Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-08-2013 04 Ran by oem (administrator) on 20-08-2013 22:01:49 Running from C:\Users\oem\AppData\Local\Opera\Opera\temporary_downloads Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Polish Internet Explorer Version 9 Boot Mode: Normal ==================== Processes (Whitelisted) =================== (AMD) C:\Windows\system32\atiesrxx.exe (Microsoft Corporation) C:\Windows\system32\SLsvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Wsys Co., Ltd.) C:\ProgramData\eSafe\eGdpSvc.exe (Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE (BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-LogRotatorService.exe () C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe (Portrait Displays, Inc.) C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe () C:\Windows\system32\PnkBstrA.exe (Protexis Inc.) c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe () C:\Program Files\ASUS\EPU-4 Engine\FourEngine.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-Agent.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Disc Soft Ltd) C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe (Opera Software) C:\Program Files\Opera\opera.exe (GG Network S.A.) C:\Program Files\Nowe Gadu-Gadu\gg.exe () C:\Program Files\Nowe Gadu-Gadu\spellchecker_gg.exe (Microsoft Corporation) C:\Windows\system32\conime.exe (FlashGet.com) C:\Program Files\FlashGet\flashget.exe (FreeDownloadManager.ORG) C:\Program Files\Free Download Manager\fdm.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-12-05] (Advanced Micro Devices, Inc.) HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7514656 2009-05-23] (Realtek Semiconductor) HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [37296 2012-03-27] (Adobe Systems Incorporated) HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated) HKLM\...\Run: [BlueStacks Agent] - C:\Program Files\BlueStacks\HD-Agent.exe [577400 2012-09-18] (BlueStack Systems, Inc.) HKLM\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software) HKLM\...\Run: [SwitchBoard] - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM\...\Run: [AdobeCS5ServiceManager] - C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated) HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation) Winlogon\Notify\avldr: HKCU\...\Run: [ALLUpdate] - C:\Program Files\ALLPlayer\ALLUpdate.exe [1379840 2011-08-16] () HKCU\...\Run: [DAEMON Tools Ultra Agent] - C:\Program Files\DAEMON Tools Ultra\DTAgent.exe [3128352 2013-06-25] (Disc Soft Ltd) MountPoints2: {dd076da2-3584-11de-a32d-00155638e5a4} - E:\setup.exe HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation) HKU\Default User\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation) HKU\Dracula\...\Run: [ALLUpdate] - C:\Program Files\ALLPlayer\ALLUpdate.exe [ 2011-08-16] () HKU\Dracula\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [ 2008-01-21] (Microsoft Corporation) HKU\Dracula\...\Run: [EA Core] - C:\Program Files\Electronic Arts\EADM\Core.exe -silent [x] HKU\Dracula\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [ 2008-01-21] (Microsoft Corporation) HKU\Dracula\...\Run: [Steam] - C:\Program Files\Steam\steam.exe [ 2013-06-07] (Valve Corporation) HKU\Dracula\...\Run: [HEXelon MAX] - "C:\Users\oem\Desktop\HEXelonMAX6\hexelon.exe" /auto [x] HKU\Dracula\...\Run: [Free Download Manager] - C:\Program Files\Free Download Manager\fdm.exe [ 2013-01-30] (FreeDownloadManager.ORG) HKU\Dracula\...\Run: [DAEMON Tools Lite] - "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun [x] HKU\Dracula\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] - "C:\Program Files\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe" /PROMPT /CMPID=JUNE2013_TB [x] HKU\Dracula\...\Winlogon: [Shell] C:\Users\Dracula\AppData\Roaming\hdddoctor.exe <==== ATTENTION ==================== Internet (Whitelisted) ==================== ProxyServer: 68.166.1.181:8000 SearchScopes: HKCU - {B6009401-8A01-4AB2-B87D-C7C37A093367} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=867034&p={searchTerms} BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO: FGCatchUrl - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll (www.flashget.com) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG) BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: IplexToALLPlayer - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~1\ALLPLA~1\Iplex\IPLEXT~1.DLL (ALLCinema Ltd.) BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll (www.flashget.com) BHO: IEPluginBHO Class - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Users\oem\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.) Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) ShellExecuteHooks: - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No File [ ] Winsock: Catalog5 01 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll" Winsock: Catalog5 05 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll" Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 ========================== Services (Whitelisted) ================= R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software) S2 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [393080 2012-09-18] (BlueStack Systems, Inc.) R2 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [384888 2012-09-18] (BlueStack Systems, Inc.) S3 CCALib8; C:\Program Files\Canon\CAL\CALMAIN.exe [96341 2006-03-30] (Canon Inc.) R3 Disc Soft Bus Service; C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe [632352 2013-06-25] (Disc Soft Ltd) R2 DTSRVC; C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe [69632 2009-08-24] () S3 npggsvc; C:\Windows\system32\GameMon.des [3753224 2010-03-18] (INCA Internet Co., Ltd.) R2 PdiService; C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe [109168 2009-07-15] (Portrait Displays, Inc.) R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2012-05-26] () R2 WsysSvc; C:\ProgramData\eSafe\eGdpSvc.exe [301120 2013-08-16] (Wsys Co., Ltd.) ==================== Drivers (Whitelisted) ==================== R1 AsIO; C:\Windows\System32\drivers\AsIO.sys [12400 2007-12-17] () R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-05-09] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [66336 2013-05-09] (AVAST Software) R1 AswRdr; C:\Windows\System32\Drivers\AswRdr.sys [49760 2013-05-09] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49376 2013-05-09] () R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [770344 2013-07-17] (AVAST Software) R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [369584 2013-07-17] (AVAST Software) R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-05-09] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [175176 2013-07-17] () R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdLH3.sys [83984 2012-02-23] (Advanced Micro Devices) R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [271360 2011-10-07] () R2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [63864 2012-09-18] (BlueStack Systems) R0 CLFS; C:\Windows\System32\CLFS.sys [245736 2009-04-11] (Microsoft Corporation) R3 dtscsibus; C:\Windows\System32\DRIVERS\dtscsibus.sys [24704 2013-07-14] (Disc Soft Ltd) S3 ENTECH; C:\Windows\system32\DRIVERS\ENTECH.sys [27672 2008-04-22] (EnTech Taiwan) S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [13904 2011-05-06] () R1 Hmonitor45; C:\Windows\system32\drivers\hmonitor45.sys [10536 2010-09-11] () R3 L1E; C:\Windows\System32\DRIVERS\L1E60x86.sys [47616 2008-06-30] (Atheros Communications, Inc.) R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [18048 2011-10-07] () R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [7680 2006-10-18] () R2 nxsIO32; C:\Windows\System32\DRIVERS\nxsIO32.sys [2208 2010-09-11] () R3 PdiPorts; C:\Windows\System32\Drivers\PdiPorts.sys [17136 2009-07-15] (Portrait Displays, Inc.) R0 sfvfs02; C:\Windows\System32\drivers\sfvfs02.sys [83320 2007-02-08] (Protection Technology (StarForce)) S3 SG760_XP; C:\Windows\System32\DRIVERS\WlanUZXP.sys [261632 2006-01-19] (ZyDAS Technology Corporation) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [466008 2013-03-18] (Duplex Secure Ltd.) S3 USB_RNDIS; C:\Windows\System32\DRIVERS\usb8023.sys [15872 2013-02-12] (Microsoft Corporation) R2 VBoxDrv; C:\Program Files\YouWave_Android\vb\VBoxDrv.sys [135680 2011-07-15] (Oracle Corporation) S3 IpInIp; system32\DRIVERS\ipinip.sys [x] S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x] S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-08-20 22:00 - 2013-08-20 22:00 - 00000000 ____D C:\ProgramData\Free Download Manager 2013-08-20 21:58 - 2013-08-20 21:59 - 00000000 ____D C:\MGADiagToolOutput 2013-08-20 21:06 - 2013-08-20 21:06 - 00059610 _____ C:\Users\oem\AppData\Local\recently-used.xbel 2013-08-20 21:04 - 2013-08-20 21:58 - 07319864 _____ C:\Users\oem\Desktop\plan2.psd 2013-08-20 18:56 - 2013-08-20 20:23 - 28277411 _____ C:\Users\oem\Desktop\plan.xcf 2013-08-20 13:43 - 2013-08-20 13:43 - 02941340 _____ C:\Users\oem\Documents\mm.xcf 2013-08-19 21:08 - 2013-08-19 21:08 - 11125603 _____ C:\Users\oem\Documents\pn3.xcf 2013-08-18 22:12 - 2013-08-18 22:12 - 00143281 _____ C:\Users\oem\Documents\ax.xcf 2013-08-18 17:01 - 2013-08-20 18:30 - 00713963 _____ C:\Users\oem\Desktop\Bez nazwy.xcf 2013-08-18 14:21 - 2013-08-18 15:58 - 00123451 _____ C:\Users\oem\Desktop\lt.xcf 2013-08-18 13:48 - 2013-08-20 21:04 - 00000000 ____D C:\Users\oem\Desktop\potrety 2013-08-18 11:06 - 2013-08-18 11:06 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2008 2013-08-18 11:06 - 2013-08-18 11:06 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2008 2013-08-18 10:57 - 2013-08-18 11:00 - 00000000 ____D C:\Windows\system32\MRT 2013-08-18 10:57 - 2013-08-18 10:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2845142_WM64$ 2013-08-18 10:57 - 2007-07-27 10:41 - 00016760 ____N (Microsoft Corporation) C:\Windows\system32\spmsg.dll 2013-08-18 10:56 - 2013-08-18 10:57 - 00005164 _____ C:\Windows\KB2845142.log 2013-08-18 10:33 - 2013-07-25 04:32 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-08-18 10:33 - 2013-07-25 04:30 - 09738752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-08-18 10:33 - 2013-07-25 04:26 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-08-18 10:33 - 2013-07-25 04:26 - 01104384 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-08-18 10:33 - 2013-07-25 04:25 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2013-08-18 10:33 - 2013-07-25 04:24 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2013-08-18 10:33 - 2013-07-25 04:24 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-08-18 10:33 - 2013-07-25 04:23 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-08-18 10:33 - 2013-07-25 04:23 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-08-18 10:33 - 2013-07-25 04:23 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-08-18 10:33 - 2013-07-25 04:23 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2013-08-18 10:33 - 2013-07-25 04:23 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2013-08-18 10:33 - 2013-07-25 04:22 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-08-18 10:33 - 2013-07-25 04:22 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-08-18 10:33 - 2013-07-25 04:22 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2013-08-18 10:32 - 2013-07-25 04:40 - 12334080 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-08-18 09:53 - 2013-08-18 09:53 - 00000000 ____D C:\Program Files\Common Files\Skype 2013-08-18 09:42 - 2012-12-16 15:12 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2013-08-18 09:42 - 2012-12-16 12:50 - 00293376 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2013-08-17 19:56 - 2013-04-17 13:28 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll 2013-08-17 19:56 - 2013-04-17 13:28 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll 2013-08-17 19:56 - 2013-04-17 13:28 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll 2013-08-17 19:56 - 2013-04-17 13:28 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll 2013-08-17 19:56 - 2013-04-17 12:34 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2013-08-17 19:56 - 2013-04-17 12:33 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll 2013-08-17 19:56 - 2013-04-17 12:14 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2013-08-17 19:56 - 2013-04-17 12:10 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2013-08-17 19:56 - 2013-04-17 12:10 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2013-08-17 19:55 - 2012-05-11 17:57 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2013-08-17 19:54 - 2013-04-24 06:00 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll 2013-08-17 19:54 - 2013-04-24 03:46 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe 2013-08-17 19:54 - 2013-02-12 03:57 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys 2013-08-17 19:53 - 2013-07-17 21:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2013-08-17 19:53 - 2013-07-10 11:47 - 00783360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2013-08-17 19:53 - 2013-07-09 14:10 - 01205168 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2013-08-17 19:53 - 2013-07-08 06:55 - 03603904 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2013-08-17 19:53 - 2013-07-08 06:55 - 03551680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2013-08-17 19:53 - 2013-07-05 06:53 - 00905664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2013-08-17 19:53 - 2013-06-04 03:50 - 02049024 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2013-08-17 19:53 - 2013-05-08 06:04 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2013-08-17 19:53 - 2013-05-02 06:04 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2013-08-17 19:53 - 2013-05-02 06:03 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\printcom.dll 2013-08-17 19:53 - 2013-04-15 16:20 - 00638328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2013-08-17 19:53 - 2013-04-13 12:56 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll 2013-08-17 19:53 - 2013-03-09 05:45 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2013-08-17 19:53 - 2013-03-09 03:28 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2013-08-17 19:53 - 2013-03-08 05:52 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2013-08-17 19:53 - 2013-03-03 21:07 - 01082232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2013-08-17 19:53 - 2012-11-20 06:22 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2013-08-17 19:53 - 2012-11-08 05:48 - 01314816 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2013-08-17 19:53 - 2012-11-02 12:19 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2013-08-17 19:53 - 2012-11-02 12:18 - 00376320 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll 2013-08-17 19:53 - 2012-11-02 10:26 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\dpnsvr.exe 2013-08-17 19:53 - 2012-09-28 18:11 - 00892928 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2013-08-17 19:53 - 2012-09-25 18:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll 2013-08-17 19:53 - 2012-06-29 18:01 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll 2013-08-17 19:52 - 2013-06-15 15:22 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll 2013-08-17 19:52 - 2013-06-15 13:23 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2013-08-17 19:52 - 2013-06-01 06:06 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2013-08-17 19:52 - 2013-03-08 05:53 - 00376320 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2013-08-17 19:40 - 2013-07-08 06:20 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2013-08-17 19:40 - 2013-07-08 06:16 - 00992768 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2013-08-17 19:40 - 2013-07-08 06:16 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2013-08-17 19:40 - 2013-07-08 06:16 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2013-08-17 11:11 - 2013-08-17 11:11 - 00000000 ____D C:\ProgramData\Sun 2013-08-17 11:11 - 2013-08-17 11:11 - 00000000 ____D C:\Program Files\Common Files\Java 2013-08-17 11:11 - 2013-08-17 11:10 - 00867240 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll 2013-08-17 11:11 - 2013-08-17 11:10 - 00789416 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll 2013-08-17 11:11 - 2013-08-17 11:10 - 00263592 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2013-08-17 11:10 - 2013-08-17 11:10 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2013-08-17 11:10 - 2013-08-17 11:10 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2013-08-17 11:10 - 2013-08-17 11:10 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll 2013-08-17 10:05 - 2013-08-17 10:05 - 00000000 ____D C:\Users\Public\Desktop\CC Support 2013-08-16 22:32 - 2013-08-16 22:33 - 00000720 _____ C:\Users\oem\Desktop\opera.exe.lnk 2013-08-16 21:34 - 2013-08-16 21:35 - 00000000 ____D C:\sh4ldr 2013-08-16 21:34 - 2013-08-16 21:34 - 00000000 ____D C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter 2013-08-16 21:34 - 2013-08-16 21:34 - 00000000 ____D C:\Program Files\Enigma Software Group 2013-08-16 21:11 - 2013-08-16 21:11 - 00000000 ____D C:\Users\oem\AppData\Local\DM 2013-08-11 15:50 - 2013-08-11 15:50 - 06534178 _____ C:\Users\oem\Bez nazwy-1.psd 2013-08-11 12:49 - 2013-08-20 20:04 - 00000000 ____D C:\Users\oem\Desktop\Adobe CS5 2013-08-11 11:43 - 2013-08-19 21:51 - 00000000 ____D C:\Users\oem\Desktop\Adobe Photoshop CS5 Extended Edition + spolszczenie + serial (AllaMoni) 2013-08-10 19:30 - 2013-08-16 17:45 - 00000000 ____D C:\Users\oem\AppData\Roaming\Betcat 2013-08-09 00:33 - 2013-08-09 00:33 - 02666088 _____ C:\Users\oem\Documents\pustynia.xcf 2013-08-08 16:33 - 2013-08-08 16:33 - 00038009 _____ C:\Users\oem\Documents\lisc2.xcf 2013-08-08 14:55 - 2013-08-08 14:55 - 00550564 _____ C:\Users\oem\Documents\zima.xcf 2013-08-07 23:19 - 2013-08-07 23:19 - 00084275 _____ C:\Users\oem\Documents\lisc.xcf 2013-08-04 13:20 - 2013-08-04 13:20 - 00019773 _____ C:\Users\oem\Downloads\The-rusty-ball.htm 2013-08-04 11:40 - 2013-08-04 11:40 - 00413664 _____ C:\Users\oem\Documents\pier.xcf 2013-08-04 10:53 - 2013-08-20 18:23 - 00000000 ____D C:\Users\oem\Desktop\planety 2013-08-03 21:46 - 2013-08-20 21:06 - 00000000 ____D C:\Users\oem\AppData\Local\gtk-2.0 2013-08-03 21:35 - 2013-08-20 21:58 - 00000000 ____D C:\Users\oem\.gimp-2.8 2013-08-03 21:35 - 2013-08-03 21:35 - 00000000 ____D C:\Users\oem\AppData\Local\gegl-0.2 2013-08-03 21:27 - 2013-08-03 21:29 - 00000000 ____D C:\Program Files\GIMP 2 2013-08-03 21:12 - 2013-08-20 18:09 - 00000000 ____D C:\ProgramData\eSafe 2013-08-03 21:11 - 2013-08-03 21:11 - 90116160 _____ (The GIMP Team ) C:\Users\oem\Downloads\gimp-2.8.6-setup.exe 2013-08-03 14:51 - 2012-02-08 13:10 - 01208320 _____ (3DMGAME) C:\Users\oem\Desktop\Kingdoms of Amalur Reckoning AllVersions Plus 13 Trainer.exe 2013-07-31 00:16 - 2013-07-31 00:16 - 00000000 ____D C:\Users\Public\Documents\Corel 2013-07-31 00:15 - 2013-07-31 00:15 - 00000000 ____D C:\ProgramData\Corel 2013-07-31 00:15 - 2013-07-31 00:15 - 00000000 ____D C:\Program Files\Common Files\Protexis 2013-07-31 00:04 - 2013-07-31 00:05 - 00000000 ____D C:\Users\oem\AppData\Roaming\Corel 2013-07-31 00:04 - 2013-07-31 00:04 - 00000000 ____D C:\ProgramData\Protexis 2013-07-30 23:29 - 2013-07-30 23:29 - 00000000 ____D C:\Users\oem\Documents\Corel 2013-07-30 23:28 - 2013-07-30 23:28 - 00000000 ____D C:\Users\oem\Documents\Visual Studio 2008 2013-07-30 23:27 - 2013-07-30 23:27 - 00000000 ____D C:\Program Files\Microsoft SDKs 2013-07-30 23:26 - 2013-07-30 23:27 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 9.0 2013-07-30 23:19 - 2013-07-30 23:19 - 00000000 ____D C:\Program Files\Common Files\Corel 2013-07-30 23:13 - 2013-07-30 23:13 - 00000000 ____D C:\Program Files\Corel 2013-07-30 23:11 - 2013-07-30 23:31 - 00000000 ____D C:\ProgramData\CorelDRAW Graphics Suite X6 2013-07-30 19:09 - 2013-08-08 15:37 - 00000000 ____D C:\Users\oem\Desktop\PBF 2013-07-30 18:41 - 2013-07-30 18:41 - 00000000 ____D C:\Program Files\PDFCreator 2013-07-30 18:41 - 2001-10-28 17:42 - 00116224 _____ C:\Windows\system32\pdfcmnnt.dll 2013-07-30 18:41 - 1998-07-06 01:00 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\MSMPIDE.DLL 2013-07-30 18:41 - 1998-06-24 01:00 - 00137000 _____ (Microsoft Corporation) C:\Windows\system32\MSMAPI32.OCX 2013-07-30 18:12 - 2013-07-30 18:12 - 00005804 _____ C:\Users\oem\Desktop\UPO_4c9e29f358c7fee56733000a6598a336.sig 2013-07-28 11:49 - 2013-07-28 11:49 - 00000000 ____D C:\Users\oem\AppData\Local\BigHugeEngine 2013-07-28 11:48 - 2013-07-28 11:48 - 00001962 _____ C:\Users\Public\Desktop\Kingdoms of Amalur Reckoning.lnk 2013-07-28 11:42 - 2013-07-28 11:42 - 00000000 ____D C:\Program Files\EA Games 2013-07-28 09:17 - 2013-08-17 09:13 - 00000000 ____D C:\Users\oem\Desktop\Kingdoms of Amalur Reckoning SKIDROW bez Origin (noddy111) 2013-07-27 16:45 - 2013-08-17 09:13 - 00000000 ____D C:\Users\oem\Desktop\Deadlight (Byszo) 2013-07-23 20:36 - 2013-07-30 23:50 - 00000000 ____D C:\Users\oem\Desktop\Nowy folder (31) ==================== One Month Modified Files and Folders ======= 2013-08-20 22:01 - 2013-08-20 22:01 - 00000000 ____D C:\FRST 2013-08-20 22:01 - 2009-02-08 17:16 - 00000000 ____D C:\Program Files\FlashGet 2013-08-20 22:00 - 2013-08-20 22:00 - 00000000 ____D C:\ProgramData\Free Download Manager 2013-08-20 22:00 - 2011-11-12 18:39 - 00000000 ____D C:\Users\oem\AppData\Roaming\Free Download Manager 2013-08-20 21:59 - 2013-08-20 21:58 - 00000000 ____D C:\MGADiagToolOutput 2013-08-20 21:58 - 2013-08-20 21:04 - 07319864 _____ C:\Users\oem\Desktop\plan2.psd 2013-08-20 21:58 - 2013-08-03 21:35 - 00000000 ____D C:\Users\oem\.gimp-2.8 2013-08-20 21:58 - 2006-11-02 14:47 - 00004288 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2013-08-20 21:58 - 2006-11-02 14:47 - 00004288 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2013-08-20 21:06 - 2013-08-20 21:06 - 00059610 _____ C:\Users\oem\AppData\Local\recently-used.xbel 2013-08-20 21:06 - 2013-08-03 21:46 - 00000000 ____D C:\Users\oem\AppData\Local\gtk-2.0 2013-08-20 21:04 - 2013-08-18 13:48 - 00000000 ____D C:\Users\oem\Desktop\potrety 2013-08-20 20:23 - 2013-08-20 18:56 - 28277411 _____ C:\Users\oem\Desktop\plan.xcf 2013-08-20 20:04 - 2013-08-11 12:49 - 00000000 ____D C:\Users\oem\Desktop\Adobe CS5 2013-08-20 18:30 - 2013-08-18 17:01 - 00713963 _____ C:\Users\oem\Desktop\Bez nazwy.xcf 2013-08-20 18:23 - 2013-08-04 10:53 - 00000000 ____D C:\Users\oem\Desktop\planety 2013-08-20 18:09 - 2013-08-03 21:12 - 00000000 ____D C:\ProgramData\eSafe 2013-08-20 18:03 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-08-20 14:17 - 2008-01-21 03:35 - 02061269 _____ C:\Windows\WindowsUpdate.log 2013-08-20 14:17 - 2006-11-02 15:01 - 00032562 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2013-08-20 13:43 - 2013-08-20 13:43 - 02941340 _____ C:\Users\oem\Documents\mm.xcf 2013-08-20 00:43 - 2010-03-13 19:25 - 00000000 ___RD C:\Users\oem\Desktop\Nowy folder 2013-08-19 21:51 - 2013-08-11 11:43 - 00000000 ____D C:\Users\oem\Desktop\Adobe Photoshop CS5 Extended Edition + spolszczenie + serial (AllaMoni) 2013-08-19 21:08 - 2013-08-19 21:08 - 11125603 _____ C:\Users\oem\Documents\pn3.xcf 2013-08-18 23:38 - 2009-01-20 14:29 - 00001356 _____ C:\Users\oem\AppData\Local\d3d9caps.dat 2013-08-18 22:12 - 2013-08-18 22:12 - 00143281 _____ C:\Users\oem\Documents\ax.xcf 2013-08-18 21:23 - 2008-01-21 08:24 - 01616808 _____ C:\Windows\system32\PerfStringBackup.INI 2013-08-18 21:23 - 2008-01-21 08:24 - 00715322 _____ C:\Windows\system32\perfh015.dat 2013-08-18 21:23 - 2008-01-21 08:24 - 00151216 _____ C:\Windows\system32\perfc015.dat 2013-08-18 21:22 - 2006-11-02 14:52 - 00167398 _____ C:\Windows\setupact.log 2013-08-18 15:58 - 2013-08-18 14:21 - 00123451 _____ C:\Users\oem\Desktop\lt.xcf 2013-08-18 11:51 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache 2013-08-18 11:45 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET 2013-08-18 11:34 - 2006-11-02 14:47 - 03819656 _____ C:\Windows\system32\FNTCACHE.DAT 2013-08-18 11:29 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\system32\XPSViewer 2013-08-18 11:29 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Journal 2013-08-18 11:29 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\pl-PL 2013-08-18 11:07 - 2009-01-20 15:11 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-08-18 11:06 - 2013-08-18 11:06 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2008 2013-08-18 11:06 - 2013-08-18 11:06 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2008 2013-08-18 11:00 - 2013-08-18 10:57 - 00000000 ____D C:\Windows\system32\MRT 2013-08-18 10:57 - 2013-08-18 10:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2845142_WM64$ 2013-08-18 10:57 - 2013-08-18 10:56 - 00005164 _____ C:\Windows\KB2845142.log 2013-08-18 10:10 - 2009-09-04 19:56 - 00000000 ____D C:\Users\oem\AppData\Roaming\Skype 2013-08-18 09:53 - 2013-08-18 09:53 - 00000000 ____D C:\Program Files\Common Files\Skype 2013-08-18 09:53 - 2009-09-04 19:52 - 00000000 ___RD C:\Program Files\Skype 2013-08-18 09:53 - 2009-09-04 19:52 - 00000000 ____D C:\ProgramData\Skype 2013-08-17 11:11 - 2013-08-17 11:11 - 00000000 ____D C:\ProgramData\Sun 2013-08-17 11:11 - 2013-08-17 11:11 - 00000000 ____D C:\Program Files\Common Files\Java 2013-08-17 11:10 - 2013-08-17 11:11 - 00867240 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll 2013-08-17 11:10 - 2013-08-17 11:11 - 00789416 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll 2013-08-17 11:10 - 2013-08-17 11:11 - 00263592 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2013-08-17 11:10 - 2013-08-17 11:10 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2013-08-17 11:10 - 2013-08-17 11:10 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2013-08-17 11:10 - 2013-08-17 11:10 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll 2013-08-17 11:10 - 2009-09-29 18:50 - 00000000 ____D C:\Program Files\Java 2013-08-17 11:00 - 2009-01-20 14:30 - 00128936 _____ C:\Users\oem\AppData\Local\GDIPFONTCACHEV1.DAT 2013-08-17 10:55 - 2008-01-21 04:47 - 00789774 _____ C:\Windows\PFRO.log 2013-08-17 10:05 - 2013-08-17 10:05 - 00000000 ____D C:\Users\Public\Desktop\CC Support 2013-08-17 09:13 - 2013-07-28 09:17 - 00000000 ____D C:\Users\oem\Desktop\Kingdoms of Amalur Reckoning SKIDROW bez Origin (noddy111) 2013-08-17 09:13 - 2013-07-27 16:45 - 00000000 ____D C:\Users\oem\Desktop\Deadlight (Byszo) 2013-08-17 09:12 - 2013-05-11 18:14 - 00000000 ____D C:\Users\oem\Desktop\Broken Steel (PL) (Lukasz261984) 2013-08-16 23:26 - 2011-01-21 23:24 - 00000000 ____D C:\Program Files\Opera 2013-08-16 22:33 - 2013-08-16 22:32 - 00000720 _____ C:\Users\oem\Desktop\opera.exe.lnk 2013-08-16 21:35 - 2013-08-16 21:34 - 00000000 ____D C:\sh4ldr 2013-08-16 21:34 - 2013-08-16 21:34 - 00000000 ____D C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter 2013-08-16 21:34 - 2013-08-16 21:34 - 00000000 ____D C:\Program Files\Enigma Software Group 2013-08-16 21:23 - 2012-09-17 10:41 - 00000000 ____D C:\ProgramData\Premium 2013-08-16 21:14 - 2012-09-25 20:17 - 00000000 ____D C:\Program Files\Common Files\AVG Secure Search 2013-08-16 21:14 - 2009-01-20 14:29 - 00000945 _____ C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2013-08-16 21:11 - 2013-08-16 21:11 - 00000000 ____D C:\Users\oem\AppData\Local\DM 2013-08-16 21:06 - 2009-01-20 15:09 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard 2013-08-16 17:45 - 2013-08-10 19:30 - 00000000 ____D C:\Users\oem\AppData\Roaming\Betcat 2013-08-11 15:50 - 2013-08-11 15:50 - 06534178 _____ C:\Users\oem\Bez nazwy-1.psd 2013-08-11 15:50 - 2009-01-20 14:29 - 00000000 ____D C:\Users\oem 2013-08-11 13:44 - 2009-01-23 18:37 - 00000000 ____D C:\Users\oem\AppData\Local\Adobe 2013-08-11 13:14 - 2009-01-23 18:35 - 00000000 ____D C:\Program Files\Adobe 2013-08-11 13:13 - 2011-03-03 16:21 - 00000000 ____D C:\Program Files\Common Files\Adobe 2013-08-11 13:12 - 2009-01-23 18:36 - 00000000 ____D C:\ProgramData\Adobe 2013-08-11 12:02 - 2012-01-22 22:33 - 00000000 ____D C:\Users\oem\AppData\Local\ChomikBox 2013-08-11 11:42 - 2012-01-22 22:34 - 00000000 ____D C:\Users\oem\.gstreamer-0.10 2013-08-09 00:33 - 2013-08-09 00:33 - 02666088 _____ C:\Users\oem\Documents\pustynia.xcf 2013-08-08 16:34 - 2013-05-02 20:36 - 00000000 ____D C:\Users\oem\AppData\Local\CrashDumps 2013-08-08 16:33 - 2013-08-08 16:33 - 00038009 _____ C:\Users\oem\Documents\lisc2.xcf 2013-08-08 15:37 - 2013-07-30 19:09 - 00000000 ____D C:\Users\oem\Desktop\PBF 2013-08-08 14:55 - 2013-08-08 14:55 - 00550564 _____ C:\Users\oem\Documents\zima.xcf 2013-08-07 23:19 - 2013-08-07 23:19 - 00084275 _____ C:\Users\oem\Documents\lisc.xcf 2013-08-06 20:46 - 2012-08-18 22:45 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe 2013-08-05 16:00 - 2006-11-02 12:24 - 75778376 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe 2013-08-04 13:20 - 2013-08-04 13:20 - 00019773 _____ C:\Users\oem\Downloads\The-rusty-ball.htm 2013-08-04 11:40 - 2013-08-04 11:40 - 00413664 _____ C:\Users\oem\Documents\pier.xcf 2013-08-03 21:35 - 2013-08-03 21:35 - 00000000 ____D C:\Users\oem\AppData\Local\gegl-0.2 2013-08-03 21:29 - 2013-08-03 21:27 - 00000000 ____D C:\Program Files\GIMP 2 2013-08-03 21:11 - 2013-08-03 21:11 - 90116160 _____ (The GIMP Team ) C:\Users\oem\Downloads\gimp-2.8.6-setup.exe 2013-08-03 21:10 - 2009-07-31 20:20 - 00000000 ____D C:\Program Files\GIMP-2.0 2013-08-03 11:11 - 2010-02-24 19:14 - 00000000 ____D C:\Program Files\7-Zip 2013-08-03 11:03 - 2009-07-31 20:22 - 00000000 ____D C:\Users\oem\.gimp-2.6 2013-08-02 23:19 - 2009-07-31 21:09 - 00000000 ____D C:\Users\oem\AppData\Roaming\gtk-2.0 2013-08-01 21:46 - 2012-10-18 22:55 - 00000000 ____D C:\Users\oem\Desktop\Nowy folder (13) 2013-07-31 00:16 - 2013-07-31 00:16 - 00000000 ____D C:\Users\Public\Documents\Corel 2013-07-31 00:15 - 2013-07-31 00:15 - 00000000 ____D C:\ProgramData\Corel 2013-07-31 00:15 - 2013-07-31 00:15 - 00000000 ____D C:\Program Files\Common Files\Protexis 2013-07-31 00:05 - 2013-07-31 00:04 - 00000000 ____D C:\Users\oem\AppData\Roaming\Corel 2013-07-31 00:04 - 2013-07-31 00:04 - 00000000 ____D C:\ProgramData\Protexis 2013-07-30 23:50 - 2013-07-23 20:36 - 00000000 ____D C:\Users\oem\Desktop\Nowy folder (31) 2013-07-30 23:31 - 2013-07-30 23:11 - 00000000 ____D C:\ProgramData\CorelDRAW Graphics Suite X6 2013-07-30 23:29 - 2013-07-30 23:29 - 00000000 ____D C:\Users\oem\Documents\Corel 2013-07-30 23:28 - 2013-07-30 23:28 - 00000000 ____D C:\Users\oem\Documents\Visual Studio 2008 2013-07-30 23:27 - 2013-07-30 23:27 - 00000000 ____D C:\Program Files\Microsoft SDKs 2013-07-30 23:27 - 2013-07-30 23:26 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 9.0 2013-07-30 23:27 - 2006-11-02 13:18 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2013-07-30 23:19 - 2013-07-30 23:19 - 00000000 ____D C:\Program Files\Common Files\Corel 2013-07-30 23:13 - 2013-07-30 23:13 - 00000000 ____D C:\Program Files\Corel 2013-07-30 18:41 - 2013-07-30 18:41 - 00000000 ____D C:\Program Files\PDFCreator 2013-07-30 18:29 - 2013-07-14 15:05 - 00000000 ____D C:\ProgramData\HappyCloud 2013-07-30 18:12 - 2013-07-30 18:12 - 00005804 _____ C:\Users\oem\Desktop\UPO_4c9e29f358c7fee56733000a6598a336.sig 2013-07-28 13:34 - 2013-07-06 17:59 - 00000000 ____D C:\R.G. Catalyst 2013-07-28 13:31 - 2011-06-29 19:45 - 00000000 ____D C:\Program Files\Steam 2013-07-28 11:49 - 2013-07-28 11:49 - 00000000 ____D C:\Users\oem\AppData\Local\BigHugeEngine 2013-07-28 11:49 - 2012-04-29 13:29 - 00000000 ____D C:\Users\oem\AppData\Local\SKIDROW 2013-07-28 11:48 - 2013-07-28 11:48 - 00001962 _____ C:\Users\Public\Desktop\Kingdoms of Amalur Reckoning.lnk 2013-07-28 11:42 - 2013-07-28 11:42 - 00000000 ____D C:\Program Files\EA Games 2013-07-25 04:40 - 2013-08-18 10:32 - 12334080 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-07-25 04:32 - 2013-08-18 10:33 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-07-25 04:30 - 2013-08-18 10:33 - 09738752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-07-25 04:26 - 2013-08-18 10:33 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-07-25 04:26 - 2013-08-18 10:33 - 01104384 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-07-25 04:25 - 2013-08-18 10:33 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2013-07-25 04:24 - 2013-08-18 10:33 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2013-07-25 04:24 - 2013-08-18 10:33 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-07-25 04:23 - 2013-08-18 10:33 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-07-25 04:23 - 2013-08-18 10:33 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-07-25 04:23 - 2013-08-18 10:33 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-07-25 04:23 - 2013-08-18 10:33 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2013-07-25 04:23 - 2013-08-18 10:33 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2013-07-25 04:22 - 2013-08-18 10:33 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-07-25 04:22 - 2013-08-18 10:33 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-07-25 04:22 - 2013-08-18 10:33 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-08-20 18:19 ==================== End Of Log ============================