dll 2014-09-19 15:53:53 ----A---- C:\Windows\SysWOW64\xactengine3_0.dll 2014-09-19 15:53:53 ----A---- C:\Windows\SysWOW64\X3DAudio1_3.dll 2014-09-19 15:53:53 ----A---- C:\Windows\SysWOW64\D3DX9_37.dll 2014-09-19 15:53:53 ----A---- C:\Windows\SysWOW64\d3dx10_37.dll 2014-09-19 15:53:53 ----A---- C:\Windows\SysWOW64\D3DCompiler_37.dll 2014-09-19 15:53:51 ----A---- C:\Windows\SysWOW64\xactengine2_10.dll 2014-09-19 15:53:51 ----A---- C:\Windows\SysWOW64\d3dx10_36.dll 2014-09-19 15:53:51 ----A---- C:\Windows\SysWOW64\D3DCompiler_36.dll 2014-09-19 15:53:50 ----A---- C:\Windows\SysWOW64\xactengine2_9.dll 2014-09-19 15:53:50 ----A---- C:\Windows\SysWOW64\d3dx9_36.dll 2014-09-19 15:53:50 ----A---- C:\Windows\SysWOW64\d3dx9_35.dll 2014-09-19 15:53:50 ----A---- C:\Windows\SysWOW64\d3dx10_35.dll 2014-09-19 15:53:50 ----A---- C:\Windows\SysWOW64\D3DCompiler_35.dll 2014-09-19 15:53:49 ----A---- C:\Windows\SysWOW64\xinput1_3.dll 2014-09-19 15:53:49 ----A---- C:\Windows\SysWOW64\xactengine2_8.dll 2014-09-19 15:53:49 ----A---- C:\Windows\SysWOW64\X3DAudio1_2.dll 2014-09-19 15:53:49 ----A---- C:\Windows\SysWOW64\d3dx9_34.dll 2014-09-19 15:53:49 ----A---- C:\Windows\SysWOW64\d3dx10_34.dll 2014-09-19 15:53:49 ----A---- C:\Windows\SysWOW64\D3DCompiler_34.dll 2014-09-19 15:53:48 ----A---- C:\Windows\SysWOW64\xactengine2_7.dll 2014-09-19 15:53:48 ----A---- C:\Windows\SysWOW64\d3dx9_33.dll 2014-09-19 15:53:48 ----A---- C:\Windows\SysWOW64\d3dx10_33.dll 2014-09-19 15:53:48 ----A---- C:\Windows\SysWOW64\D3DCompiler_33.dll 2014-09-19 15:53:46 ----A---- C:\Windows\SysWOW64\xactengine2_6.dll 2014-09-19 15:53:45 ----A---- C:\Windows\SysWOW64\xactengine2_5.dll 2014-09-19 15:53:45 ----A---- C:\Windows\SysWOW64\d3dx9_32.dll 2014-09-19 15:53:45 ----A---- C:\Windows\SysWOW64\d3dx10.dll 2014-09-19 15:53:44 ----A---- C:\Windows\SysWOW64\xinput1_2.dll 2014-09-19 15:53:44 ----A---- C:\Windows\SysWOW64\xinput1_1.dll 2014-09-19 15:53:44 ----A---- C:\Windows\SysWOW64\xactengine2_4.dll 2014-09-19 15:53:44 ----A---- C:\Windows\SysWOW64\xactengine2_3.dll 2014-09-19 15:53:44 ----A---- C:\Windows\SysWOW64\xactengine2_2.dll 2014-09-19 15:53:44 ----A---- C:\Windows\SysWOW64\x3daudio1_1.dll 2014-09-19 15:53:44 ----A---- C:\Windows\SysWOW64\d3dx9_31.dll 2014-09-19 15:53:43 ----A---- C:\Windows\SysWOW64\xactengine2_1.dll 2014-09-19 15:53:42 ----A---- C:\Windows\SysWOW64\xactengine2_0.dll 2014-09-19 15:53:42 ----A---- C:\Windows\SysWOW64\x3daudio1_0.dll 2014-09-19 15:53:42 ----A---- C:\Windows\SysWOW64\d3dx9_30.dll 2014-09-19 15:53:40 ----A---- C:\Windows\SysWOW64\d3dx9_29.dll 2014-09-19 15:53:39 ----A---- C:\Windows\SysWOW64\d3dx9_28.dll 2014-09-19 15:53:39 ----A---- C:\Windows\SysWOW64\d3dx9_27.dll 2014-09-19 15:53:39 ----A---- C:\Windows\SysWOW64\d3dx9_26.dll 2014-09-19 15:53:39 ----A---- C:\Windows\SysWOW64\d3dx9_25.dll 2014-09-19 15:53:37 ----A---- C:\Windows\SysWOW64\d3dx9_24.dll 2014-09-19 15:51:12 ----D---- C:\Windows\SysWOW64\directx 2014-09-12 00:28:08 ----A---- C:\Windows\SysWOW64\ieui.dll 2014-09-12 00:28:07 ----A---- C:\Windows\SysWOW64\vbscript.dll 2014-09-12 00:28:07 ----A---- C:\Windows\SysWOW64\msrating.dll 2014-09-12 00:28:07 ----A---- C:\Windows\SysWOW64\MshtmlDac.dll 2014-09-12 00:28:07 ----A---- C:\Windows\SysWOW64\ieUnatt.exe 2014-09-12 00:28:07 ----A---- C:\Windows\SysWOW64\dxtrans.dll 2014-09-12 00:28:07 ----A---- C:\Windows\SysWOW64\dxtmsft.dll 2014-09-12 00:28:06 ----A---- C:\Windows\SysWOW64\mshtmled.dll 2014-09-12 00:28:06 ----A---- C:\Windows\SysWOW64\msfeeds.dll 2014-09-12 00:28:06 ----A---- C:\Windows\SysWOW64\jsproxy.dll 2014-09-12 00:28:06 ----A---- C:\Windows\SysWOW64\jscript9diag.dll 2014-09-12 00:28:06 ----A---- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-09-12 00:28:06 ----A---- C:\Windows\SysWOW64\iesetup.dll 2014-09-12 00:28:06 ----A---- C:\Windows\SysWOW64\iernonce.dll 2014-09-12 00:28:06 ----A---- C:\Windows\SysWOW64\iedkcs32.dll 2014-09-12 00:28:05 ----A---- C:\Windows\SysWOW64\mshtmlmedia.dll 2014-09-12 00:28:05 ----A---- C:\Windows\SysWOW64\ieetwproxystub.dll 2014-09-12 00:28:05 ----A---- C:\Windows\SysWOW64\ieapfltr.dll 2014-09-12 00:28:03 ----A---- C:\Windows\SysWOW64\wininet.dll 2014-09-12 00:28:03 ----A---- C:\Windows\SysWOW64\iertutil.dll 2014-09-12 00:28:02 ----A---- C:\Windows\SysWOW64\urlmon.dll 2014-09-12 00:28:02 ----A---- C:\Windows\SysWOW64\jscript9.dll 2014-09-12 00:28:01 ----A---- C:\Windows\SysWOW64\mshtml.dll 2014-09-12 00:28:01 ----A---- C:\Windows\SysWOW64\ieframe.dll 2014-09-11 18:28:55 ----A---- C:\Windows\SysWOW64\sspicli.dll 2014-09-11 18:28:55 ----A---- C:\Windows\SysWOW64\secur32.dll 2014-09-11 18:28:55 ----A---- C:\Windows\SysWOW64\kerberos.dll 2014-09-10 00:51:35 ----HD---- C:\ProgramData\CanonIJSolutionMenuEX 2014-09-10 00:51:31 ----HD---- C:\ProgramData\CanonIJEPPEX2 2014-09-10 00:51:31 ----HD---- C:\ProgramData\CanonEPP 2014-09-10 00:51:11 ----HD---- C:\ProgramData\CanonIJMyPrinter 2014-09-09 18:40:41 ----D---- C:\ProgramData\CanonIJPLM 2014-09-09 18:37:25 ----D---- C:\ProgramData\CanonIJMSetup 2014-09-09 18:37:15 ----D---- C:\ProgramData\CanonIJWSpt 2014-09-09 18:36:01 ----HD---- C:\ProgramData\CanonBJ 2014-09-09 18:35:56 ----A---- C:\Windows\SysWOW64\CNHMCA.dll 2014-09-09 18:35:56 ----A---- C:\Windows\SysWOW64\CNC280U.dll 2014-09-09 18:35:56 ----A---- C:\Windows\SysWOW64\CNC280L.dll 2014-09-09 18:34:03 ----D---- C:\Program Files (x86)\Canon 2014-09-09 18:23:21 ----D---- C:\Users\Adrian\AppData\Roaming\WinRAR 2014-09-09 18:23:04 ----D---- C:\Program Files (x86)\WinRAR 2014-09-08 18:37:44 ----D---- C:\Users\Adrian\AppData\Roaming\TS3Client 2014-09-08 14:26:58 ----A---- C:\Windows\SysWOW64\d3d10warp.dll 2014-09-08 14:26:58 ----A---- C:\Windows\SysWOW64\d2d1.dll 2014-09-07 21:37:20 ----D---- C:\Users\Adrian\AppData\Roaming\Adobe 2014-09-07 21:33:05 ----D---- C:\Windows\SysWOW64\Wat 2014-09-07 20:09:01 ----A---- C:\Windows\SysWOW64\elshyph.dll 2014-09-07 20:08:59 ----A---- C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2014-09-07 20:08:59 ----A---- C:\Windows\SysWOW64\msls31.dll 2014-09-07 20:08:59 ----A---- C:\Windows\SysWOW64\jsIntl.dll 2014-09-07 20:08:58 ----A---- C:\Windows\SysWOW64\wextract.exe 2014-09-07 20:08:58 ----A---- C:\Windows\SysWOW64\webcheck.dll 2014-09-07 20:08:58 ----A---- C:\Windows\SysWOW64\url.dll 2014-09-07 20:08:58 ----A---- C:\Windows\SysWOW64\pngfilt.dll 2014-09-07 20:08:58 ----A---- C:\Windows\SysWOW64\licmgr10.dll 2014-09-07 20:08:58 ----A---- C:\Windows\SysWOW64\inseng.dll 2014-09-07 20:08:58 ----A---- C:\Windows\SysWOW64\iexpress.exe 2014-09-07 20:08:58 ----A---- C:\Windows\SysWOW64\ieapfltr.dat 2014-09-07 20:08:58 ----A---- C:\Windows\SysWOW64\icardie.dll 2014-09-07 20:08:57 ----A---- C:\Windows\SysWOW64\SetIEInstalledDate.exe 2014-09-07 20:08:57 ----A---- C:\Windows\SysWOW64\occache.dll 2014-09-07 20:08:57 ----A---- C:\Windows\SysWOW64\mshtmler.dll 2014-09-07 20:08:57 ----A---- C:\Windows\SysWOW64\mshta.exe 2014-09-07 20:08:57 ----A---- C:\Windows\SysWOW64\msfeedssync.exe 2014-09-07 20:08:57 ----A---- C:\Windows\SysWOW64\msfeedsbs.dll 2014-09-07 20:08:57 ----A---- C:\Windows\SysWOW64\jscript.dll 2014-09-07 20:08:57 ----A---- C:\Windows\SysWOW64\imgutil.dll 2014-09-07 20:08:57 ----A---- C:\Windows\SysWOW64\iesysprep.dll 2014-09-07 20:08:57 ----A---- C:\Windows\SysWOW64\iepeers.dll 2014-09-07 20:08:57 ----A---- C:\Windows\SysWOW64\IEAdvpack.dll 2014-09-07 20:07:43 ----A---- C:\Windows\SysWOW64\tdh.dll 2014-09-07 20:07:43 ----A---- C:\Windows\SysWOW64\ntdll.dll 2014-09-07 20:07:43 ----A---- C:\Windows\SysWOW64\advapi32.dll 2014-09-07 20:06:57 ----A---- C:\Windows\SysWOW64\mswsock.dll 2014-09-07 20:03:14 ----AH---- C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll 2014-09-07 20:03:14 ----AH---- C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll 2014-09-07 20:03:14 ----AH---- C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2014-09-07 20:03:14 ----AH---- C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2014-09-07 20:03:14 ----AH---- C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll 2014-09-07 20:03:14 ----AH---- C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll 2014-09-07 20:03:14 ----AH---- C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll 2014-09-07 20:03:14 ----AH---- C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll 2014-09-07 20:03:14 ----AH---- C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll 2014-09-07 20:03:14 ----A---- C:\Windows\SysWOW64\XpsPrint.dll 2014-09-07 20:03:14 ----A---- C:\Windows\SysWOW64\XpsGdiConverter.dll 2014-09-07 20:03:14 ----A---- C:\Windows\SysWOW64\WMPhoto.dll 2014-09-07 20:03:14 ----A---- C:\Windows\SysWOW64\WindowsCodecsExt.dll 2014-09-07 20:03:14 ----A---- C:\Windows\SysWOW64\WindowsCodecs.dll 2014-09-07 20:03:14 ----A---- C:\Windows\SysWOW64\UIAnimation.dll 2014-09-07 20:03:14 ----A---- C:\Windows\SysWOW64\msmpeg2vdec.dll 2014-09-07 20:03:14 ----A---- C:\Windows\SysWOW64\dxgi.dll 2014-09-07 20:03:14 ----A---- C:\Windows\SysWOW64\DWrite.dll 2014-09-07 20:03:14 ----A---- C:\Windows\SysWOW64\d3d10level9.dll 2014-09-07 20:03:14 ----A---- C:\Windows\SysWOW64\d3d10core.dll 2014-09-07 20:03:14 ----A---- C:\Windows\SysWOW64\d3d10_1core.dll 2014-09-07 20:03:14 ----A---- C:\Windows\SysWOW64\d3d10_1.dll 2014-09-07 20:03:14 ----A---- C:\Windows\SysWOW64\d3d10.dll 2014-09-07 20:02:12 ----A---- C:\Windows\SysWOW64\d3d11.dll 2014-09-07 12:53:56 ----D---- C:\Program Files (x86)\Microsoft Silverlight 2014-09-07 02:11:05 ----A---- C:\Windows\SysWOW64\infocardapi.dll 2014-09-07 02:11:05 ----A---- C:\Windows\SysWOW64\icardagt.exe 2014-09-07 02:11:03 ----A---- C:\Windows\SysWOW64\icardres.dll 2014-09-07 02:10:55 ----A---- C:\Windows\SysWOW64\TsWpfWrp.exe 2014-09-06 18:43:03 ----D---- C:\Users\Adrian\AppData\Roaming\Spotify 2014-09-06 15:39:32 ----D---- C:\Program Files (x86)\screenSHU 2014-09-06 15:31:54 ----D---- C:\Users\Adrian\AppData\Roaming\Dropbox 2014-09-06 15:19:10 ----D---- C:\ProgramData\374311380 2014-09-06 15:14:30 ----D---- C:\ProgramData\ManyCam 2014-09-06 15:14:28 ----D---- C:\Users\Adrian\AppData\Roaming\ManyCam 2014-09-06 15:14:27 ----D---- C:\Program Files (x86)\ManyCam 2014-09-06 15:13:50 ----D---- C:\ProgramData\IePluginServices 2014-09-06 15:13:47 ----D---- C:\ProgramData\WindowsMangerProtect 2014-09-06 15:10:07 ----A---- C:\Windows\SysWOW64\poqexec.exe 2014-09-06 15:05:38 ----A---- C:\Windows\SysWOW64\tsgqec.dll 2014-09-06 15:05:38 ----A---- C:\Windows\SysWOW64\mstscax.dll 2014-09-06 15:05:38 ----A---- C:\Windows\SysWOW64\aaclient.dll 2014-09-06 15:05:25 ----D---- C:\Users\Adrian\AppData\Roaming\Skype 2014-09-06 15:05:15 ----RD---- C:\Program Files (x86)\Skype 2014-09-06 15:05:15 ----D---- C:\Program Files (x86)\Common Files\Skype 2014-09-06 15:05:11 ----A---- C:\Windows\SysWOW64\comctl32.dll 2014-09-06 15:05:09 ----D---- C:\ProgramData\Skype 2014-09-06 15:05:06 ----A---- C:\Windows\SysWOW64\shell32.dll 2014-09-06 15:04:49 ----A---- C:\Windows\SysWOW64\wintrust.dll 2014-09-06 15:04:34 ----A---- C:\Windows\SysWOW64\odbctrac.dll 2014-09-06 15:04:34 ----A---- C:\Windows\SysWOW64\odbcjt32.dll 2014-09-06 15:04:34 ----A---- C:\Windows\SysWOW64\odbccu32.dll 2014-09-06 15:04:34 ----A---- C:\Windows\SysWOW64\odbccr32.dll 2014-09-06 15:04:34 ----A---- C:\Windows\SysWOW64\odbccp32.dll 2014-09-06 15:04:27 ----A---- C:\Windows\SysWOW64\sbe.dll 2014-09-06 15:04:27 ----A---- C:\Windows\SysWOW64\CPFilters.dll 2014-09-06 15:04:24 ----A---- C:\Windows\SysWOW64\quartz.dll 2014-09-06 15:04:24 ----A---- C:\Windows\SysWOW64\qdvd.dll 2014-09-06 15:04:20 ----A---- C:\Windows\SysWOW64\usp10.dll 2014-09-06 15:04:18 ----A---- C:\Windows\SysWOW64\webio.dll 2014-09-06 15:03:59 ----A---- C:\Windows\SysWOW64\cryptsvc.dll 2014-09-06 15:03:59 ----A---- C:\Windows\SysWOW64\cryptnet.dll 2014-09-06 15:03:59 ----A---- C:\Windows\SysWOW64\crypt32.dll 2014-09-06 15:03:50 ----A---- C:\Windows\SysWOW64\wer.dll 2014-09-06 15:03:46 ----A---- C:\Windows\SysWOW64\wmi.dll 2014-09-06 15:03:46 ----A---- C:\Windows\SysWOW64\imagehlp.dll 2014-09-06 15:03:41 ----A---- C:\Windows\SysWOW64\msxml6r.dll 2014-09-06 15:03:41 ----A---- C:\Windows\SysWOW64\msxml6.dll 2014-09-06 15:03:41 ----A---- C:\Windows\SysWOW64\msxml3r.dll 2014-09-06 15:03:41 ----A---- C:\Windows\SysWOW64\msxml3.dll 2014-09-06 15:03:37 ----A---- C:\Windows\SysWOW64\osk.exe 2014-09-06 15:03:28 ----A---- C:\Windows\SysWOW64\lpk.dll 2014-09-06 15:03:28 ----A---- C:\Windows\SysWOW64\fontsub.dll 2014-09-06 15:03:28 ----A---- C:\Windows\SysWOW64\dciman32.dll 2014-09-06 15:03:28 ----A---- C:\Windows\SysWOW64\atmlib.dll 2014-09-06 15:03:28 ----A---- C:\Windows\SysWOW64\atmfd.dll 2014-09-06 15:03:25 ----A---- C:\Windows\SysWOW64\mfc42u.dll 2014-09-06 15:03:25 ----A---- C:\Windows\SysWOW64\mfc42.dll 2014-09-06 15:03:23 ----A---- C:\Windows\SysWOW64\qedit.dll 2014-09-06 15:03:15 ----A---- C:\Windows\SysWOW64\WMVDECOD.DLL 2014-09-06 15:03:00 ----A---- C:\Windows\SysWOW64\tzres.dll 2014-09-06 15:02:52 ----A---- C:\Windows\SysWOW64\dnscacheugc.exe 2014-09-06 15:02:52 ----A---- C:\Windows\SysWOW64\dnsapi.dll 2014-09-06 15:02:37 ----A---- C:\Windows\SysWOW64\dpnet.dll 2014-09-06 15:02:35 ----A---- C:\Windows\SysWOW64\msihnd.dll 2014-09-06 15:02:35 ----A---- C:\Windows\SysWOW64\msi.dll 2014-09-06 15:02:35 ----A---- C:\Windows\SysWOW64\authui.dll 2014-09-06 15:02:27 ----A---- C:\Windows\SysWOW64\ntoskrnl.exe 2014-09-06 15:02:27 ----A---- C:\Windows\SysWOW64\ntkrnlpa.exe 2014-09-06 15:02:26 ----A---- C:\Windows\SysWOW64\wincredprovider.dll 2014-09-06 15:02:26 ----A---- C:\Windows\SysWOW64\objsel.dll 2014-09-06 15:02:26 ----A---- C:\Windows\SysWOW64\KernelBase.dll 2014-09-06 15:02:26 ----A---- C:\Windows\SysWOW64\dpapiprovider.dll 2014-09-06 15:02:26 ----A---- C:\Windows\SysWOW64\dimsroam.dll 2014-09-06 15:02:26 ----A---- C:\Windows\SysWOW64\cngprovider.dll 2014-09-06 15:02:26 ----A---- C:\Windows\SysWOW64\capiprovider.dll 2014-09-06 15:02:26 ----A---- C:\Windows\SysWOW64\apisetschema.dll 2014-09-06 15:02:26 ----A---- C:\Windows\SysWOW64\adprovider.dll 2014-09-06 15:01:24 ----A---- C:\Windows\SysWOW64\psisdecd.dll 2014-09-06 15:00:43 ----A---- C:\Windows\SysWOW64\synceng.dll 2014-09-06 15:00:39 ----A---- C:\Windows\SysWOW64\shdocvw.dll 2014-09-06 15:00:30 ----A---- C:\Windows\SysWOW64\win32spl.dll 2014-09-06 15:00:27 ----A---- C:\Windows\SysWOW64\drvinst.exe 2014-09-06 15:00:27 ----A---- C:\Windows\SysWOW64\devrtl.dll 2014-09-06 15:00:27 ----A---- C:\Windows\SysWOW64\devobj.dll 2014-09-06 15:00:27 ----A---- C:\Windows\SysWOW64\cfgmgr32.dll 2014-09-06 15:00:24 ----A---- C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2014-09-06 15:00:24 ----A---- C:\Windows\SysWOW64\netapi32.dll 2014-09-06 15:00:24 ----A---- C:\Windows\SysWOW64\browcli.dll 2014-09-06 15:00:23 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2014-09-06 15:00:23 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2014-09-06 15:00:23 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2014-09-06 15:00:23 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2014-09-06 15:00:23 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2014-09-06 15:00:23 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2014-09-06 15:00:23 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2014-09-06 15:00:23 ----A---- C:\Windows\SysWOW64\wow32.dll 2014-09-06 15:00:23 ----A---- C:\Windows\SysWOW64\setup16.exe 2014-09-06 15:00:23 ----A---- C:\Windows\SysWOW64\ntvdm64.dll 2014-09-06 15:00:23 ----A---- C:\Windows\SysWOW64\kernel32.dll 2014-09-06 15:00:23 ----A---- C:\Windows\SysWOW64\instnm.exe 2014-09-06 15:00:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2014-09-06 15:00:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2014-09-06 15:00:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2014-09-06 15:00:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2014-09-06 15:00:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2014-09-06 15:00:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2014-09-06 15:00:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2014-09-06 15:00:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2014-09-06 15:00:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2014-09-06 15:00:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2014-09-06 15:00:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2014-09-06 15:00:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2014-09-06 15:00:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2014-09-06 15:00:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2014-09-06 15:00:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2014-09-06 15:00:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2014-09-06 15:00:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2014-09-06 15:00:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2014-09-06 15:00:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2014-09-06 15:00:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2014-09-06 15:00:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2014-09-06 15:00:22 ----A---- C:\Windows\SysWOW64\user.exe 2014-09-06 15:00:20 ----A---- C:\Windows\SysWOW64\inetcomm.dll 2014-09-06 15:00:19 ----A---- C:\Windows\SysWOW64\msvcrt.dll 2014-09-06 15:00:17 ----A---- C:\Windows\SysWOW64\certutil.exe 2014-09-06 15:00:17 ----A---- C:\Windows\SysWOW64\certenc.dll 2014-09-06 15:00:08 ----A---- C:\Windows\SysWOW64\wscript.exe 2014-09-06 15:00:08 ----A---- C:\Windows\SysWOW64\scrrun.dll 2014-09-06 15:00:08 ----A---- C:\Windows\SysWOW64\cscript.exe 2014-09-06 15:00:07 ----A---- C:\Windows\SysWOW64\wdigest.dll 2014-09-06 15:00:07 ----A---- C:\Windows\SysWOW64\schannel.dll 2014-09-06 15:00:07 ----A---- C:\Windows\SysWOW64\msv1_0.dll 2014-09-06 15:00:06 ----A---- C:\Windows\SysWOW64\TSpkg.dll 2014-09-06 15:00:06 ----A---- C:\Windows\SysWOW64\ncrypt.dll 2014-09-06 15:00:06 ----A---- C:\Windows\SysWOW64\credssp.dll 2014-09-06 14:59:55 ----A---- C:\Windows\SysWOW64\gdi32.dll 2014-09-06 14:58:50 ----A---- C:\Windows\SysWOW64\oleacc.dll 2014-09-06 14:58:49 ----A---- C:\Windows\SysWOW64\oleaut32.dll 2014-09-06 14:58:47 ----A---- C:\Windows\SysWOW64\cdosys.dll 2014-09-06 14:58:23 ----A---- C:\Windows\SysWOW64\EncDec.dll 2014-09-06 14:58:16 ----A---- C:\Windows\SysWOW64\rpcrt4.dll 2014-09-06 14:54:53 ----D---- C:\Users\Adrian\AppData\Roaming\ATI 2014-09-06 14:54:53 ----D---- C:\ProgramData\ATI 2014-09-06 14:51:14 ----D---- C:\Users\Adrian\AppData\Roaming\library_dir 2014-09-06 14:50:32 ----D---- C:\ProgramData\AMD 2014-09-06 14:50:30 ----D---- C:\Program Files (x86)\AMD AVT 2014-09-06 14:50:27 ----D---- C:\Program Files (x86)\Common Files\ATI Technologies 2014-09-06 14:46:54 ----D---- C:\Program Files (x86)\ATI Technologies 2014-09-06 14:46:36 ----D---- C:\ProgramData\Package Cache 2014-09-06 14:44:18 ----A---- C:\Windows\SysWOW64\PerfStringBackup.INI 2014-09-06 14:43:58 ----A---- C:\Windows\SysWOW64\nshwfp.dll 2014-09-06 14:43:58 ----A---- C:\Windows\SysWOW64\FWPUCLNT.DLL 2014-09-06 14:43:29 ----D---- C:\Program Files (x86)\Microsoft.NET 2014-09-06 14:43:05 ----A---- C:\Windows\SysWOW64\packager.dll 2014-09-06 14:41:44 ----D---- C:\AMD 2014-09-06 14:40:00 ----SHD---- C:\Windows\Installer 2014-09-06 14:37:54 ----A---- C:\Windows\SysWOW64\rdpcore.dll 2014-09-06 14:35:19 ----D---- C:\Program Files (x86)\Google 2014-09-06 14:33:18 ----D---- C:\Windows\SysWOW64\RTCOM 2014-09-06 14:33:09 ----D---- C:\Program Files (x86)\Realtek 2014-09-06 14:33:09 ----A---- C:\Windows\SysWOW64\MBAPO32.dll 2014-09-06 14:33:01 ----RA---- C:\Windows\RtlExUpd.dll 2014-09-06 14:33:01 ----HD---- C:\Program Files (x86)\Temp 2014-09-06 14:32:59 ----D---- C:\Program Files (x86)\Common Files\InstallShield 2014-09-06 14:31:51 ----A---- C:\Windows\SysWOW64\wups.dll 2014-09-06 14:31:51 ----A---- C:\Windows\SysWOW64\wudriver.dll 2014-09-06 14:31:51 ----A---- C:\Windows\SysWOW64\wuapi.dll 2014-09-06 14:31:46 ----A---- C:\Windows\SysWOW64\wuwebv.dll 2014-09-06 14:31:46 ----A---- C:\Windows\SysWOW64\wuapp.exe 2014-09-06 14:30:57 ----D---- C:\Windows\SysWOW64\Atheros_L1e 2014-09-06 14:30:54 ----HD---- C:\Program Files (x86)\InstallShield Installation Information 2014-09-05 23:14:44 ----D---- C:\Windows\Panther 2014-09-05 22:27:41 ----D---- C:\Users\Adrian\AppData\Roaming\Identities 2014-09-05 22:27:33 ----SD---- C:\Users\Adrian\AppData\Roaming\Microsoft 2014-09-05 22:27:33 ----D---- C:\Users\Adrian\AppData\Roaming\Media Center Programs 2014-09-05 22:27:30 ----SHD---- C:\Recovery 2014-09-05 22:27:30 ----SHD---- C:\ProgramData\Ulubione 2014-09-05 22:27:30 ----SHD---- C:\ProgramData\Szablony 2014-09-05 22:27:30 ----SHD---- C:\ProgramData\Pulpit 2014-09-05 22:27:30 ----SHD---- C:\ProgramData\Menu Start 2014-09-05 22:27:30 ----SHD---- C:\ProgramData\Dokumenty 2014-09-05 22:27:30 ----SHD---- C:\ProgramData\Dane aplikacji 2014-09-05 22:18:06 ----D---- C:\Windows\SoftwareDistribution 2014-09-05 22:16:00 ----D---- C:\Windows\Prefetch 2014-09-05 22:15:25 ----ASH---- C:\pagefile.sys 2014-09-05 22:15:24 ----SHD---- C:\System Volume Information 2014-09-05 22:15:24 ----ASH---- C:\hiberfil.sys ======List of files/folders modified in the last 1 month====== 2014-09-30 21:54:34 ----D---- C:\Windows\Temp 2014-09-30 21:54:29 ----RD---- C:\Program Files (x86) 2014-09-30 21:26:56 ----D---- C:\Windows\Tasks 2014-09-30 21:25:27 ----D---- C:\Windows\winsxs 2014-09-30 21:25:26 ----D---- C:\Windows\System32 2014-09-30 21:25:24 ----D---- C:\Windows 2014-09-30 21:24:00 ----RD---- C:\Program Files 2014-09-30 21:21:33 ----HD---- C:\ProgramData 2014-09-29 22:29:36 ----D---- C:\Windows\SysWOW64\GroupPolicy 2014-09-29 22:29:35 ----RD---- C:\Users 2014-09-28 21:47:35 ----D---- C:\Windows\rescache 2014-09-19 15:54:13 ----D---- C:\Windows\SysWOW64 2014-09-19 15:53:43 ----RSD---- C:\Windows\assembly 2014-09-19 15:53:35 ----D---- C:\Windows\Microsoft.NET 2014-09-19 15:51:11 ----D---- C:\Windows\Logs 2014-09-14 21:39:28 ----D---- C:\Windows\inf 2014-09-12 14:44:40 ----D---- C:\Windows\SysWOW64\en-US 2014-09-12 14:44:39 ----D---- C:\Program Files (x86)\Internet Explorer 2014-09-09 18:38:06 ----RSD---- C:\Windows\Media 2014-09-09 18:38:05 ----D---- C:\Windows\twain_32 2014-09-09 14:45:59 ----D---- C:\Windows\SysWOW64\pl-PL 2014-09-09 14:45:56 ----D---- C:\Windows\PolicyDefinitions 2014-09-07 21:33:41 ----D---- C:\Windows\ehome 2014-09-07 21:33:41 ----D---- C:\Program Files (x86)\Common Files\System 2014-09-07 21:33:38 ----D---- C:\Windows\SysWOW64\migration 2014-09-07 21:33:32 ----RSD---- C:\Windows\Fonts 2014-09-07 21:33:32 ----D---- C:\Windows\SysWOW64\pt-PT 2014-09-07 21:33:32 ----D---- C:\Windows\SysWOW64\pt-BR 2014-09-07 21:33:32 ----D---- C:\Windows\SysWOW64\it-IT 2014-09-07 21:33:31 ----D---- C:\Windows\SysWOW64\zh-TW 2014-09-07 21:33:31 ----D---- C:\Windows\SysWOW64\zh-HK 2014-09-07 21:33:31 ----D---- C:\Windows\SysWOW64\zh-CN 2014-09-07 21:33:31 ----D---- C:\Windows\SysWOW64\tr-TR 2014-09-07 21:33:31 ----D---- C:\Windows\SysWOW64\sv-SE 2014-09-07 21:33:31 ----D---- C:\Windows\SysWOW64\ru-RU 2014-09-07 21:33:31 ----D---- C:\Windows\SysWOW64\nl-NL 2014-09-07 21:33:31 ----D---- C:\Windows\SysWOW64\nb-NO 2014-09-07 21:33:31 ----D---- C:\Windows\SysWOW64\ko-KR 2014-09-07 21:33:31 ----D---- C:\Windows\SysWOW64\ja-JP 2014-09-07 21:33:31 ----D---- C:\Windows\SysWOW64\hu-HU 2014-09-07 21:33:31 ----D---- C:\Windows\SysWOW64\fr-FR 2014-09-07 21:33:31 ----D---- C:\Windows\SysWOW64\fi-FI 2014-09-07 21:33:31 ----D---- C:\Windows\SysWOW64\es-ES 2014-09-07 21:33:31 ----D---- C:\Windows\SysWOW64\el-GR 2014-09-07 21:33:31 ----D---- C:\Windows\SysWOW64\de-DE 2014-09-07 21:33:31 ----D---- C:\Windows\SysWOW64\da-DK 2014-09-07 21:33:31 ----D---- C:\Windows\SysWOW64\cs-CZ 2014-09-07 21:33:08 ----D---- C:\Program Files (x86)\Windows Defender 2014-09-07 21:32:55 ----D---- C:\Windows\AppPatch 2014-09-07 12:54:01 ----SD---- C:\ProgramData\Microsoft 2014-09-06 15:15:21 ----A---- C:\Windows\win.ini 2014-09-06 15:05:15 ----D---- C:\Program Files (x86)\Common Files 2014-09-06 14:51:24 ----D---- C:\Program Files (x86)\Common Files\microsoft shared 2014-09-06 14:30:17 ----D---- C:\Windows\SysWOW64\drivers 2014-09-05 22:27:39 ----SHD---- C:\$Recycle.Bin 2014-09-05 22:24:54 ----D---- C:\Windows\debug ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 aswVmm;avast! VM Monitor; C:\Windows\SysWOW64\drivers\aswVmm.sys [] R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [] R1 {c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gw64;{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gw64; C:\Windows\system32\drivers\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gw64.sys [] R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [] R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [] R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [] R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [] R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [] R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [] R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [] R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [] R3 ManyCam;ManyCam Virtual Webcam; C:\Windows\system32\DRIVERS\mcvidrv_x64.sys [] R3 mcaudrv_simple;ManyCam Virtual Microphone; C:\Windows\system32\drivers\mcaudrv_x64.sys [] R3 usbscan;Sterownik skanera USB; C:\Windows\system32\DRIVERS\usbscan.sys [] S0 aswRvrt;avast! Revert; C:\Windows\SysWOW64\drivers\aswRvrt.sys [] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [] S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 4d349a54;GS_Sustainer; C:\Windows\system32\rundll32.exe [2009-07-14 44544] R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-09-30 50344] R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176] R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520] R2 IePluginServices;IePlugin Services; C:\ProgramData\IePluginServices\PluginService.exe [2014-09-06 715656] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856] S2 gupdate;Usługa Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc [] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008] S3 gupdatem;Usługa Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc [] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe /V [] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [] S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696] -----------------EOF----------------- [/spoiler]
Gość komentarz 30 września 2014 komentarz 30 września 2014 Spróbuj tego programu http://www.surfright.nl/en/hitmanpro/
Aditor komentarz 1 października 2014 Autor komentarz 1 października 2014 Program twierdzi ze usuna wszystkie zagrożenia jednak problemy ciągle występują
Gość komentarz 1 października 2014 komentarz 1 października 2014 Spróbuj tego krok po kroku http://malwaretips.com/blogs/delta-toolbar-virus/
Aditor komentarz 1 października 2014 Autor komentarz 1 października 2014 Niestety ale nie da usunąć się tych toolbarów w taki sposób. Chyba po prostu zrobie formata.
Emillod komentarz 7 października 2014 komentarz 7 października 2014 Serio? Z powodu głupich toolbarów format? A szukałeś w Google?
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.