SystemLook 30.07.11 by jpshortstuff Log created at 08:16 on 16/04/2014 by Małgorzata Administrator - Elevation successful ========== filefind ========== Searching for "appmgr.dll" C:\Windows\winsxs\amd64_microsoft-windows-g..policy-admin-appmgr_31bf3856ad364e35_6.1.7601.17514_none_58df6170cc98ffe6\appmgr.dll --a---- 479232 bytes [03:24 21/11/2010] [03:24 21/11/2010] DDA6773DACE0774160AAA927ECF8ADCD C:\Windows\winsxs\x86_microsoft-windows-g..policy-admin-appmgr_31bf3856ad364e35_6.1.7601.17514_none_fcc0c5ed143b8eb0\appmgr.dll --a---- 339968 bytes [03:25 21/11/2010] [03:25 21/11/2010] F68878CF6A7EA29EACEAD49A268FC447 Searching for "fde.dll" C:\FRST\Quarantine\C\Windows\SysWOW64\GPBAK\fde.dll --a---- 124416 bytes [09:21 23/03/2014] [03:24 21/11/2010] B70B2E022318E7EF942EEAC7126E6972 C:\Pliki\fde.dll --a---- 124416 bytes [08:54 15/04/2014] [12:19 20/11/2010] B70B2E022318E7EF942EEAC7126E6972 C:\Windows\System32\fde.dll --a---- 171520 bytes [03:24 21/11/2010] [03:24 21/11/2010] 0A98C4E4975F5D735F8361FFEBF2793D C:\Windows\SysWOW64\fde.dll --a---- 124416 bytes [03:24 21/11/2010] [12:19 20/11/2010] B70B2E022318E7EF942EEAC7126E6972 C:\Windows\winsxs\amd64_microsoft-windows-fde_31bf3856ad364e35_6.1.7601.17514_none_063200e5724abc1a\fde.dll --a---- 171520 bytes [03:24 21/11/2010] [03:24 21/11/2010] 0A98C4E4975F5D735F8361FFEBF2793D C:\Windows\winsxs\x86_microsoft-windows-fde_31bf3856ad364e35_6.1.7601.17514_none_aa136561b9ed4ae4\fde.dll --a---- 0 bytes [05:20 16/04/2014] [05:20 16/04/2014] D41D8CD98F00B204E9800998ECF8427E Searching for "fdeploy.dll" C:\FRST\Quarantine\C\Windows\SysWOW64\GPBAK\fdeploy.dll --a---- 59904 bytes [09:21 23/03/2014] [03:24 21/11/2010] 6F241D9C35D157A376003CDEF2E26CAE C:\Pliki\fdeploy.dll --a---- 59904 bytes [08:54 15/04/2014] [12:19 20/11/2010] 6F241D9C35D157A376003CDEF2E26CAE C:\Windows\System32\fdeploy.dll --a---- 72192 bytes [03:24 21/11/2010] [03:24 21/11/2010] E5E13FCBD1D247BF4CCD8BE3C7D8A5EA C:\Windows\SysWOW64\fdeploy.dll --a---- 59904 bytes [03:24 21/11/2010] [12:19 20/11/2010] 6F241D9C35D157A376003CDEF2E26CAE C:\Windows\winsxs\amd64_microsoft-windows-fdeploy_31bf3856ad364e35_6.1.7601.17514_none_3ddb97ac675ddf20\fdeploy.dll --a---- 72192 bytes [03:24 21/11/2010] [03:24 21/11/2010] E5E13FCBD1D247BF4CCD8BE3C7D8A5EA C:\Windows\winsxs\x86_microsoft-windows-fdeploy_31bf3856ad364e35_6.1.7601.17514_none_e1bcfc28af006dea\fdeploy.dll --a---- 0 bytes [05:20 16/04/2014] [05:20 16/04/2014] D41D8CD98F00B204E9800998ECF8427E Searching for "gptext.dll" C:\FRST\Quarantine\C\Windows\SysWOW64\GPBAK\gptext.dll --a---- 18944 bytes [09:21 23/03/2014] [01:15 14/07/2009] BE331669F6FBDDD153AB4F0BDAC165CA C:\Pliki\gptext.dll --a---- 18944 bytes [08:54 15/04/2014] [01:15 14/07/2009] BE331669F6FBDDD153AB4F0BDAC165CA C:\Windows\System32\gptext.dll --a---- 22528 bytes [23:50 13/07/2009] [01:40 14/07/2009] 7762386362DC5E1971DC61CC98369A98 C:\Windows\SysWOW64\gptext.dll --a---- 18944 bytes [23:34 13/07/2009] [01:15 14/07/2009] BE331669F6FBDDD153AB4F0BDAC165CA C:\Windows\winsxs\amd64_microsoft-windows-grouppolicy-gptext_31bf3856ad364e35_6.1.7600.16385_none_9344be31a8b7d6bd\gptext.dll --a---- 22528 bytes [23:50 13/07/2009] [01:40 14/07/2009] 7762386362DC5E1971DC61CC98369A98 C:\Windows\winsxs\x86_microsoft-windows-grouppolicy-gptext_31bf3856ad364e35_6.1.7600.16385_none_372622adf05a6587\gptext.dll --a---- 0 bytes [05:20 16/04/2014] [05:20 16/04/2014] D41D8CD98F00B204E9800998ECF8427E Searching for "gpedit.dll" C:\FRST\Quarantine\C\Windows\SysWOW64\GPBAK\gpedit.dll --a---- 951808 bytes [09:21 23/03/2014] [01:15 14/07/2009] F4CB9FF6AA4F0D3FBE707BE54BB05768 C:\Pliki\gpedit.dll --a---- 951808 bytes [08:54 15/04/2014] [01:15 14/07/2009] F4CB9FF6AA4F0D3FBE707BE54BB05768 C:\Windows\System32\gpedit.dll --a---- 1000960 bytes [23:54 13/07/2009] [01:40 14/07/2009] CC532E5812B1ED7C24AFDAA8EFB8DBF3 C:\Windows\SysWOW64\gpedit.dll --a---- 951808 bytes [23:38 13/07/2009] [01:15 14/07/2009] F4CB9FF6AA4F0D3FBE707BE54BB05768 C:\Windows\winsxs\amd64_microsoft-windows-g..policy-admin-gpedit_31bf3856ad364e35_6.1.7600.16385_none_2a271e3c7e986f2c\gpedit.dll --a---- 1000960 bytes [23:54 13/07/2009] [01:40 14/07/2009] CC532E5812B1ED7C24AFDAA8EFB8DBF3 C:\Windows\winsxs\x86_microsoft-windows-g..policy-admin-gpedit_31bf3856ad364e35_6.1.7600.16385_none_ce0882b8c63afdf6\gpedit.dll --a---- 0 bytes [05:20 16/04/2014] [05:20 16/04/2014] D41D8CD98F00B204E9800998ECF8427E Searching for "gpedit.msc" C:\Windows\winsxs\amd64_microsoft-windows-g..admin-gpedit-snapin_31bf3856ad364e35_6.1.7600.16385_none_ccd7905990f3c9d2\gpedit.msc --a---- 147439 bytes [21:44 13/07/2009] [20:47 10/06/2009] 6C054DA115C2CA2C523ABD159ED7814B C:\Windows\winsxs\amd64_microsoft-windows-g..it-snapin.resources_31bf3856ad364e35_6.1.7600.16385_pl-pl_061cea2d58306e62\gpedit.msc --a---- 147456 bytes [13:21 12/04/2011] [13:21 12/04/2011] B917A2342A22D7ACD06867D1D3C4D659 C:\Windows\winsxs\x86_microsoft-windows-g..admin-gpedit-snapin_31bf3856ad364e35_6.1.7600.16385_none_70b8f4d5d896589c\gpedit.msc --a---- 147439 bytes [21:53 13/07/2009] [21:28 10/06/2009] 6C054DA115C2CA2C523ABD159ED7814B C:\Windows\winsxs\x86_microsoft-windows-g..it-snapin.resources_31bf3856ad364e35_6.1.7600.16385_pl-pl_a9fe4ea99fd2fd2c\gpedit.msc --a---- 147456 bytes [13:21 12/04/2011] [13:21 12/04/2011] B917A2342A22D7ACD06867D1D3C4D659 ========== dir ========== C:\Windows\PolicyDefinitions - Parameters: "/s" ---Files--- DeviceRedirection.admx --a---- 2391 bytes [20:50 10/06/2009] [20:50 10/06/2009] EnhancedStorage.admx --a---- 5097 bytes [20:40 10/06/2009] [20:40 10/06/2009] InetRes.adml --a---- 530642 bytes [10:40 23/03/2014] [21:28 18/01/2014] inetres.admx --a---- 1663755 bytes [06:12 10/04/2014] [06:02 01/02/2014] NCSI.admx --a---- 3615 bytes [20:34 10/06/2009] [20:34 10/06/2009] RacWmiProv.admx --a---- 1273 bytes [21:08 10/06/2009] [21:08 10/06/2009] ReAgent.admx --a---- 1236 bytes [20:52 10/06/2009] [20:52 10/06/2009] sdiageng.admx --a---- 2519 bytes [20:48 10/06/2009] [20:48 10/06/2009] sdiagschd.admx --a---- 2027 bytes [20:49 10/06/2009] [20:49 10/06/2009] Search.admx --a---- 43882 bytes [20:34 10/06/2009] [20:34 10/06/2009] ShapeCollector.admx --a---- 1187 bytes [21:08 10/06/2009] [21:08 10/06/2009] Terminalserver-WinIP.admx --a---- 8056 bytes [06:48 05/02/2014] [06:48 05/02/2014] WindowsMediaDRM.admx --a---- 1254 bytes [22:28 13/07/2009] [21:01 10/06/2009] WindowsMediaPlayer.admx --a---- 22974 bytes [22:28 13/07/2009] [21:01 10/06/2009] C:\Windows\PolicyDefinitions\en-US d------ [05:37 14/07/2009] InetRes.adm1 --a---- 436935 bytes [10:49 23/03/2014] [21:27 18/01/2014] InetRes.adml --a---- 439643 bytes [06:12 10/04/2014] [23:49 26/03/2014] C:\Windows\PolicyDefinitions\pl-PL d------ [13:21 12/04/2011] DeviceRedirection.adml --a---- 3520 bytes [13:21 12/04/2011] [13:21 12/04/2011] EnhancedStorage.adml --a---- 7451 bytes [13:21 12/04/2011] [13:21 12/04/2011] InetRes.adml --a---- 537554 bytes [06:12 10/04/2014] [23:56 26/03/2014] NCSI.adml --a---- 5180 bytes [13:21 12/04/2011] [13:21 12/04/2011] RacWmiProv.adml --a---- 1133 bytes [13:21 12/04/2011] [13:21 12/04/2011] ReAgent.adml --a---- 2114 bytes [13:21 12/04/2011] [13:21 12/04/2011] sdiageng.adml --a---- 4256 bytes [13:21 12/04/2011] [13:21 12/04/2011] sdiagschd.adml --a---- 2989 bytes [13:21 12/04/2011] [13:21 12/04/2011] Search.adml --a---- 66156 bytes [13:21 12/04/2011] [13:21 12/04/2011] ShapeCollector.adml --a---- 1989 bytes [13:21 12/04/2011] [13:21 12/04/2011] TerminalServer-WinIP.adml --a---- 10766 bytes [06:48 05/02/2014] [06:48 05/02/2014] WindowsMediaDRM.adml --a---- 2238 bytes [13:21 12/04/2011] [13:21 12/04/2011] WindowsMediaPlayer.adml --a---- 24689 bytes [13:21 12/04/2011] [13:21 12/04/2011] C:\Windows\system32\GroupPolicy - Parameters: "/s" ---Files--- None found. No folders found. C:\Windows\SysWOW64\GroupPolicy - Parameters: "/s" ---Files--- gpt.ini --a---- 39 bytes [09:33 23/03/2014] [13:41 23/03/2014] No folders found. -= EOF =-