Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

how to decrypt files. Please help me [Closed]


  • This topic is locked This topic is locked

#1
baroth

baroth

    New Member

  • Member
  • Pip
  • 1 posts

Hello,

can anyone help with this issue ?

i had trojan (virus) see screen below

I wonder how can i decrypt my files now ? (it crypt pictures, movies and zip files)

I cant do this by shadow copies.

Is tehere any way to decrypt my personal files ?

 

example

 

2015-07-27  13:18           507 774 [email protected]
2015-07-27  13:18           631 741 [email protected]
2015-07-27  13:18           723 477 [email protected]
2015-07-27  13:18           632 209 [email protected]
 
 
screen file is here (jpg file)
 
 
 
best regards
 
 
 
scan from frst.txt
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:09-08-2015
Ran by dom (administrator) on DOM-KOMPUTER (10-08-2015 11:15:01)
Running from C:\Users\dom\Downloads
Loaded Profiles: dom (Available Profiles: dom)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Polski (Polska)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(www.shadowexplorer.com) C:\Program Files (x86)\ShadowExplorer\sesvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5512912 2015-03-29] (Avast Software s.r.o.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-08-19] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-03-29] (Avast Software s.r.o.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1531684026-1474016331-2998652323-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...d=ie&ar=msnhome
HKU\S-1-5-21-1531684026-1474016331-2998652323-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-03-29] (Avast Software s.r.o.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-29] (Avast Software s.r.o.)
 
 
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2015-02-20] (Microsoft Corporation)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-08-13] (DivX, LLC)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2015-02-20] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-20] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-02-18]
 
Chrome: 
=======
CHR Profile: C:\Users\dom\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-18]
CHR Extension: (Google Docs) - C:\Users\dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-18]
CHR Extension: (Google Drive) - C:\Users\dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-18]
CHR Extension: (YouTube) - C:\Users\dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-18]
CHR Extension: (Adblock Plus) - C:\Users\dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-02-23]
CHR Extension: (Google Search) - C:\Users\dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-18]
CHR Extension: (Avast SafePrice) - C:\Users\dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-02-23]
CHR Extension: (Google Sheets) - C:\Users\dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-18]
CHR Extension: (Avast Online Security) - C:\Users\dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-02-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-18]
CHR Extension: (Gmail) - C:\Users\dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-18]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-03-29]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-29]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-03-29] (Avast Software s.r.o.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89864 2014-12-11] (Hewlett-Packard Company)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 sesvc; C:\Program Files (x86)\ShadowExplorer\sesvc.exe [9216 2013-01-02] (www.shadowexplorer.com) [File not signed]
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1026944 2015-08-07] (Enigma Software Group USA, LLC.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-03-29] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-03-29] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-03-29] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-03-29] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-03-29] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-03-29] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-03-29] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [271200 2015-03-29] ()
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-07-31] (Symantec Corporation)
R3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2015-08-07] (Enigma Software Group USA, LLC.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-08-07] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-10] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 efavdrv; \??\C:\Windows\system32\drivers\efavdrv.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-10 10:02 - 2015-08-10 10:02 - 00026264 _____ C:\Users\dom\Downloads\Addition.txt
2015-08-10 10:01 - 2015-08-10 11:15 - 00012213 _____ C:\Users\dom\Downloads\FRST.txt
2015-08-10 10:01 - 2015-08-10 11:15 - 00000000 ____D C:\FRST
2015-08-10 10:00 - 2015-08-10 10:00 - 02171392 _____ (Farbar) C:\Users\dom\Downloads\FRST64.exe
2015-08-10 09:33 - 2015-08-10 09:33 - 00014336 ___SH C:\Users\dom\AppData\Roaming\Thumbs.db
2015-08-10 09:33 - 2015-08-10 09:33 - 00000000 ____D C:\Users\dom\Downloads\decrypt_cryptodefense
2015-08-10 09:29 - 2015-08-10 09:29 - 00000000 ____D C:\Users\dom\AppData\Roaming\www.shadowexplorer.com
2015-08-10 09:25 - 2015-08-10 09:25 - 00000000 ____D C:\Users\dom\Desktop\ShadowExplorerPortable-0.9
2015-08-10 09:24 - 2015-08-10 09:24 - 00137737 _____ C:\Users\dom\Downloads\ShadowExplorer-0.9-portable.zip
2015-08-10 09:24 - 2015-08-10 09:24 - 00001889 _____ C:\Users\dom\Desktop\ShadowExplorer.lnk
2015-08-10 09:24 - 2015-08-10 09:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShadowExplorer
2015-08-10 09:23 - 2015-08-10 09:24 - 00000000 ____D C:\Program Files (x86)\ShadowExplorer
2015-08-10 09:22 - 2015-08-10 09:22 - 00969845 _____ (ShadowExplorer.com ) C:\Users\dom\Downloads\ShadowExplorer-0.9-setup (1).exe
2015-08-10 09:18 - 2015-08-10 09:19 - 00786080 _____ (Kaspersky Lab ZAO) C:\Users\dom\Downloads\rectordecryptor (1).exe
2015-08-10 09:17 - 2015-08-10 09:18 - 01612360 _____ (Kaspersky Lab ZAO) C:\Users\dom\Downloads\rakhnidecryptor (1).exe
2015-08-10 08:20 - 2015-08-10 08:20 - 02870984 _____ (ESET) C:\Users\dom\Downloads\esetsmartinstaller_enu.exe
2015-08-10 08:20 - 2015-08-10 08:20 - 00000000 ____D C:\Program Files (x86)\ESET
2015-08-10 08:16 - 2015-08-10 08:16 - 00623264 _____ (Kaspersky Lab ZAO) C:\Users\dom\Downloads\xoristdecryptor.exe
2015-08-10 08:10 - 2015-08-10 08:10 - 00614661 _____ C:\Users\dom\Downloads\decrypt_cryptodefense.zip
2015-08-10 08:03 - 2015-08-10 08:03 - 00024130 _____ C:\ComboFix.txt
2015-08-10 07:51 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-08-10 07:51 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-08-10 07:51 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-08-10 07:51 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-08-10 07:51 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-08-10 07:51 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-08-10 07:51 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-08-10 07:51 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-08-10 07:42 - 2015-08-10 08:03 - 00000000 ____D C:\Qoobox
2015-08-10 07:41 - 2015-08-10 08:01 - 00000000 ____D C:\Windows\erdnt
2015-08-10 07:37 - 2015-08-10 07:39 - 05634368 ____R (Swearware) C:\Users\dom\Downloads\ComboFix.exe
2015-08-10 07:37 - 2015-08-10 07:37 - 02248704 _____ C:\Users\dom\Downloads\AdwCleaner (1).exe
2015-08-07 13:27 - 2015-08-07 13:27 - 02991832 _____ (ESET) C:\Users\dom\Downloads\ERARemover_x64.exe
2015-08-07 13:27 - 2015-08-07 13:27 - 00000000 ____D C:\ProgramData\ESET
2015-08-07 13:03 - 2015-08-07 13:23 - 00000506 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 7e9e3056-2ac9-4150-bf94-aa0678868d37.job
2015-08-07 13:03 - 2015-08-07 13:23 - 00000506 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 5924ec62-37eb-43e5-811b-eb8f1a81f672.job
2015-08-07 13:03 - 2015-08-07 13:03 - 00003584 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 7e9e3056-2ac9-4150-bf94-aa0678868d37
2015-08-07 13:03 - 2015-08-07 13:03 - 00003510 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 5924ec62-37eb-43e5-811b-eb8f1a81f672
2015-08-07 13:03 - 2015-08-07 13:03 - 00001808 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2015-08-07 13:03 - 2015-08-07 13:03 - 00000000 ____D C:\Users\dom\AppData\Roaming\SUPERAntiSpyware.com
2015-08-07 13:03 - 2015-08-07 13:03 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2015-08-07 13:03 - 2015-08-07 13:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2015-08-07 13:03 - 2015-08-07 13:03 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2015-08-07 13:02 - 2015-08-07 13:02 - 22848840 _____ (SUPERAntiSpyware) C:\Users\dom\Downloads\SUPERAntiSpyware.exe
2015-08-07 11:07 - 2015-08-07 11:07 - 01612360 _____ (Kaspersky Lab ZAO) C:\Users\dom\Downloads\rakhnidecryptor.exe
2015-08-07 11:07 - 2015-08-07 11:07 - 00969845 _____ (ShadowExplorer.com ) C:\Users\dom\Downloads\ShadowExplorer-0.9-setup.exe
2015-08-07 11:07 - 2015-08-07 11:07 - 00786080 _____ (Kaspersky Lab ZAO) C:\Users\dom\Downloads\rectordecryptor.exe
2015-08-07 11:02 - 2015-08-07 11:02 - 00000000 _____ C:\autoexec.bat
2015-08-07 11:01 - 2015-08-07 11:01 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2015-08-07 11:01 - 2015-08-07 11:01 - 00003326 _____ C:\Windows\System32\Tasks\SpyHunter4Startup
2015-08-07 11:01 - 2015-08-07 11:01 - 00001087 _____ C:\Users\dom\Desktop\SpyHunter.lnk
2015-08-07 11:01 - 2015-08-07 11:01 - 00000000 ____D C:\Users\dom\AppData\Roaming\Enigma Software Group
2015-08-07 11:01 - 2015-08-07 11:01 - 00000000 ____D C:\sh4ldr
2015-08-07 11:01 - 2015-08-07 11:01 - 00000000 ____D C:\Program Files\Enigma Software Group
2015-08-07 11:00 - 2015-08-07 11:00 - 03237248 _____ (Enigma Software Group USA, LLC.) C:\Users\dom\Downloads\SpyHunter-Installer.exe
2015-08-07 09:51 - 2015-08-10 07:39 - 00000000 ____D C:\AdwCleaner
2015-08-07 09:50 - 2015-08-07 09:50 - 02248704 _____ C:\Users\dom\Downloads\AdwCleaner.exe
2015-08-07 09:49 - 2015-08-07 09:49 - 00000923 _____ C:\Users\dom\Desktop\XnView.lnk
2015-08-07 09:49 - 2015-08-07 09:49 - 00000000 ____D C:\Users\dom\AppData\Roaming\XnView
2015-08-07 09:49 - 2015-08-07 09:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView
2015-08-07 09:49 - 2015-08-07 09:49 - 00000000 ____D C:\Program Files (x86)\XnView
2015-08-07 09:48 - 2015-08-07 09:48 - 02976904 _____ (Gougelet Pierre-e ) C:\Users\dom\Downloads\XnView-win-small.exe
2015-08-01 13:48 - 2015-08-10 09:28 - 00000908 _____ C:\Windows\PFRO.log
2015-07-31 14:25 - 2015-08-01 22:25 - 00000448 ____H C:\Windows\Tasks\Norton Security Scan for dom.job
2015-07-31 14:25 - 2015-07-31 14:25 - 00003610 _____ C:\Windows\System32\Tasks\Norton Security Scan for dom
2015-07-31 14:24 - 2015-07-31 14:24 - 00001457 _____ C:\Users\Public\Desktop\Norton Security Scan.LNK
2015-07-31 14:24 - 2015-07-31 14:24 - 00000000 ____D C:\Windows\system32\Drivers\NSSx64
2015-07-31 14:24 - 2015-07-31 14:24 - 00000000 ____D C:\ProgramData\Norton
2015-07-31 14:24 - 2015-07-31 14:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Scan
2015-07-31 14:24 - 2015-07-31 14:24 - 00000000 ____D C:\Program Files (x86)\Norton Security Scan
2015-07-31 14:23 - 2015-07-31 14:23 - 00779704 _____ (Symantec) C:\Users\dom\Downloads\Setup.exe
2015-07-29 17:53 - 2015-07-29 17:53 - 04178264 _____ (Microsoft Corporation) C:\Users\dom\Downloads\d3dx9_41.dll
2015-07-29 17:41 - 2015-08-10 09:44 - 00001322 _____ C:\Windows\setupact.log
2015-07-29 17:41 - 2015-07-29 17:41 - 00000000 _____ C:\Windows\setuperr.log
2015-07-29 17:35 - 2015-07-29 17:35 - 00002387 _____ C:\Users\Public\Desktop\LEGO®Indiana Jones™ 2 The Adventure Continues .lnk
2015-07-29 17:18 - 2015-07-29 17:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LucasArts
2015-07-29 17:18 - 2015-07-29 17:18 - 00000000 ____D C:\Program Files (x86)\LucasArts
2015-07-29 17:08 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2015-07-29 17:08 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2015-07-29 17:08 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2015-07-29 17:08 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2015-07-29 17:08 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2015-07-29 17:08 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2015-07-29 17:08 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2015-07-29 17:08 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2015-07-29 17:08 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2015-07-29 17:08 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2015-07-29 17:08 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2015-07-29 17:08 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2015-07-29 17:08 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2015-07-29 17:08 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2015-07-29 17:08 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2015-07-29 17:08 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2015-07-29 17:08 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2015-07-29 17:08 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2015-07-29 17:08 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2015-07-29 17:08 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2015-07-29 17:08 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2015-07-29 17:08 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2015-07-29 17:08 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2015-07-29 17:08 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2015-07-29 17:08 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2015-07-29 17:08 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2015-07-29 17:08 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2015-07-29 17:08 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2015-07-29 17:08 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2015-07-29 17:08 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2015-07-29 17:08 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2015-07-29 17:08 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2015-07-29 17:08 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2015-07-29 17:08 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2015-07-29 17:08 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2015-07-29 17:07 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2015-07-29 17:07 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2015-07-29 17:07 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2015-07-29 17:07 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2015-07-29 17:07 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2015-07-29 17:07 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2015-07-29 17:07 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2015-07-29 17:07 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2015-07-29 17:07 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2015-07-29 17:07 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2015-07-29 17:07 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2015-07-29 17:07 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2015-07-29 17:07 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2015-07-29 17:07 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2015-07-29 17:07 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2015-07-29 17:07 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2015-07-29 17:07 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2015-07-29 17:07 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2015-07-29 17:07 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2015-07-29 17:07 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2015-07-29 17:07 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2015-07-29 17:07 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2015-07-29 17:07 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2015-07-29 17:07 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2015-07-29 17:07 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2015-07-29 17:07 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2015-07-29 17:07 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2015-07-29 17:07 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2015-07-29 17:07 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2015-07-29 17:07 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2015-07-29 17:07 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2015-07-29 17:07 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2015-07-29 17:07 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2015-07-29 17:07 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2015-07-29 17:07 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2015-07-29 17:07 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2015-07-29 17:07 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2015-07-29 17:07 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2015-07-29 17:07 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2015-07-29 17:07 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2015-07-29 17:07 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2015-07-29 17:07 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2015-07-29 17:07 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2015-07-29 17:07 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2015-07-29 17:06 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2015-07-29 17:06 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2015-07-29 17:06 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2015-07-29 17:06 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2015-07-29 17:06 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2015-07-29 17:06 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2015-07-29 17:06 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2015-07-29 17:06 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2015-07-29 17:06 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2015-07-29 17:06 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2015-07-29 17:06 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2015-07-29 17:06 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2015-07-29 17:06 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2015-07-29 17:06 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2015-07-29 17:06 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2015-07-29 17:06 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2015-07-29 17:05 - 2015-07-29 17:08 - 00010302 _____ C:\Windows\DirectX.log
2015-07-29 17:05 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2015-07-29 17:05 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2015-07-29 17:05 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2015-07-29 17:05 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2015-07-29 17:05 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2015-07-29 17:05 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2015-07-28 08:30 - 2015-07-25 20:07 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-28 08:30 - 2015-07-25 20:04 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-28 08:30 - 2015-07-25 20:04 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-28 08:30 - 2015-07-25 20:03 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-28 08:30 - 2015-07-25 20:03 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-28 08:30 - 2015-07-25 20:03 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-28 08:30 - 2015-07-25 20:03 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-28 08:30 - 2015-07-25 19:55 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-27 17:29 - 2015-07-27 17:29 - 00003584 _____ C:\Users\dom\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-07-27 17:27 - 2015-07-27 17:27 - 00001066 _____ C:\Users\Public\Desktop\DivX Player.lnk
2015-07-27 17:26 - 2015-07-27 17:28 - 00000000 ____D C:\Users\dom\AppData\Roaming\DivX
2015-07-27 17:26 - 2015-07-27 17:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2015-07-27 17:26 - 2015-07-27 17:26 - 00000000 ____D C:\Program Files\DivX
2015-07-27 17:25 - 2015-07-27 17:27 - 00000000 ____D C:\Program Files (x86)\DivX
2015-07-27 17:24 - 2015-07-27 17:27 - 00000000 ____D C:\ProgramData\DivX
2015-07-27 17:08 - 2015-07-27 17:10 - 66484824 _____ (DivX, LLC) C:\Users\dom\Downloads\DivXInstaller.exe
2015-07-27 17:05 - 2015-07-27 17:06 - 41001433 _____ ( ) C:\Users\dom\Downloads\K-Lite_Codec_Pack_1130_Mega.exe
2015-07-27 17:04 - 2015-07-27 17:20 - 00000000 ____D C:\Users\dom\AppData\Roaming\Winamp
2015-07-27 17:04 - 2015-07-27 17:04 - 00000983 _____ C:\Users\Public\Desktop\Winamp.lnk
2015-07-27 17:04 - 2015-07-27 17:04 - 00000000 ____D C:\Users\dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Detektor Winampa
2015-07-27 17:04 - 2015-07-27 17:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
2015-07-27 17:04 - 2015-07-27 17:04 - 00000000 ____D C:\Program Files (x86)\Winamp Detect
2015-07-27 17:04 - 2015-07-27 17:04 - 00000000 ____D C:\Program Files (x86)\Winamp
2015-07-27 17:01 - 2015-07-27 17:02 - 17163336 _____ (Nullsoft, Inc.) C:\Users\dom\Downloads\winamp5666_full_all.exe
2015-07-27 16:51 - 2015-07-28 08:19 - 00000000 ____D C:\Users\dom\AppData\Roaming\vlc
2015-07-27 16:50 - 2015-07-27 16:50 - 00001070 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-07-27 16:50 - 2015-07-27 16:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-07-27 16:50 - 2015-07-27 16:50 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2015-07-27 16:48 - 2015-07-27 16:49 - 28849904 _____ C:\Users\dom\Downloads\vlc-2.2.1-win32.exe
2015-07-26 21:05 - 2015-07-27 13:15 - 06464310 _____ C:\Users\dom\Downloads\LSW_15w03_Gunship [email protected]
2015-07-21 11:09 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-21 11:09 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-21 11:09 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-21 11:09 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-21 11:09 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-21 11:09 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-21 11:09 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-21 11:09 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-21 11:09 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 11:09 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-21 10:58 - 2015-07-27 13:15 - 00000244 _____ C:\Users\dom\Desktop\PLAY  [email protected]
2015-07-20 12:39 - 2015-07-09 19:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-20 12:39 - 2015-07-09 19:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-20 12:39 - 2015-07-09 19:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-20 12:39 - 2015-07-09 19:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-20 12:39 - 2015-07-09 19:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-20 12:39 - 2015-07-09 19:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-20 12:39 - 2015-07-09 19:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-20 12:39 - 2015-07-09 19:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-20 12:39 - 2015-07-09 19:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-20 12:39 - 2015-07-09 19:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-20 12:39 - 2015-07-09 19:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-20 12:39 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-20 12:39 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-20 12:39 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-20 12:39 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-20 12:39 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-20 12:39 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-20 12:39 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-20 12:38 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-20 12:38 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-20 12:38 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-20 12:38 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-20 12:38 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-20 12:38 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-20 12:38 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-20 12:38 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-20 12:38 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-20 12:38 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-20 12:38 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-20 12:38 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-20 12:38 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-20 12:38 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-20 12:38 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-20 12:38 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-20 12:38 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-20 12:38 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-20 12:38 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-20 12:38 - 2015-06-09 20:03 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-07-20 12:38 - 2015-06-09 20:03 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-07-20 12:37 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-20 12:37 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-20 12:37 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-20 12:37 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-20 12:37 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-20 12:37 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-20 12:37 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-20 12:37 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-20 12:37 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-20 12:37 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-20 12:37 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-20 12:37 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-20 12:37 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-20 12:37 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-20 12:37 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-20 12:37 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-20 12:37 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-20 12:37 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-20 12:37 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-20 12:37 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-20 12:37 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-20 12:37 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-20 12:37 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-20 12:37 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-20 12:37 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-20 12:37 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-20 12:37 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-20 12:37 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-20 12:37 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-20 12:37 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-20 12:37 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-20 12:37 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-20 12:37 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-20 12:37 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-20 12:37 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-20 12:37 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-20 12:37 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-20 12:37 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-20 12:37 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-20 12:37 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-20 12:37 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-20 12:37 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-20 12:37 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-20 12:37 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-20 12:36 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-20 12:36 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-20 12:36 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-20 12:36 - 2015-06-11 19:57 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-07-20 12:36 - 2015-06-11 19:57 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-07-20 12:36 - 2015-06-11 19:57 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-07-20 12:36 - 2015-06-11 19:56 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-07-20 12:36 - 2015-06-11 19:56 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-07-20 12:36 - 2015-06-11 19:56 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-07-20 12:36 - 2015-06-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-07-20 12:36 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-20 12:36 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-20 12:36 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-20 12:36 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-20 12:36 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-20 12:36 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-20 12:36 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-20 12:36 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-20 12:35 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-20 12:35 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-20 12:35 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-20 12:35 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-20 12:35 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-20 12:35 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-20 12:35 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-20 12:35 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-20 12:35 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-20 12:35 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-20 12:35 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-20 12:35 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-20 12:35 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-20 12:35 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-20 12:35 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-20 12:35 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-20 12:35 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-20 12:35 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-20 12:35 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-20 12:35 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-20 12:35 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-20 12:35 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-20 12:35 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-20 12:35 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-20 12:35 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-20 12:35 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-20 12:35 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-20 12:35 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-20 12:35 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-20 12:35 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-20 12:35 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-20 12:35 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-20 12:35 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-20 12:35 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-20 12:35 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-20 12:35 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-20 12:35 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-20 12:35 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-20 12:35 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-20 12:35 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-20 12:35 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-20 12:35 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-20 12:35 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-20 12:35 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-20 12:35 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-20 12:35 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-20 12:35 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-20 12:35 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-20 12:35 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-13 22:34 - 2015-07-13 22:34 - 00000000 ____D C:\JÓZEK
2015-07-13 22:29 - 2015-07-13 22:29 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-10 11:13 - 2015-02-23 10:05 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-10 11:13 - 2015-02-18 09:57 - 00001048 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-10 11:13 - 2015-02-17 09:56 - 01187737 _____ C:\Windows\WindowsUpdate.log
2015-08-10 09:59 - 2009-07-14 06:45 - 00017760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-10 09:59 - 2009-07-14 06:45 - 00017760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-10 09:45 - 2015-02-18 10:07 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-08-10 09:45 - 2015-02-18 09:57 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-10 09:44 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-10 08:27 - 2015-02-17 17:52 - 00003974 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{2DAF3328-88AF-45C4-9A03-8D075ADE31B5}
2015-08-10 08:10 - 2014-04-02 04:18 - 00794432 _____ (Emsisoft GmbH) C:\Users\dom\Desktop\decrypt_cryptodefense.exe
2015-08-10 08:10 - 2014-04-01 19:38 - 00091512 _____ (Emsisoft GmbH) C:\Users\dom\Desktop\CryptoOffense.exe
2015-08-10 08:03 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-08-10 08:00 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-08-07 11:56 - 2015-02-26 23:20 - 00000000 __SHD C:\Users\dom\AppData\Local\EmieUserList
2015-08-07 11:56 - 2015-02-26 23:20 - 00000000 __SHD C:\Users\dom\AppData\Local\EmieSiteList
2015-08-07 11:56 - 2015-02-26 23:20 - 00000000 __SHD C:\Users\dom\AppData\Local\EmieBrowserModeList
2015-08-07 11:54 - 2015-02-23 20:44 - 00000000 ____D C:\Users\dom\AppData\Local\GHISLER
2015-08-07 11:01 - 2015-02-17 10:09 - 00000000 ____D C:\Users\dom
2015-08-06 06:13 - 2009-07-14 07:08 - 00032592 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-08-05 21:26 - 2015-02-18 09:58 - 00002189 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-05 19:40 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-07-29 22:44 - 2015-06-01 21:24 - 00000000 ____D C:\Users\dom\AppData\Local\GWX
2015-07-29 17:18 - 2015-03-20 10:10 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-07-29 16:39 - 2015-02-17 13:58 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-28 11:23 - 2015-02-17 09:53 - 00000000 ____D C:\Windows\Panther
2015-07-28 11:14 - 2015-07-10 19:05 - 00000000 ____D C:\$Windows.~BT
2015-07-27 13:20 - 2015-02-23 20:42 - 00000000 ____D C:\totalcmd
2015-07-27 13:20 - 2015-02-23 17:11 - 00000000 ____D C:\JEROZOLIMA
2015-07-27 13:19 - 2015-03-01 18:02 - 00000000 ____D C:\FILMIK ZAKOPANE
2015-07-27 13:16 - 2015-06-15 20:11 - 00000000 ____D C:\Users\dom\Downloads\Nawiedzenie w domu biskupów tarnowskich - tarnow.gosc.pl_files
2015-07-27 13:16 - 2015-06-10 22:22 - 00063261 _____ C:\Users\dom\Downloads\[email protected]il.com
2015-07-27 13:16 - 2015-03-13 10:31 - 05326209 _____ C:\Users\dom\Downloads\[email protected]
2015-07-27 13:16 - 2015-03-01 22:01 - 1227383664 _____ C:\Users\dom\Downloads\[email protected]
2015-07-27 13:16 - 2015-02-26 17:14 - 00275121 _____ C:\Users\dom\Downloads\Odchudzanie z elementami - [email protected]
2015-07-27 13:15 - 2015-06-16 19:41 - 23710367 _____ C:\Users\dom\Downloads\Gmail (1)[email protected]
2015-07-27 13:15 - 2015-06-05 21:43 - 00002004 _____ C:\Users\dom\Desktop\Nowy dokument [email protected]
2015-07-27 13:15 - 2015-05-19 22:14 - 23622200 _____ C:\Users\dom\Downloads\[email protected]
2015-07-27 13:15 - 2015-05-19 22:14 - 23622200 _____ C:\Users\dom\Downloads\Gmail5 (1)[email protected]
2015-07-27 13:15 - 2015-05-19 22:13 - 24888617 _____ C:\Users\dom\Downloads\[email protected]
2015-07-27 13:15 - 2015-05-19 22:13 - 21718187 _____ C:\Users\dom\Downloads\[email protected]
2015-07-27 13:15 - 2015-05-19 22:13 - 16745009 _____ C:\Users\dom\Downloads\[email protected]
2015-07-27 13:15 - 2015-05-19 22:11 - 23710367 _____ C:\Users\dom\Downloads\[email protected]
2015-07-27 13:14 - 2015-02-17 13:58 - 03276405 ____H C:\Users\dom\AppData\Local\[email protected]
2015-07-27 13:14 - 2009-07-14 19:55 - 00740220 _____ C:\Windows\system32\perfh015.dat
2015-07-27 13:14 - 2009-07-14 19:55 - 00155762 _____ C:\Windows\system32\perfc015.dat
2015-07-27 13:14 - 2009-07-14 07:13 - 01668666 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-25 22:18 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-07-25 20:28 - 2009-07-14 06:45 - 00272496 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-25 09:09 - 2015-04-05 10:46 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-21 15:45 - 2015-04-05 10:46 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-21 15:45 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-21 15:44 - 2015-02-17 13:58 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-21 10:39 - 2015-02-17 13:47 - 00000000 ____D C:\Windows\system32\MRT
2015-07-20 12:19 - 2015-02-18 09:57 - 00004044 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-20 12:19 - 2015-02-18 09:57 - 00003792 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
 
==================== Files in the root of some directories =======
 
2015-08-10 09:33 - 2015-08-10 09:33 - 0014336 ___SH () C:\Users\dom\AppData\Roaming\Thumbs.db
2015-07-27 17:29 - 2015-07-27 17:29 - 0003584 _____ () C:\Users\dom\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-08-04 21:16
 
==================== End of log ============================
 
 
 
scan from addition.txt
Additional scan result of Farbar Recovery Scan Tool (x64) Version:09-08-2015
Ran by dom (2015-08-10 11:16:11)
Running from C:\Users\dom\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1531684026-1474016331-2998652323-500 - Administrator - Disabled)
dom (S-1-5-21-1531684026-1474016331-2998652323-1000 - Administrator - Enabled) => C:\Users\dom
Gość (S-1-5-21-1531684026-1474016331-2998652323-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-1531684026-1474016331-2998652323-1002 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2215 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
Detektor Winampa (HKU\S-1-5-21-1531684026-1474016331-2998652323-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.80 - DivX, LLC)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.130 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
HP Support Solutions Framework (HKLM-x32\...\{E35601C0-BA8E-4F32-919A-C7EF4CA81F67}) (Version: 11.51.0048 - Hewlett-Packard Company)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
LEGO®Indiana Jones™ 2 The Adventure Continues  (HKLM-x32\...\{FCB3AB5D-877A-43FF-BA2B-2E6A9D1EDD99}) (Version: 1.00.0000 - LucasArts)
Malwarebytes Anti-Malware wersja 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Norton Security Scan (HKLM-x32\...\NSS) (Version: 4.1.0.29 - Symantec Corporation)
Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile PLK Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
ShadowExplorer 0.9 (HKLM-x32\...\ShadowExplorer_is1) (Version: 0.9.462.0 - ShadowExplorer.com)
Sonic & SEGA All-Stars Racing (HKLM-x32\...\{B1371574-4B13-4D3E-8F47-48C698732B00}) (Version: 1.00.0000 - SEGA)
SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.20.9.4533 - Enigma Software Group, LLC)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1204 - SUPERAntiSpyware.com)
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 7.50a - Ghisler Software GmbH)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Wesołe przedszkole Bolka i Lolka (HKLM-x32\...\{BB589D0C-AE7C-4601-B471-703AB108BB21}) (Version: 1.0.0 - AidemMedia)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
XnView 2.33 (HKLM-x32\...\XnView_is1) (Version: 2.33 - Gougelet Pierre-e)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Restore Points =========================
 
29-07-2015 16:35:48 Windows Update
29-07-2015 17:13:13 Usunięte LEGO®Indiana Jones™ 2 The Adventure Continues
29-07-2015 17:16:18 Kopia zapasowa systemu Windows
29-07-2015 17:18:18 Zainstalowane LEGO®Indiana Jones™ 2 The Adventure Continues
02-08-2015 19:56:04 Windows Update
02-08-2015 22:03:57 Kopia zapasowa systemu Windows
06-08-2015 06:18:59 Windows Update
10-08-2015 07:38:07 Windows Update
10-08-2015 07:56:51 Kopia zapasowa systemu Windows
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 04:34 - 2015-08-10 08:00 - 00000027 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {03989B60-4A97-4AAD-A959-A3E859CE4EE3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-18] (Google Inc.)
Task: {17E42044-240C-49C1-BD2D-B32757CC34F2} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-18] (Avast Software s.r.o.)
Task: {231371A6-EAF3-478A-BAC7-9CB6DABFAFAE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: {2C9C0F9A-AE62-458B-B64E-7153F98F35F1} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2015-08-07] (Enigma Software Group USA, LLC.)
Task: {54BF1A95-7E1B-412F-8446-D625A1FC5D3A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-18] (Google Inc.)
Task: {847C8F6C-57EA-4B11-B283-DF0E26CBB8EE} - System32\Tasks\SUPERAntiSpyware Scheduled Task 5924ec62-37eb-43e5-811b-eb8f1a81f672 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {9B234500-812B-413D-9300-E059DC486C8F} - System32\Tasks\SUPERAntiSpyware Scheduled Task 7e9e3056-2ac9-4150-bf94-aa0678868d37 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {B12FEC97-C0FE-4952-92F3-6C7C1A5D5D99} - System32\Tasks\avastBCLRestartS-1-5-21-1531684026-1474016331-2998652323-1000 => Chrome.exe 
Task: {CEE31441-CD0B-4A24-A6F5-42F019485343} - System32\Tasks\Norton Security Scan for dom => C:\Program Files (x86)\Norton Security Scan\Engine\4.1.0.29\Nss.exe [2014-04-28] (Symantec Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Norton Security Scan for dom.job => 0x01060100FC5E737E78E8FC498AC63BA681593D9046008E0100000000D0020100200000000074B7010613040000130400D0228021DF0708000600010014002E000300910200002D0043003A005C00500052004F004700520041007E0032005C004E004F00520054004F004E007E0032005C0045006E00670069006E0065005C003400310030007E0031002E00320039005C004E00730073002E00650078006500000017002F007300630061006E002D0071007500690063006B0020002F007300630068006500640075006C006500640000003C0043003A005C00500072006F006700720061006D002000460069006C00650073002000280078003800360029005C004E006F00720074006F006E0020005300650063007500720069007400790020005300630061006E005C0045006E00670069006E0065005C0034002E0031002E0030002E00320039000000040064006F006D00000015004E006F00720074006F006E0020005300650063007500720069007400790020005300630061006E000000000008000000000000000000010030000000DF0707001F000000000000000E002B000000000000000000000000000200000001007F000000000000000000
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 5924ec62-37eb-43e5-811b-eb8f1a81f672.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 7e9e3056-2ac9-4150-bf94-aa0678868d37.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2014-01-30 00:02 - 2014-01-30 00:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-01-10 07:26 - 2014-01-10 07:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2015-03-29 23:11 - 2015-03-29 23:11 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-03-29 23:11 - 2015-03-29 23:11 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-08-10 07:32 - 2015-08-10 07:32 - 02960384 _____ () C:\Program Files\AVAST Software\Avast\defs\15080901\algo.dll
2015-03-29 23:11 - 2015-03-29 23:11 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-01-10 07:28 - 2014-01-10 07:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
 
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{1B36FC23-021A-4A78-8CAA-391F38F2156C}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{24C8CD56-07E7-4A3F-9796-BF77BDD8FDB7}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{0B6C253C-073C-4B1A-A74B-DE788BB57CD6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Faulty Device Manager Devices =============
 
Name: Standardowa karta graficzna VGA
Description: Standardowa karta graficzna VGA
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardowe typy ekranu)
Service: vga
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: Urządzenie PCI
Description: Urządzenie PCI
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Karta tunelowania Teredo firmy Microsoft
Description: Karta tunelowania Teredo firmy Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: Kontroler magistrali zarządzania systemem
Description: Kontroler magistrali zarządzania systemem
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/10/2015 11:14:28 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Nie można wygenerować kontekstu aktywacji dla „C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1”. Błąd w pliku manifestu lub w pliku zasad „C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2” w wierszu C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna.
Składniki powodujące konflikt:
Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Składnik 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 
Error: (08/10/2015 11:14:28 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Nie można wygenerować kontekstu aktywacji dla „C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1”. Błąd w pliku manifestu lub w pliku zasad „C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2” w wierszu C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna.
Składniki powodujące konflikt:
Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Składnik 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 
Error: (08/10/2015 09:33:45 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Nie można wygenerować kontekstu aktywacji dla „C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1”. Błąd w pliku manifestu lub w pliku zasad „C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2” w wierszu C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna.
Składniki powodujące konflikt:
Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Składnik 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 
Error: (08/10/2015 09:33:45 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Nie można wygenerować kontekstu aktywacji dla „C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1”. Błąd w pliku manifestu lub w pliku zasad „C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2” w wierszu C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna.
Składniki powodujące konflikt:
Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Składnik 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 
Error: (08/10/2015 09:30:19 AM) (Source: VSS) (EventID: 18) (User: )
Description: Błąd Usługi kopiowania woluminów w tle: W trybie awaryjnym nie można uruchomić serwera usługi COM z identyfikatorem CLSID {0b5a2c52-3eb9-470a-96e2-6c6d4570e40f} i nazwą VssSnapshotMgmt.
W trybie awaryjnym nie można uruchomić Usługi kopiowania woluminów w tle. [0x8007043c, Tej usługi nie można uruchomić w trybie awaryjnym
]
 
Error: (08/10/2015 09:29:29 AM) (Source: VSS) (EventID: 18) (User: )
Description: Błąd Usługi kopiowania woluminów w tle: W trybie awaryjnym nie można uruchomić serwera usługi COM z identyfikatorem CLSID {0b5a2c52-3eb9-470a-96e2-6c6d4570e40f} i nazwą VssSnapshotMgmt.
W trybie awaryjnym nie można uruchomić Usługi kopiowania woluminów w tle. [0x8007043c, Tej usługi nie można uruchomić w trybie awaryjnym
]
 
Error: (08/10/2015 07:58:15 AM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Wykonanie kopii zapasowej nie powiodło się. Błąd: Na tym dysku jest za mało miejsca, aby zapisać kopię zapasową. Zwolnij miejsce, usuwając starsze kopie zapasowe albo niepotrzebne dane, lub zmień ustawienia kopii zapasowej. (0x81000005).
 
Error: (08/07/2015 01:26:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program TOTALCMD.EXE w wersji 7.5.0.1 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji.
 
Identyfikator procesu: 930
 
Godzina rozpoczęcia: 01d0d10399d612ab
 
Godzina zakończenia: 15
 
Ścieżka aplikacji: C:\totalcmd\TOTALCMD.EXE
 
Identyfikator raportu: 13adcb0a-3cf7-11e5-ab53-101f74c31f1a
 
Error: (08/04/2015 03:10:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: svchost.exe_p2pimsvc, wersja: 6.1.7600.16385, sygnatura czasowa: 0x4a5bc3c1
Nazwa modułu powodującego błąd: ntdll.dll, wersja: 6.1.7601.18869, sygnatura czasowa: 0x556366f2
Kod wyjątku: 0xc0000008
Przesunięcie błędu: 0x00000000000c9358
Identyfikator procesu powodującego błąd: 0x121c
Godzina uruchomienia aplikacji powodującej błąd: 0xsvchost.exe_p2pimsvc0
Ścieżka aplikacji powodującej błąd: svchost.exe_p2pimsvc1
Ścieżka modułu powodującego błąd: svchost.exe_p2pimsvc2
Identyfikator raportu: svchost.exe_p2pimsvc3
 
Error: (08/02/2015 10:06:56 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Wykonanie kopii zapasowej nie powiodło się. Błąd: Na tym dysku jest za mało miejsca, aby zapisać kopię zapasową. Zwolnij miejsce, usuwając starsze kopie zapasowe albo niepotrzebne dane, lub zmień ustawienia kopii zapasowej. (0x81000005).
 
 
System errors:
=============
Error: (08/10/2015 09:29:29 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084VSS{0B5A2C52-3EB9-470A-96E2-6C6D4570E40F}
 
Error: (08/10/2015 09:29:06 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Usługa Usługa listy sieci zależy od usługi Rozpoznawanie lokalizacji w sieci, której nie można uruchomić z powodu następującego błędu: 
%%1068
 
Error: (08/10/2015 09:29:06 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Usługa Usługa listy sieci zależy od usługi Rozpoznawanie lokalizacji w sieci, której nie można uruchomić z powodu następującego błędu: 
%%1068
 
Error: (08/10/2015 09:29:06 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Usługa Usługa listy sieci zależy od usługi Rozpoznawanie lokalizacji w sieci, której nie można uruchomić z powodu następującego błędu: 
%%1068
 
Error: (08/10/2015 09:29:06 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Usługa Usługa listy sieci zależy od usługi Rozpoznawanie lokalizacji w sieci, której nie można uruchomić z powodu następującego błędu: 
%%1068
 
Error: (08/10/2015 09:29:06 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Usługa Usługa listy sieci zależy od usługi Rozpoznawanie lokalizacji w sieci, której nie można uruchomić z powodu następującego błędu: 
%%1068
 
Error: (08/10/2015 09:29:06 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Usługa Usługa listy sieci zależy od usługi Rozpoznawanie lokalizacji w sieci, której nie można uruchomić z powodu następującego błędu: 
%%1068
 
Error: (08/10/2015 09:29:05 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}
 
Error: (08/10/2015 09:29:05 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
 
Error: (08/10/2015 09:29:05 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Usługa Usługa listy sieci zależy od usługi Rozpoznawanie lokalizacji w sieci, której nie można uruchomić z powodu następującego błędu: 
%%1068
 
 
Microsoft Office:
=========================
Error: (08/10/2015 11:14:28 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Users\dom\Downloads\esetsmartinstaller_enu.exe
 
Error: (08/10/2015 11:14:28 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Users\dom\Downloads\esetsmartinstaller_plk.exe
 
Error: (08/10/2015 09:33:45 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Users\dom\Downloads\esetsmartinstaller_enu.exe
 
Error: (08/10/2015 09:33:45 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Users\dom\Downloads\esetsmartinstaller_plk.exe
 
Error: (08/10/2015 09:30:19 AM) (Source: VSS) (EventID: 18) (User: )
Description: {0b5a2c52-3eb9-470a-96e2-6c6d4570e40f}VssSnapshotMgmt0x8007043c, Tej usługi nie można uruchomić w trybie awaryjnym
 
Error: (08/10/2015 09:29:29 AM) (Source: VSS) (EventID: 18) (User: )
Description: {0b5a2c52-3eb9-470a-96e2-6c6d4570e40f}VssSnapshotMgmt0x8007043c, Tej usługi nie można uruchomić w trybie awaryjnym
 
Error: (08/10/2015 07:58:15 AM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Na tym dysku jest za mało miejsca, aby zapisać kopię zapasową. Zwolnij miejsce, usuwając starsze kopie zapasowe albo niepotrzebne dane, lub zmień ustawienia kopii zapasowej. (0x81000005)
 
Error: (08/07/2015 01:26:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: TOTALCMD.EXE7.5.0.193001d0d10399d612ab15C:\totalcmd\TOTALCMD.EXE13adcb0a-3cf7-11e5-ab53-101f74c31f1a
 
Error: (08/04/2015 03:10:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_p2pimsvc6.1.7600.163854a5bc3c1ntdll.dll6.1.7601.18869556366f2c000000800000000000c9358121c01d0ceb6cfa40556C:\Windows\System32\svchost.exeC:\Windows\SYSTEM32\ntdll.dll2a3793dc-3aaa-11e5-82d8-101f74c31f1a
 
Error: (08/02/2015 10:06:56 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Na tym dysku jest za mało miejsca, aby zapisać kopię zapasową. Zwolnij miejsce, usuwając starsze kopie zapasowe albo niepotrzebne dane, lub zmień ustawienia kopii zapasowej. (0x81000005)
 
 
CodeIntegrity:
===================================
  Date: 2015-08-10 07:59:38.191
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-08-10 07:59:38.098
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i3-2310M CPU @ 2.10GHz
Percentage of memory in use: 50%
Total physical RAM: 4043.86 MB
Available physical RAM: 2000.33 MB
Total Virtual: 8085.93 MB
Available Virtual: 5409.57 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:233.93 GB) (Free:162.74 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:14.52 GB) (Free:0 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive f: (Nowy) (Fixed) (Total:217.01 GB) (Free:24.21 GB) NTFS
Drive g: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.08 GB) FAT32
 
==================== MBR & Partition Table ==================
 
==================== End of log ============================
 
 
 

 


  • 0

Advertisements


#2
Pyxis

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts
Greetings,

I apologize for the delay! I am Pyxis and I will be assisting you. If you still require assistance, I would like to stress the following reminders:
  • It is important that you do not install anything unless asked while the process is ongoing. Doing so may hinder or even complicate the cleaning of your system. You will get the chance to install things as you would like after the process has been completed.
  • Ensure you take extra caution to precisely follow my instructions. Please only use the tools I have asked you to. The instructions for your computer are unique and should therefore only apply to your system.
  • Since the cleaning process is quite delicate, your timely response is crucial. Topics are marked inactive and thus closed within 3 full days of no activity. If you deem I have overlooked your thread--which is in a matter of more than 48 hours--please send me a PM and I will get back to you shortly.
Decrypting your files is unfortunately not possible as of late. You may refer to 'this' guide for recovery options. To allow us to see which files have been affected, download 'ListCWall' and post the log it generates. In addition, we will need fresh FRST logs.
  • Step 1

    You need to generate fresh FRST logs. If you haven't already, download 'Farbar Recovery Scan Tool by Farbar' and save it to your desktop.
    • Simply double-click the program icon to run it. It will ask for administrator privileges.
    • The program will initialize. Press Yes to accept the disclaimer.
    • Put a check on Addition.
    • Press the Scan button after.
    • It will produce FRST.txt and Addition.txt on your desktop once done.
    • Copy (CTRL + A and CTRL + C) and paste (CTRL + V) the content of the logs in your next reply.
  • Logs to Post

    In summary of the above, I will need you to post the following log(s):
    • Addition.txt (Farbar Recovery Scan Tool)
    • FRST.txt (Farbar Recovery Scan Tool)

  • 0

#3
Pyxis

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a new topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP