Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-07-2014 Ran by Toshba (administrator) on TOSHBA-TOSH on 22-07-2014 16:23:08 Running from C:\Users\Toshba\Desktop Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polski (Polska) Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\System32\atiesrxx.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (AMD) C:\Windows\System32\atieclxx.exe (Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe () C:\ProgramData\DatacardService\HWDeviceService64.exe () C:\ProgramData\PLAY ONLINE\OnlineUpdate\ouc.exe (Absolute Software Corp.) C:\Windows\SysWOW64\rpcnet.exe (TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (TOSHIBA Corporation) C:\Program Files\Toshiba\TECO\TecoService.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Windows\System32\rundll32.exe (TOSHIBA Corporation) C:\Program Files\Toshiba\ReelTime\TosReelTimeMonitor.exe (Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe (TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TPwrMain.exe (TOSHIBA Corporation) C:\Program Files\Toshiba\FlashCards\TCrdMain.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (TOSHIBA Corporation) C:\Program Files\Toshiba\TECO\Teco.exe (TOSHIBA Corporation) C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Toshiba) C:\Program Files\Toshiba\TOSHIBA Places Icon Utility\TosDIMonitor.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe (TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSmartSrv.exe (TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHSrv.exe (TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSENotify.exe (TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHWMsg.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2011-03-30] (TOSHIBA Corporation) HKLM\...\Run: [Toshiba TEMPRO] => C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1546720 2011-02-10] (Toshiba Europe GmbH) HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [566696 2011-03-02] (TOSHIBA Corporation) HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [296824 2010-09-25] (TOSHIBA Corporation) HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [967544 2011-03-09] (TOSHIBA Corporation) HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2010-12-14] (Conexant systems, Inc.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2679592 2011-02-03] (Synaptics Incorporated) HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1544104 2011-04-07] (TOSHIBA Corporation) HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710040 2010-12-08] (TOSHIBA Corporation) HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [712096 2011-07-01] (TOSHIBA Corporation) HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [597928 2011-03-04] (TOSHIBA Corporation) HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation) HKLM\...\Run: [Toshiba Registration] => C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [150992 2011-08-03] (Toshiba Europe GmbH) HKLM-x32\...\Run: [NBAgent] => c:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [1409424 2011-06-29] (Nero AG) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-15] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-11-15] (Adobe Systems Incorporated) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-07-23] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [ITSecMng] => C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [83336 2009-07-22] (TOSHIBA CORPORATION) HKLM-x32\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe [252792 2010-06-04] (TOSHIBA) HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1294712 2010-11-29] (TOSHIBA Corporation) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-06-16] (Oracle Corporation) HKLM-x32\...\Run: [syqukqbodkr] => ymmywkdyvkzdsqwjdcg.exe HKLM-x32\...\Run: [eqoyugxqlylnawald] => C:\Users\Toshba\AppData\Local\Temp\laboncwsqgwbrqxlgglb.exe HKLM\...\Policies\Explorer\Run: [owqwowjypyhfo] => eqoyugxqlylnawald.exe No File HKLM\...\Policies\Explorer\Run: [xctwlqamag] => C:\Users\Toshba\AppData\Local\Temp\laboncwsqgwbrqxlgglb.exe No File HKU\.DEFAULT\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [846936 2011-05-16] (TOSHIBA) HKU\S-1-5-19\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [846936 2011-05-16] (TOSHIBA) HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation) HKU\S-1-5-20\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [846936 2011-05-16] (TOSHIBA) HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation) HKU\S-1-5-21-831562436-1945061552-1814410315-1000\...\Run: [pytatcqgyisrbu] => xifojukcwiuvhcfp.exe HKU\S-1-5-21-831562436-1945061552-1814410315-1000\...\Run: [syqukqbodkr] => C:\Users\Toshba\AppData\Local\Temp\xifojukcwiuvhcfp.exe <===== ATTENTION HKU\S-1-5-21-831562436-1945061552-1814410315-1000\...\Policies\system: [DisableRegistryTools] 1 HKU\S-1-5-21-831562436-1945061552-1814410315-1000\...\MountPoints2: {1242bdfe-0cd6-11e4-bb68-9cb70d853fc6} - F:\AutoRun.exe HKU\S-1-5-21-831562436-1945061552-1814410315-1000\...\MountPoints2: {7adc4d02-02ba-11e4-9b25-9cb70d853fc6} - F:\AutoRun.exe HKU\S-1-5-21-831562436-1945061552-1814410315-1000\...\MountPoints2: {ca98e002-c3dd-11e3-9d51-806e6f6e6963} - F:\AutoRun.exe HKU\S-1-5-21-831562436-1945061552-1814410315-1000\...\MountPoints2: {ca98e032-c3dd-11e3-9d51-9cb70d853fc6} - G:\AutoRun.exe HKU\S-1-5-21-831562436-1945061552-1814410315-1000\...\MountPoints2: {ca98e074-c3dd-11e3-9d51-047d7b692b10} - F:\AutoRun.exe HKU\S-1-5-21-831562436-1945061552-1814410315-1000\...\MountPoints2: {ca98e081-c3dd-11e3-9d51-047d7b692b10} - F:\AutoRun.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Toshiba Places Icon Utility.lnk ShortcutTarget: Toshiba Places Icon Utility.lnk -> C:\Program Files\Toshiba\TOSHIBA Places Icon Utility\TosDIMonitor.exe (Toshiba) Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: BiTSavoer -> {17F550D5-6EB7-5559-3228-48F83BF3306C} -> C:\ProgramData\BiTSavoer\2q5XFbO.x64.dll () BHO: Adblocker -> {41AD3A5C-8F7B-F909-EA32-A379B266A841} -> C:\Program Files (x86)\Adblocker\CEB3j.x64.dll () BHO: NNExtCoUpp -> {43619474-5E25-0246-3D17-E6C0A68F2C4E} -> C:\Program Files (x86)\NNExtCoUpp\UNmS84oQ.x64.dll () BHO: MySearch -> {4927A70E-C8E2-523B-0073-2783897BFB55} -> C:\Program Files (x86)\MySearch\Bm8o.x64.dll () BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: BiTSavoer -> {17F550D5-6EB7-5559-3228-48F83BF3306C} -> C:\ProgramData\BiTSavoer\2q5XFbO.dll () BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: Adblocker -> {41AD3A5C-8F7B-F909-EA32-A379B266A841} -> C:\Program Files (x86)\Adblocker\CEB3j.dll () BHO-x32: NNExtCoUpp -> {43619474-5E25-0246-3D17-E6C0A68F2C4E} -> C:\Program Files (x86)\NNExtCoUpp\UNmS84oQ.dll () BHO-x32: MySearch -> {4927A70E-C8E2-523B-0073-2783897BFB55} -> C:\Program Files (x86)\MySearch\Bm8o.dll () BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll No File Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\..\Interfaces\{2AE50DCA-07F1-464D-9832-8BE8CC1B246D}: [NameServer]89.108.195.21 89.108.202.21 Tcpip\..\Interfaces\{46C0BEC5-6B33-48B1-B563-C2B486CB2870}: [NameServer]89.108.202.21 89.108.195.21 Tcpip\..\Interfaces\{507CA214-A6C8-43EB-8EAA-C4B506FA7ACB}: [NameServer]89.108.195.20 89.108.202.20 FireFox: ======== FF Plugin: @java.com/DTPlugin,version=11.11.2 - C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.11.2 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Toshba\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) Chrome: ======= CHR StartupUrls: "hxxp://isearch.omiga-plus.com/?type=hppp&ts=1405964900&from=smt&uid=HitachiXHTS547564A9E384_130518J2330053E41SVBX" CHR Extension: (Dokumenty Google) - C:\Users\Toshba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-05] CHR Extension: (Dysk Google) - C:\Users\Toshba\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-05] CHR Extension: (Mini Notepad) - C:\Users\Toshba\AppData\Local\Google\Chrome\User Data\Default\Extensions\apjhdoaiejppfmijnkopdcpjcngdlffj [2014-07-22] CHR Extension: (YouTube) - C:\Users\Toshba\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-05] CHR Extension: (No Name) - C:\Users\Toshba\AppData\Local\Google\Chrome\User Data\Default\Extensions\clemkbfimjeffgjnaoohblkpeinailep [2014-07-15] CHR Extension: (Szukaj w Google) - C:\Users\Toshba\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-05] CHR Extension: (NNExtCoUpp) - C:\Users\Toshba\AppData\Local\Google\Chrome\User Data\Default\Extensions\flmokfghcoimlfhmplioblhdakohljnn [2014-07-21] CHR Extension: (AdBlock) - C:\Users\Toshba\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-07-10] CHR Extension: (NexotCoup) - C:\Users\Toshba\AppData\Local\Google\Chrome\User Data\Default\Extensions\iaphbibafokddmhiokchfhmojbjffigc [2014-07-20] CHR Extension: (Google Wallet) - C:\Users\Toshba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-10] CHR Extension: (Gmail) - C:\Users\Toshba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-05] CHR Extension: (NNExtCoUpp) - C:\Users\Toshba\AppData\Local\Google\Chrome\User Data\Default\Extensions\flmokfghcoimlfhmplioblhdakohljnn\1.0 [2014-07-21] CHR Extension: (NexotCoup) - C:\Users\Toshba\AppData\Local\Google\Chrome\User Data\Default\Extensions\iaphbibafokddmhiokchfhmojbjffigc\1.0 [2014-07-20] ==================== Services (Whitelisted) ================= R2 f7dc94c1; c:\Program Files (x86)\ss Supporter\AssistantSvc.dll [174928 2014-07-15] () [File not signed] R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] () S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed] S2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [759688 2014-07-07] (Cherished Technololgy LIMITED) S2 PLAY ONLINE. RunOuc; C:\Program Files (x86)\PLAY ONLINE\UpdateDog\ouc.exe [246112 2014-04-14] () S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-10] (Toshiba Europe GmbH) R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [535936 2014-07-07] (Fuyu LIMITED) ==================== Drivers (Whitelisted) ==================== R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2014-07-10] () R3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [218624 2014-04-14] (Huawei Technologies Co., Ltd.) R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2014-07-10] () S3 Tosrfcom; No ImagePath ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-07-22 16:13 - 2014-07-22 16:13 - 00448512 _____ (OldTimer Tools) C:\Users\Toshba\Desktop\TFC.exe 2014-07-22 15:41 - 2014-07-22 15:41 - 00068910 _____ () C:\Users\Toshba\Desktop\Shortcut.txt 2014-07-22 15:39 - 2014-07-22 15:41 - 00038893 _____ () C:\Users\Toshba\Desktop\Addition.txt 2014-07-22 15:22 - 2014-07-22 16:14 - 00000063 _____ () C:\Users\Toshba\Desktop\Nowy dokument tekstowy.txt 2014-07-22 14:37 - 2014-07-22 14:37 - 00000000 ____D () C:\ProgramData\BiTSavoer 2014-07-21 23:56 - 2014-07-22 16:24 - 00016733 _____ () C:\Users\Toshba\Desktop\FRST.txt 2014-07-21 23:56 - 2014-07-22 16:23 - 00000000 ____D () C:\FRST 2014-07-21 23:51 - 2014-07-21 23:51 - 02090496 _____ (Farbar) C:\Users\Toshba\Desktop\FRST64.exe 2014-07-21 22:35 - 2014-07-21 22:35 - 00074552 _____ () C:\Users\Toshba\Desktop\Extras.Txt 2014-07-21 22:33 - 2014-07-21 22:33 - 00158238 _____ () C:\Users\Toshba\Desktop\OTL.Txt 2014-07-21 22:22 - 2014-07-21 22:22 - 00035415 _____ () C:\Users\Toshba\Downloads\gmer.txt 2014-07-21 22:15 - 2014-07-21 22:15 - 00602112 _____ (OldTimer Tools) C:\Users\Toshba\Desktop\OTL.exe 2014-07-21 20:52 - 2014-07-21 20:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-07-21 20:52 - 2014-07-21 20:51 - 00321448 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2014-07-21 20:52 - 2014-07-21 20:51 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2014-07-21 20:52 - 2014-07-21 20:51 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2014-07-21 20:52 - 2014-07-21 20:51 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2014-07-21 20:50 - 2014-07-21 20:51 - 00000000 ____D () C:\Program Files\Java 2014-07-21 20:50 - 2014-07-21 20:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit 2014-07-21 20:30 - 2014-07-21 20:46 - 162831776 _____ (Oracle Corporation) C:\Users\Toshba\Downloads\jdk-8u11-windows-x64.exe 2014-07-21 19:50 - 2014-07-21 19:50 - 00003156 _____ () C:\Windows\System32\Tasks\{D34DDFE2-1497-4554-8070-FC6F318E9FA7} 2014-07-21 19:48 - 2014-07-21 19:48 - 00000000 ____D () C:\ProgramData\NNExtCoUpp 2014-07-21 19:48 - 2014-07-21 19:48 - 00000000 ____D () C:\Program Files (x86)\NNExtCoUpp 2014-07-20 22:46 - 2014-07-21 19:49 - 00000000 ____D () C:\ProgramData\NexotCoup 2014-07-20 22:46 - 2014-07-21 19:48 - 00000000 ____D () C:\Program Files (x86)\NexotCoup 2014-07-20 22:45 - 2014-07-21 19:48 - 01998848 _____ (DBMS) C:\Windows\SysWOW64\setup.exe 2014-07-19 15:27 - 2014-07-22 15:35 - 00614400 __RSH () C:\Windows\SysWOW64\nazkhumgcqehvsxjca.exe 2014-07-19 15:27 - 2014-07-22 15:35 - 00614400 __RSH () C:\Windows\SysWOW64\laboncwsqgwbrqxlgglb.exe 2014-07-17 16:18 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll 2014-07-17 16:18 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll 2014-07-17 16:18 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll 2014-07-17 16:18 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll 2014-07-17 16:18 - 2009-03-16 14:18 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll 2014-07-17 16:18 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll 2014-07-17 16:18 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll 2014-07-17 16:18 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll 2014-07-17 16:18 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll 2014-07-17 16:18 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll 2014-07-17 16:18 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll 2014-07-17 16:18 - 2008-10-15 07:03 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll 2014-07-17 16:18 - 2008-10-15 07:03 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll 2014-07-17 16:18 - 2008-10-15 07:03 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll 2014-07-17 16:18 - 2008-10-15 07:03 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll 2014-07-17 16:18 - 2008-10-15 07:03 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll 2014-07-17 16:18 - 2008-10-15 07:03 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll 2014-07-17 16:18 - 2008-10-15 07:03 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll 2014-07-17 16:18 - 2008-10-15 07:03 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll 2014-07-17 16:18 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll 2014-07-17 16:18 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll 2014-07-17 16:18 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll 2014-07-17 16:18 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll 2014-07-17 16:18 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll 2014-07-17 16:18 - 2008-07-30 06:20 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll 2014-07-17 16:18 - 2008-07-30 06:20 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll 2014-07-17 16:18 - 2008-07-30 06:20 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll 2014-07-17 16:18 - 2008-07-30 06:20 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll 2014-07-17 16:18 - 2008-07-30 06:20 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll 2014-07-17 16:18 - 2008-07-30 06:20 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll 2014-07-17 16:18 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll 2014-07-17 16:18 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll 2014-07-17 16:18 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll 2014-07-17 16:18 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll 2014-07-17 16:18 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll 2014-07-17 16:18 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll 2014-07-17 16:18 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll 2014-07-17 16:18 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll 2014-07-17 16:18 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll 2014-07-17 16:18 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll 2014-07-17 16:18 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll 2014-07-17 16:18 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll 2014-07-17 16:18 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll 2014-07-17 16:18 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll 2014-07-17 16:18 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll 2014-07-17 16:18 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll 2014-07-17 16:18 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll 2014-07-17 16:18 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll 2014-07-17 16:17 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll 2014-07-17 16:17 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll 2014-07-17 16:17 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll 2014-07-17 16:17 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll 2014-07-17 16:17 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll 2014-07-17 16:17 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll 2014-07-17 16:17 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll 2014-07-17 16:17 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll 2014-07-17 16:17 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll 2014-07-17 16:17 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll 2014-07-17 16:17 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll 2014-07-17 16:17 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll 2014-07-17 16:17 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll 2014-07-17 16:17 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll 2014-07-17 16:17 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll 2014-07-17 16:17 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll 2014-07-17 16:17 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll 2014-07-17 16:17 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll 2014-07-17 16:17 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll 2014-07-17 16:17 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll 2014-07-17 16:17 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll 2014-07-17 16:17 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll 2014-07-17 16:17 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll 2014-07-17 16:17 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll 2014-07-17 16:17 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll 2014-07-17 16:17 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll 2014-07-17 16:17 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll 2014-07-17 16:17 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll 2014-07-17 16:17 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll 2014-07-17 16:17 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll 2014-07-17 16:17 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll 2014-07-17 16:17 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll 2014-07-17 16:17 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll 2014-07-17 16:17 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll 2014-07-17 16:17 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll 2014-07-17 16:17 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll 2014-07-17 16:17 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll 2014-07-17 16:17 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll 2014-07-17 16:17 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll 2014-07-17 16:17 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll 2014-07-17 16:17 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll 2014-07-17 16:17 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll 2014-07-17 16:17 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll 2014-07-17 16:17 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll 2014-07-17 16:17 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll 2014-07-17 16:17 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll 2014-07-17 16:17 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll 2014-07-17 16:17 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll 2014-07-17 16:17 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll 2014-07-17 16:17 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll 2014-07-17 16:17 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll 2014-07-17 16:17 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll 2014-07-17 16:17 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll 2014-07-17 16:17 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll 2014-07-17 16:17 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll 2014-07-17 16:17 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll 2014-07-17 16:17 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll 2014-07-17 16:17 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll 2014-07-17 16:17 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll 2014-07-17 16:17 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll 2014-07-17 16:17 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll 2014-07-17 16:17 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll 2014-07-17 16:17 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll 2014-07-17 16:17 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll 2014-07-17 16:15 - 2014-07-17 17:04 - 00001296 _____ () C:\Users\Toshba\Desktop\Star Wars The Force Unleashed.lnk 2014-07-17 15:10 - 2014-07-17 15:10 - 00000000 ____D () C:\Program Files (x86)\Activision 2014-07-15 17:55 - 2014-07-15 17:55 - 00000000 ____D () C:\ProgramData\MySearch 2014-07-15 17:55 - 2014-07-15 17:55 - 00000000 ____D () C:\ProgramData\Adblocker 2014-07-15 17:55 - 2014-07-15 17:55 - 00000000 ____D () C:\Program Files (x86)\ss Supporter 2014-07-15 17:55 - 2014-07-15 17:55 - 00000000 ____D () C:\Program Files (x86)\MySearch 2014-07-15 17:55 - 2014-07-15 17:55 - 00000000 ____D () C:\Program Files (x86)\Adblocker 2014-07-15 17:54 - 2014-07-20 22:46 - 00000000 ____D () C:\ProgramData\prIcechop 2014-07-15 17:54 - 2014-07-20 22:45 - 00000000 ____D () C:\Program Files (x86)\prIcechop 2014-07-15 17:54 - 2014-07-15 17:54 - 00000000 ____D () C:\Users\Toshba\AppData\Local\Packages 2014-07-15 17:53 - 2014-07-22 15:34 - 00000008 __RSH () C:\ProgramData\ntuser.pol 2014-07-15 17:53 - 2014-07-22 14:37 - 00000000 ____D () C:\ProgramData\5fb2d21db23236f1 2014-07-15 17:53 - 2014-07-15 17:55 - 00000000 ____D () C:\Users\Toshba\AppData\Roaming\SkypEmoticons 2014-07-15 17:53 - 2014-07-15 17:55 - 00000000 ____D () C:\ProgramData\InstallMate 2014-07-15 17:53 - 2014-07-15 17:53 - 00000000 ____D () C:\Users\Toshba\AppData\Local\Torch 2014-07-15 17:53 - 2014-07-15 17:53 - 00000000 ____D () C:\Users\Toshba\AppData\Local\Comodo 2014-07-15 17:53 - 2014-07-15 17:53 - 00000000 ____D () C:\Users\Toshba\AppData\Local\Chromatic Browser 2014-07-15 17:53 - 2014-07-15 17:53 - 00000000 ____D () C:\Users\Gość\AppData\Local\Torch 2014-07-15 17:53 - 2014-07-15 17:53 - 00000000 ____D () C:\Users\Gość\AppData\Local\Google 2014-07-15 17:53 - 2014-07-15 17:53 - 00000000 ____D () C:\Users\Gość\AppData\Local\Comodo 2014-07-15 17:53 - 2014-07-15 17:53 - 00000000 ____D () C:\Users\Gość\AppData\Local\Chromatic Browser 2014-07-15 17:53 - 2014-07-15 17:53 - 00000000 ____D () C:\Users\Gość 2014-07-15 17:53 - 2014-07-15 17:53 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch 2014-07-15 17:53 - 2014-07-15 17:53 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google 2014-07-15 17:53 - 2014-07-15 17:53 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo 2014-07-15 17:53 - 2014-07-15 17:53 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser 2014-07-15 17:53 - 2014-07-15 17:53 - 00000000 ____D () C:\Users\Administrator 2014-07-11 13:07 - 2014-07-11 13:07 - 00000000 ____D () C:\Users\Toshba\AppData\Roaming\XRay Engine 2014-07-10 21:28 - 2014-07-10 21:34 - 00088480 _____ () C:\Windows\system32\Drivers\atksgt.sys 2014-07-10 21:28 - 2014-07-10 21:34 - 00046400 _____ () C:\Windows\system32\Drivers\lirsgt.sys 2014-07-09 17:30 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-07-09 17:30 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-07-09 17:30 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe 2014-07-09 17:30 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe 2014-07-09 17:30 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-07-09 17:29 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-07-09 17:29 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-07-09 17:29 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-07-09 17:29 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-07-09 17:29 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-07-09 17:29 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-07-09 17:29 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-07-09 17:29 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-07-09 17:29 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-07-09 17:29 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-07-09 17:29 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-07-09 17:29 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-07-09 17:29 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-07-09 17:29 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-07-09 17:29 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-07-09 17:29 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-07-09 17:29 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-07-09 17:29 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-07-09 17:29 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-07-09 17:29 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-07-09 17:29 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-07-09 17:29 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-07-09 17:29 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-07-09 17:29 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-07-09 17:29 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-07-09 17:29 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-07-09 17:29 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-07-09 17:29 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-07-09 17:29 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-07-09 17:29 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-07-09 17:29 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-07-09 17:29 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-07-09 17:29 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-07-09 17:29 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-07-09 17:29 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-07-09 17:29 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-07-09 17:29 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-07-09 17:29 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-07-09 17:29 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-07-09 17:29 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-07-09 17:29 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-07-09 17:29 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-07-09 17:29 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-07-09 17:29 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-07-09 17:29 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-07-09 17:29 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-07-09 17:29 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-07-09 17:29 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-07-09 17:29 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-07-09 17:29 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-07-09 17:29 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-07-09 17:29 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-07-09 17:29 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-07-09 17:29 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-07-09 17:29 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-07-09 17:29 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-07-09 17:29 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-07-09 17:29 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2014-07-09 17:29 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-07-09 17:29 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-07-09 17:29 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-07-09 17:29 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2014-07-09 17:29 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-07-09 17:29 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-07-09 17:29 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-07-09 17:29 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-07-09 17:29 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2014-07-09 17:29 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-07-09 17:29 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2014-07-09 17:29 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2014-07-09 17:29 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-07-09 17:29 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-07-09 17:29 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2014-07-09 17:25 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-07-09 17:25 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-07-09 17:25 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-07-07 17:12 - 2014-07-07 17:12 - 00003040 _____ () C:\Windows\System32\Tasks\{31F9B2F9-EDBA-47E7-B1EF-B6ABBE9C2A93} 2014-07-07 17:07 - 2014-07-07 17:09 - 00021840 ____T () C:\Windows\SysWOW64\SIntfNT.dll 2014-07-07 17:07 - 2014-07-07 17:09 - 00017212 ____T () C:\Windows\SysWOW64\SIntf32.dll 2014-07-07 17:07 - 2014-07-07 17:09 - 00012067 ____T () C:\Windows\SysWOW64\SIntf16.dll 2014-07-07 16:55 - 2014-07-09 20:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo II 2014-07-07 16:53 - 2014-07-09 20:22 - 00000000 ____D () C:\Program Files (x86)\Diablo II 2014-07-07 16:51 - 2014-07-21 19:52 - 00000000 ____D () C:\Program Files (x86)\SupTab 2014-07-07 16:51 - 2014-07-07 16:51 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect 2014-07-07 16:51 - 2014-07-07 16:51 - 00000000 ____D () C:\ProgramData\IePluginServices 2014-07-07 16:48 - 2014-07-11 16:54 - 00000000 ____D () C:\Program Files (x86)\globalUpdate 2014-07-07 16:48 - 2014-07-07 16:48 - 00000000 ____D () C:\Users\Toshba\AppData\Local\globalUpdate 2014-07-07 16:47 - 2014-07-07 16:52 - 00000000 ____D () C:\Users\Toshba\AppData\Roaming\DAEMON Tools Lite 2014-07-07 16:43 - 2014-07-07 16:52 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite 2014-07-07 15:59 - 2014-07-07 16:01 - 00000000 ____D () C:\Users\Toshba\Desktop\www.Maxi-Torrents.pl Diablo II i Diablo Lord of Destruction 2000 [PL] [.iso] [+D2NT3.1] [+HeroEditor] [Sayu-MT] 2014-07-03 12:31 - 2011-06-25 11:05 - 00000000 ____D () C:\Users\Toshba\Desktop\Oxon - Z tym będzie Ci jeszcze łatwiej (2011) 2014-06-27 14:47 - 2014-06-27 14:47 - 00000000 ____D () C:\Users\Toshba\Documents\Armies of Exigo 2014-06-27 14:45 - 2014-06-27 15:33 - 00000000 ____D () C:\Users\Toshba\Desktop\jitysy 2014-06-26 13:43 - 2014-06-06 19:40 - 00000000 ____D () C:\Users\Toshba\Desktop\PeeRZet_TMKBeatz-Doktor_Majk-2014 2014-06-23 13:02 - 2014-06-25 00:33 - 00000000 ____D () C:\Users\Toshba\AppData\Roaming\Tibia 2014-06-23 13:02 - 2014-06-23 13:02 - 00000955 _____ () C:\Users\Public\Desktop\Tibia.lnk 2014-06-23 13:02 - 2014-06-23 13:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tibia 2014-06-23 13:02 - 2014-06-23 13:02 - 00000000 ____D () C:\Program Files (x86)\Tibia8.6 2014-06-23 12:37 - 2014-06-26 16:19 - 00000000 ____D () C:\ProgramData\TEMP 2014-06-23 12:32 - 2014-06-23 12:36 - 00000903 _____ () C:\Users\Toshba\Desktop\ElfBot NG.lnk 2014-06-23 12:32 - 2014-06-23 12:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElfBot NG 2014-06-23 12:32 - 2010-07-06 19:37 - 01859072 _____ () C:\Users\Toshba\Desktop\ElfCrack.exe 2014-06-23 12:31 - 2011-12-12 23:51 - 00000000 ____D () C:\Users\Toshba\Desktop\bocik ==================== One Month Modified Files and Folders ======= 2014-07-22 16:24 - 2014-07-21 23:56 - 00016733 _____ () C:\Users\Toshba\Desktop\FRST.txt 2014-07-22 16:23 - 2014-07-21 23:56 - 00000000 ____D () C:\FRST 2014-07-22 16:22 - 2009-07-14 06:45 - 00024912 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-07-22 16:22 - 2009-07-14 06:45 - 00024912 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-07-22 16:21 - 2014-02-20 19:24 - 01096748 _____ () C:\Windows\WindowsUpdate.log 2014-07-22 16:15 - 2014-04-14 16:26 - 00069792 _____ (Absolute Software Corp.) C:\Windows\SysWOW64\rpcnet.dll 2014-07-22 16:15 - 2014-04-04 18:48 - 00017920 _____ () C:\Windows\system32\rpcnetp.exe 2014-07-22 16:15 - 2011-08-03 13:39 - 00001058 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-07-22 16:15 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-07-22 16:15 - 2009-07-14 06:51 - 00086977 _____ () C:\Windows\setupact.log 2014-07-22 16:14 - 2014-07-22 15:22 - 00000063 _____ () C:\Users\Toshba\Desktop\Nowy dokument tekstowy.txt 2014-07-22 16:14 - 2014-04-14 16:22 - 00000000 ____D () C:\Users\Toshba\AppData\Roaming\Skype 2014-07-22 16:14 - 2014-04-10 17:21 - 00000000 ____D () C:\Users\Toshba\AppData\Roaming\foobar2000 2014-07-22 16:13 - 2014-07-22 16:13 - 00448512 _____ (OldTimer Tools) C:\Users\Toshba\Desktop\TFC.exe 2014-07-22 16:02 - 2011-08-03 13:39 - 00001062 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-07-22 15:41 - 2014-07-22 15:41 - 00068910 _____ () C:\Users\Toshba\Desktop\Shortcut.txt 2014-07-22 15:41 - 2014-07-22 15:39 - 00038893 _____ () C:\Users\Toshba\Desktop\Addition.txt 2014-07-22 15:35 - 2014-07-19 15:27 - 00614400 __RSH () C:\Windows\SysWOW64\nazkhumgcqehvsxjca.exe 2014-07-22 15:35 - 2014-07-19 15:27 - 00614400 __RSH () C:\Windows\SysWOW64\laboncwsqgwbrqxlgglb.exe 2014-07-22 15:34 - 2014-07-15 17:53 - 00000008 __RSH () C:\ProgramData\ntuser.pol 2014-07-22 15:34 - 2014-04-04 18:49 - 00017920 _____ () C:\Windows\SysWOW64\rpcnetp.dll 2014-07-22 15:34 - 2014-04-04 18:48 - 00017920 _____ () C:\Windows\SysWOW64\rpcnetp.exe 2014-07-22 15:33 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy 2014-07-22 14:37 - 2014-07-22 14:37 - 00000000 ____D () C:\ProgramData\BiTSavoer 2014-07-22 14:37 - 2014-07-15 17:53 - 00000000 ____D () C:\ProgramData\5fb2d21db23236f1 2014-07-21 23:51 - 2014-07-21 23:51 - 02090496 _____ (Farbar) C:\Users\Toshba\Desktop\FRST64.exe 2014-07-21 22:35 - 2014-07-21 22:35 - 00074552 _____ () C:\Users\Toshba\Desktop\Extras.Txt 2014-07-21 22:33 - 2014-07-21 22:33 - 00158238 _____ () C:\Users\Toshba\Desktop\OTL.Txt 2014-07-21 22:22 - 2014-07-21 22:22 - 00035415 _____ () C:\Users\Toshba\Downloads\gmer.txt 2014-07-21 22:15 - 2014-07-21 22:15 - 00602112 _____ (OldTimer Tools) C:\Users\Toshba\Desktop\OTL.exe 2014-07-21 20:52 - 2014-07-21 20:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-07-21 20:51 - 2014-07-21 20:52 - 00321448 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2014-07-21 20:51 - 2014-07-21 20:52 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2014-07-21 20:51 - 2014-07-21 20:52 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2014-07-21 20:51 - 2014-07-21 20:52 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2014-07-21 20:51 - 2014-07-21 20:50 - 00000000 ____D () C:\Program Files\Java 2014-07-21 20:50 - 2014-07-21 20:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit 2014-07-21 20:46 - 2014-07-21 20:30 - 162831776 _____ (Oracle Corporation) C:\Users\Toshba\Downloads\jdk-8u11-windows-x64.exe 2014-07-21 20:25 - 2010-11-21 05:47 - 00034206 _____ () C:\Windows\PFRO.log 2014-07-21 20:07 - 2011-02-14 11:01 - 00739932 _____ () C:\Windows\system32\perfh015.dat 2014-07-21 20:07 - 2011-02-14 11:01 - 00155474 _____ () C:\Windows\system32\perfc015.dat 2014-07-21 20:07 - 2009-07-14 07:13 - 01668226 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-07-21 19:52 - 2014-07-07 16:51 - 00000000 ____D () C:\Program Files (x86)\SupTab 2014-07-21 19:51 - 2014-02-20 20:38 - 00001428 _____ () C:\Users\Toshba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-07-21 19:51 - 2011-08-03 13:39 - 00002228 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-07-21 19:50 - 2014-07-21 19:50 - 00003156 _____ () C:\Windows\System32\Tasks\{D34DDFE2-1497-4554-8070-FC6F318E9FA7} 2014-07-21 19:49 - 2014-07-20 22:46 - 00000000 ____D () C:\ProgramData\NexotCoup 2014-07-21 19:48 - 2014-07-21 19:48 - 00000000 ____D () C:\ProgramData\NNExtCoUpp 2014-07-21 19:48 - 2014-07-21 19:48 - 00000000 ____D () C:\Program Files (x86)\NNExtCoUpp 2014-07-21 19:48 - 2014-07-20 22:46 - 00000000 ____D () C:\Program Files (x86)\NexotCoup 2014-07-21 19:48 - 2014-07-20 22:45 - 01998848 _____ (DBMS) C:\Windows\SysWOW64\setup.exe 2014-07-21 18:26 - 2014-04-22 00:02 - 00000000 ____D () C:\Program Files (x86)\Tibiaots 2014-07-20 22:46 - 2014-07-15 17:54 - 00000000 ____D () C:\ProgramData\prIcechop 2014-07-20 22:45 - 2014-07-15 17:54 - 00000000 ____D () C:\Program Files (x86)\prIcechop 2014-07-17 17:04 - 2014-07-17 16:15 - 00001296 _____ () C:\Users\Toshba\Desktop\Star Wars The Force Unleashed.lnk 2014-07-17 16:19 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-07-17 16:17 - 2011-08-03 13:56 - 00098531 _____ () C:\Windows\DirectX.log 2014-07-17 15:10 - 2014-07-17 15:10 - 00000000 ____D () C:\Program Files (x86)\Activision 2014-07-15 17:55 - 2014-07-15 17:55 - 00000000 ____D () C:\ProgramData\MySearch 2014-07-15 17:55 - 2014-07-15 17:55 - 00000000 ____D () C:\ProgramData\Adblocker 2014-07-15 17:55 - 2014-07-15 17:55 - 00000000 ____D () C:\Program Files (x86)\ss Supporter 2014-07-15 17:55 - 2014-07-15 17:55 - 00000000 ____D () C:\Program Files (x86)\MySearch 2014-07-15 17:55 - 2014-07-15 17:55 - 00000000 ____D () C:\Program Files (x86)\Adblocker 2014-07-15 17:55 - 2014-07-15 17:53 - 00000000 ____D () C:\Users\Toshba\AppData\Roaming\SkypEmoticons 2014-07-15 17:55 - 2014-07-15 17:53 - 00000000 ____D () C:\ProgramData\InstallMate 2014-07-15 17:54 - 2014-07-15 17:54 - 00000000 ____D () C:\Users\Toshba\AppData\Local\Packages 2014-07-15 17:53 - 2014-07-15 17:53 - 00000000 ____D () C:\Users\Toshba\AppData\Local\Torch 2014-07-15 17:53 - 2014-07-15 17:53 - 00000000 ____D () C:\Users\Toshba\AppData\Local\Comodo 2014-07-15 17:53 - 2014-07-15 17:53 - 00000000 ____D () C:\Users\Toshba\AppData\Local\Chromatic Browser 2014-07-15 17:53 - 2014-07-15 17:53 - 00000000 ____D () C:\Users\Gość\AppData\Local\Torch 2014-07-15 17:53 - 2014-07-15 17:53 - 00000000 ____D () C:\Users\Gość\AppData\Local\Google 2014-07-15 17:53 - 2014-07-15 17:53 - 00000000 ____D () C:\Users\Gość\AppData\Local\Comodo 2014-07-15 17:53 - 2014-07-15 17:53 - 00000000 ____D () C:\Users\Gość\AppData\Local\Chromatic Browser 2014-07-15 17:53 - 2014-07-15 17:53 - 00000000 ____D () C:\Users\Gość 2014-07-15 17:53 - 2014-07-15 17:53 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch 2014-07-15 17:53 - 2014-07-15 17:53 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google 2014-07-15 17:53 - 2014-07-15 17:53 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo 2014-07-15 17:53 - 2014-07-15 17:53 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser 2014-07-15 17:53 - 2014-07-15 17:53 - 00000000 ____D () C:\Users\Administrator 2014-07-15 17:53 - 2014-04-10 14:25 - 00000000 ____D () C:\Users\Toshba\AppData\Local\Google 2014-07-15 17:53 - 2011-08-03 13:39 - 00000000 ____D () C:\Program Files (x86)\Google 2014-07-15 17:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy 2014-07-11 16:54 - 2014-07-07 16:48 - 00000000 ____D () C:\Program Files (x86)\globalUpdate 2014-07-11 15:13 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-07-11 13:07 - 2014-07-11 13:07 - 00000000 ____D () C:\Users\Toshba\AppData\Roaming\XRay Engine 2014-07-10 21:34 - 2014-07-10 21:28 - 00088480 _____ () C:\Windows\system32\Drivers\atksgt.sys 2014-07-10 21:34 - 2014-07-10 21:28 - 00046400 _____ () C:\Windows\system32\Drivers\lirsgt.sys 2014-07-10 11:53 - 2011-08-03 13:40 - 00000000 ____D () C:\ProgramData\Partner 2014-07-10 11:53 - 2011-08-03 13:40 - 00000000 ____D () C:\Program Files\Google 2014-07-09 20:23 - 2011-08-03 13:39 - 00000000 ____D () C:\ProgramData\Google 2014-07-09 20:22 - 2014-07-07 16:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo II 2014-07-09 20:22 - 2014-07-07 16:53 - 00000000 ____D () C:\Program Files (x86)\Diablo II 2014-07-09 20:22 - 2011-08-03 13:34 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-07-09 19:39 - 2009-07-14 06:45 - 00276200 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-07-09 19:37 - 2014-05-07 00:18 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-07-09 19:37 - 2010-11-21 09:17 - 00000000 ____D () C:\Program Files\Windows Journal 2014-07-09 19:37 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism 2014-07-09 19:37 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism 2014-07-08 12:55 - 2014-02-20 20:38 - 00000000 ____D () C:\Users\Toshba\AppData\Roaming\Toshiba 2014-07-07 20:18 - 2014-05-23 15:40 - 00000000 ____D () C:\Users\Toshba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2014-07-07 17:12 - 2014-07-07 17:12 - 00003040 _____ () C:\Windows\System32\Tasks\{31F9B2F9-EDBA-47E7-B1EF-B6ABBE9C2A93} 2014-07-07 17:09 - 2014-07-07 17:07 - 00021840 ____T () C:\Windows\SysWOW64\SIntfNT.dll 2014-07-07 17:09 - 2014-07-07 17:07 - 00017212 ____T () C:\Windows\SysWOW64\SIntf32.dll 2014-07-07 17:09 - 2014-07-07 17:07 - 00012067 ____T () C:\Windows\SysWOW64\SIntf16.dll 2014-07-07 16:52 - 2014-07-07 16:47 - 00000000 ____D () C:\Users\Toshba\AppData\Roaming\DAEMON Tools Lite 2014-07-07 16:52 - 2014-07-07 16:43 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite 2014-07-07 16:51 - 2014-07-07 16:51 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect 2014-07-07 16:51 - 2014-07-07 16:51 - 00000000 ____D () C:\ProgramData\IePluginServices 2014-07-07 16:48 - 2014-07-07 16:48 - 00000000 ____D () C:\Users\Toshba\AppData\Local\globalUpdate 2014-07-07 16:03 - 2014-02-20 20:37 - 00000000 ____D () C:\Users\Toshba\AppData\Local\VirtualStore 2014-07-07 16:01 - 2014-07-07 15:59 - 00000000 ____D () C:\Users\Toshba\Desktop\www.Maxi-Torrents.pl Diablo II i Diablo Lord of Destruction 2000 [PL] [.iso] [+D2NT3.1] [+HeroEditor] [Sayu-MT] 2014-06-30 04:09 - 2014-07-09 17:30 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-06-30 04:04 - 2014-07-09 17:30 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-06-27 15:33 - 2014-06-27 14:45 - 00000000 ____D () C:\Users\Toshba\Desktop\jitysy 2014-06-27 14:47 - 2014-06-27 14:47 - 00000000 ____D () C:\Users\Toshba\Documents\Armies of Exigo 2014-06-26 16:19 - 2014-06-23 12:37 - 00000000 ____D () C:\ProgramData\TEMP 2014-06-25 00:33 - 2014-06-23 13:02 - 00000000 ____D () C:\Users\Toshba\AppData\Roaming\Tibia 2014-06-23 13:02 - 2014-06-23 13:02 - 00000955 _____ () C:\Users\Public\Desktop\Tibia.lnk 2014-06-23 13:02 - 2014-06-23 13:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tibia 2014-06-23 13:02 - 2014-06-23 13:02 - 00000000 ____D () C:\Program Files (x86)\Tibia8.6 2014-06-23 12:36 - 2014-06-23 12:32 - 00000903 _____ () C:\Users\Toshba\Desktop\ElfBot NG.lnk 2014-06-23 12:32 - 2014-06-23 12:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElfBot NG ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-07-19 17:28 ==================== End Of Log ============================