Krzysiek6 utworzono 3 czerwca 2015 utworzono 3 czerwca 2015 Cześć, od pewnego czasu mam problem i nie potrafie sobie z nim poradzić. Moja przeglądarka zasypywana jest reklamami różnego typu, po wpisaniu w google szukanej frazy najpierw występują pozycję w browse pulse ads. Próbowałem usunąć to za pomocą Trojan Remover, Malwarebytes anti-malware i kilku innych, nic to nie dało. + od czasu pojawienia się tego bpa komputer zaczyna się grzać. OTL [log]OTL logfile created on: 2015-06-03 11:42:34 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Admin\Downloads 64bit- Home Basic Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.17801) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 4,00 Gb Total Physical Memory | 1,58 Gb Available Physical Memory | 39,48% Memory free 8,00 Gb Paging File | 5,40 Gb Available in Paging File | 67,55% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 87,79 Gb Total Space | 50,02 Gb Free Space | 56,97% Space Free | Partition Type: NTFS Computer Name: ADMIN-KOMPUTER | User Name: Admin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2015-06-03 11:41:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Admin\Downloads\OTL.exe PRC - [2015-05-22 22:22:08 | 000,813,896 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe PRC - [2015-05-18 11:54:26 | 003,438,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe PRC - [2015-05-18 11:49:54 | 003,745,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2015\avgui.exe PRC - [2015-05-18 11:45:46 | 000,311,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe PRC - [2015-04-14 09:36:30 | 001,080,120 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe PRC - [2015-04-14 09:36:28 | 001,871,160 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe PRC - [2015-04-14 09:36:20 | 006,212,920 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe PRC - [2012-09-23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe ========== Modules (No Company Name) ========== MOD - [2015-05-22 22:22:07 | 014,982,472 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\PepperFlash\pepflashplayer.dll MOD - [2015-05-22 22:22:06 | 001,281,864 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libglesv2.dll MOD - [2015-05-22 22:22:05 | 000,080,712 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libegl.dll ========== Services (SafeList) ========== SRV:64bit: - [2015-04-30 01:53:40 | 000,366,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv) SRV:64bit: - [2015-04-30 01:53:40 | 000,023,816 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV:64bit: - [2015-04-21 18:35:40 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService) SRV:64bit: - [2013-05-27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:64bit: - [2009-08-18 02:36:20 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV - [2015-05-18 11:54:26 | 003,438,544 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe -- (AVGIDSAgent) SRV - [2015-05-18 11:45:46 | 000,311,792 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe -- (avgwd) SRV - [2015-05-17 18:30:21 | 000,148,080 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2015-05-17 18:29:04 | 000,268,464 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2015-04-14 09:36:30 | 001,080,120 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2015-04-14 09:36:28 | 001,871,160 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2015-01-02 19:45:12 | 000,315,488 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2014-03-21 00:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2012-09-23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2015-06-03 11:37:03 | 000,136,408 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy) DRV:64bit: - [2015-05-07 13:50:22 | 000,378,336 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga) DRV:64bit: - [2015-05-07 13:49:24 | 000,253,920 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA) DRV:64bit: - [2015-05-07 13:49:22 | 000,220,128 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64) DRV:64bit: - [2015-05-04 14:14:30 | 000,291,296 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia) DRV:64bit: - [2015-04-27 13:19:16 | 000,284,128 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver) DRV:64bit: - [2015-04-15 13:06:02 | 000,256,992 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64) DRV:64bit: - [2015-04-14 09:37:56 | 000,063,704 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl) DRV:64bit: - [2015-04-14 09:37:42 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2015-03-20 12:18:18 | 000,040,928 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64) DRV:64bit: - [2015-03-11 12:16:06 | 000,162,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgdiska.sys -- (Avgdiska) DRV:64bit: - [2015-03-04 19:34:52 | 000,124,568 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv) DRV:64bit: - [2014-08-11 02:33:54 | 004,060,672 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010-11-20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010-11-20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2009-08-18 03:48:48 | 006,037,504 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:64bit: - [2009-08-11 13:59:50 | 000,686,080 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService) DRV:64bit: - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009-06-07 00:36:46 | 000,317,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) DRV - [2012-12-29 22:59:38 | 000,028,664 | ---- | M] (Almico Software) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan) DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:64bit: - HKLM\..\SearchScopes\OldSearch: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com IE - HKLM\..\URLSearchHook: - No CLSID value found IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/pl-pl/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pl IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 1D 24 6D 6D 51 6A D0 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.countryCode: "PL" FF - prefs.js..browser.search.region: "PL" FF - prefs.js..browser.search.searchengine.alias: "delta-homes" FF - prefs.js..browser.search.searchengine.desc: "this is my first firefox searchEngine" FF - prefs.js..browser.search.searchengine.name: "delta-homes" FF - prefs.js..browser.search.searchengine.ptid: "wpm052932" FF - prefs.js..browser.search.searchengine.uid: "HitachiXHTS545050B9A300_100109PBG406Q7D7Y99VX" FF - prefs.js..extensions.enabledAddons: quick_searchff%40gmail.com:5.4.13 FF - prefs.js..extensions.enabledAddons: sweetsearch%40gmail.com:1.0.0.1031 FF - prefs.js..extensions.enabledAddons: searchffv2%40gmail.com:0.0.4 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:38.0.1 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.45.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2: C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 38.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 38.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2015-05-17 18:27:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Extensions [2015-06-03 11:18:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\y2ivlw4h.default\extensions [2015-05-19 00:56:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profilesy2ivlw4h.default\extensions [2015-05-19 00:56:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profilesy2ivlw4h.default\extensions\staged [2015-05-18 09:43:42 | 000,006,424 | ---- | M] () (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\y2ivlw4h.default\extensions\{a9e48233-42c3-4f62-bfa8-e9a7564b97d6}.xpi [2015-05-17 18:30:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions [2015-05-17 18:30:28 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} File not found (No name found) -- C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y2IVLW4H.DEFAULT\EXTENSIONS\{8A167A0D-2593-78BE-DFFA-BAA301A8D989} File not found (No name found) -- C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y2IVLW4H.DEFAULT\EXTENSIONS\QUICK_SEARCHFF@GMAIL.COM File not found (No name found) -- C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y2IVLW4H.DEFAULT\EXTENSIONS\SEARCHFFV2@GMAIL.COM File not found (No name found) -- C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y2IVLW4H.DEFAULT\EXTENSIONS\SWEETSEARCH@GMAIL.COM ========== Chrome ========== CHR - Extension: No name found = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\ CHR - Extension: No name found = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\ CHR - Extension: No name found = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\ CHR - Extension: No name found = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\ CHR - Extension: No name found = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\ CHR - Extension: No name found = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\ CHR - Extension: No name found = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.522.11440_0\ CHR - Extension: No name found = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\ CHR - Extension: No name found = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\ O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll (Oracle Corporation) O4:64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe (Conexant Systems, Inc.) O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2015\avgui.exe (AVG Technologies CZ, s.r.o.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:64bit: - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9261C832-8956-4BB9-B141-DC8DDDA654D5}: DhcpNameServer = 192.168.1.1 192.168.1.1 O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2015-06-03 10:06:02 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2015-06-03 10:05:19 | 000,000,000 | ---D | C] -- C:\Users\Admin\Start Menu [2015-06-02 23:16:35 | 000,000,000 | ---D | C] -- C:\Users\Admin\Doctor Web [2015-06-02 22:09:13 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan [2015-06-02 22:09:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpeedFan [2015-06-02 21:55:53 | 000,136,408 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys [2015-06-02 21:55:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware [2015-06-02 21:55:36 | 000,107,736 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys [2015-06-02 21:55:36 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys [2015-06-02 21:55:36 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2015-06-02 21:55:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware [2015-06-02 21:55:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2015-06-02 18:29:38 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\Simply Super Software [2015-06-02 18:29:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Licenses [2015-06-02 18:29:36 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP [2015-06-02 17:50:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover [2015-06-02 17:50:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trojan Remover [2015-06-02 17:50:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Simply Super Software [2015-06-01 22:52:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Avg_Update_0215pi [2015-06-01 22:49:50 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\AVG2015 [2015-06-01 22:48:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG [2015-06-01 22:48:41 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\TuneUp Software [2015-06-01 22:47:03 | 000,000,000 | -H-D | C] -- C:\$AVG [2015-06-01 22:47:03 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2015 [2015-06-01 22:46:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG [2015-06-01 22:45:03 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files [2015-06-01 22:45:03 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\MFAData [2015-06-01 22:45:03 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData [2015-06-01 22:45:03 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Avg2015 [2015-06-01 21:25:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET [2015-06-01 21:24:01 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\GWX [2015-05-31 16:31:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER [2015-05-28 10:23:24 | 000,000,000 | -HSD | C] -- C:\Users\Admin\AppData\Local\EmieUserList [2015-05-28 10:23:24 | 000,000,000 | -HSD | C] -- C:\Users\Admin\AppData\Local\EmieSiteList [2015-05-28 10:23:24 | 000,000,000 | -HSD | C] -- C:\Users\Admin\AppData\Local\EmieBrowserModeList [2015-05-28 08:11:37 | 000,000,000 | ---D | C] -- C:\Windows\Migration [2015-05-28 08:03:59 | 002,777,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll [2015-05-28 08:03:59 | 002,285,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll [2015-05-27 16:15:18 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\GWX [2015-05-27 16:15:18 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\GWX [2015-05-19 08:24:25 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll [2015-05-19 08:24:23 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll [2015-05-19 08:24:23 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe [2015-05-19 08:24:23 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll [2015-05-19 07:11:49 | 000,124,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll [2015-05-19 07:11:49 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll [2015-05-18 23:09:18 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe [2015-05-18 23:09:17 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe [2015-05-18 23:09:17 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe [2015-05-18 23:09:17 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe [2015-05-18 23:09:17 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe [2015-05-18 23:09:17 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe [2015-05-18 23:09:16 | 000,553,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe [2015-05-18 23:09:16 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe [2015-05-18 23:09:16 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll [2015-05-18 23:09:16 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll [2015-05-18 23:09:15 | 000,528,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll [2015-05-18 23:09:15 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll [2015-05-18 23:09:15 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll [2015-05-18 23:09:15 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll [2015-05-18 23:09:15 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll [2015-05-18 23:09:15 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll [2015-05-18 23:09:15 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll [2015-05-18 23:09:11 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe [2015-05-18 23:09:11 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll [2015-05-18 23:09:11 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll [2015-05-18 23:09:11 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2015-05-18 23:09:10 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2015-05-18 23:09:10 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll [2015-05-18 23:09:09 | 000,720,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2015-05-18 23:09:09 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2015-05-18 23:09:08 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll [2015-05-18 23:09:08 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll [2015-05-18 23:09:06 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2015-05-18 23:09:06 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2015-05-18 23:09:05 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2015-05-18 23:09:05 | 000,664,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2015-05-18 23:09:05 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll [2015-05-18 23:09:05 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll [2015-05-18 23:09:04 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe [2015-05-18 23:09:04 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2015-05-18 23:09:04 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2015-05-18 23:09:04 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2015-05-18 23:09:04 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2015-05-18 23:09:02 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2015-05-18 23:09:02 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2015-05-18 23:09:01 | 002,125,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2015-05-18 23:09:00 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll [2015-05-18 23:09:00 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2015-05-18 23:08:58 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2015-05-18 23:08:58 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2015-05-18 23:08:58 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2015-05-18 23:08:57 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2015-05-18 23:08:57 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2015-05-18 23:08:56 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll [2015-05-18 23:08:56 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2015-05-18 23:08:55 | 006,025,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2015-05-18 23:08:55 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2015-05-18 23:08:55 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll [2015-05-18 23:08:54 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2015-05-18 23:08:53 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2015-05-18 23:08:53 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll [2015-05-18 23:08:49 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe [2015-05-18 23:08:49 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe [2015-05-18 23:05:58 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll [2015-05-18 23:05:50 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDYAK.DLL [2015-05-18 23:05:50 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDTAT.DLL [2015-05-18 23:05:50 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDTAT.DLL [2015-05-18 23:05:50 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDRU1.DLL [2015-05-18 23:05:50 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDRU.DLL [2015-05-18 23:05:49 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDYAK.DLL [2015-05-18 23:05:49 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDRU1.DLL [2015-05-18 23:05:49 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDBASH.DLL [2015-05-18 23:05:49 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDRU.DLL [2015-05-18 23:05:49 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDBASH.DLL [2015-05-18 23:05:44 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2015-05-18 23:05:28 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll [2015-05-18 23:05:27 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll [2015-05-18 23:05:27 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe [2015-05-18 23:05:27 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys [2015-05-18 23:05:26 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys [2015-05-18 23:05:26 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe [2015-05-18 23:05:11 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe [2015-05-18 23:04:40 | 001,461,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2015-05-18 23:04:40 | 000,460,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certcli.dll [2015-05-18 23:04:39 | 000,342,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certcli.dll [2015-05-18 23:04:39 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2015-05-18 23:04:38 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll [2015-05-18 23:04:38 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe [2015-05-18 23:04:38 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe [2015-05-18 23:04:38 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll [2015-05-18 23:04:38 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll [2015-05-18 23:04:37 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll [2015-05-18 23:04:37 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll [2015-05-18 23:04:37 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll [2015-05-18 23:04:37 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll [2015-05-18 23:04:37 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll [2015-05-18 23:04:37 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll [2015-05-18 23:04:09 | 000,328,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\services.exe [2015-05-18 22:56:52 | 000,275,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\InkEd.dll [2015-05-18 22:56:51 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\InkEd.dll [2015-05-18 22:56:47 | 001,647,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2015-05-18 22:56:42 | 000,696,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll [2015-05-18 22:56:42 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll [2015-05-18 22:56:42 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll [2015-05-18 22:56:42 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe [2015-05-18 22:56:42 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll [2015-05-18 22:56:42 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe [2015-05-18 22:56:42 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe [2015-05-18 22:56:42 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll [2015-05-18 22:56:41 | 003,298,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll [2015-05-18 22:56:41 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll [2015-05-18 22:56:41 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll [2015-05-18 22:56:41 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll [2015-05-18 22:56:41 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll [2015-05-18 22:56:41 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll [2015-05-18 22:56:41 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wu.upgrade.ps.dll [2015-05-18 22:56:33 | 002,543,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpdshext.dll [2015-05-18 22:56:31 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll [2015-05-18 22:56:31 | 000,957,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll [2015-05-18 22:56:31 | 000,769,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll [2015-05-18 22:56:31 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll [2015-05-18 22:56:31 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll [2015-05-18 22:56:31 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepic.dll [2015-05-18 22:56:31 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\acmigration.dll [2015-05-18 22:56:29 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll [2015-05-18 22:56:29 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll [2015-05-18 22:56:27 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll [2015-05-18 22:56:27 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll [2015-05-18 22:56:22 | 005,557,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2015-05-18 22:56:21 | 001,727,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll [2015-05-18 22:56:21 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll [2015-05-18 22:56:21 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2015-05-18 22:56:20 | 003,976,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2015-05-18 22:56:20 | 003,920,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2015-05-18 22:56:19 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll [2015-05-18 22:56:18 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll [2015-05-18 22:56:18 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe [2015-05-18 22:56:18 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe [2015-05-18 22:56:18 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2015-05-18 22:56:18 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2015-05-18 22:56:17 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe [2015-05-18 22:56:17 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll [2015-05-18 22:56:17 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2015-05-18 22:56:16 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll [2015-05-18 22:56:16 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll [2015-05-18 22:56:16 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2015-05-18 22:56:16 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll [2015-05-18 22:56:16 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll [2015-05-18 22:56:16 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll [2015-05-18 22:56:16 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2015-05-18 22:56:16 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [2015-05-18 22:56:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll [2015-05-18 22:56:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [2015-05-18 22:56:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll [2015-05-18 22:56:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [2015-05-18 22:56:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [2015-05-18 22:56:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll [2015-05-18 22:56:15 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll [2015-05-18 22:56:15 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [2015-05-18 22:56:15 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [2015-05-18 22:56:15 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll [2015-05-18 22:56:15 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll [2015-05-18 22:56:15 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [2015-05-18 22:56:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [2015-05-18 22:56:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll [2015-05-18 22:56:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [2015-05-18 22:56:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll [2015-05-18 22:56:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [2015-05-18 22:56:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll [2015-05-18 22:56:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [2015-05-18 22:56:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [2015-05-18 22:56:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll [2015-05-18 22:56:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll [2015-05-18 22:56:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [2015-05-18 22:56:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll [2015-05-18 22:56:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll [2015-05-18 22:56:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll [2015-05-18 22:56:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll [2015-05-18 22:56:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [2015-05-18 22:56:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll [2015-05-18 22:56:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll [2015-05-18 22:56:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [2015-05-18 22:56:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll [2015-05-18 22:56:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [2015-05-18 22:56:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll [2015-05-18 22:56:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [2015-05-18 22:56:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll [2015-05-18 22:56:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [2015-05-18 22:56:14 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2015-05-18 22:56:14 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll [2015-05-18 22:56:14 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll [2015-05-18 22:56:14 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll [2015-05-18 22:56:14 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll [2015-05-18 22:56:14 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll [2015-05-18 22:56:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll [2015-05-18 22:56:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll [2015-05-18 22:56:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll [2015-05-18 22:56:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll [2015-05-18 22:56:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll [2015-05-18 22:56:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll [2015-05-18 22:56:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [2015-05-18 22:56:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll [2015-05-18 22:56:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [2015-05-18 22:56:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll [2015-05-18 22:56:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [2015-05-18 22:56:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll [2015-05-18 22:56:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll [2015-05-18 22:56:14 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2015-05-18 22:55:45 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe [2015-05-18 22:55:44 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe [2015-05-18 22:55:37 | 001,424,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll [2015-05-18 22:55:35 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll [2015-05-18 22:55:35 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll [2015-05-18 22:27:47 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\clfsw32.dll [2015-05-18 22:27:47 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\clfsw32.dll [2015-05-18 22:27:43 | 000,342,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apphelp.dll [2015-05-18 22:27:42 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sdbinst.exe [2015-05-18 22:27:42 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sdbinst.exe [2015-05-18 22:27:42 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shimeng.dll [2015-05-18 19:29:17 | 000,898,144 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll [2015-05-18 19:29:17 | 000,817,760 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll [2015-05-18 19:29:17 | 000,271,968 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2015-05-18 19:29:01 | 000,191,072 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2015-05-18 19:29:01 | 000,190,560 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2015-05-18 19:03:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2015-05-18 19:03:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe [2015-05-18 19:01:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2015-05-18 18:54:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2015-05-18 18:53:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works [2015-05-18 18:53:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio [2015-05-18 18:52:52 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2015-05-18 18:51:36 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2015-05-18 18:51:09 | 000,000,000 | ---D | C] -- C:\Windows\SHELLNEW [2015-05-18 18:50:54 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Microsoft Help [2015-05-18 18:50:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office [2015-05-18 18:50:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help [2015-05-18 18:49:59 | 000,000,000 | RH-D | C] -- C:\MSOCache [2015-05-17 20:20:10 | 000,028,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEUDINIT.EXE [2015-05-17 20:12:52 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll [2015-05-17 20:12:49 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll [2015-05-17 20:12:49 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll [2015-05-17 20:12:49 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2015-05-17 20:12:48 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2015-05-17 20:12:48 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2015-05-17 20:12:48 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2015-05-17 20:12:48 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2015-05-17 20:12:48 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2015-05-17 20:12:48 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2015-05-17 20:12:47 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2015-05-17 20:12:47 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2015-05-17 20:12:47 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2015-05-17 20:12:47 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2015-05-17 20:12:47 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2015-05-17 20:12:47 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2015-05-17 20:12:46 | 000,942,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll [2015-05-17 20:12:46 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2015-05-17 20:12:46 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2015-05-17 20:12:46 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2015-05-17 20:12:46 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2015-05-17 20:12:46 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2015-05-17 20:12:46 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2015-05-17 20:12:45 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2015-05-17 20:12:45 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2015-05-17 20:12:45 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2015-05-17 20:12:45 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2015-05-17 20:12:45 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2015-05-17 20:12:45 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2015-05-17 20:12:44 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2015-05-17 20:12:44 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2015-05-17 20:12:44 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2015-05-17 20:12:44 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2015-05-17 20:12:44 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2015-05-17 20:12:44 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2015-05-17 20:12:44 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2015-05-17 20:12:44 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2015-05-17 20:12:44 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2015-05-17 20:12:44 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2015-05-17 20:12:43 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2015-05-17 20:12:43 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2015-05-17 20:06:06 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll [2015-05-17 20:06:06 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2015-05-17 20:06:06 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2015-05-17 20:06:06 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2015-05-17 20:06:06 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2015-05-17 20:06:06 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll [2015-05-17 20:06:06 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll [2015-05-17 20:06:06 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll [2015-05-17 20:06:06 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll [2015-05-17 20:06:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll [2015-05-17 20:06:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll [2015-05-17 20:06:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll [2015-05-17 20:06:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll [2015-05-17 20:06:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll [2015-05-17 20:06:06 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll [2015-05-17 20:06:06 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll [2015-05-17 20:06:05 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2015-05-17 20:06:05 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2015-05-17 20:06:05 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2015-05-17 20:06:05 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2015-05-17 20:06:05 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll [2015-05-17 20:06:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll [2015-05-17 20:06:04 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll [2015-05-17 20:06:04 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll [2015-05-17 20:06:04 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll [2015-05-17 20:06:04 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll [2015-05-17 20:06:04 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll [2015-05-17 20:06:04 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll [2015-05-17 20:06:04 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll [2015-05-17 20:06:04 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2015-05-17 20:06:04 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll [2015-05-17 18:31:21 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Macromedia [2015-05-17 18:31:21 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Macromedia [2015-05-17 18:31:21 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Adobe [2015-05-17 18:30:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2015-05-17 18:29:03 | 000,778,416 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2015-05-17 18:29:03 | 000,142,512 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2015-05-17 18:28:49 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed [2015-05-17 18:28:41 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed [2015-05-17 18:27:59 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Adobe [2015-05-17 18:26:58 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Mozilla [2015-05-17 18:26:58 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Mozilla [2015-05-17 18:26:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2015-05-17 18:26:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2015-05-17 18:06:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client [2015-05-17 18:05:55 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client [2015-05-10 11:33:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2015-05-10 11:33:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2015-05-10 11:33:01 | 000,097,888 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2015-05-10 11:32:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java [2015-05-10 11:32:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2015-05-10 11:30:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle [2015-05-07 13:50:22 | 000,378,336 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgloga.sys [2015-05-07 13:49:24 | 000,253,920 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsha.sys [2015-05-07 13:49:22 | 000,220,128 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys [2015-05-04 14:14:30 | 000,291,296 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys [1 C:\Windows\Fonts\*.tmp files -> C:\Windows\Fonts\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2015-06-03 11:46:24 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2015-06-03 11:46:24 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2015-06-03 11:38:08 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2015-06-03 11:37:03 | 000,136,408 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys [2015-06-03 11:35:29 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2015-06-03 11:34:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2015-06-03 11:34:47 | 3219,935,232 | -HS- | M] () -- C:\hiberfil.sys [2015-06-03 11:14:04 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2015-06-03 10:06:02 | 000,000,000 | ---- | M] () -- C:\autoexec.bat [2015-06-02 22:09:14 | 000,001,007 | ---- | M] () -- C:\Users\Admin\Desktop\SpeedFan.lnk [2015-06-02 22:09:11 | 000,000,045 | ---- | M] () -- C:\Windows\SysWow64\initdebug.nfo [2015-06-02 21:55:39 | 000,001,102 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2015-06-02 17:50:58 | 000,001,079 | ---- | M] () -- C:\Users\Public\Desktop\Trojan Remover.lnk [2015-06-01 22:52:40 | 000,000,320 | ---- | M] () -- C:\Windows\tasks\0215piUpdateInfo.job [2015-06-01 22:48:42 | 000,000,995 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2015.lnk [2015-05-29 07:48:17 | 000,697,912 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2015-05-29 07:48:17 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2015-05-29 07:48:17 | 000,134,990 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2015-05-29 07:48:16 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2015-05-29 07:48:08 | 001,549,696 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2015-05-28 10:21:05 | 000,341,888 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2015-05-28 05:06:32 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp100.dll [2015-05-28 05:06:31 | 000,773,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr100.dll [2015-05-27 12:18:08 | 000,246,168 | ---- | M] () -- C:\Users\Admin\Desktop\CIMG5958.JPG [2015-05-27 12:15:37 | 000,378,007 | ---- | M] () -- C:\Users\Admin\Desktop\CIMG5959.JPG [2015-05-27 12:15:01 | 000,317,172 | ---- | M] () -- C:\Users\Admin\Desktop\CIMG5960.JPG [2015-05-27 12:13:26 | 000,384,110 | ---- | M] () -- C:\Users\Admin\Desktop\CIMG5961.JPG [2015-05-27 12:12:38 | 000,207,255 | ---- | M] () -- C:\Users\Admin\Desktop\CIMG5962.JPG [2015-05-27 12:12:12 | 000,317,246 | ---- | M] () -- C:\Users\Admin\Desktop\CIMG5966.JPG [2015-05-27 12:11:28 | 000,294,350 | ---- | M] () -- C:\Users\Admin\Desktop\CIMG5967.JPG [2015-05-27 12:10:35 | 000,322,088 | ---- | M] () -- C:\Users\Admin\Desktop\CIMG5968.JPG [2015-05-27 12:10:02 | 000,328,325 | ---- | M] () -- C:\Users\Admin\Desktop\CIMG5969.JPG [2015-05-27 12:09:27 | 000,275,699 | ---- | M] () -- C:\Users\Admin\Desktop\CIMG5970.JPG [2015-05-27 12:08:35 | 000,298,404 | ---- | M] () -- C:\Users\Admin\Desktop\CIMG5974.JPG [2015-05-27 12:07:53 | 000,351,715 | ---- | M] () -- C:\Users\Admin\Desktop\CIMG5975.JPG [2015-05-27 12:06:32 | 000,364,255 | ---- | M] () -- C:\Users\Admin\Desktop\CIMG5976.JPG [2015-05-27 12:05:14 | 000,249,939 | ---- | M] () -- C:\Users\Admin\Desktop\CIMG5972.JPG [2015-05-27 12:04:46 | 000,279,246 | ---- | M] () -- C:\Users\Admin\Desktop\CIMG5971.JPG [2015-05-27 12:03:38 | 000,357,997 | ---- | M] () -- C:\Users\Admin\Desktop\CIMG5965.JPG [2015-05-27 12:02:40 | 000,350,860 | ---- | M] () -- C:\Users\Admin\Desktop\CIMG5964.JPG [2015-05-27 12:02:08 | 000,374,449 | ---- | M] () -- C:\Users\Admin\Desktop\CIMG5963.JPG [2015-05-27 12:01:00 | 001,037,087 | ---- | M] () -- C:\Users\Admin\Desktop\CIMG5973.JPG [2015-05-27 11:32:26 | 005,961,014 | ---- | M] () -- C:\Users\Admin\Desktop\CIMG5978.JPG [2015-05-27 11:26:20 | 000,002,189 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2015-05-25 22:17:56 | 000,002,155 | ---- | M] () -- C:\Windows\epplauncher.mif [2015-05-19 01:04:28 | 000,004,608 | ---- | M] () -- C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2015-05-18 19:03:43 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk [2015-05-17 20:12:52 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll [2015-05-17 20:12:49 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll [2015-05-17 20:12:49 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll [2015-05-17 20:12:49 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2015-05-17 20:12:48 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2015-05-17 20:12:48 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2015-05-17 20:12:48 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2015-05-17 20:12:48 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2015-05-17 20:12:48 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2015-05-17 20:12:48 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2015-05-17 20:12:47 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2015-05-17 20:12:47 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2015-05-17 20:12:47 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2015-05-17 20:12:47 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2015-05-17 20:12:47 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2015-05-17 20:12:47 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2015-05-17 20:12:46 | 000,942,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll [2015-05-17 20:12:46 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2015-05-17 20:12:46 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2015-05-17 20:12:46 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2015-05-17 20:12:46 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2015-05-17 20:12:46 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2015-05-17 20:12:46 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2015-05-17 20:12:45 | 000,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2015-05-17 20:12:45 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2015-05-17 20:12:45 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2015-05-17 20:12:45 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2015-05-17 20:12:45 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2015-05-17 20:12:45 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2015-05-17 20:12:44 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2015-05-17 20:12:44 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2015-05-17 20:12:44 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2015-05-17 20:12:44 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2015-05-17 20:12:44 | 000,143,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2015-05-17 20:12:44 | 000,101,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2015-05-17 20:12:44 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2015-05-17 20:12:44 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2015-05-17 20:12:44 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2015-05-17 20:12:44 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2015-05-17 20:12:43 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2015-05-17 20:12:43 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2015-05-17 20:06:06 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll [2015-05-17 20:06:06 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2015-05-17 20:06:06 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2015-05-17 20:06:06 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2015-05-17 20:06:06 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2015-05-17 20:06:06 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll [2015-05-17 20:06:06 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll [2015-05-17 20:06:06 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll [2015-05-17 20:06:06 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll [2015-05-17 20:06:06 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll [2015-05-17 20:06:06 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll [2015-05-17 20:06:06 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll [2015-05-17 20:06:06 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll [2015-05-17 20:06:06 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll [2015-05-17 20:06:06 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll [2015-05-17 20:06:06 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll [2015-05-17 20:06:06 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll [2015-05-17 20:06:05 | 001,682,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2015-05-17 20:06:05 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2015-05-17 20:06:05 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2015-05-17 20:06:05 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2015-05-17 20:06:05 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll [2015-05-17 20:06:05 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll [2015-05-17 20:06:04 | 001,238,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll [2015-05-17 20:06:04 | 000,648,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll [2015-05-17 20:06:04 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll [2015-05-17 20:06:04 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll [2015-05-17 20:06:04 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll [2015-05-17 20:06:04 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll [2015-05-17 20:06:04 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2015-05-17 20:06:04 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll [2015-05-17 18:29:03 | 000,778,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2015-05-17 18:29:03 | 000,142,512 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2015-05-17 18:26:55 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2015-05-17 18:24:18 | 000,000,363 | ---- | M] () -- C:\Users\Admin\Desktop\Komputer — skrót.lnk [2015-05-12 08:20:00 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2015-05-10 11:32:36 | 000,898,144 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll [2015-05-10 11:32:36 | 000,817,760 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll [2015-05-10 11:32:36 | 000,271,968 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2015-05-10 11:32:36 | 000,191,072 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2015-05-10 11:32:36 | 000,190,560 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2015-05-10 11:32:36 | 000,097,888 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2015-05-07 13:50:22 | 000,378,336 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgloga.sys [2015-05-07 13:49:24 | 000,253,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsha.sys [2015-05-07 13:49:22 | 000,220,128 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys [2015-05-04 14:14:30 | 000,291,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys ========== Files Created - No Company Name ========== [2015-06-03 10:06:02 | 000,000,000 | ---- | C] () -- C:\autoexec.bat [2015-06-02 22:09:14 | 000,001,007 | ---- | C] () -- C:\Users\Admin\Desktop\SpeedFan.lnk [2015-06-02 22:09:10 | 000,000,045 | ---- | C] () -- C:\Windows\SysWow64\initdebug.nfo [2015-06-02 21:55:39 | 000,001,102 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2015-06-02 17:50:58 | 000,001,079 | ---- | C] () -- C:\Users\Public\Desktop\Trojan Remover.lnk [2015-06-01 22:52:35 | 000,000,320 | ---- | C] () -- C:\Windows\tasks\0215piUpdateInfo.job [2015-06-01 22:48:42 | 000,000,995 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2015.lnk [2015-05-27 11:38:36 | 000,279,246 | ---- | C] () -- C:\Users\Admin\Desktop\CIMG5971.JPG [2015-05-27 11:38:36 | 000,249,939 | ---- | C] () -- C:\Users\Admin\Desktop\CIMG5972.JPG [2015-05-27 11:38:35 | 000,357,997 | ---- | C] () -- C:\Users\Admin\Desktop\CIMG5965.JPG [2015-05-27 11:38:35 | 000,350,860 | ---- | C] () -- C:\Users\Admin\Desktop\CIMG5964.JPG [2015-05-27 11:38:34 | 000,374,449 | ---- | C] () -- C:\Users\Admin\Desktop\CIMG5963.JPG [2015-05-27 11:38:33 | 001,037,087 | ---- | C] () -- C:\Users\Admin\Desktop\CIMG5973.JPG [2015-05-27 11:38:05 | 000,364,255 | ---- | C] () -- C:\Users\Admin\Desktop\CIMG5976.JPG [2015-05-27 11:38:04 | 000,351,715 | ---- | C] () -- C:\Users\Admin\Desktop\CIMG5975.JPG [2015-05-27 11:38:04 | 000,298,404 | ---- | C] () -- C:\Users\Admin\Desktop\CIMG5974.JPG [2015-05-27 11:38:03 | 000,275,699 | ---- | C] () -- C:\Users\Admin\Desktop\CIMG5970.JPG [2015-05-27 11:38:02 | 000,328,325 | ---- | C] () -- C:\Users\Admin\Desktop\CIMG5969.JPG [2015-05-27 11:38:01 | 000,322,088 | ---- | C] () -- C:\Users\Admin\Desktop\CIMG5968.JPG [2015-05-27 11:38:00 | 000,294,350 | ---- | C] () -- C:\Users\Admin\Desktop\CIMG5967.JPG [2015-05-27 11:37:59 | 000,317,246 | ---- | C] () -- C:\Users\Admin\Desktop\CIMG5966.JPG [2015-05-27 11:37:59 | 000,207,255 | ---- | C] () -- C:\Users\Admin\Desktop\CIMG5962.JPG [2015-05-27 11:37:58 | 000,384,110 | ---- | C] () -- C:\Users\Admin\Desktop\CIMG5961.JPG [2015-05-27 11:37:58 | 000,317,172 | ---- | C] () -- C:\Users\Admin\Desktop\CIMG5960.JPG [2015-05-27 11:37:57 | 005,961,014 | ---- | C] () -- C:\Users\Admin\Desktop\CIMG5978.JPG [2015-05-27 11:37:57 | 000,378,007 | ---- | C] () -- C:\Users\Admin\Desktop\CIMG5959.JPG [2015-05-27 11:37:57 | 000,246,168 | ---- | C] () -- C:\Users\Admin\Desktop\CIMG5958.JPG [2015-05-19 08:24:22 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf [2015-05-19 01:02:56 | 000,004,608 | ---- | C] () -- C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2015-05-18 23:09:11 | 000,016,303 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2015-05-18 23:09:09 | 000,016,303 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2015-05-18 19:03:43 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk [2015-05-18 19:03:43 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk [2015-05-17 18:29:04 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2015-05-17 18:26:55 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2015-05-17 18:26:55 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2015-05-17 18:24:18 | 000,000,363 | ---- | C] () -- C:\Users\Admin\Desktop\Komputer — skrót.lnk [2015-05-17 18:06:14 | 000,002,155 | ---- | C] () -- C:\Windows\epplauncher.mif [2015-05-17 18:06:08 | 000,002,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk [2015-05-12 08:20:00 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2015-04-04 15:34:58 | 000,000,266 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2015-04-02 13:51:03 | 000,000,094 | ---- | C] () -- C:\Users\Admin\AppData\Roaming\WB.CFG [2015-03-29 19:51:23 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe [2014-11-17 10:03:18 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin ========== ZeroAccess Check ========== [2009-07-14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2015-02-13 07:22:33 | 014,177,280 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2015-02-13 07:26:18 | 012,875,264 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== Alternate Data Streams ========== @Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:CB0AACC9 < End of report > [/log] Extras [log]OTL Extras logfile created on: 2015-06-03 11:42:34 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Admin\Downloads 64bit- Home Basic Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.17801) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 4,00 Gb Total Physical Memory | 1,58 Gb Available Physical Memory | 39,48% Memory free 8,00 Gb Paging File | 5,40 Gb Available in Paging File | 67,55% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 87,79 Gb Total Space | 50,02 Gb Free Space | 56,97% Space Free | Partition Type: NTFS Computer Name: ADMIN-KOMPUTER | User Name: Admin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [mplayerc64.enqueue] -- "C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe" /add "%1" (MPC-HC Team) Directory [mplayerc64.play] -- "C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe" "%1" (MPC-HC Team) Directory [Scan with Trojan Remover] -- C:\Program Files (x86)\Trojan Remover\rmvtrjan.exe /d "%1" (Simply Super Software) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [mplayerc64.enqueue] -- "C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe" /add "%1" (MPC-HC Team) Directory [mplayerc64.play] -- "C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe" "%1" (MPC-HC Team) Directory [Scan with Trojan Remover] -- C:\Program Files (x86)\Trojan Remover\rmvtrjan.exe /d "%1" (Simply Super Software) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{2DE1314E-2F71-41D9-9C85-76277F3A742E}" = lport=1542 | protocol=6 | dir=in | name=realtek wps tcp prot | "{2F456EBB-03E5-4E1E-A7A8-ECCEF7FD9EA4}" = lport=1542 | protocol=17 | dir=in | name=realtek wps udp prot | "{32211F1F-5160-42F1-AF51-8D3DF16AEE93}" = lport=68 | protocol=17 | dir=in | name=rtldhcp-port-2 | "{537AD2D2-624B-498A-855B-A7B0CF37C720}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe | "{74225FE5-66D5-4B74-B356-6D8E9FF88066}" = lport=67 | protocol=17 | dir=in | name=rtldhcp-port | "{B7F76F0A-BBA5-47C1-A5DE-E48264CAE7B5}" = lport=53 | protocol=17 | dir=in | name=rtldns-port-2 | "{CF3B80D3-4893-4ADB-B387-76F8CE1DB25D}" = lport=53 | protocol=6 | dir=in | name=rtldns-port | "{D1C87921-FF32-4F59-8FA6-3E8A2068B3C3}" = lport=53 | protocol=17 | dir=in | name=realtek ap udp prot | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0119E969-B315-4ED2-BF3B-E3ACD76A29DA}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2015\avgdiagex.exe | "{194B5E98-DFB6-4F3A-A91F-B5E5E342F7A1}" = protocol=6 | dir=in | app=c:\program files (x86)\realtek\usb wireless lan utility\rtwlan.exe | "{206C3112-A074-4A9C-BB06-AF9100E84407}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | "{2560B59C-D809-416D-9EC5-5DD691CFCCB3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{2B41205F-99C2-4D99-BF0E-E4A7D437132C}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2015\avgemca.exe | "{2B7BF773-6FF7-4954-BD54-14CB62792250}" = dir=in | app=c:\program files (x86)\realtek\usb wireless lan utility\rtldhcp.exe | "{2F981D92-2D8E-458B-A32A-F5E50238BC12}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2015\avgdiagex.exe | "{4035C25B-BB9C-4B81-99D3-7A8B6D7CB4EC}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2015\avgnsa.exe | "{4453A397-A219-489A-8987-35DE11C27A34}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2015\avgmfapx.exe | "{572B86F3-38AE-49D8-87AD-CFEB715D80C4}" = protocol=17 | dir=in | app=c:\program files (x86)\realtek\usb wireless lan utility\rtwlan.exe | "{67658990-AB02-438A-B363-81B740493E4C}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2015\avgnsa.exe | "{7449109E-0775-4AB3-94F2-3A4DBFB44619}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | "{AE159D34-BA6B-4AA6-822F-875A0579EB53}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2015\avgemca.exe | "{EA369AEC-8821-42D9-9378-E6C9CD13FEB5}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2015\avgmfapx.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{26212108-F1D3-40D7-89BE-0FCC4B161EC0}" = AVG 2015 "{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0415-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Polish) 2007 "{A49402DD-2781-3782-B0CF-52BDA349E3F3}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack "{D9FCBAAE-DB72-488B-96D0-0AA3C892C0D6}" = Microsoft Security Client "{E23970BE-3D5D-4B64-A7D6-0B6E108AB609}" = AVG 2015 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "0329F0F5F857B7ADC8C6907F5A56B980B5D06A4F" = Windows Driver Package - Broadcom (k57nd60a) Net (06/07/2009 12.2.1.0) "AVG" = AVG 2015 "B52B5AD4AC0A36B7A430EB5B40D66752D096FD52" = Windows Driver Package - Broadcom (b57nd60a) Net (05/28/2009 12.2.0.3) "CNXT_AUDIO_HDA" = Conexant HD Audio "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile "Microsoft Security Client" = Microsoft Security Essentials [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 7.2 "{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java(TM) 7 Update 4 "{26A24AE4-039D-4CA4-87B4-2F83218045F0}" = Java 8 Update 45 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module "{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper "{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-001F-0415-0000-0000000FF1CE}_ENTERPRISE_{9CC96D78-9E1D-46E0-AF4D-3EB440CD4619}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002A-0415-1000-0000000FF1CE}_ENTERPRISE_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007 "{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007 "{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D3D8C60-A55F-4fed-B2B9-173F09590E16}" = REALTEK Wireless LAN Driver "{AC76BA86-7AD7-1045-7B44-AB0000000001}" = Adobe Reader XI - Polish "{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Qualcomm Atheros Driver Installation Program "{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module "Adobe Flash Player NPAPI" = Adobe Flash Player 17 NPAPI "ENTERPRISE" = Microsoft Office Enterprise 2007 "ESET Online Scanner" = ESET Online Scanner v3 "Fotosizer" = Fotosizer 2.09 "Google Chrome" = Google Chrome "KLiteCodecPack_is1" = K-Lite Codec Pack 11.0.5 Full "Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 2.1.6.1022 "Mozilla Firefox 38.0.1 (x86 pl)" = Mozilla Firefox 38.0.1 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "SpeedFan" = SpeedFan (remove only) "SpyHunter" = SpyHunter 4 "Trojan Remover_is1" = Trojan Remover 6.9.2 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Opera 29.0.1795.60" = Opera Stable 29.0.1795.60 ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 2015-06-02 11:34:29 | Computer Name = Admin-Komputer | Source = MsiInstaller | ID = 10005 Description = Error - 2015-06-02 11:34:29 | Computer Name = Admin-Komputer | Source = MsiInstaller | ID = 10005 Description = Error - 2015-06-02 11:34:29 | Computer Name = Admin-Komputer | Source = MsiInstaller | ID = 10005 Description = Error - 2015-06-02 11:34:29 | Computer Name = Admin-Komputer | Source = MsiInstaller | ID = 10005 Description = Error - 2015-06-02 11:34:29 | Computer Name = Admin-Komputer | Source = MsiInstaller | ID = 10005 Description = Error - 2015-06-02 11:34:29 | Computer Name = Admin-Komputer | Source = MsiInstaller | ID = 10005 Description = Error - 2015-06-02 11:34:32 | Computer Name = Admin-Komputer | Source = MsiInstaller | ID = 10005 Description = Error - 2015-06-02 11:35:32 | Computer Name = Admin-Komputer | Source = Application Hang | ID = 1002 Description = Program Explorer.EXE w wersji 6.1.7601.17567 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 660 Godzina rozpoczęcia: 01d09d48b5e48ea5 Godzina zakończenia: 31 Ścieżka aplikacji: C:\Windows\Explorer.EXE Identyfikator raportu: fb63568e-093c-11e5-acae-00262d7c57d3 Error - 2015-06-02 11:36:25 | Computer Name = Admin-Komputer | Source = SideBySide | ID = 16842832 Description = Nie można wygenerować kontekstu aktywacji dla „C:\Users\Admin\Downloads\esetsmartinstaller_plk.exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest. Składnik 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest. Error - 2015-06-02 15:55:03 | Computer Name = Admin-Komputer | Source = SideBySide | ID = 16842832 Description = Nie można wygenerować kontekstu aktywacji dla „C:\Users\Admin\Downloads\esetsmartinstaller_plk.exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest. Składnik 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest. [ System Events ] Error - 2015-06-03 05:29:36 | Computer Name = Admin-Komputer | Source = Service Control Manager | ID = 7034 Description = Usługa MBAMScheduler niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2015-06-03 05:29:45 | Computer Name = Admin-Komputer | Source = Service Control Manager | ID = 7031 Description = Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 2. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error - 2015-06-03 05:30:15 | Computer Name = Admin-Komputer | Source = Service Control Manager | ID = 7032 Description = Menedżer sterowania usługami próbował podjąć akcję korekcyjną (Uruchom usługę ponownie) po nieoczekiwanym zakończeniu usługi Windows Search, ale ta akcja nie powiodła się przy następującym błędzie: %%1056. Error - 2015-06-03 05:30:28 | Computer Name = Admin-Komputer | Source = Service Control Manager | ID = 7011 Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji z usługi avgwd. Error - 2015-06-03 05:31:01 | Computer Name = Admin-Komputer | Source = Service Control Manager | ID = 7043 Description = Usługa AVGIDSAgent nie została poprawnie zamknięta po odebraniu kodu sterującego przed zamknięciem. Error - 2015-06-03 05:32:17 | Computer Name = Admin-Komputer | Source = atikmdag | ID = 52236 Description = CPLIB :: General - Invalid Parameter Error - 2015-06-03 05:32:17 | Computer Name = Admin-Komputer | Source = atikmdag | ID = 43029 Description = Display is not active Error - 2015-06-03 05:34:49 | Computer Name = Admin-Komputer | Source = atikmdag | ID = 52236 Description = CPLIB :: General - Invalid Parameter Error - 2015-06-03 05:34:49 | Computer Name = Admin-Komputer | Source = atikmdag | ID = 43029 Description = Display is not active Error - 2015-06-03 05:46:00 | Computer Name = Admin-Komputer | Source = Service Control Manager | ID = 7006 Description = Wywołanie ScRegSetValueExW dla Start nie powiodło się i wystąpił następujący błąd: %%5. < End of report > [/log] Additional [log]Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-05-2015 Ran by Admin at 2015-06-03 12:11:47 Running from C:\Users\Admin\Downloads Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Admin (S-1-5-21-763503678-1833120614-930467974-1000 - Administrator - Enabled) => C:\Users\Admin Administrator (S-1-5-21-763503678-1833120614-930467974-500 - Administrator - Disabled) Gość (S-1-5-21-763503678-1833120614-930467974-501 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A} AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413} AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated) Adobe Reader XI - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated) Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{04E205D6-88B1-4652-B162-42DF2C3B1228}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{128A36ED-21BE-4547-9FFE-5B85AEC735DD}) (Version: - Microsoft) AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5961 - AVG Technologies) AVG 2015 (Version: 15.0.4355 - AVG Technologies) Hidden AVG 2015 (Version: 15.0.5961 - AVG Technologies) Hidden Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.98.9.0 - Conexant) ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - ) Fotosizer 2.09 (HKLM-x32\...\Fotosizer) (Version: 2.09.0.548 - Fotosizer.com) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.) Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation) Java(TM) 7 Update 4 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217004FF}) (Version: 7.0.40 - Oracle) K-Lite Codec Pack 11.0.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.0.5 - ) Malwarebytes Anti-Malware wersja 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation) Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Mozilla Firefox 38.0.1 (x86 pl) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 pl)) (Version: 38.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0 - Mozilla) Opera Stable 29.0.1795.60 (HKU\S-1-5-21-763503678-1833120614-930467974-1000\...\Opera 29.0.1795.60) (Version: 29.0.1795.60 - Opera Software ASA) Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile PLK Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros) REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173F09590E16}) (Version: 1.00.0165 - REALTEK Semiconductor Corp.) Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.) SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.19.13.4482 - Enigma Software Group, LLC) Trojan Remover 6.9.2 (HKLM-x32\...\Trojan Remover_is1) (Version: 6.9.2 - Simply Super Software) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) Windows Driver Package - Broadcom (b57nd60a) Net (05/28/2009 12.2.0.3) (HKLM\...\B52B5AD4AC0A36B7A430EB5B40D66752D096FD52) (Version: 05/28/2009 12.2.0.3 - Broadcom) Windows Driver Package - Broadcom (k57nd60a) Net (06/07/2009 12.2.1.0) (HKLM\...\0329F0F5F857B7ADC8C6907F5A56B980B5D06A4F) (Version: 06/07/2009 12.2.1.0 - Broadcom) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Restore Points ========================= 28-05-2015 08:11:19 Instalator modułów systemu Windows 28-05-2015 09:55:56 Instalator modułów systemu Windows 30-05-2015 08:32:57 Windows Update 31-05-2015 16:37:55 Instalator modułów systemu Windows 01-06-2015 22:45:49 Installed AVG 2015 01-06-2015 22:46:26 Installed AVG 2015 ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {16FD276B-F6CC-4894-B383-8565F7C4AFC6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-29] (Google Inc.) Task: {198184EF-6CE9-4FAE-8479-A720BC3B8ED5} - System32\Tasks\Opera scheduled Autoupdate 1427972529 => C:\Users\Admin\AppData\Local\Programs\Opera\launcher.exe [2015-05-18] (Opera Software) Task: {1CC91959-2272-4731-BB47-1EC8A57F569A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-29] (Google Inc.) Task: {1D6E9DE6-5768-4D45-983B-BBA7F0DB6D3C} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation) Task: {4CE45DD0-D737-46AF-AC6D-FA9F0FE8B5AD} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation) Task: {574F30CA-36F3-4847-BDAF-49D22F37CF52} - System32\Tasks\0215piUpdateInfo => C:\ProgramData\Avg_Update_0215pi\0215pi_AVG-Secure-Search-Update.exe [2015-02-17] () Task: {6E681389-C338-4A2F-9F42-54D3B25F832A} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation) Task: {81B5530F-568A-44BD-A930-5F8F2FA35679} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-17] (Adobe Systems Incorporated) Task: {DE0A0FA3-E69F-42F9-BC59-BFCF10171CAE} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation) Task: {E7E36A62-3727-45EB-A1ED-20916C4E563E} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks Task: C:\Windows\Tasks\0215piUpdateInfo.job => C:\ProgramData\Avg_Update_0215pi\0215pi_AVG-Secure-Search-Update.exe Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2015-05-27 10:58 - 2015-05-22 22:22 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libglesv2.dll 2015-05-27 10:57 - 2015-05-22 22:22 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libegl.dll 2015-05-27 10:59 - 2015-05-22 22:22 - 14982472 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9 ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-763503678-1833120614-930467974-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: TrojanScanner => C:\Program Files (x86)\Trojan Remover\Trjscan.exe /boot ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{194B5E98-DFB6-4F3A-A91F-B5E5E342F7A1}] => (Allow) C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtWLan.exe FirewallRules: [{572B86F3-38AE-49D8-87AD-CFEB715D80C4}] => (Allow) C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtWLan.exe FirewallRules: [{2DE1314E-2F71-41D9-9C85-76277F3A742E}] => (Allow) LPort=1542 FirewallRules: [{2F456EBB-03E5-4E1E-A7A8-ECCEF7FD9EA4}] => (Allow) LPort=1542 FirewallRules: [{D1C87921-FF32-4F59-8FA6-3E8A2068B3C3}] => (Allow) LPort=53 FirewallRules: [{74225FE5-66D5-4B74-B356-6D8E9FF88066}] => (Allow) LPort=67 FirewallRules: [{32211F1F-5160-42F1-AF51-8D3DF16AEE93}] => (Allow) LPort=68 FirewallRules: [{CF3B80D3-4893-4ADB-B387-76F8CE1DB25D}] => (Allow) LPort=53 FirewallRules: [{B7F76F0A-BBA5-47C1-A5DE-E48264CAE7B5}] => (Allow) LPort=53 FirewallRules: [{2B7BF773-6FF7-4954-BD54-14CB62792250}] => (Allow) C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\Rtldhcp.exe FirewallRules: [{2560B59C-D809-416D-9EC5-5DD691CFCCB3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{7449109E-0775-4AB3-94F2-3A4DBFB44619}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{206C3112-A074-4A9C-BB06-AF9100E84407}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{537AD2D2-624B-498A-855B-A7B0CF37C720}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{4035C25B-BB9C-4B81-99D3-7A8B6D7CB4EC}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe FirewallRules: [{67658990-AB02-438A-B363-81B740493E4C}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe FirewallRules: [{2F981D92-2D8E-458B-A32A-F5E50238BC12}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe FirewallRules: [{0119E969-B315-4ED2-BF3B-E3ACD76A29DA}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe FirewallRules: [{EA369AEC-8821-42D9-9378-E6C9CD13FEB5}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe FirewallRules: [{4453A397-A219-489A-8987-35DE11C27A34}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe FirewallRules: [{AE159D34-BA6B-4AA6-822F-875A0579EB53}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe FirewallRules: [{2B41205F-99C2-4D99-BF0E-E4A7D437132C}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (06/03/2015 00:10:46 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program FRST64.exe w wersji 29.5.2015.0 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: a04 Godzina rozpoczęcia: 01d09de538730d32 Godzina zakończenia: 10 Ścieżka aplikacji: C:\Users\Admin\Downloads\FRST64.exe Identyfikator raportu: Error: (06/03/2015 00:03:35 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1”. Błąd w pliku manifestu lub w pliku zasad „C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2” w wierszu C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3. Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest. Składnik 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest. Error: (06/02/2015 09:55:03 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1”. Błąd w pliku manifestu lub w pliku zasad „C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2” w wierszu C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3. Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest. Składnik 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest. Error: (06/02/2015 05:36:25 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1”. Błąd w pliku manifestu lub w pliku zasad „C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2” w wierszu C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3. Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest. Składnik 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest. Error: (06/02/2015 05:35:32 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program Explorer.EXE w wersji 6.1.7601.17567 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 660 Godzina rozpoczęcia: 01d09d48b5e48ea5 Godzina zakończenia: 31 Ścieżka aplikacji: C:\Windows\Explorer.EXE Identyfikator raportu: fb63568e-093c-11e5-acae-00262d7c57d3 Error: (06/02/2015 05:34:32 PM) (Source: MsiInstaller) (EventID: 10005) (User: Admin-Komputer) Description: Product: Media Search App by Ask -- Error 25001. The following applications must be closed before continuing the uninstall: Google Chrome Error: (06/02/2015 05:34:29 PM) (Source: MsiInstaller) (EventID: 10005) (User: Admin-Komputer) Description: Product: Media Search App by Ask -- Error 25001. The following applications must be closed before continuing the uninstall: Google Chrome Error: (06/02/2015 05:34:29 PM) (Source: MsiInstaller) (EventID: 10005) (User: Admin-Komputer) Description: Product: Media Search App by Ask -- Error 25001. The following applications must be closed before continuing the uninstall: Google Chrome Error: (06/02/2015 05:34:29 PM) (Source: MsiInstaller) (EventID: 10005) (User: Admin-Komputer) Description: Product: Media Search App by Ask -- Error 25001. The following applications must be closed before continuing the uninstall: Google Chrome Error: (06/02/2015 05:34:29 PM) (Source: MsiInstaller) (EventID: 10005) (User: Admin-Komputer) Description: Product: Media Search App by Ask -- Error 25001. The following applications must be closed before continuing the uninstall: Google Chrome System errors: ============= Error: (06/03/2015 11:46:00 AM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: Wywołanie ScRegSetValueExW dla Start nie powiodło się i wystąpił następujący błąd: %%5. Error: (06/03/2015 11:34:49 AM) (Source: atikmdag) (EventID: 10261) (User: ) Description: Display is not active Error: (06/03/2015 11:34:49 AM) (Source: atikmdag) (EventID: 19468) (User: ) Description: CPLIB :: General - Invalid Parameter Error: (06/03/2015 11:32:17 AM) (Source: atikmdag) (EventID: 10261) (User: ) Description: Display is not active Error: (06/03/2015 11:32:17 AM) (Source: atikmdag) (EventID: 19468) (User: ) Description: CPLIB :: General - Invalid Parameter Error: (06/03/2015 11:31:01 AM) (Source: Service Control Manager) (EventID: 7043) (User: ) Description: Usługa AVGIDSAgent nie została poprawnie zamknięta po odebraniu kodu sterującego przed zamknięciem. Error: (06/03/2015 11:30:28 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji z usługi avgwd. Error: (06/03/2015 11:30:15 AM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Menedżer sterowania usługami próbował podjąć akcję korekcyjną (Uruchom usługę ponownie) po nieoczekiwanym zakończeniu usługi Windows Search, ale ta akcja nie powiodła się przy następującym błędzie: %%1056. Error: (06/03/2015 11:29:45 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 2. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (06/03/2015 11:29:36 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa MBAMScheduler niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Microsoft Office: ========================= ==================== Memory info =========================== Processor: AMD Turion(tm) II Dual-Core Mobile M500 Percentage of memory in use: 55% Total physical RAM: 4094.36 MB Available physical RAM: 1838.39 MB Total Pagefile: 8186.91 MB Available Pagefile: 5539.24 MB Total Virtual: 8192 MB Available Virtual: 8191.84 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:87.79 GB) (Free:49.88 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 3AA03A9F) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=87.8 GB) - (Type=07 NTFS) ==================== End of log ============================[/log] FRST [log]Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2015 Ran by Admin (administrator) on ADMIN-KOMPUTER on 03-06-2015 12:11:11 Running from C:\Users\Admin\Downloads Loaded Profiles: Admin (Available Profiles: Admin) Platform: Windows 7 Home Basic Service Pack 1 (X64) OS Language: Polski (Polska) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe (Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [503864 2009-07-20] (Conexant Systems, Inc.) HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3745744 2015-05-18] (AVG Technologies CZ, s.r.o.) HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2015-04-04] (Microsoft Corporation) GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\S-1-5-21-763503678-1833120614-930467974-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/pl-pl/?ocid=iehp URLSearchHook: HKLM-x32 - Default Value = {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D} SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-05-10] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-10] (Oracle Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\y2ivlw4h.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-17] () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-17] () FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2015-05-10] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-10] (Oracle Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-20] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-20] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.) FF Extension: browse pulse - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\y2ivlw4h.default\Extensions\{a9e48233-42c3-4f62-bfa8-e9a7564b97d6}.xpi [2015-05-18] FF Extension: No Name - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\y2ivlw4h.default\extensions\searchffv2@gmail.com [not found] FF Extension: No Name - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\y2ivlw4h.default\extensions\{8a167a0d-2593-78be-dffa-baa301a8d989} [not found] FF Extension: No Name - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\y2ivlw4h.default\extensions\sweetsearch@gmail.com [not found] FF Extension: No Name - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\y2ivlw4h.default\extensions\quick_searchff@gmail.com [not found] Chrome: ======= CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-29] CHR Extension: (Google Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-29] CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-29] CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-29] CHR Extension: (Google Search) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-29] CHR Extension: (Google Sheets) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-29] CHR Extension: (Bookmark Manager) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-22] CHR Extension: (Google Wallet) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-29] CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3438544 2015-05-18] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [311792 2015-05-18] (AVG Technologies CZ, s.r.o.) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation) R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed] R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation) R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [284128 2015-04-27] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [253920 2015-05-07] (AVG Technologies CZ, s.r.o.) R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [256992 2015-04-15] (AVG Technologies CZ, s.r.o.) R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.) R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [220128 2015-05-07] (AVG Technologies CZ, s.r.o.) R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.) R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [291296 2015-05-04] (AVG Technologies CZ, s.r.o.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-03] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation) R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-03 12:08 - 2015-06-03 12:11 - 00011662 _____ () C:\Users\Admin\Downloads\FRST.txt 2015-06-03 12:08 - 2015-06-03 12:11 - 00000000 ____D () C:\FRST 2015-06-03 12:08 - 2015-06-03 12:08 - 02108928 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe 2015-06-03 12:07 - 2015-06-03 12:07 - 01147392 _____ (Farbar) C:\Users\Admin\Downloads\FRST (2).exe 2015-06-03 11:54 - 2015-06-03 11:54 - 00044514 _____ () C:\Users\Admin\Downloads\Extras.Txt 2015-06-03 11:53 - 2015-06-03 11:53 - 00170494 _____ () C:\Users\Admin\Downloads\OTL.Txt 2015-06-03 11:49 - 2015-06-03 11:50 - 01147392 _____ (Farbar) C:\Users\Admin\Downloads\FRST (1).exe 2015-06-03 11:49 - 2015-06-03 11:49 - 01147392 _____ (Farbar) C:\Users\Admin\Downloads\FRST.exe 2015-06-03 11:41 - 2015-06-03 11:41 - 00602112 _____ (OldTimer Tools) C:\Users\Admin\Downloads\OTL.exe 2015-06-03 11:24 - 2015-06-03 11:25 - 02231296 _____ () C:\Users\Admin\Downloads\adwcleaner_4.206.exe 2015-06-03 10:06 - 2015-06-03 10:06 - 00000000 _____ () C:\autoexec.bat 2015-06-02 23:16 - 2015-06-02 23:43 - 00000000 ____D () C:\Users\Admin\Doctor Web 2015-06-02 23:08 - 2015-06-02 23:16 - 163015928 _____ () C:\Users\Admin\Downloads\launch.exe 2015-06-02 22:09 - 2015-06-03 10:05 - 00000000 ____D () C:\Program Files (x86)\SpeedFan 2015-06-02 22:09 - 2015-06-02 22:09 - 02218504 _____ () C:\Users\Admin\Downloads\instspeedfan451 (1).exe 2015-06-02 22:09 - 2015-06-02 22:09 - 00001007 _____ () C:\Users\Admin\Desktop\SpeedFan.lnk 2015-06-02 22:09 - 2015-06-02 22:09 - 00000045 _____ () C:\Windows\SysWOW64\initdebug.nfo 2015-06-02 22:09 - 2015-06-02 22:09 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan 2015-06-02 22:08 - 2015-06-02 22:09 - 02218504 _____ () C:\Users\Admin\Downloads\instspeedfan451.exe 2015-06-02 21:55 - 2015-06-03 11:37 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-06-02 21:55 - 2015-06-02 21:55 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2015-06-02 21:55 - 2015-06-02 21:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2015-06-02 21:55 - 2015-06-02 21:55 - 00000000 ____D () C:\ProgramData\Malwarebytes 2015-06-02 21:55 - 2015-06-02 21:55 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2015-06-02 21:55 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-06-02 21:55 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-06-02 21:55 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-06-02 18:29 - 2015-06-02 22:13 - 00000000 ____D () C:\ProgramData\TEMP 2015-06-02 18:29 - 2015-06-02 18:29 - 00000000 ____D () C:\Users\Admin\Documents\Simply Super Software 2015-06-02 18:29 - 2015-06-02 18:29 - 00000000 ____D () C:\ProgramData\Licenses 2015-06-02 17:50 - 2015-06-02 21:53 - 00000376 _____ () C:\Users\Admin\Desktop\avgrep.txt 2015-06-02 17:50 - 2015-06-02 17:50 - 00001079 _____ () C:\Users\Public\Desktop\Trojan Remover.lnk 2015-06-02 17:50 - 2015-06-02 17:50 - 00000000 ____D () C:\ProgramData\Simply Super Software 2015-06-02 17:50 - 2015-06-02 17:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover 2015-06-02 17:50 - 2015-06-02 17:50 - 00000000 ____D () C:\Program Files (x86)\Trojan Remover 2015-06-02 17:48 - 2015-06-02 17:50 - 38982112 _____ (Simply Super Software ) C:\Users\Admin\Downloads\trjsetup692.exe 2015-06-02 17:33 - 2015-06-02 17:33 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Admin\Downloads\mbam-setup-2.1.6.1022.exe 2015-06-01 22:52 - 2015-06-01 22:52 - 00002438 _____ () C:\Windows\System32\Tasks\0215piUpdateInfo 2015-06-01 22:52 - 2015-06-01 22:52 - 00000320 _____ () C:\Windows\Tasks\0215piUpdateInfo.job 2015-06-01 22:52 - 2015-06-01 22:52 - 00000000 ____D () C:\ProgramData\Avg_Update_0215pi 2015-06-01 22:49 - 2015-06-01 22:49 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\AVG2015 2015-06-01 22:48 - 2015-06-01 22:48 - 00000995 _____ () C:\Users\Public\Desktop\AVG 2015.lnk 2015-06-01 22:48 - 2015-06-01 22:48 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\TuneUp Software 2015-06-01 22:48 - 2015-06-01 22:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2015-06-01 22:47 - 2015-06-01 22:49 - 00000000 ____D () C:\ProgramData\AVG2015 2015-06-01 22:47 - 2015-06-01 22:47 - 00000000 ___HD () C:\$AVG 2015-06-01 22:46 - 2015-06-01 22:46 - 00000000 ____D () C:\Program Files (x86)\AVG 2015-06-01 22:45 - 2015-06-03 09:49 - 00000000 ____D () C:\ProgramData\MFAData 2015-06-01 22:45 - 2015-06-02 17:50 - 00000000 ____D () C:\Users\Admin\AppData\Local\Avg2015 2015-06-01 22:45 - 2015-06-01 22:45 - 00000000 ____D () C:\Users\Admin\AppData\Local\MFAData 2015-06-01 22:32 - 2015-06-01 22:44 - 189172632 _____ (AVG Technologies) C:\Users\Admin\Downloads\avg_free_x64_all_2015_ltst_221.exe 2015-06-01 22:15 - 2015-06-01 22:15 - 02591716 _____ (AVG Technologies) C:\Users\Admin\Downloads\Niepotwierdzony 278016.crdownload 2015-06-01 21:25 - 2015-06-01 21:25 - 00000000 ____D () C:\Program Files (x86)\ESET 2015-06-01 21:24 - 2015-06-01 21:25 - 02347384 _____ (ESET) C:\Users\Admin\Downloads\esetsmartinstaller_plk.exe 2015-06-01 21:24 - 2015-06-01 21:24 - 00000000 ____D () C:\Users\Admin\AppData\Local\GWX 2015-05-28 10:23 - 2015-05-28 10:23 - 00000000 __SHD () C:\Users\Admin\AppData\Local\EmieUserList 2015-05-28 10:23 - 2015-05-28 10:23 - 00000000 __SHD () C:\Users\Admin\AppData\Local\EmieSiteList 2015-05-28 10:23 - 2015-05-28 10:23 - 00000000 __SHD () C:\Users\Admin\AppData\Local\EmieBrowserModeList 2015-05-28 08:03 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2015-05-28 08:03 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2015-05-27 16:15 - 2015-05-28 08:11 - 00000000 ___SD () C:\Windows\SysWOW64\GWX 2015-05-27 16:15 - 2015-05-28 08:11 - 00000000 ___SD () C:\Windows\system32\GWX 2015-05-19 08:24 - 2012-07-26 05:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll 2015-05-19 08:24 - 2012-07-26 05:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe 2015-05-19 08:24 - 2012-07-26 05:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll 2015-05-19 08:24 - 2012-07-26 05:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll 2015-05-19 08:24 - 2012-07-26 05:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll 2015-05-19 08:24 - 2012-07-26 04:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys 2015-05-19 08:24 - 2012-07-26 04:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys 2015-05-19 08:24 - 2012-06-02 16:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf 2015-05-19 07:17 - 2015-05-19 07:17 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help 2015-05-19 07:17 - 2015-05-19 07:17 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help 2015-05-19 07:11 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2015-05-19 07:11 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2015-05-19 01:02 - 2015-05-19 01:04 - 00004608 _____ () C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-05-18 23:09 - 2015-04-22 04:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-05-18 23:09 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-05-18 23:09 - 2015-04-21 19:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-05-18 23:09 - 2015-04-21 19:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-05-18 23:09 - 2015-04-21 18:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-05-18 23:09 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-05-18 23:09 - 2015-04-21 18:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-05-18 23:09 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-05-18 23:09 - 2015-04-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-05-18 23:09 - 2015-04-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-05-18 23:09 - 2015-04-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-05-18 23:09 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-05-18 23:09 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-05-18 23:09 - 2015-04-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-05-18 23:09 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-05-18 23:09 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-05-18 23:09 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-05-18 23:09 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-05-18 23:09 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-05-18 23:09 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-05-18 23:09 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-05-18 23:09 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-05-18 23:09 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-05-18 23:09 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-05-18 23:09 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-05-18 23:09 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-05-18 23:09 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-05-18 23:09 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-05-18 23:09 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-05-18 23:09 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-05-18 23:09 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-05-18 23:09 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-05-18 23:09 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-05-18 23:09 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-05-18 23:09 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-05-18 23:09 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-05-18 23:09 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-05-18 23:09 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-05-18 23:09 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-05-18 23:09 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-05-18 23:09 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-05-18 23:09 - 2013-12-04 04:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll 2015-05-18 23:09 - 2013-12-04 04:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll 2015-05-18 23:09 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll 2015-05-18 23:09 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll 2015-05-18 23:09 - 2013-12-04 04:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll 2015-05-18 23:09 - 2013-12-04 04:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe 2015-05-18 23:09 - 2013-12-04 04:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe 2015-05-18 23:09 - 2013-12-04 04:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe 2015-05-18 23:09 - 2013-12-04 04:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe 2015-05-18 23:09 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll 2015-05-18 23:09 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll 2015-05-18 23:09 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll 2015-05-18 23:09 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll 2015-05-18 23:09 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll 2015-05-18 23:09 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe 2015-05-18 23:09 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe 2015-05-18 23:09 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe 2015-05-18 23:09 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe 2015-05-18 23:08 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-05-18 23:08 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-05-18 23:08 - 2015-04-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-05-18 23:08 - 2015-04-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-05-18 23:08 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-05-18 23:08 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-05-18 23:08 - 2015-04-21 18:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-05-18 23:08 - 2015-04-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-05-18 23:08 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-05-18 23:08 - 2015-04-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-05-18 23:08 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-05-18 23:08 - 2015-04-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-05-18 23:08 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-05-18 23:08 - 2015-04-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-05-18 23:08 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-05-18 23:08 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-05-18 23:08 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-05-18 23:08 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-05-18 23:08 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-05-18 23:08 - 2011-02-25 08:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\explorer.exe 2015-05-18 23:08 - 2011-02-25 07:30 - 02616320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe 2015-05-18 23:05 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL 2015-05-18 23:05 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL 2015-05-18 23:05 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL 2015-05-18 23:05 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL 2015-05-18 23:05 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL 2015-05-18 23:05 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL 2015-05-18 23:05 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL 2015-05-18 23:05 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL 2015-05-18 23:05 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL 2015-05-18 23:05 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL 2015-05-18 23:05 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2015-05-18 23:05 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2015-05-18 23:05 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2015-05-18 23:05 - 2013-11-23 00:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2015-05-18 23:05 - 2012-02-11 08:36 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe 2015-05-18 23:05 - 2012-02-11 08:36 - 00067072 _____ (Microsoft Corporation) C:\Windows\splwow64.exe 2015-05-18 23:05 - 2011-03-11 08:41 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys 2015-05-18 23:05 - 2011-03-11 08:41 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys 2015-05-18 23:05 - 2011-03-11 08:41 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys 2015-05-18 23:05 - 2011-03-11 08:41 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys 2015-05-18 23:05 - 2011-03-11 08:41 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys 2015-05-18 23:05 - 2011-03-11 08:33 - 02565632 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll 2015-05-18 23:05 - 2011-03-11 08:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe 2015-05-18 23:05 - 2011-03-11 07:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll 2015-05-18 23:05 - 2011-03-11 07:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe 2015-05-18 23:05 - 2011-03-11 06:37 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS 2015-05-18 23:04 - 2015-05-05 03:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-05-18 23:04 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-05-18 23:04 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2015-05-18 23:04 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2015-05-18 23:04 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe 2015-05-18 23:04 - 2015-04-04 05:29 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-05-18 23:04 - 2015-04-04 05:29 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-05-18 23:04 - 2015-04-04 05:22 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-05-18 23:04 - 2015-04-04 05:22 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-05-18 23:04 - 2015-04-04 05:22 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-05-18 23:04 - 2015-04-04 05:22 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-05-18 23:04 - 2015-04-04 05:22 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-05-18 23:04 - 2015-04-04 05:22 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-05-18 23:04 - 2015-04-04 05:22 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-05-18 23:04 - 2015-04-04 05:22 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-05-18 23:04 - 2015-04-04 05:22 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-05-18 23:04 - 2015-04-04 05:22 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-05-18 23:04 - 2015-04-04 05:20 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-05-18 23:04 - 2015-04-04 05:20 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-05-18 23:04 - 2015-04-04 05:17 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-05-18 23:04 - 2015-04-04 05:17 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-05-18 23:04 - 2015-04-04 05:15 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-05-18 23:04 - 2015-04-04 05:05 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-05-18 23:04 - 2015-04-04 05:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-05-18 23:04 - 2015-04-04 05:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-05-18 23:04 - 2015-04-04 05:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-05-18 23:04 - 2015-04-04 05:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-05-18 23:04 - 2015-04-04 05:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-05-18 23:04 - 2015-04-04 05:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-05-18 23:04 - 2015-04-04 05:04 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-05-18 23:04 - 2015-04-04 05:04 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2015-05-18 23:04 - 2015-04-04 05:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-05-18 23:04 - 2015-04-04 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2015-05-18 23:04 - 2015-04-04 04:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-05-18 22:56 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2015-05-18 22:56 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2015-05-18 22:56 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2015-05-18 22:56 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-05-18 22:56 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll 2015-05-18 22:56 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll 2015-05-18 22:56 - 2015-03-25 05:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-05-18 22:56 - 2015-03-25 05:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-05-18 22:56 - 2015-03-25 05:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-05-18 22:56 - 2015-03-25 05:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-05-18 22:56 - 2015-03-25 05:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-05-18 22:56 - 2015-03-25 05:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2015-05-18 22:56 - 2015-03-25 05:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-05-18 22:56 - 2015-03-25 05:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-05-18 22:56 - 2015-03-25 05:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-05-18 22:56 - 2015-03-25 05:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-05-18 22:56 - 2015-03-25 05:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2015-05-18 22:56 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-05-18 22:56 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-05-18 22:56 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-05-18 22:56 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-05-18 22:56 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2015-05-18 22:56 - 2015-03-23 05:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-05-18 22:56 - 2015-03-23 05:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-05-18 22:56 - 2015-03-23 05:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-05-18 22:56 - 2015-03-23 05:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-05-18 22:56 - 2015-03-23 05:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-05-18 22:56 - 2015-03-23 05:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2015-05-18 22:56 - 2015-03-23 05:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-05-18 22:56 - 2015-03-23 05:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-05-18 22:56 - 2015-03-17 07:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-05-18 22:56 - 2015-03-17 07:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-05-18 22:56 - 2015-03-17 07:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2015-05-18 22:56 - 2015-03-17 07:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2015-05-18 22:56 - 2015-03-17 07:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2015-05-18 22:56 - 2015-03-17 07:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2015-05-18 22:56 - 2015-03-17 07:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-05-18 22:56 - 2015-03-17 07:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2015-05-18 22:56 - 2015-03-17 07:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-05-18 22:56 - 2015-03-17 07:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2015-05-18 22:56 - 2015-03-17 07:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-05-18 22:56 - 2015-03-17 07:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-05-18 22:56 - 2015-03-17 07:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-05-18 22:56 - 2015-03-17 07:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2015-05-18 22:56 - 2015-03-17 07:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2015-05-18 22:56 - 2015-03-17 07:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-05-18 22:56 - 2015-03-17 07:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2015-05-18 22:56 - 2015-03-17 07:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2015-05-18 22:56 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2015-05-18 22:56 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2015-05-18 22:56 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2015-05-18 22:56 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2015-05-18 22:56 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2015-05-18 22:56 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2015-05-18 22:56 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-05-18 22:56 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2015-05-18 22:56 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2015-05-18 22:56 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2015-05-18 22:56 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2015-05-18 22:56 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2015-05-18 22:56 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2015-05-18 22:56 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2015-05-18 22:56 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2015-05-18 22:56 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2015-05-18 22:56 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2015-05-18 22:56 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2015-05-18 22:56 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2015-05-18 22:56 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2015-05-18 22:56 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2015-05-18 22:56 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2015-05-18 22:56 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2015-05-18 22:56 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2015-05-18 22:56 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2015-05-18 22:56 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2015-05-18 22:56 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-05-18 22:56 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-05-18 22:56 - 2015-03-17 06:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2015-05-18 22:56 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-05-18 22:56 - 2015-03-17 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2015-05-18 22:56 - 2015-03-17 06:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2015-05-18 22:56 - 2015-03-17 06:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2015-05-18 22:56 - 2015-03-17 06:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2015-05-18 22:56 - 2015-03-17 06:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2015-05-18 22:56 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2015-05-18 22:56 - 2015-03-17 06:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2015-05-18 22:56 - 2015-03-17 06:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2015-05-18 22:56 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2015-05-18 22:56 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2015-05-18 22:56 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2015-05-18 22:56 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2015-05-18 22:56 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2015-05-18 22:56 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2015-05-18 22:56 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2015-05-18 22:56 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2015-05-18 22:56 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2015-05-18 22:56 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2015-05-18 22:56 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2015-05-18 22:56 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2015-05-18 22:56 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-05-18 22:56 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2015-05-18 22:56 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2015-05-18 22:56 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2015-05-18 22:56 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2015-05-18 22:56 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2015-05-18 22:56 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2015-05-18 22:56 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2015-05-18 22:56 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2015-05-18 22:56 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2015-05-18 22:56 - 2015-03-17 05:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2015-05-18 22:56 - 2015-03-17 05:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2015-05-18 22:56 - 2015-03-17 05:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2015-05-18 22:56 - 2015-03-17 05:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2015-05-18 22:56 - 2015-03-17 05:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2015-05-18 22:56 - 2015-03-17 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2015-05-18 22:56 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2015-05-18 22:56 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2015-05-18 22:56 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2015-05-18 22:56 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2015-05-18 22:56 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2015-05-18 22:56 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2015-05-18 22:56 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll 2015-05-18 22:56 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll 2015-05-18 22:55 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys 2015-05-18 22:55 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe 2015-05-18 22:55 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2015-05-18 22:55 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2015-05-18 22:55 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2015-05-18 22:55 - 2015-02-03 05:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2015-05-18 22:55 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2015-05-18 22:27 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys 2015-05-18 22:27 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll 2015-05-18 22:27 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll 2015-05-18 22:27 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll 2015-05-18 22:27 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe 2015-05-18 22:27 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll 2015-05-18 22:27 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll 2015-05-18 22:27 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll 2015-05-18 22:27 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll 2015-05-18 22:27 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe 2015-05-18 19:29 - 2015-05-10 11:32 - 00898144 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll 2015-05-18 19:29 - 2015-05-10 11:32 - 00817760 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll 2015-05-18 19:29 - 2015-05-10 11:32 - 00271968 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2015-05-18 19:29 - 2015-05-10 11:32 - 00191072 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2015-05-18 19:29 - 2015-05-10 11:32 - 00190560 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2015-05-18 19:03 - 2015-05-18 19:03 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2015-05-18 19:03 - 2015-05-18 19:03 - 00002019 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk 2015-05-18 19:03 - 2015-05-18 19:03 - 00000000 ____D () C:\Program Files (x86)\Adobe 2015-05-18 19:01 - 2015-05-18 19:03 - 00000000 ____D () C:\ProgramData\Adobe 2015-05-18 18:54 - 2015-05-18 18:54 - 00002673 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Otwórz dokument pakietu Microsoft Office.lnk 2015-05-18 18:54 - 2015-05-18 18:54 - 00002647 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Nowy dokument pakietu Microsoft Office.lnk 2015-05-18 18:54 - 2015-05-18 18:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2015-05-18 18:53 - 2015-05-28 08:08 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works 2015-05-18 18:53 - 2015-05-18 18:53 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 2015-05-18 18:52 - 2015-05-18 18:52 - 00000000 ____D () C:\Windows\PCHEALTH 2015-05-18 18:51 - 2015-05-18 18:51 - 00000000 ____D () C:\Windows\SHELLNEW 2015-05-18 18:51 - 2015-05-18 18:51 - 00000000 ____D () C:\Program Files\Microsoft Office 2015-05-18 18:50 - 2015-05-31 16:37 - 00000000 ____D () C:\ProgramData\Microsoft Help 2015-05-18 18:50 - 2015-05-18 18:53 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office 2015-05-18 18:50 - 2015-05-18 18:50 - 00000000 ____D () C:\Users\Admin\AppData\Local\Microsoft Help 2015-05-18 18:49 - 2015-05-18 18:49 - 00000000 __RHD () C:\MSOCache 2015-05-17 20:33 - 2015-01-09 01:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls 2015-05-17 20:33 - 2015-01-09 01:43 - 00419936 _____ () C:\Windows\system32\locale.nls 2015-05-17 20:20 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE 2015-05-17 20:12 - 2015-05-17 20:12 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2015-05-17 20:12 - 2015-05-17 20:12 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll 2015-05-17 20:12 - 2015-05-17 20:12 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2015-05-17 20:12 - 2015-05-17 20:12 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2015-05-17 20:12 - 2015-05-17 20:12 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2015-05-17 20:12 - 2015-05-17 20:12 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2015-05-17 20:12 - 2015-05-17 20:12 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2015-05-17 20:12 - 2015-05-17 20:12 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2015-05-17 20:12 - 2015-05-17 20:12 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2015-05-17 20:12 - 2015-05-17 20:12 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2015-05-17 20:12 - 2015-05-17 20:12 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2015-05-17 20:12 - 2015-05-17 20:12 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2015-05-17 20:12 - 2015-05-17 20:12 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2015-05-17 20:12 - 2015-05-17 20:12 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2015-05-17 20:12 - 2015-05-17 20:12 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2015-05-17 20:12 - 2015-05-17 20:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2015-05-17 20:12 - 2015-05-17 20:12 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2015-05-17 20:12 - 2015-05-17 20:12 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2015-05-17 20:12 - 2015-05-17 20:12 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2015-05-17 20:12 - 2015-05-17 20:12 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2015-05-17 20:12 - 2015-05-17 20:12 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2015-05-17 20:12 - 2015-05-17 20:12 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2015-05-17 20:12 - 2015-05-17 20:12 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2015-05-17 20:12 - 2015-05-17 20:12 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2015-05-17 20:12 - 2015-05-17 20:12 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2015-05-17 20:12 - 2015-05-17 20:12 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2015-05-17 20:12 - 2015-05-17 20:12 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2015-05-17 20:12 - 2015-05-17 20:12 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2015-05-17 20:12 - 2015-05-17 20:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2015-05-17 20:12 - 2015-05-17 20:12 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2015-05-17 20:12 - 2015-05-17 20:12 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2015-05-17 20:12 - 2015-05-17 20:12 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2015-05-17 20:12 - 2015-05-17 20:12 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2015-05-17 20:12 - 2015-05-17 20:12 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2015-05-17 20:12 - 2015-05-17 20:12 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2015-05-17 20:12 - 2015-05-17 20:12 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2015-05-17 20:12 - 2015-05-17 20:12 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2015-05-17 20:12 - 2015-05-17 20:12 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2015-05-17 20:12 - 2015-05-17 20:12 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2015-05-17 20:12 - 2015-05-17 20:12 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2015-05-17 20:12 - 2015-05-17 20:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2015-05-17 20:12 - 2015-05-17 20:12 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2015-05-17 20:12 - 2015-05-17 20:12 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2015-05-17 20:12 - 2015-05-17 20:12 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2015-05-17 20:12 - 2015-05-17 20:12 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2015-05-17 20:12 - 2015-05-17 20:12 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2015-05-17 20:12 - 2015-05-17 20:12 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2015-05-17 20:12 - 2015-05-17 20:12 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2015-05-17 20:06 - 2015-05-17 20:06 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll 2015-05-17 20:06 - 2015-05-17 20:06 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll 2015-05-17 20:06 - 2015-05-17 20:06 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll 2015-05-17 20:06 - 2015-05-17 20:06 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll 2015-05-17 20:06 - 2015-05-17 20:06 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll 2015-05-17 20:06 - 2015-05-17 20:06 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll 2015-05-17 20:06 - 2015-05-17 20:06 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll 2015-05-17 20:06 - 2015-05-17 20:06 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll 2015-05-17 20:06 - 2015-05-17 20:06 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll 2015-05-17 20:06 - 2015-05-17 20:06 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll 2015-05-17 20:06 - 2015-05-17 20:06 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll 2015-05-17 20:06 - 2015-05-17 20:06 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll 2015-05-17 20:06 - 2015-05-17 20:06 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll 2015-05-17 20:06 - 2015-05-17 20:06 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll 2015-05-17 20:06 - 2015-05-17 20:06 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll 2015-05-17 20:06 - 2015-05-17 20:06 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll 2015-05-17 20:06 - 2015-05-17 20:06 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll 2015-05-17 20:06 - 2015-05-17 20:06 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll 2015-05-17 20:06 - 2015-05-17 20:06 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll 2015-05-17 20:06 - 2015-05-17 20:06 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll 2015-05-17 20:06 - 2015-05-17 20:06 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll 2015-05-17 20:06 - 2015-05-17 20:06 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2015-05-17 20:06 - 2015-05-17 20:06 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2015-05-17 20:06 - 2015-05-17 20:06 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2015-05-17 20:06 - 2015-05-17 20:06 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2015-05-17 20:06 - 2015-05-17 20:06 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll 2015-05-17 20:06 - 2015-05-17 20:06 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2015-05-17 20:06 - 2015-05-17 20:06 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll 2015-05-17 20:06 - 2015-05-17 20:06 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll 2015-05-17 20:06 - 2015-05-17 20:06 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll 2015-05-17 20:06 - 2015-05-17 20:06 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll 2015-05-17 20:06 - 2015-05-17 20:06 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2015-05-17 20:06 - 2015-05-17 20:06 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll 2015-05-17 20:06 - 2015-05-17 20:06 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll 2015-05-17 20:06 - 2015-05-17 20:06 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll 2015-05-17 20:06 - 2015-05-17 20:06 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll 2015-05-17 20:06 - 2015-05-17 20:06 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll 2015-05-17 20:06 - 2015-05-17 20:06 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2015-05-17 20:03 - 2015-05-17 20:20 - 00016053 _____ () C:\Windows\IE11_main.log 2015-05-17 18:31 - 2015-05-17 18:31 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Macromedia 2015-05-17 18:31 - 2015-05-17 18:31 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Adobe 2015-05-17 18:31 - 2015-05-17 18:31 - 00000000 ____D () C:\Users\Admin\AppData\Local\Macromedia 2015-05-17 18:30 - 2015-05-30 08:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-05-17 18:29 - 2015-06-03 11:14 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-05-17 18:29 - 2015-05-17 18:29 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-05-17 18:29 - 2015-05-17 18:29 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-05-17 18:29 - 2015-05-17 18:29 - 00003868 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-05-17 18:28 - 2015-05-17 18:28 - 00000000 ____D () C:\Windows\SysWOW64\Macromed 2015-05-17 18:28 - 2015-05-17 18:28 - 00000000 ____D () C:\Windows\system32\Macromed 2015-05-17 18:27 - 2015-05-17 18:29 - 00000000 ____D () C:\Users\Admin\AppData\Local\Adobe 2015-05-17 18:26 - 2015-05-17 18:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2015-05-17 18:26 - 2015-05-17 18:27 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Mozilla 2015-05-17 18:26 - 2015-05-17 18:27 - 00000000 ____D () C:\Users\Admin\AppData\Local\Mozilla 2015-05-17 18:26 - 2015-05-17 18:26 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-05-17 18:26 - 2015-05-17 18:26 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2015-05-17 18:26 - 2015-05-17 18:26 - 00000000 ____D () C:\ProgramData\Mozilla 2015-05-17 18:24 - 2015-05-17 18:24 - 00000363 _____ () C:\Users\Admin\Desktop\Komputer — skrót.lnk 2015-05-17 18:06 - 2015-05-25 22:17 - 00002155 _____ () C:\Windows\epplauncher.mif 2015-05-17 18:06 - 2015-05-25 22:17 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk 2015-05-17 18:06 - 2015-05-25 12:32 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client 2015-05-17 18:05 - 2015-05-25 12:32 - 00000000 ____D () C:\Program Files\Microsoft Security Client 2015-05-12 08:20 - 2015-05-12 08:20 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2015-05-10 11:33 - 2015-05-10 11:33 - 00000000 ____D () C:\ProgramData\Sun 2015-05-10 11:33 - 2015-05-10 11:32 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2015-05-10 11:32 - 2015-05-18 19:28 - 00000000 ____D () C:\Program Files (x86)\Java 2015-05-10 11:32 - 2015-05-10 11:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-05-10 11:30 - 2015-05-10 11:32 - 00000000 ____D () C:\ProgramData\Oracle 2015-05-10 11:28 - 2015-05-10 11:28 - 00562272 _____ (Oracle Corporation) C:\Users\Admin\Downloads\chromeinstall-8u45.exe 2015-05-07 13:50 - 2015-05-07 13:50 - 00378336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgloga.sys 2015-05-07 13:49 - 2015-05-07 13:49 - 00253920 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsha.sys 2015-05-07 13:49 - 2015-05-07 13:49 - 00220128 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys 2015-05-04 14:14 - 2015-05-04 14:14 - 00291296 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdia.sys ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-03 12:11 - 2014-11-17 10:07 - 01409449 _____ () C:\Windows\WindowsUpdate.log 2015-06-03 12:01 - 2015-03-29 20:57 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Skype 2015-06-03 11:46 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-06-03 11:46 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-06-03 11:38 - 2015-03-29 20:53 - 00001048 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-06-03 11:35 - 2015-03-29 20:53 - 00001044 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-06-03 11:34 - 2015-03-29 19:58 - 00147274 _____ () C:\Windows\PFRO.log 2015-06-03 11:34 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-06-03 11:34 - 2009-07-14 06:51 - 00040882 _____ () C:\Windows\setupact.log 2015-06-03 11:31 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\schemas 2015-06-03 11:29 - 2015-04-13 23:24 - 00000000 ____D () C:\AdwCleaner 2015-06-03 11:29 - 2014-11-17 10:07 - 00000000 ____D () C:\Users\Admin 2015-05-29 07:48 - 2009-07-14 19:55 - 00697912 _____ () C:\Windows\system32\perfh015.dat 2015-05-29 07:48 - 2009-07-14 19:55 - 00134990 _____ () C:\Windows\system32\perfc015.dat 2015-05-29 07:48 - 2009-07-14 07:13 - 01549696 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-05-28 10:22 - 2015-03-29 20:52 - 00084592 _____ () C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT 2015-05-28 10:21 - 2009-07-14 06:45 - 00341888 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-05-28 10:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2015-05-28 10:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat 2015-05-28 05:06 - 2011-02-19 23:03 - 00421200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll 2015-05-28 05:06 - 2011-02-19 00:40 - 00773968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100.dll 2015-05-27 16:22 - 2009-07-14 06:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2015-05-27 16:15 - 2015-04-03 19:15 - 00000000 ___SD () C:\Windows\system32\CompatTel 2015-05-27 16:15 - 2015-04-03 19:15 - 00000000 ____D () C:\Windows\system32\appraiser 2015-05-27 16:15 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Defender 2015-05-27 16:15 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender 2015-05-27 16:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing 2015-05-27 16:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism 2015-05-27 16:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism 2015-05-27 16:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers 2015-05-27 12:05 - 2015-04-02 11:21 - 00000000 ____D () C:\Users\Admin\Desktop\PSY 2015-05-27 11:26 - 2015-03-29 20:54 - 00002189 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2015-05-20 10:33 - 2015-04-02 13:02 - 00004120 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1427972529 2015-05-20 10:33 - 2015-03-29 20:53 - 00004044 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-05-20 10:33 - 2015-03-29 20:53 - 00003792 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-05-18 18:52 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared 2015-05-17 20:44 - 2014-11-17 10:08 - 00001421 _____ () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-05-17 20:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System 2015-05-17 20:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK 2015-05-17 20:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR 2015-05-17 20:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\zh-HK 2015-05-17 20:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\tr-TR 2015-05-17 19:37 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2015-05-13 13:45 - 2015-04-02 13:57 - 00000000 ____D () C:\Users\Admin\Desktop\Amelka 2015-05-04 12:16 - 2015-05-03 21:41 - 00000000 ____D () C:\Users\Admin\Desktop\nowe ==================== Files in the root of some directories ======= 2015-04-02 13:51 - 2015-04-12 04:39 - 0000094 _____ () C:\Users\Admin\AppData\Roaming\WB.CFG 2015-05-19 01:02 - 2015-05-19 01:04 - 0004608 _____ () C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini Some files in TEMP: ==================== C:\Users\Admin\AppData\Local\Temp\EsgInstallerx64Stub.exe C:\Users\Admin\AppData\Local\Temp\Quarantine.exe C:\Users\Admin\AppData\Local\Temp\sfamcc00001.dll C:\Users\Admin\AppData\Local\Temp\sfextra.dll C:\Users\Admin\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-05-17 19:16 ==================== End of log ============================[/log] GMER - podczas skanowania wywala bluescreena i notebook się wyłącza.
lukee8 komentarz 3 czerwca 2015 komentarz 3 czerwca 2015 sciagnij ADW cleaner. skan i potem usun co znalazl
Krzysiek6 komentarz 3 czerwca 2015 Autor komentarz 3 czerwca 2015 To było robione w pierwszej kolejności.
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.