eey utworzono 24 czerwca 2010 utworzono 24 czerwca 2010 Sam wirus został zneutralizowany. Jak na stałe usunąć jego skutek - ogólne spowolnienie pracy komputera? Czy konieczna jest reinstallka systemu? [color="#ff0000"] //przenoszę do subforum Logi do sprawdzenia //raaz[/color]
Gość komentarz 25 czerwca 2010 komentarz 25 czerwca 2010 full scan mbamem -> http://www.malwarebytes.org/ usun to co znajdzie + pokaz raport.
eey komentarz 25 czerwca 2010 Autor komentarz 25 czerwca 2010 [url="http://img682.imageshack.us/i/hihip.jpg/"][IMG]http://img682.imageshack.us/img682/7200/hihip.th.jpg[/IMG][/url] Plus [b][log]Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Wersja bazy: 4237 Windows 6.0.6001 Service Pack 1 Internet Explorer 8.0.6001.18928 2010-06-25 14:20:54 mbam-log-2010-06-25 (14-20-54).txt Typ skanowania: Pełne skanowanie (C:\|D:\|E:\|) Przeskanowano obiektów: 324197 Upłynęło: 52 minut(y), 24 sekund(y) Zainfekowanych procesów w pamięci: 0 Zainfekowanych modułów w pamięci: 0 Zainfekowanych kluczy rejestru: 1 Zainfekowanych wartości rejestru: 0 Zainfekowane informacje rejestru systemowego: 0 Zainfekowanych folderów: 1 Zainfekowanych plików: 5 Zainfekowanych procesów w pamięci: (Nie znaleziono zagrożeń) Zainfekowanych modułów w pamięci: (Nie znaleziono zagrożeń) Zainfekowanych kluczy rejestru: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{ln45m2g7-wfvq-i566-nc7l-7j4s41wa57v2} (Generic.Bot.H) -> Quarantined and deleted successfully. Zainfekowanych wartości rejestru: (Nie znaleziono zagrożeń) Zainfekowane informacje rejestru systemowego: (Nie znaleziono zagrożeń) Zainfekowanych folderów: C:\Windows\System32\Microsoft_KB57H43 (Trojan.Backdoor) -> Quarantined and deleted successfully. Zainfekowanych plików: C:\Users\admin\AppData\Local\Temp\441377778_server.exe (Worm.AutoRun) -> Quarantined and deleted successfully. C:\Users\admin\AppData\Local\Temp\server.exe (Worm.AutoRun) -> Quarantined and deleted successfully. C:\Users\admin\AppData\Roaming\logs.dat (Bifrose.Trace) -> Quarantined and deleted successfully. C:\Users\admin\AppData\Local\Temp\UuU.uUu (Malware.Trace) -> Quarantined and deleted successfully. C:\Users\admin\AppData\Local\Temp\XxX.xXx (Malware.Trace) -> Quarantined and deleted successfully.[/b][/log] Troche wiecej sie znalazło niż Kasperskym ^^
Mateusz J. komentarz 25 czerwca 2010 komentarz 25 czerwca 2010 Pokaż log z OTL: http://www.forumpc.pl/index.php?showtopic=104338
eey komentarz 25 czerwca 2010 Autor komentarz 25 czerwca 2010 Proszę bardzo: [log]OTL logfile created on: 2010-06-25 20:45:21 - Run 1 OTL by OldTimer - Version 3.2.7.0 Folder = C:\Users\admin\Desktop 64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18928) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 64,00% Memory free 8,00 Gb Paging File | 6,00 Gb Available in Paging File | 78,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 48,83 Gb Total Space | 6,94 Gb Free Space | 14,22% Space Free | Partition Type: NTFS Drive D: | 203,12 Gb Total Space | 142,48 Gb Free Space | 70,14% Space Free | Partition Type: NTFS Drive E: | 213,80 Gb Total Space | 203,65 Gb Free Space | 95,25% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: ADMIN-PC Current User Name: admin Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Include 64bit Scans Company Name Whitelist: On Skip Microsoft Files: On File Age = 360 Days Output = Standard [color=#E56717]========== Processes (All) ==========[/color] PRC - [2010-06-25 20:42:33 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\admin\Desktop\OTL.exe PRC - [2010-06-25 19:55:58 | 000,219,128 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe PRC - [2010-06-03 02:50:58 | 001,144,104 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe PRC - [2010-05-28 02:08:46 | 003,493,264 | ---- | M] (Xfire Inc.) -- C:\Program Files (x86)\Xfire\Xfire.exe PRC - [2010-02-18 11:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe PRC - [2009-07-21 22:46:28 | 000,208,616 | ---- | M] (Kaspersky Lab) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe PRC - [2009-07-03 19:03:20 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2009-03-12 12:18:02 | 002,224,640 | ---- | M] (OrdinarySoft) -- C:\Program Files (x86)\Vista Start Menu\VistaStartMenu.exe PRC - [2009-02-26 10:49:18 | 000,099,328 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\opera.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2010-06-25 20:42:33 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\admin\Desktop\OTL.exe MOD - [2010-05-28 02:09:04 | 000,970,640 | ---- | M] (Xfire Inc.) -- C:\Program Files (x86)\Xfire\xfire_toucan_42784.dll MOD - [2009-07-17 16:35:11 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll MOD - [2009-06-15 17:25:02 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll MOD - [2009-04-23 14:44:38 | 000,677,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll MOD - [2009-02-13 10:47:47 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll MOD - [2008-11-06 15:14:25 | 011,580,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll MOD - [2008-10-21 07:23:58 | 000,303,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll MOD - [2008-10-16 06:47:33 | 000,466,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netapi32.dll MOD - [2008-07-29 20:22:12 | 000,079,112 | ---- | M] (Kaspersky Lab) -- C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll MOD - [2008-07-29 20:22:08 | 000,079,112 | ---- | M] (Kaspersky Lab) -- C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd.dll MOD - [2008-02-29 08:53:38 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll MOD - [2008-01-21 04:52:09 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll MOD - [2008-01-21 04:51:05 | 000,234,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll MOD - [2008-01-21 04:51:04 | 001,315,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll MOD - [2008-01-21 04:51:02 | 000,806,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll MOD - [2008-01-21 04:50:59 | 001,165,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll MOD - [2008-01-21 04:50:58 | 000,563,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll MOD - [2008-01-21 04:50:35 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll MOD - [2008-01-21 04:50:28 | 001,590,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll MOD - [2008-01-21 04:50:15 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll MOD - [2008-01-21 04:50:03 | 000,450,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll MOD - [2008-01-21 04:50:03 | 000,351,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll MOD - [2008-01-21 04:50:01 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\xmllite.dll MOD - [2008-01-21 04:50:01 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx MOD - [2008-01-21 04:49:58 | 000,680,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll MOD - [2008-01-21 04:49:48 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll MOD - [2008-01-21 04:49:45 | 000,798,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll MOD - [2008-01-21 04:49:43 | 001,076,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll MOD - [2008-01-21 04:49:43 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll MOD - [2008-01-21 04:49:34 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll MOD - [2008-01-21 04:49:32 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll MOD - [2008-01-21 04:49:32 | 000,079,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\authz.dll MOD - [2008-01-21 04:49:24 | 000,116,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll MOD - [2008-01-21 04:49:14 | 000,648,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll MOD - [2008-01-21 04:49:13 | 000,501,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll MOD - [2008-01-21 04:49:12 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mpr.dll MOD - [2008-01-21 04:49:11 | 000,289,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll MOD - [2008-01-21 04:49:07 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll MOD - [2008-01-21 04:49:07 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll MOD - [2008-01-21 04:49:02 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll MOD - [2008-01-21 04:49:00 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll MOD - [2008-01-21 04:48:48 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll MOD - [2008-01-21 04:48:40 | 000,750,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll MOD - [2008-01-21 04:48:27 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll MOD - [2008-01-21 04:48:19 | 000,258,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv MOD - [2008-01-21 04:48:15 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll MOD - [2008-01-21 04:48:11 | 001,067,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll MOD - [2008-01-21 04:48:06 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll MOD - [2008-01-21 04:48:03 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll MOD - [2007-11-01 17:23:00 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcr71.dll MOD - [2006-11-02 11:46:12 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll MOD - [2006-11-02 11:46:07 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2008-01-21 04:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2010-06-25 19:55:58 | 000,219,128 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB) SRV - [2009-07-21 22:46:28 | 000,208,616 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe -- (AVP) SRV - [2009-07-16 18:04:16 | 000,316,664 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2009-07-03 19:03:20 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2006-11-02 15:34:14 | 000,000,000 | ---D | M] [Unknown | Stopped] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC) SRV - [2006-11-02 08:35:15 | 000,060,994 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds) SRV - [2006-11-02 08:35:15 | 000,055,846 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vss.mof -- (VSS) SRV - [2006-10-27 00:47:54 | 000,065,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2009-06-30 22:56:11 | 000,227,856 | ---- | M] () [File_System | System | Running] -- C:\Windows\SysNative\DRIVERS\klif.sys -- (KLIF) DRV:[b]64bit:[/b] - [2009-06-30 22:56:11 | 000,038,416 | ---- | M] () [File_System | Boot | Running] -- C:\Windows\SysNative\DRIVERS\klbg.sys -- (KLBG) DRV:[b]64bit:[/b] - [2009-06-09 15:12:42 | 000,310,984 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\atksgt.sys -- (atksgt) DRV:[b]64bit:[/b] - [2009-06-09 15:12:41 | 000,042,696 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\lirsgt.sys -- (lirsgt) DRV:[b]64bit:[/b] - [2008-10-24 18:16:26 | 000,868,848 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2008-07-21 18:34:42 | 000,147,984 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\kl1.sys -- (kl1) DRV:[b]64bit:[/b] - [2008-07-09 18:28:32 | 000,026,128 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\klim6.sys -- (KLIM6) DRV:[b]64bit:[/b] - [2008-06-27 08:51:10 | 000,088,632 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs) DRV:[b]64bit:[/b] - [2008-01-21 04:47:28 | 000,046,080 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb) DRV:[b]64bit:[/b] - [2007-01-18 09:23:10 | 000,045,440 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RecFltr.sys -- (RecFltr) DRV:[b]64bit:[/b] - [2006-10-03 04:13:44 | 000,051,200 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169) DRV - [2008-10-24 16:58:57 | 000,020,544 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv) DRV - [2006-09-18 23:36:40 | 000,003,066 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysWOW64\wbem\tcpip.mof -- (Tcpip) DRV - [2006-09-18 23:35:23 | 000,001,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\wbem\mpsdrv.mof -- (mpsdrv) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\URLSearchHook: {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files (x86)\ToggleEN\tbTogg.dll (Conduit Ltd.) IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-4090682708-3521959348-571196124-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2077543 IE - HKU\S-1-5-21-4090682708-3521959348-571196124-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-4090682708-3521959348-571196124-1000\..\URLSearchHook: {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files (x86)\ToggleEN\tbTogg.dll (Conduit Ltd.) IE - HKU\S-1-5-21-4090682708-3521959348-571196124-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [2010-06-24 22:23:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions O1 HOSTS File: ([2006-09-18 23:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2:[b]64bit:[/b] - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2009\x64\ievkbd.dll (Kaspersky Lab) O2 - BHO: (ToggleEN Toolbar) - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files (x86)\ToggleEN\tbTogg.dll (Conduit Ltd.) O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll (Kaspersky Lab) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GRA8E1~1.DLL (Microsoft Corporation) O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\ProgramData\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.) O3 - HKLM\..\Toolbar: (ToggleEN Toolbar) - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files (x86)\ToggleEN\tbTogg.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-4090682708-3521959348-571196124-1000\..\Toolbar\WebBrowser: (ToggleEN Toolbar) - {038CB5C7-48EA-4AF9-94E0-A1646542E62B} - C:\Program Files (x86)\ToggleEN\tbTogg.dll (Conduit Ltd.) O4:[b]64bit:[/b] - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL () O4:[b]64bit:[/b] - HKLM..\Run: [NvMediaCenter] C:\Windows\SysNative\NvMcTray.DLL () O4:[b]64bit:[/b] - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe (Kaspersky Lab) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation) O4 - HKLM..\Run: [HKLM] C:\Users\admin\AppData\Roaming\Microsoft_KB57H43\tmngr.exe File not found O4 - HKLM..\Run: [QuickTime Task] d:\Trzecia fala\qttask.exe File not found O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe File not found O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-4090682708-3521959348-571196124-1000..\Run: [Advanced Uninstaller PRO Installation Monitor] C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO - Version 9\Monitor.exe File not found O4 - HKU\S-1-5-21-4090682708-3521959348-571196124-1000..\Run: [duedue] C:\Users\admin\duedue.exe File not found O4 - HKU\S-1-5-21-4090682708-3521959348-571196124-1000..\Run: [HKCU] C:\Users\admin\AppData\Roaming\Microsoft_KB57H43\tmngr.exe File not found O4 - HKU\S-1-5-21-4090682708-3521959348-571196124-1000..\Run: [Task Bar] C:\Documents and Settings\All Users\Documents\svchast.exe File not found O4 - HKU\S-1-5-21-4090682708-3521959348-571196124-1000..\Run: [VistaStartMenu] C:\Program Files (x86)\Vista Start Menu\VistaStartMenu.exe (OrdinarySoft) O4 - HKU\S-1-5-21-4090682708-3521959348-571196124-1000..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Policies = C:\Users\admin\AppData\Roaming\Microsoft_KB57H43\tmngr.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Infodelivery present O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Infodelivery present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Infodelivery present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Infodelivery present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-21-4090682708-3521959348-571196124-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-4090682708-3521959348-571196124-1000\Software\Policies\Microsoft\Internet Explorer\Infodelivery present O7 - HKU\S-1-5-21-4090682708-3521959348-571196124-1000\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-21-4090682708-3521959348-571196124-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-4090682708-3521959348-571196124-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Policies = C:\Users\admin\AppData\Roaming\Microsoft_KB57H43\tmngr.exe File not found O7 - HKU\S-1-5-21-4090682708-3521959348-571196124-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKU\S-1-5-21-4090682708-3521959348-571196124-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O9:[b]64bit:[/b] - Extra Button: Statystyki ochrony WWW - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2009\x64\SCIEPlgn.dll (Kaspersky Lab) O9 - Extra Button: Statystyki ochrony WWW - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll (Kaspersky Lab) O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GR99D3~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd.dll (Kaspersky Lab) O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll (Kaspersky Lab) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - Winlogon\Notify\klogon: DllName - Reg Error: Key error. - C:\Windows\SysNative\klogon.dll () O24 - Desktop WallPaper: C:\Users\admin\AppData\Roaming\Opera\Opera\profile\skin\46_www_clubkings.bmp O24 - Desktop BackupWallPaper: C:\Users\admin\AppData\Roaming\Opera\Opera\profile\skin\46_www_clubkings.bmp O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office12\GRA8E1~1.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: Ias - C:\Windows\SysWOW64\ias [2008-01-21 05:08:35 | 000,000,000 | ---D | M] MsConfig:64bit - StartUpFolder: C:^Users^admin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk - C:\Pliki programów (x86)\Microsoft Office\Office12\ONENOTEM.EXE - File not found MsConfig:64bit - StartUpFolder: C:^Users^admin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ubisoft register.lnk - D:\Lock On\Register\schedule.exe - File not found MsConfig:64bit - StartUpReg: [b]Reclusa[/b] - hkey= - key= - C:\Program Files (x86)\Razer\Reclusa\razerhid.exe (Razer USA Ltd.) MsConfig:64bit - State: "bootini" - Reg Error: Key error. MsConfig:64bit - State: "startup" - Reg Error: Key error. SafeBootMin:[b]64bit:[/b] AppMgmt - Service SafeBootMin:[b]64bit:[/b] Base - Driver Group SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group SafeBootMin:[b]64bit:[/b] File system - Driver Group SafeBootMin:[b]64bit:[/b] Filter - Driver Group SafeBootMin:[b]64bit:[/b] HelpSvc - Service SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group SafeBootMin:[b]64bit:[/b] sacsvr - Service SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: VDS - C:\Windows\SysWOW64\wbem\vds.mof () SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:[b]64bit:[/b] AppMgmt - Service SafeBootNet:[b]64bit:[/b] Base - Driver Group SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group SafeBootNet:[b]64bit:[/b] File system - Driver Group SafeBootNet:[b]64bit:[/b] Filter - Driver Group SafeBootNet:[b]64bit:[/b] HelpSvc - Service SafeBootNet:[b]64bit:[/b] Messenger - Service SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group SafeBootNet:[b]64bit:[/b] Network - Driver Group SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group SafeBootNet:[b]64bit:[/b] rdsessmgr - Service SafeBootNet:[b]64bit:[/b] sacsvr - Service SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] TDI - Driver Group SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: MPSDrv - C:\Windows\SysWOW64\wbem\mpsdrv.mof () SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: Tcpip - C:\Windows\SysWOW64\wbem\tcpip.mof () SafeBootNet: TDI - Driver Group SafeBootNet: VDS - C:\Windows\SysWOW64\wbem\vds.mof () SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices [color=#E56717]========== Files/Folders - Created Within 360 Days ==========[/color] [2010-06-25 20:42:33 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Users\admin\Desktop\OTL.exe [2010-06-25 13:20:20 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Malwarebytes [2010-06-25 13:20:12 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2010-06-25 13:20:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010-06-20 19:09:57 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\EA Games [2010-06-20 19:07:11 | 000,000,000 | ---D | C] -- C:\Users\admin\Documents\EA Games [2010-06-17 17:47:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation [2010-06-17 14:56:18 | 000,000,000 | ---D | C] -- C:\Users\admin\Desktop\ROBIE MODA!!! [2010-06-17 14:20:36 | 000,000,000 | ---D | C] -- C:\Users\admin\Documents\KigoImageConverter [2010-06-10 18:13:34 | 000,000,000 | ---D | C] -- C:\Program Files\DivX [2010-06-10 18:03:22 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX [2010-05-31 15:32:27 | 000,000,000 | ---D | C] -- C:\Users\admin\Documents\BFBC2 [2010-05-25 16:21:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2010-05-20 16:21:51 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Local\Ubisoft [2010-05-20 16:21:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Ubisoft [2010-05-18 20:24:19 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Xfire [2010-05-18 20:24:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Xfire [2010-05-18 20:24:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xfire [2010-05-16 18:51:43 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\HLSW [2010-05-04 19:52:53 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\OpenFM [2010-05-04 19:52:53 | 000,000,000 | ---D | C] -- C:\ProgramData\OpenFM [2010-05-02 20:21:04 | 002,271,152 | ---- | C] (Codejock Software) -- C:\Windows\SysWow64\Codejock.CommandBars.Unicode.v12.1.1.ocx [2010-05-02 20:21:02 | 001,779,632 | ---- | C] (Codejock Software) -- C:\Windows\SysWow64\Codejock.Controls.v12.1.1.ocx [2010-05-02 20:21:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CoD RconTool [2010-04-27 14:17:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab [2010-04-27 14:17:49 | 000,000,000 | ---D | C] -- C:\Users\admin\SystemRequirementsLab [2010-04-27 14:17:36 | 000,000,000 | ---D | C] -- C:\Windows\Sun [2010-04-27 00:04:42 | 000,353,592 | ---- | C] (DivX, Inc.) -- C:\Windows\SysWow64\DivXControlPanelApplet.cpl [2010-04-26 19:47:51 | 000,811,276 | RH-- | C] (TL3Productions) -- C:\Users\Public\Documents\svchast.exe [2010-04-25 10:04:41 | 000,000,000 | ---D | C] -- C:\Windows\System\System86 [2010-04-17 09:20:22 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Local\Axialis [2010-04-11 10:50:33 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Local\Activision [2010-04-07 17:27:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit [2010-04-07 17:27:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ToggleEN [2010-03-29 13:55:56 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders [2010-03-25 18:56:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Gadu-Gadu 10 [2010-03-25 18:56:29 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Gadu-Gadu 10 [2010-03-10 21:29:32 | 000,094,208 | ---- | C] (DivX, Inc.) -- C:\Windows\SysWow64\dpl100.dll [2010-02-19 21:27:36 | 000,720,384 | ---- | C] (DivX, Inc.) -- C:\Windows\SysWow64\DivX.dll [2010-02-19 21:27:16 | 000,856,064 | ---- | C] (DivX, Inc.) -- C:\Windows\SysWow64\divx_xx0c.dll [2010-02-19 21:27:16 | 000,856,064 | ---- | C] (DivX, Inc.) -- C:\Windows\SysWow64\divx_xx07.dll [2010-02-19 21:27:16 | 000,847,872 | ---- | C] (DivX, Inc.) -- C:\Windows\SysWow64\divx_xx0a.dll [2010-02-19 21:27:16 | 000,843,776 | ---- | C] (DivX, Inc.) -- C:\Windows\SysWow64\divx_xx16.dll [2010-02-19 21:27:16 | 000,839,680 | ---- | C] (DivX, Inc.) -- C:\Windows\SysWow64\divx_xx11.dll [2010-02-10 19:38:03 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\TS3Client [2010-02-10 19:37:00 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Local\TeamSpeak 3 Client [2010-01-14 00:16:31 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\LG Electronics [2010-01-09 22:54:03 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\DivX [2010-01-09 19:19:42 | 000,000,000 | ---D | C] -- C:\Users\admin\Documents\GTA San Andreas User Files [2010-01-08 18:41:16 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Atari [2010-01-07 18:36:23 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet [2010-01-07 18:22:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Media Player [2010-01-07 18:20:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR [2010-01-07 18:18:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2010-01-06 23:42:54 | 000,000,000 | ---D | C] -- C:\Users\admin\Desktop\różne [2010-01-05 18:37:22 | 000,000,000 | ---D | C] -- C:\Users\admin\Documents\Downloads [2010-01-05 18:34:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX [2010-01-05 18:34:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google [2010-01-05 18:34:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared [2010-01-04 21:28:24 | 000,000,000 | ---D | C] -- C:\flash_video [2009-12-28 15:26:37 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\teamspeak2 [2009-12-27 00:01:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0 [2009-12-16 21:37:18 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield [2009-12-16 21:36:30 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Corel [2009-12-16 21:36:29 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Spool [2009-12-16 21:36:05 | 000,000,000 | ---D | C] -- C:\Users\admin\Documents\Moje pliki PSP [2009-12-12 17:31:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam [2009-11-18 19:50:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe Systems [2009-11-18 19:48:11 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Adobe PDF [2009-11-18 19:47:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe Systems Shared [2009-11-18 19:45:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe [2009-11-18 17:54:48 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Softwrap [2009-11-18 17:54:48 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Fonts [2009-11-18 17:54:48 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Config [2009-11-18 17:54:41 | 000,090,112 | ---- | C] (MindVision Software) -- C:\Windows\unvise32.exe [2009-10-29 21:31:12 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Dark Sector [2009-10-11 00:03:37 | 002,254,768 | ---- | C] (Codejock Software) -- C:\Windows\SysWow64\Codejock.CommandBars.v12.1.1.ocx [2009-10-11 00:03:37 | 001,783,728 | ---- | C] (Codejock Software) -- C:\Windows\SysWow64\Codejock.Controls.Unicode.v12.1.1.ocx [2009-09-26 08:43:41 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\skypePM [2009-09-26 08:41:24 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Skype [2009-09-26 08:40:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2009-09-26 08:40:24 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2009-09-26 08:40:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2009-09-12 17:53:29 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2009-09-12 16:04:19 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Local\cache [2009-09-10 15:59:12 | 000,000,000 | R--D | C] -- C:\Users\admin\Desktop\ [2009-07-19 12:57:29 | 000,000,000 | ---D | C] -- C:\ProgramData\eMule [2009-07-19 12:56:30 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Local\eMule [2009-07-08 14:33:34 | 000,000,000 | ---D | C] -- C:\Downloads [2009-07-08 13:14:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent [2009-07-08 13:12:37 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\uTorrent [2009-06-30 22:24:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab [2009-06-30 22:24:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab [2009-06-30 22:23:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files [6 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 360 Days ==========[/color] [2010-06-25 20:45:28 | 005,767,168 | -HS- | M] () -- C:\Users\admin\NTUSER.DAT [2010-06-25 20:42:33 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\admin\Desktop\OTL.exe [2010-06-25 20:34:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010-06-25 20:15:00 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010-06-25 20:15:00 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010-06-25 20:13:29 | 000,004,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010-06-25 20:13:29 | 000,004,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010-06-25 19:55:58 | 000,219,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2010-06-25 19:55:58 | 000,219,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2010-06-25 19:03:15 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempRX3048.html [2010-06-25 15:58:35 | 003,123,826 | ---- | M] () -- C:\Users\admin\Desktop\DJ-Mangoo-Eurodancer.mp3 [2010-06-25 14:35:21 | 001,691,910 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2010-06-25 14:35:21 | 000,740,180 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2010-06-25 14:35:21 | 000,657,924 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2010-06-25 14:35:21 | 000,166,348 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2010-06-25 14:35:21 | 000,129,658 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2010-06-25 14:28:56 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010-06-25 14:28:09 | 007,422,524 | -HS- | M] () -- C:\Windows\SysNative\drivers\fidbox.dat [2010-06-25 14:28:09 | 001,105,980 | -HS- | M] () -- C:\Windows\SysNative\drivers\fidbox2.dat [2010-06-25 14:28:09 | 000,072,548 | -HS- | M] () -- C:\Windows\SysNative\drivers\fidbox.idx [2010-06-25 14:28:09 | 000,010,596 | -HS- | M] () -- C:\Windows\SysNative\drivers\fidbox2.idx [2010-06-25 14:28:08 | 000,524,288 | -HS- | M] () -- C:\Users\admin\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000001.regtrans-ms [2010-06-25 14:28:08 | 000,065,536 | -HS- | M] () -- C:\Users\admin\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TM.blf [2010-06-25 14:27:42 | 006,291,456 | -H-- | M] () -- C:\Users\admin\AppData\Local\IconCache.db [2010-06-25 14:27:28 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempxF2908.html [2010-06-25 14:27:28 | 000,002,089 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempnz2908.html [2010-06-25 13:20:14 | 000,000,601 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010-06-24 22:55:10 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempeg4572.html [2010-06-24 22:55:10 | 000,002,089 | ---- | M] () -- C:\Users\admin\AppData\Local\TempIM4572.html [2010-06-24 22:14:08 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TemphK5044.html [2010-06-24 22:14:08 | 000,002,089 | ---- | M] () -- C:\Users\admin\AppData\Local\TempPs5044.html [2010-06-24 18:05:46 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TemptX6048.html [2010-06-24 16:48:43 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempIGV824.html [2010-06-22 22:36:53 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempzG1820.html [2010-06-22 22:36:53 | 000,002,089 | ---- | M] () -- C:\Users\admin\AppData\Local\TemppZ1820.html [2010-06-22 15:24:08 | 003,007,464 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2010-06-22 15:21:24 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempSw1208.html [2010-06-22 15:21:24 | 000,002,089 | ---- | M] () -- C:\Users\admin\AppData\Local\TempdC1208.html [2010-06-21 20:36:30 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempPT1272.html [2010-06-21 15:11:07 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempmF4760.html [2010-06-20 19:07:11 | 000,000,722 | ---- | M] () -- C:\Users\Public\Desktop\The Sims™ 2.lnk [2010-06-19 23:31:19 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempIz1912.html [2010-06-19 23:28:20 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempqp5412.html [2010-06-18 22:18:43 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempXh4712.html [2010-06-18 17:52:39 | 000,113,576 | ---- | M] () -- C:\Users\admin\AppData\Local\GDIPFONTCACHEV1.DAT [2010-06-18 15:49:48 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempHRo812.html [2010-06-17 17:46:41 | 000,151,552 | ---- | M] () -- C:\Windows\SysWow64\nvRegDev.dll [2010-06-17 17:16:15 | 000,001,194 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2010-06-17 15:56:33 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempqU3444.html [2010-06-17 13:04:13 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempwL5868.html [2010-06-16 23:34:18 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TemprY6376.html [2010-06-16 21:24:05 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempgL1936.html [2010-06-16 19:11:29 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempEY5584.html [2010-06-16 16:22:13 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempZGQ884.html [2010-06-16 14:07:06 | 000,038,400 | ---- | M] () -- C:\Users\admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-06-16 11:06:26 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempUZ5804.html [2010-06-15 16:08:59 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempCe2896.html [2010-06-15 15:17:05 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempiq4444.html [2010-06-14 20:32:31 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempjp5004.html [2010-06-14 18:20:29 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TemphA5316.html [2010-06-14 14:21:51 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempGn5016.html [2010-06-13 20:32:01 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempCF4424.html [2010-06-13 19:17:26 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempmL4332.html [2010-06-13 17:57:21 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini [2010-06-13 15:11:23 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempoc4912.html [2010-06-13 14:50:05 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempAs3800.html [2010-06-13 14:49:27 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempKt4640.html [2010-06-13 14:19:53 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempCx5448.html [2010-06-13 14:19:53 | 000,002,089 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempvx5448.html [2010-06-12 21:07:12 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempvp1160.html [2010-06-12 20:35:32 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempXm8160.html [2010-06-11 23:59:58 | 003,710,693 | ---- | M] () -- C:\Users\admin\Documents\DSC01012.JPG [2010-06-11 23:59:17 | 003,708,699 | ---- | M] () -- C:\Users\admin\Documents\DSC01011.JPG [2010-06-11 23:50:46 | 003,678,213 | ---- | M] () -- C:\Users\admin\Documents\DSC01007.JPG [2010-06-11 23:36:09 | 003,719,146 | ---- | M] () -- C:\Users\admin\Documents\DSC01001.JPG [2010-06-11 23:32:24 | 003,744,690 | ---- | M] () -- C:\Users\admin\Documents\DSC00980.JPG [2010-06-11 23:11:22 | 003,808,160 | ---- | M] () -- C:\Users\admin\Documents\DSC00924.JPG [2010-06-11 14:13:42 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempDt7348.html [2010-06-10 21:02:01 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempnw5832.html [2010-06-10 16:41:54 | 001,343,783 | ---- | M] () -- C:\Users\admin\Desktop\Janusz Laskowski - śnił mi się rodzinny dom.mp3 [2010-06-09 19:36:49 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempHW6568.html [2010-06-09 15:16:57 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempzd5644.html [2010-06-08 17:53:04 | 000,000,013 | ---- | M] () -- C:\Windows\SysWow64\WinSys16.crc [2010-06-08 15:43:39 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempKc4296.html [2010-06-07 15:17:54 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempzA3052.html [2010-06-07 14:59:28 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempDk2188.html [2010-06-06 22:16:34 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempFT4956.html [2010-06-05 11:01:52 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempoie492.html [2010-06-05 09:18:24 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempgV3580.html [2010-06-04 22:57:46 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempJx4344.html [2010-06-04 14:22:49 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempih4984.html [2010-06-03 18:14:04 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempTc5388.html [2010-06-03 13:07:48 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempjw4236.html [2010-06-02 16:23:18 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempja2116.html [2010-05-30 14:01:13 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempvo2884.html [2010-05-30 10:08:13 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempqN4568.html [2010-05-29 22:32:45 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempGT1772.html [2010-05-29 17:40:33 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempLZ2324.html [2010-05-29 16:37:26 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempgH3192.html [2010-05-28 12:10:07 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempcg6608.html [2010-05-28 08:12:19 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempUl7064.html [2010-05-28 02:09:00 | 000,041,872 | ---- | M] () -- C:\Windows\SysWow64\xfcodec.dll [2010-05-28 02:09:00 | 000,027,536 | ---- | M] () -- C:\Windows\SysNative\xfcodec64.dll [2010-05-26 21:48:18 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempkD5396.html [2010-05-26 21:29:26 | 000,000,371 | ---- | M] () -- C:\Users\admin\Desktop\Club Music.lnk [2010-05-26 18:53:52 | 000,048,128 | ---- | M] () -- C:\Windows\SysNative\atmlib.dll [2010-05-26 17:14:55 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempyo2084.html [2010-05-26 16:56:53 | 000,366,080 | ---- | M] () -- C:\Windows\SysNative\atmfd.dll [2010-05-25 21:42:45 | 000,260,277 | ---- | M] () -- C:\Users\admin\Documents\ts3_clientui-win64-10723-2010-05-25 21_42_45.223000.dmp [2010-05-25 19:55:54 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempzU6072.html [2010-05-25 19:55:54 | 000,002,089 | ---- | M] () -- C:\Users\admin\AppData\Local\TempTi6072.html [2010-05-25 19:55:21 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempEJ4716.html [2010-05-25 19:55:21 | 000,002,089 | ---- | M] () -- C:\Users\admin\AppData\Local\TempGK4716.html [2010-05-25 15:08:52 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempvq2884.html [2010-05-24 19:15:16 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Temphw3404.html [2010-05-24 15:41:38 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempcU6844.html [2010-05-24 15:41:38 | 000,002,089 | ---- | M] () -- C:\Users\admin\AppData\Local\TempkH6844.html [2010-05-24 15:14:30 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempYo1548.html [2010-05-23 22:14:32 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempXA3132.html [2010-05-23 21:28:16 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempRz3740.html [2010-05-22 20:06:40 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempyo5432.html [2010-05-22 18:21:17 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempQN1732.html [2010-05-22 18:12:34 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempnK5940.html [2010-05-22 18:12:34 | 000,002,089 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempuh5940.html [2010-05-22 10:32:54 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempqN4544.html [2010-05-21 16:15:30 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempFL7208.html [2010-05-20 21:19:47 | 000,000,802 | ---- | M] () -- C:\Users\admin\Desktop\Xfire.lnk [2010-05-20 18:07:24 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempOt6572.html [2010-05-20 16:13:21 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempCR2056.html [2010-05-19 21:10:59 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempzT7980.html [2010-05-19 17:26:57 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempui5780.html [2010-05-19 15:54:32 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TemprT4608.html [2010-05-17 17:15:20 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempEr5540.html [2010-05-17 17:15:20 | 000,002,089 | ---- | M] () -- C:\Users\admin\AppData\Local\Temptf5540.html [2010-05-17 16:01:02 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempGQ2652.html [2010-05-16 18:22:00 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempVO2316.html [2010-05-16 18:22:00 | 000,002,089 | ---- | M] () -- C:\Users\admin\AppData\Local\TempyN2316.html [2010-05-16 16:18:18 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempLV2388.html [2010-05-16 16:18:18 | 000,002,089 | ---- | M] () -- C:\Users\admin\AppData\Local\TempNK2388.html [2010-05-16 13:00:22 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempLl3328.html [2010-05-15 15:53:09 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempkz5900.html [2010-05-15 13:03:52 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempRr5288.html [2010-05-15 10:18:18 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempux5592.html [2010-05-14 20:05:54 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempWN2508.html [2010-05-13 20:11:40 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempjs2984.html [2010-05-13 20:11:40 | 000,002,089 | ---- | M] () -- C:\Users\admin\AppData\Local\TempQw2984.html [2010-05-12 23:43:32 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempWx4776.html [2010-05-12 15:53:29 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempKO4100.html [2010-05-12 15:53:29 | 000,002,089 | ---- | M] () -- C:\Users\admin\AppData\Local\TempiQ4100.html [2010-05-11 18:05:14 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempSZr232.html [2010-05-10 23:02:19 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempVy2772.html [2010-05-10 21:43:41 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempYo4040.html [2010-05-10 21:43:41 | 000,002,089 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempjx4040.html [2010-05-09 22:27:50 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempxW4324.html [2010-05-08 23:32:28 | 000,008,412 | ---- | M] () -- C:\Users\admin\AppData\Local\d3d9caps64.dat [2010-05-08 23:00:53 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempyq8116.html [2010-05-08 20:58:54 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempoy7536.html [2010-05-07 20:43:38 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempOl3756.html [2010-05-07 20:09:23 | 000,000,627 | ---- | M] () -- C:\Users\Public\Desktop\Gadu-Gadu 10.lnk [2010-05-07 20:08:59 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TemppW2004.html [2010-05-07 20:08:59 | 000,002,089 | ---- | M] () -- C:\Users\admin\AppData\Local\TempfK2004.html [2010-05-07 17:00:05 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempfR6668.html [2010-05-07 12:22:19 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempsI3204.html [2010-05-06 21:10:28 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempXl5168.html [2010-05-06 20:22:46 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempDR2056.html [2010-05-06 20:00:45 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempae4352.html [2010-05-06 16:08:33 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempMq5576.html [2010-05-06 14:55:28 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempvU5476.html [2010-05-05 21:28:50 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempWl1028.html [2010-05-05 14:52:14 | 000,149,773 | ---- | M] () -- C:\Windows\SysNative\drivers\klin.dat [2010-05-05 14:52:14 | 000,106,765 | ---- | M] () -- C:\Windows\SysNative\drivers\klick.dat [2010-05-04 15:11:46 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempVM4760.html [2010-05-04 08:54:49 | 000,243,712 | ---- | M] () -- C:\Windows\SysNative\occache.dll [2010-05-04 08:52:45 | 000,706,048 | ---- | M] () -- C:\Windows\SysNative\msfeeds.dll [2010-05-04 08:52:04 | 001,538,560 | ---- | M] () -- C:\Windows\SysNative\inetcpl.cpl [2010-05-04 08:51:49 | 000,219,136 | ---- | M] () -- C:\Windows\SysNative\ieui.dll [2010-05-04 08:51:49 | 000,132,096 | ---- | M] () -- C:\Windows\SysNative\iesysprep.dll [2010-05-04 08:51:48 | 002,334,208 | ---- | M] () -- C:\Windows\SysNative\iertutil.dll [2010-05-04 08:51:48 | 000,077,312 | ---- | M] () -- C:\Windows\SysNative\iesetup.dll [2010-05-04 08:51:48 | 000,072,192 | ---- | M] () -- C:\Windows\SysNative\iernonce.dll [2010-05-04 08:51:47 | 000,252,416 | ---- | M] () -- C:\Windows\SysNative\iepeers.dll [2010-05-04 07:01:59 | 000,162,816 | ---- | M] () -- C:\Windows\SysNative\ieUnatt.exe [2010-05-04 07:01:39 | 000,070,656 | ---- | M] () -- C:\Windows\SysNative\ie4uinit.exe [2010-05-04 07:01:04 | 000,012,288 | ---- | M] () -- C:\Windows\SysNative\msfeedssync.exe [2010-05-03 19:14:01 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempZJ3160.html [2010-05-03 18:59:40 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempmz3948.html [2010-05-03 15:42:49 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempim6020.html [2010-05-02 20:21:08 | 000,001,786 | ---- | M] () -- C:\Users\admin\Desktop\CoD RconTool.lnk [2010-05-02 17:00:38 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempIU5580.html [2010-05-02 15:36:07 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempds1772.html [2010-05-01 20:14:25 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempvb4816.html [2010-05-01 15:36:53 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempPT5684.html [2010-05-01 14:31:27 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempCs5272.html [2010-05-01 12:28:02 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempNS1168.html [2010-04-30 19:24:40 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempPL6660.html [2010-04-29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2010-04-29 15:39:28 | 000,024,664 | ---- | M] () -- C:\Windows\SysNative\drivers\mbam.sys [2010-04-29 14:21:36 | 000,001,305 | ---- | M] () -- C:\Users\admin\Desktop\MuZaA.lnk [2010-04-28 21:22:53 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempzR3084.html [2010-04-28 14:51:03 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempaH4652.html [2010-04-28 13:59:23 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempbj6628.html [2010-04-28 13:59:23 | 000,002,089 | ---- | M] () -- C:\Users\admin\AppData\Local\TempFn6628.html [2010-04-27 20:51:56 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempBt6000.html [2010-04-27 16:51:11 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TemphY4916.html [2010-04-27 13:25:30 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempjt6428.html [2010-04-27 13:25:30 | 000,002,089 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempmf6428.html [2010-04-27 00:04:42 | 000,353,592 | ---- | M] (DivX, Inc.) -- C:\Windows\SysWow64\DivXControlPanelApplet.cpl [2010-04-26 19:42:59 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempMz4368.html [2010-04-26 19:25:11 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempCz5336.html [2010-04-25 21:40:38 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempcU5540.html [2010-04-25 15:04:21 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempzq1048.html [2010-04-25 09:35:06 | 000,035,381 | ---- | M] () -- C:\Users\admin\AppData\Roaming\SQLite3.dll [2010-04-24 14:31:34 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempDx5504.html [2010-04-24 09:17:11 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempsc6116.html [2010-04-23 16:48:08 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempTq6088.html [2010-04-22 21:16:39 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Temphz1688.html [2010-04-22 17:34:03 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempDu4240.html [2010-04-22 15:44:45 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempGT5472.html [2010-04-21 21:47:46 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempOQ4128.html [2010-04-21 17:25:51 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempIt4664.html [2010-04-21 17:19:04 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempmE5484.html [2010-04-21 15:32:15 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempgT3928.html [2010-04-21 15:32:15 | 000,002,089 | ---- | M] () -- C:\Users\admin\AppData\Local\TempGp3928.html [2010-04-20 16:22:25 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempAe2636.html [2010-04-19 17:22:16 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempao3828.html [2010-04-19 15:21:00 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempPC2008.html [2010-04-18 22:13:47 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempQr4828.html [2010-04-18 21:49:43 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TemphHv916.html [2010-04-18 21:13:48 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempdx3908.html [2010-04-17 22:58:12 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TemplH4364.html [2010-04-17 17:32:58 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempJJ4940.html [2010-04-17 17:20:14 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TemppH4172.html [2010-04-16 22:38:43 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempTfb800.html [2010-04-16 22:38:43 | 000,002,089 | ---- | M] () -- C:\Users\admin\AppData\Local\TempHvc800.html [2010-04-16 18:40:20 | 001,570,816 | ---- | M] () -- C:\Windows\SysNative\quartz.dll [2010-04-15 21:59:05 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempwk2440.html [2010-04-15 17:24:21 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempzK6164.html [2010-04-15 17:24:21 | 000,002,089 | ---- | M] () -- C:\Users\admin\AppData\Local\TempTp6164.html [2010-04-14 23:07:08 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TemprI4716.html [2010-04-14 20:38:30 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempnb4220.html [2010-04-14 17:19:09 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempMN4268.html [2010-04-13 22:41:57 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempUc4368.html [2010-04-13 22:26:57 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempiP4936.html [2010-04-10 12:17:20 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempeJ5008.html [2010-04-09 23:45:19 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempJO3716.html [2010-03-29 13:55:06 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempHp4288.html [2010-03-29 13:55:06 | 000,002,089 | ---- | M] () -- C:\Users\admin\AppData\Local\TempVH4288.html [2010-03-28 15:30:11 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TemprH4660.html [2010-03-27 08:39:56 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempbs2948.html [2010-03-21 15:55:44 | 000,002,415 | ---- | M] () -- C:\Users\admin\Desktop\Skype.lnk [2010-03-10 21:29:32 | 000,094,208 | ---- | M] (DivX, Inc.) -- C:\Windows\SysWow64\dpl100.dll [2010-03-05 16:32:42 | 000,612,864 | ---- | M] () -- C:\Windows\SysNative\vbscript.dll [2010-02-24 11:28:20 | 000,294,912 | ---- | M] () -- C:\Windows\SysNative\browserchoice.exe [2010-02-21 01:44:53 | 000,032,768 | ---- | M] () -- C:\Windows\SysNative\nshhttp.dll [2010-02-21 01:42:16 | 000,033,792 | ---- | M] () -- C:\Windows\SysNative\httpapi.dll [2010-02-20 18:49:25 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf [2010-02-19 21:27:36 | 000,720,384 | ---- | M] (DivX, Inc.) -- C:\Windows\SysWow64\DivX.dll [2010-02-19 21:27:16 | 000,856,064 | ---- | M] (DivX, Inc.) -- C:\Windows\SysWow64\divx_xx0c.dll [2010-02-19 21:27:16 | 000,856,064 | ---- | M] (DivX, Inc.) -- C:\Windows\SysWow64\divx_xx07.dll [2010-02-19 21:27:16 | 000,847,872 | ---- | M] (DivX, Inc.) -- C:\Windows\SysWow64\divx_xx0a.dll [2010-02-19 21:27:16 | 000,843,776 | ---- | M] (DivX, Inc.) -- C:\Windows\SysWow64\divx_xx16.dll [2010-02-19 21:27:16 | 000,839,680 | ---- | M] (DivX, Inc.) -- C:\Windows\SysWow64\divx_xx11.dll [2010-02-18 17:01:52 | 004,690,832 | ---- | M] () -- C:\Windows\SysNative\ntoskrnl.exe [2010-02-10 19:37:02 | 000,001,052 | ---- | M] () -- C:\Users\admin\Desktop\TeamSpeak 3 Client.lnk [2010-01-21 18:34:10 | 000,072,192 | ---- | M] () -- C:\Windows\SysNative\l3codeca.acm [2010-01-18 18:00:22 | 000,811,276 | RH-- | M] (TL3Productions) -- C:\Users\Public\Documents\svchast.exe [2010-01-13 20:34:43 | 000,104,960 | ---- | M] () -- C:\Windows\SysNative\cabview.dll [2010-01-07 18:07:32 | 000,003,350 | -HS- | M] () -- C:\Windows\SysWow64\KGyGaAvL.sys [2010-01-07 18:07:27 | 000,000,088 | RHS- | M] () -- C:\Windows\SysWow64\88B5D96988.sys [2010-01-05 18:36:48 | 000,002,009 | ---- | M] () -- C:\Users\admin\Desktop\Google Chrome.lnk [2010-01-04 22:11:08 | 000,000,038 | ---- | M] () -- C:\Windows\avisplitter.INI [2009-12-28 14:42:32 | 000,143,360 | ---- | M] () -- C:\Windows\SysNative\msvfw32.dll [2009-12-28 14:41:43 | 000,093,184 | ---- | M] () -- C:\Windows\SysNative\mciavi32.dll [2009-12-28 14:39:08 | 000,108,544 | ---- | M] () -- C:\Windows\SysNative\avifil32.dll [2009-12-28 14:39:08 | 000,076,800 | ---- | M] () -- C:\Windows\SysNative\avicap32.dll [2009-12-23 14:39:32 | 000,218,112 | ---- | M] () -- C:\Windows\SysNative\wintrust.dll [2009-12-04 09:30:27 | 000,817,664 | ---- | M] () -- C:\Windows\SysNative\jscript.dll [2009-11-18 17:55:33 | 000,002,493 | ---- | M] () -- C:\Users\Public\Documents\Global.sw2 [2009-11-18 17:54:48 | 000,000,000 | -H-- | M] () -- C:\Windows\SwSys2.bmp [2009-11-18 17:54:48 | 000,000,000 | -H-- | M] () -- C:\Windows\SwSys1.bmp [2009-11-04 06:20:59 | 000,033,792 | ---- | M] () -- C:\Windows\SysNative\drivers\pl-PL\http.sys.mui [2009-10-19 17:23:39 | 000,189,440 | ---- | M] () -- C:\Windows\SysNative\t2embed.dll [2009-10-19 17:19:17 | 000,096,256 | ---- | M] () -- C:\Windows\SysNative\fontsub.dll [2009-10-07 14:57:40 | 000,280,576 | ---- | M] () -- C:\Windows\SysNative\rastls.dll [2009-10-07 14:57:38 | 000,295,936 | ---- | M] () -- C:\Windows\SysNative\raschap.dll [2009-09-28 17:42:47 | 000,000,027 | ---- | M] () -- C:\Users\admin\Desktop\skamandryta.css [2009-09-26 08:43:42 | 000,000,056 | -H-- | M] () -- C:\Windows\SysWow64\ezsidmv.dat [2009-09-09 18:34:07 | 000,000,680 | ---- | M] () -- C:\Users\admin\AppData\Local\d3d9caps.dat [2009-09-09 18:34:06 | 000,000,552 | ---- | M] () -- C:\Users\admin\AppData\Local\d3d8caps.dat [2009-09-04 18:44:42 | 000,073,544 | ---- | M] () -- C:\Windows\SysNative\XAPOFX1_3.dll [2009-09-04 18:44:40 | 000,517,960 | ---- | M] () -- C:\Windows\SysNative\XAudio2_5.dll [2009-09-04 18:44:40 | 000,176,968 | ---- | M] () -- C:\Windows\SysNative\xactengine3_5.dll [2009-09-04 18:29:24 | 005,554,512 | ---- | M] () -- C:\Windows\SysNative\d3dcsx_42.dll [2009-09-04 18:29:24 | 000,523,088 | ---- | M] () -- C:\Windows\SysNative\d3dx10_42.dll [2009-09-04 18:29:24 | 000,285,024 | ---- | M] () -- C:\Windows\SysNative\d3dx11_42.dll [2009-09-04 18:29:22 | 002,582,888 | ---- | M] () -- C:\Windows\SysNative\D3DCompiler_42.dll [2009-09-04 18:29:20 | 002,475,352 | ---- | M] () -- C:\Windows\SysNative\D3DX9_42.dll [2009-09-04 14:52:46 | 000,082,944 | ---- | M] () -- C:\Windows\SysNative\msasn1.dll [2009-08-14 19:29:27 | 000,141,312 | ---- | M] () -- C:\Windows\SysNative\netiohlp.dll [2009-08-14 19:29:26 | 000,017,920 | ---- | M] () -- C:\Windows\SysNative\netevent.dll [2009-08-14 17:13:04 | 000,010,752 | ---- | M] () -- C:\Windows\SysNative\TCPSVCS.EXE [2009-08-14 17:13:02 | 000,021,504 | ---- | M] () -- C:\Windows\SysNative\ROUTE.EXE [2009-08-14 17:13:01 | 000,012,800 | ---- | M] () -- C:\Windows\SysNative\MRINFO.EXE [2009-08-14 17:12:59 | 000,032,256 | ---- | M] () -- C:\Windows\SysNative\NETSTAT.EXE [2009-08-14 17:12:59 | 000,023,040 | ---- | M] () -- C:\Windows\SysNative\ARP.EXE [2009-08-14 17:12:58 | 000,010,240 | ---- | M] () -- C:\Windows\SysNative\HOSTNAME.EXE [2009-08-14 17:12:57 | 000,011,264 | ---- | M] () -- C:\Windows\SysNative\finger.exe [2009-08-07 19:51:34 | 000,178,430 | ---- | M] () -- C:\Windows\SysWow64\xlive.dll.cat [2009-08-07 04:24:27 | 000,038,112 | ---- | M] () -- C:\Windows\SysNative\wups.dll [2009-08-07 04:24:20 | 000,043,744 | ---- | M] () -- C:\Windows\SysNative\wups2.dll [2009-08-07 04:24:17 | 000,057,560 | ---- | M] () -- C:\Windows\SysNative\wuauclt.exe [2009-08-07 04:23:52 | 000,700,640 | ---- | M] () -- C:\Windows\SysNative\wuapi.dll [2009-08-07 03:59:43 | 002,621,440 | ---- | M] () -- C:\Windows\SysNative\wucltux.dll [2009-08-07 03:59:07 | 000,098,816 | ---- | M] () -- C:\Windows\SysNative\wudriver.dll [2009-08-06 19:23:06 | 000,185,416 | ---- | M] () -- C:\Windows\SysNative\wuwebv.dll [2009-08-06 18:59:12 | 000,036,864 | ---- | M] () -- C:\Windows\SysNative\wuapp.exe [2009-07-21 21:09:32 | 000,057,667 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2009-07-21 20:31:43 | 000,057,667 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2009-07-17 17:00:43 | 000,088,576 | ---- | M] () -- C:\Windows\SysNative\atl.dll [2009-07-14 15:21:42 | 013,426,176 | ---- | M] () -- C:\Windows\SysNative\wmp.dll [2009-07-14 15:21:42 | 000,368,128 | ---- | M] () -- C:\Windows\SysNative\wmpdxm.dll [2009-07-14 15:20:51 | 000,005,120 | ---- | M] () -- C:\Windows\SysNative\msdxm.ocx [2009-07-14 15:20:51 | 000,005,120 | ---- | M] () -- C:\Windows\SysNative\dxmasf.dll [2009-07-14 15:20:06 | 000,009,216 | ---- | M] () -- C:\Windows\SysNative\spwmp.dll [2009-07-14 13:31:58 | 008,147,968 | ---- | M] () -- C:\Windows\SysNative\wmploc.DLL [2009-07-14 10:33:07 | 000,043,520 | ---- | M] () -- C:\Windows\SysNative\msdxm.tlb [2009-07-14 10:33:07 | 000,018,432 | ---- | M] () -- C:\Windows\SysNative\amcompat.tlb [2009-07-11 21:50:02 | 000,376,832 | ---- | M] () -- C:\Windows\SysNative\wlansec.dll [2009-07-11 21:50:01 | 000,353,280 | ---- | M] () -- C:\Windows\SysNative\wlanmsm.dll [2009-07-11 21:50:01 | 000,097,792 | ---- | M] () -- C:\Windows\SysNative\wlanhlp.dll [2009-07-11 21:50:01 | 000,086,528 | ---- | M] () -- C:\Windows\SysNative\wlanapi.dll [2009-07-11 21:46:12 | 000,157,184 | ---- | M] () -- C:\Windows\SysNative\L2SecHC.dll [2009-07-11 19:46:21 | 002,608,803 | ---- | M] () -- C:\Windows\SysNative\wlan.tmf [2009-07-08 13:14:10 | 000,000,782 | ---- | M] () -- C:\Users\admin\Desktop\µTorrent.lnk [2009-07-03 19:03:20 | 000,075,064 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe [2009-07-03 12:46:59 | 000,419,840 | ---- | M] () -- C:\Windows\SysNative\wrap_oal.dll [2009-07-03 12:46:59 | 000,413,696 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll [2009-07-03 12:46:59 | 000,133,632 | ---- | M] () -- C:\Windows\SysNative\OpenAL32.dll [2009-07-03 12:46:59 | 000,110,592 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll [2009-07-03 10:33:22 | 001,580,100 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2009-06-30 22:56:11 | 000,227,856 | ---- | M] () -- C:\Windows\SysNative\drivers\klif.sys [2009-06-30 22:56:11 | 000,038,416 | ---- | M] () -- C:\Windows\SysNative\drivers\klbg.sys [6 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-06-25 15:58:15 | 003,123,826 | ---- | C] () -- C:\Users\admin\Desktop\DJ-Mangoo-Eurodancer.mp3 [2010-06-25 14:40:23 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempRX3048.html [2010-06-25 13:20:14 | 000,000,601 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010-06-25 13:20:11 | 000,024,664 | ---- | C] () -- C:\Windows\SysNative\drivers\mbam.sys [2010-06-24 23:19:31 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempxF2908.html [2010-06-24 23:19:31 | 000,002,089 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempnz2908.html [2010-06-24 22:55:10 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempeg4572.html [2010-06-24 22:55:10 | 000,002,089 | ---- | C] () -- C:\Users\admin\AppData\Local\TempIM4572.html [2010-06-24 21:37:27 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TemphK5044.html [2010-06-24 21:37:27 | 000,002,089 | ---- | C] () -- C:\Users\admin\AppData\Local\TempPs5044.html [2010-06-24 17:45:11 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TemptX6048.html [2010-06-24 11:39:28 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempIGV824.html [2010-06-22 22:36:53 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempzG1820.html [2010-06-22 22:36:53 | 000,002,089 | ---- | C] () -- C:\Users\admin\AppData\Local\TemppZ1820.html [2010-06-21 22:28:18 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempSw1208.html [2010-06-21 22:28:18 | 000,002,089 | ---- | C] () -- C:\Users\admin\AppData\Local\TempdC1208.html [2010-06-21 16:21:43 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempPT1272.html [2010-06-20 19:07:11 | 000,000,722 | ---- | C] () -- C:\Users\Public\Desktop\The Sims™ 2.lnk [2010-06-20 12:12:56 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempmF4760.html [2010-06-19 23:29:43 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempIz1912.html [2010-06-19 00:06:31 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempqp5412.html [2010-06-18 17:58:09 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempXh4712.html [2010-06-18 15:26:57 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempHRo812.html [2010-06-17 17:46:52 | 000,151,552 | ---- | C] () -- C:\Windows\SysWow64\nvRegDev.dll [2010-06-17 17:16:15 | 000,001,194 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2010-06-17 15:56:24 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempqU3444.html [2010-06-17 12:40:41 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempwL5868.html [2010-06-16 23:34:09 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TemprY6376.html [2010-06-16 19:52:28 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempgL1936.html [2010-06-16 18:06:53 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempEY5584.html [2010-06-16 14:47:41 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempZGQ884.html [2010-06-15 19:13:44 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempUZ5804.html [2010-06-15 16:08:11 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempCe2896.html [2010-06-14 22:26:41 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempiq4444.html [2010-06-14 19:07:47 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempjp5004.html [2010-06-14 18:19:50 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TemphA5316.html [2010-06-13 22:31:52 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempGn5016.html [2010-06-13 20:29:22 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempCF4424.html [2010-06-13 19:17:06 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempmL4332.html [2010-06-13 14:50:11 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempoc4912.html [2010-06-13 14:49:33 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempAs3800.html [2010-06-13 14:49:13 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempKt4640.html [2010-06-12 21:43:31 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempCx5448.html [2010-06-12 21:43:31 | 000,002,089 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempvx5448.html [2010-06-12 21:04:35 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempvp1160.html [2010-06-11 23:59:28 | 003,710,693 | ---- | C] () -- C:\Users\admin\Documents\DSC01012.JPG [2010-06-11 23:58:47 | 003,708,699 | ---- | C] () -- C:\Users\admin\Documents\DSC01011.JPG [2010-06-11 23:50:16 | 003,678,213 | ---- | C] () -- C:\Users\admin\Documents\DSC01007.JPG [2010-06-11 23:35:39 | 003,719,146 | ---- | C] () -- C:\Users\admin\Documents\DSC01001.JPG [2010-06-11 23:31:25 | 003,744,690 | ---- | C] () -- C:\Users\admin\Documents\DSC00980.JPG [2010-06-11 23:10:51 | 003,808,160 | ---- | C] () -- C:\Users\admin\Documents\DSC00924.JPG [2010-06-11 14:14:52 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempXm8160.html [2010-06-10 21:10:07 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempDt7348.html [2010-06-10 15:54:00 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempnw5832.html [2010-06-09 22:51:35 | 001,343,783 | ---- | C] () -- C:\Users\admin\Desktop\Janusz Laskowski - śnił mi się rodzinny dom.mp3 [2010-06-09 19:21:43 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempHW6568.html [2010-06-09 15:15:55 | 000,366,080 | ---- | C] () -- C:\Windows\SysNative\atmfd.dll [2010-06-09 15:15:55 | 000,048,128 | ---- | C] () -- C:\Windows\SysNative\atmlib.dll [2010-06-09 15:15:52 | 009,250,816 | ---- | C] () -- C:\Windows\SysNative\mshtml.dll [2010-06-09 15:15:51 | 012,468,736 | ---- | C] () -- C:\Windows\SysNative\ieframe.dll [2010-06-09 15:15:50 | 002,334,208 | ---- | C] () -- C:\Windows\SysNative\iertutil.dll [2010-06-09 15:15:49 | 001,484,288 | ---- | C] () -- C:\Windows\SysNative\urlmon.dll [2010-06-09 15:15:49 | 001,147,904 | ---- | C] () -- C:\Windows\SysNative\wininet.dll [2010-06-09 15:15:48 | 001,538,560 | ---- | C] () -- C:\Windows\SysNative\inetcpl.cpl [2010-06-09 15:15:48 | 001,062,912 | ---- | C] () -- C:\Windows\SysNative\mstime.dll [2010-06-09 15:15:48 | 000,706,048 | ---- | C] () -- C:\Windows\SysNative\msfeeds.dll [2010-06-09 15:15:48 | 000,459,776 | ---- | C] () -- C:\Windows\SysNative\iedkcs32.dll [2010-06-09 15:15:48 | 000,243,712 | ---- | C] () -- C:\Windows\SysNative\occache.dll [2010-06-09 15:15:47 | 000,252,416 | ---- | C] () -- C:\Windows\SysNative\iepeers.dll [2010-06-09 15:15:47 | 000,162,816 | ---- | C] () -- C:\Windows\SysNative\ieUnatt.exe [2010-06-09 15:15:47 | 000,132,096 | ---- | C] () -- C:\Windows\SysNative\iesysprep.dll [2010-06-09 15:15:47 | 000,071,680 | ---- | C] () -- C:\Windows\SysNative\msfeedsbs.dll [2010-06-09 15:15:47 | 000,070,656 | ---- | C] () -- C:\Windows\SysNative\ie4uinit.exe [2010-06-09 15:15:46 | 001,638,912 | ---- | C] () -- C:\Windows\SysNative\mshtml.tlb [2010-06-09 15:15:46 | 000,219,136 | ---- | C] () -- C:\Windows\SysNative\ieui.dll [2010-06-09 15:15:46 | 000,077,312 | ---- | C] () -- C:\Windows\SysNative\iesetup.dll [2010-06-09 15:15:46 | 000,072,192 | ---- | C] () -- C:\Windows\SysNative\iernonce.dll [2010-06-09 15:15:46 | 000,031,744 | ---- | C] () -- C:\Windows\SysNative\jsproxy.dll [2010-06-09 15:15:46 | 000,012,288 | ---- | C] () -- C:\Windows\SysNative\msfeedssync.exe [2010-06-09 15:13:44 | 000,084,480 | ---- | C] () -- C:\Windows\SysNative\asycfilt.dll [2010-06-09 15:13:42 | 002,749,952 | ---- | C] () -- C:\Windows\SysNative\win32k.sys [2010-06-09 15:13:40 | 001,570,816 | ---- | C] () -- C:\Windows\SysNative\quartz.dll [2010-06-08 17:53:02 | 000,000,013 | ---- | C] () -- C:\Windows\SysWow64\WinSys16.crc [2010-06-08 15:43:45 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempzd5644.html [2010-06-07 21:15:11 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempKc4296.html [2010-06-07 14:59:33 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempzA3052.html [2010-06-06 22:16:40 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempDk2188.html [2010-06-06 19:12:38 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempFT4956.html [2010-06-05 11:01:45 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempoie492.html [2010-06-05 09:15:53 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempgV3580.html [2010-06-04 16:29:28 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempJx4344.html [2010-06-04 13:26:40 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempih4984.html [2010-06-03 18:04:50 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempTc5388.html [2010-06-03 12:52:00 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempjw4236.html [2010-06-02 16:22:23 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempja2116.html [2010-05-30 14:00:58 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempvo2884.html [2010-05-30 09:12:09 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempqN4568.html [2010-05-29 19:44:15 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempGT1772.html [2010-05-29 17:40:21 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempLZ2324.html [2010-05-29 16:37:09 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempgH3192.html [2010-05-28 08:12:34 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempcg6608.html [2010-05-28 02:09:00 | 000,041,872 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll [2010-05-28 02:09:00 | 000,027,536 | ---- | C] () -- C:\Windows\SysNative\xfcodec64.dll [2010-05-27 16:11:33 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempUl7064.html [2010-05-26 21:29:10 | 000,000,371 | ---- | C] () -- C:\Users\admin\Desktop\Club Music.lnk [2010-05-26 17:15:00 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempkD5396.html [2010-05-26 15:08:28 | 000,002,048 | ---- | C] () -- C:\Windows\SysNative\tzres.dll [2010-05-25 21:42:45 | 000,260,277 | ---- | C] () -- C:\Users\admin\Documents\ts3_clientui-win64-10723-2010-05-25 21_42_45.223000.dmp [2010-05-25 19:58:32 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempyo2084.html [2010-05-25 19:55:40 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempzU6072.html [2010-05-25 19:55:40 | 000,002,089 | ---- | C] () -- C:\Users\admin\AppData\Local\TempTi6072.html [2010-05-25 19:29:57 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempEJ4716.html [2010-05-25 19:29:57 | 000,002,089 | ---- | C] () -- C:\Users\admin\AppData\Local\TempGK4716.html [2010-05-24 19:15:22 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempvq2884.html [2010-05-24 15:44:00 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Temphw3404.html [2010-05-24 15:14:36 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempcU6844.html [2010-05-24 15:14:36 | 000,002,089 | ---- | C] () -- C:\Users\admin\AppData\Local\TempkH6844.html [2010-05-24 14:49:20 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempYo1548.html [2010-05-23 21:28:24 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempXA3132.html [2010-05-22 21:55:16 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempRz3740.html [2010-05-22 18:43:31 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempyo5432.html [2010-05-22 18:12:42 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempQN1732.html [2010-05-22 12:25:31 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempnK5940.html [2010-05-22 12:25:31 | 000,002,089 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempuh5940.html [2010-05-21 16:51:28 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempqN4544.html [2010-05-20 21:19:16 | 000,000,802 | ---- | C] () -- C:\Users\admin\Desktop\Xfire.lnk [2010-05-20 20:06:29 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempFL7208.html [2010-05-20 17:51:55 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempOt6572.html [2010-05-19 21:43:24 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempCR2056.html [2010-05-19 18:06:43 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempzT7980.html [2010-05-19 15:57:26 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempui5780.html [2010-05-18 21:03:04 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TemprT4608.html [2010-05-17 17:15:20 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempEr5540.html [2010-05-17 17:15:20 | 000,002,089 | ---- | C] () -- C:\Users\admin\AppData\Local\Temptf5540.html [2010-05-16 18:51:51 | 000,421,148 | ---- | C] () -- C:\Users\admin\AppData\Local\dd_vcredistMSI4D7F.txt [2010-05-16 18:51:51 | 000,011,478 | ---- | C] () -- C:\Users\admin\AppData\Local\dd_vcredistUI4D7F.txt [2010-05-16 18:22:08 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempGQ2652.html [2010-05-16 18:06:53 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempVO2316.html [2010-05-16 18:06:53 | 000,002,089 | ---- | C] () -- C:\Users\admin\AppData\Local\TempyN2316.html [2010-05-16 14:05:51 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempLV2388.html [2010-05-16 14:05:51 | 000,002,089 | ---- | C] () -- C:\Users\admin\AppData\Local\TempNK2388.html [2010-05-15 20:57:56 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempLl3328.html [2010-05-15 15:53:00 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempkz5900.html [2010-05-15 11:58:06 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempRr5288.html [2010-05-14 21:04:08 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempux5592.html [2010-05-14 18:25:58 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempWN2508.html [2010-05-13 20:11:40 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempjs2984.html [2010-05-13 20:11:40 | 000,002,089 | ---- | C] () -- C:\Users\admin\AppData\Local\TempQw2984.html [2010-05-12 22:54:14 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempWx4776.html [2010-05-12 15:53:29 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempKO4100.html [2010-05-12 15:53:29 | 000,002,089 | ---- | C] () -- C:\Users\admin\AppData\Local\TempiQ4100.html [2010-05-12 15:15:40 | 000,974,848 | ---- | C] () -- C:\Windows\SysNative\inetcomm.dll [2010-05-11 17:52:36 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempSZr232.html [2010-05-10 22:21:44 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempVy2772.html [2010-05-10 15:28:27 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempYo4040.html [2010-05-10 15:28:27 | 000,002,089 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempjx4040.html [2010-05-09 20:50:10 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempxW4324.html [2010-05-08 23:00:34 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempyq8116.html [2010-05-07 20:43:55 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempoy7536.html [2010-05-07 20:09:30 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempOl3756.html [2010-05-07 20:08:41 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TemppW2004.html [2010-05-07 20:08:41 | 000,002,089 | ---- | C] () -- C:\Users\admin\AppData\Local\TempfK2004.html [2010-05-07 15:02:44 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempfR6668.html [2010-05-06 21:24:07 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempsI3204.html [2010-05-06 20:24:50 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempXl5168.html [2010-05-06 20:00:51 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempDR2056.html [2010-05-06 16:45:56 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempae4352.html [2010-05-06 15:13:46 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempMq5576.html [2010-05-05 21:37:37 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempvU5476.html [2010-05-05 17:08:00 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempWl1028.html [2010-05-04 15:11:19 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempVM4760.html [2010-05-03 18:59:47 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempZJ3160.html [2010-05-03 18:59:24 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempmz3948.html [2010-05-03 15:41:56 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempim6020.html [2010-05-02 20:21:08 | 000,001,786 | ---- | C] () -- C:\Users\admin\Desktop\CoD RconTool.lnk [2010-05-02 17:00:01 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempIU5580.html [2010-05-02 15:26:47 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempds1772.html [2010-05-01 19:58:32 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempvb4816.html [2010-05-01 15:35:38 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempPT5684.html [2010-05-01 14:19:21 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempCs5272.html [2010-04-30 21:26:26 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempNS1168.html [2010-04-30 19:23:51 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempPL6660.html [2010-04-29 14:20:13 | 000,001,305 | ---- | C] () -- C:\Users\admin\Desktop\MuZaA.lnk [2010-04-28 20:46:20 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempzR3084.html [2010-04-28 14:50:47 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempaH4652.html [2010-04-27 20:52:03 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempbj6628.html [2010-04-27 20:52:03 | 000,002,089 | ---- | C] () -- C:\Users\admin\AppData\Local\TempFn6628.html [2010-04-27 18:11:40 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempBt6000.html [2010-04-27 13:31:47 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TemphY4916.html [2010-04-26 21:09:45 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempjt6428.html [2010-04-26 21:09:45 | 000,002,089 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempmf6428.html [2010-04-26 19:40:44 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempMz4368.html [2010-04-25 21:42:35 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempCz5336.html [2010-04-25 15:05:05 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempcU5540.html [2010-04-25 09:35:06 | 000,035,381 | ---- | C] () -- C:\Users\admin\AppData\Roaming\SQLite3.dll [2010-04-24 14:31:55 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempzq1048.html [2010-04-24 09:17:26 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempDx5504.html [2010-04-23 16:48:17 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempsc6116.html [2010-04-22 21:41:36 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempTq6088.html [2010-04-22 18:42:46 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Temphz1688.html [2010-04-22 15:45:07 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempDu4240.html [2010-04-21 22:22:38 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempGT5472.html [2010-04-21 21:20:50 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempOQ4128.html [2010-04-21 17:19:47 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempIt4664.html [2010-04-21 15:33:06 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempmE5484.html [2010-04-21 15:14:28 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempgT3928.html [2010-04-21 15:14:28 | 000,002,089 | ---- | C] () -- C:\Users\admin\AppData\Local\TempGp3928.html [2010-04-19 21:03:35 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempAe2636.html [2010-04-19 17:22:02 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempao3828.html [2010-04-18 22:41:18 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempPC2008.html [2010-04-18 21:49:49 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempQr4828.html [2010-04-18 21:13:57 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TemphHv916.html [2010-04-18 14:57:25 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempdx3908.html [2010-04-17 21:35:51 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TemplH4364.html [2010-04-17 17:32:51 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempJJ4940.html [2010-04-17 09:14:56 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TemppH4172.html [2010-04-16 14:22:40 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempTfb800.html [2010-04-16 14:22:40 | 000,002,089 | ---- | C] () -- C:\Users\admin\AppData\Local\TempHvc800.html [2010-04-15 20:18:16 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempwk2440.html [2010-04-15 15:25:35 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempzK6164.html [2010-04-15 15:25:35 | 000,002,089 | ---- | C] () -- C:\Users\admin\AppData\Local\TempTp6164.html [2010-04-14 20:38:35 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TemprI4716.html [2010-04-14 20:16:24 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempnb4220.html [2010-04-14 15:05:48 | 000,072,192 | ---- | C] () -- C:\Windows\SysNative\l3codeca.acm [2010-04-14 15:05:46 | 001,420,688 | ---- | C] () -- C:\Windows\SysNative\drivers\tcpip.sys [2010-04-14 15:05:45 | 000,224,256 | ---- | C] () -- C:\Windows\SysNative\iphlpsvc.dll [2010-04-14 15:05:45 | 000,029,696 | ---- | C] () -- C:\Windows\SysNative\drivers\tunnel.sys [2010-04-14 15:05:42 | 000,273,920 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb10.sys [2010-04-14 15:05:42 | 000,135,168 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb.sys [2010-04-14 15:05:42 | 000,105,472 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb20.sys [2010-04-14 15:05:40 | 004,690,832 | ---- | C] () -- C:\Windows\SysNative\ntoskrnl.exe [2010-04-14 15:05:38 | 000,612,864 | ---- | C] () -- C:\Windows\SysNative\vbscript.dll [2010-04-14 15:05:37 | 000,104,960 | ---- | C] () -- C:\Windows\SysNative\cabview.dll [2010-04-14 15:04:27 | 000,218,112 | ---- | C] () -- C:\Windows\SysNative\wintrust.dll [2010-04-14 14:59:23 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempMN4268.html [2010-04-13 22:27:17 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempUc4368.html [2010-04-13 21:11:09 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempiP4936.html [2010-04-10 23:00:38 | 000,294,912 | ---- | C] () -- C:\Windows\SysNative\browserchoice.exe [2010-04-10 11:57:03 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempeJ5008.html [2010-04-09 23:41:09 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempJO3716.html [2010-03-29 13:55:06 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempHp4288.html [2010-03-29 13:55:06 | 000,002,089 | ---- | C] () -- C:\Users\admin\AppData\Local\TempVH4288.html [2010-03-28 15:29:17 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TemprH4660.html [2010-03-25 22:39:20 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempbs2948.html [2010-03-25 18:56:42 | 000,000,627 | ---- | C] () -- C:\Users\Public\Desktop\Gadu-Gadu 10.lnk [2010-03-14 13:42:10 | 000,032,768 | ---- | C] () -- C:\Windows\SysNative\nshhttp.dll [2010-03-14 13:42:06 | 000,610,304 | ---- | C] () -- C:\Windows\SysNative\drivers\http.sys [2010-03-14 13:42:05 | 000,033,792 | ---- | C] () -- C:\Windows\SysNative\httpapi.dll [2010-02-24 13:09:45 | 000,817,664 | ---- | C] () -- C:\Windows\SysNative\jscript.dll [2010-02-20 18:49:25 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf [2010-02-10 19:37:05 | 000,417,984 | ---- | C] () -- C:\Users\admin\AppData\Local\dd_vcredistMSI7178.txt [2010-02-10 19:37:04 | 000,011,478 | ---- | C] () -- C:\Users\admin\AppData\Local\dd_vcredistUI7178.txt [2010-02-10 19:37:02 | 000,001,052 | ---- | C] () -- C:\Users\admin\Desktop\TeamSpeak 3 Client.lnk [2010-02-09 22:09:19 | 000,054,272 | ---- | C] () -- C:\Windows\SysNative\iyuv_32.dll [2010-02-09 22:09:19 | 000,038,400 | ---- | C] () -- C:\Windows\SysNative\msvidc32.dll [2010-02-09 22:09:19 | 000,025,600 | ---- | C] () -- C:\Windows\SysNative\msyuv.dll [2010-02-09 22:09:19 | 000,015,872 | ---- | C] () -- C:\Windows\SysNative\msrle32.dll [2010-02-09 22:09:19 | 000,013,824 | ---- | C] () -- C:\Windows\SysNative\tsbyuv.dll [2010-02-09 22:09:18 | 000,143,360 | ---- | C] () -- C:\Windows\SysNative\msvfw32.dll [2010-02-09 22:09:18 | 000,108,544 | ---- | C] () -- C:\Windows\SysNative\avifil32.dll [2010-02-09 22:09:18 | 000,093,184 | ---- | C] () -- C:\Windows\SysNative\mciavi32.dll [2010-02-09 22:09:18 | 000,076,800 | ---- | C] () -- C:\Windows\SysNative\avicap32.dll [2010-02-09 22:09:14 | 000,464,384 | ---- | C] () -- C:\Windows\SysNative\drivers\srv.sys [2010-02-09 22:09:14 | 000,141,824 | ---- | C] () -- C:\Windows\SysNative\drivers\srvnet.sys [2010-01-13 16:16:12 | 000,189,440 | ---- | C] () -- C:\Windows\SysNative\t2embed.dll [2010-01-13 16:16:12 | 000,096,256 | ---- | C] () -- C:\Windows\SysNative\fontsub.dll [2010-01-05 18:50:19 | 000,001,048 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010-01-05 18:50:19 | 000,001,044 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010-01-05 18:36:48 | 000,002,009 | ---- | C] () -- C:\Users\admin\Desktop\Google Chrome.lnk [2010-01-04 21:44:09 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.INI [2009-12-16 21:37:29 | 000,003,350 | -HS- | C] () -- C:\Windows\SysWow64\KGyGaAvL.sys [2009-12-16 21:37:29 | 000,000,088 | RHS- | C] () -- C:\Windows\SysWow64\88B5D96988.sys [2009-12-16 19:10:01 | 000,028,672 | ---- | C] () -- C:\Windows\eJreadme.exe [2009-12-12 19:22:53 | 000,442,368 | ---- | C] () -- C:\Windows\SysNative\winhttp.dll [2009-12-12 19:22:16 | 000,295,936 | ---- | C] () -- C:\Windows\SysNative\raschap.dll [2009-12-12 19:22:16 | 000,280,576 | ---- | C] () -- C:\Windows\SysNative\rastls.dll [2009-12-12 17:30:11 | 000,517,960 | ---- | C] () -- C:\Windows\SysNative\XAudio2_5.dll [2009-12-12 17:30:10 | 002,582,888 | ---- | C] () -- C:\Windows\SysNative\D3DCompiler_42.dll [2009-12-12 17:30:10 | 000,176,968 | ---- | C] () -- C:\Windows\SysNative\xactengine3_5.dll [2009-12-12 17:30:08 | 005,554,512 | ---- | C] () -- C:\Windows\SysNative\d3dcsx_42.dll [2009-12-12 17:30:07 | 000,523,088 | ---- | C] () -- C:\Windows\SysNative\d3dx10_42.dll [2009-12-12 17:30:07 | 000,285,024 | ---- | C] () -- C:\Windows\SysNative\d3dx11_42.dll [2009-12-12 17:30:06 | 002,475,352 | ---- | C] () -- C:\Windows\SysNative\D3DX9_42.dll [2009-12-12 17:30:05 | 002,430,312 | ---- | C] () -- C:\Windows\SysNative\D3DCompiler_41.dll [2009-12-12 17:30:05 | 000,520,544 | ---- | C] () -- C:\Windows\SysNative\d3dx10_41.dll [2009-12-12 17:30:04 | 005,425,496 | ---- | C] () -- C:\Windows\SysNative\D3DX9_41.dll [2009-12-12 17:30:03 | 000,521,560 | ---- | C] () -- C:\Windows\SysNative\XAudio2_4.dll [2009-12-12 17:30:03 | 000,174,936 | ---- | C] () -- C:\Windows\SysNative\xactengine3_4.dll [2009-12-12 17:30:03 | 000,073,544 | ---- | C] () -- C:\Windows\SysNative\XAPOFX1_3.dll [2009-12-12 17:30:02 | 000,024,920 | ---- | C] () -- C:\Windows\SysNative\X3DAudio1_6.dll [2009-12-12 17:30:00 | 002,605,920 | ---- | C] () -- C:\Windows\SysNative\D3DCompiler_40.dll [2009-12-12 17:30:00 | 000,519,000 | ---- | C] () -- C:\Windows\SysNative\d3dx10_40.dll [2009-12-12 17:29:58 | 005,631,312 | ---- | C] () -- C:\Windows\SysNative\D3DX9_40.dll [2009-12-12 17:29:57 | 000,518,480 | ---- | C] () -- C:\Windows\SysNative\XAudio2_3.dll [2009-12-12 17:29:57 | 000,175,440 | ---- | C] () -- C:\Windows\SysNative\xactengine3_3.dll [2009-12-12 17:29:57 | 000,074,576 | ---- | C] () -- C:\Windows\SysNative\XAPOFX1_2.dll [2009-12-12 17:29:56 | 000,025,936 | ---- | C] () -- C:\Windows\SysNative\X3DAudio1_5.dll [2009-11-25 13:12:56 | 001,875,456 | ---- | C] () -- C:\Windows\SysNative\msxml3.dll [2009-11-25 13:12:56 | 001,794,560 | ---- | C] () -- C:\Windows\SysNative\msxml6.dll [2009-11-18 17:54:48 | 000,002,493 | ---- | C] () -- C:\Users\Public\Documents\Global.sw2 [2009-11-18 17:54:48 | 000,000,000 | -H-- | C] () -- C:\Windows\SwSys2.bmp [2009-11-18 17:54:48 | 000,000,000 | -H-- | C] () -- C:\Windows\SwSys1.bmp [2009-11-11 13:48:08 | 000,437,248 | ---- | C] () -- C:\Windows\SysNative\WSDApi.dll [2009-10-16 18:12:03 | 000,818,688 | ---- | C] () -- C:\Windows\SysNative\WMSPDMOD.DLL [2009-10-16 18:11:48 | 000,268,800 | ---- | C] () -- C:\Windows\SysNative\msv1_0.dll [2009-10-16 18:11:43 | 000,174,592 | ---- | C] () -- C:\Windows\SysNative\drivers\srv2.sys [2009-10-16 18:11:41 | 000,082,944 | ---- | C] () -- C:\Windows\SysNative\msasn1.dll [2009-10-07 15:08:52 | 002,621,440 | ---- | C] () -- C:\Windows\SysNative\wucltux.dll [2009-10-07 15:08:52 | 002,424,024 | ---- | C] () -- C:\Windows\SysNative\wuaueng.dll [2009-10-07 15:08:52 | 000,057,560 | ---- | C] () -- C:\Windows\SysNative\wuauclt.exe [2009-10-07 15:08:52 | 000,043,744 | ---- | C] () -- C:\Windows\SysNative\wups2.dll [2009-10-07 15:08:12 | 000,700,640 | ---- | C] () -- C:\Windows\SysNative\wuapi.dll [2009-10-07 15:08:12 | 000,098,816 | ---- | C] () -- C:\Windows\SysNative\wudriver.dll [2009-10-07 15:08:12 | 000,038,112 | ---- | C] () -- C:\Windows\SysNative\wups.dll [2009-10-07 15:07:56 | 000,185,416 | ---- | C] () -- C:\Windows\SysNative\wuwebv.dll [2009-10-07 15:07:56 | 000,036,864 | ---- | C] () -- C:\Windows\SysNative\wuapp.exe [2009-10-03 09:05:33 | 000,270,208 | ---- | C] () -- C:\Windows\SysNative\MpSigStub.exe [2009-09-28 17:42:47 | 000,000,027 | ---- | C] () -- C:\Users\admin\Desktop\skamandryta.css [2009-09-26 08:43:42 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat [2009-09-26 08:40:25 | 000,002,415 | ---- | C] () -- C:\Users\admin\Desktop\Skype.lnk [2009-09-11 21:43:50 | 001,692,160 | ---- | C] () -- C:\Windows\SysNative\lsasrv.dll [2009-09-11 21:43:50 | 000,656,384 | ---- | C] () -- C:\Windows\SysNative\kerberos.dll [2009-09-11 21:43:49 | 000,515,656 | ---- | C] () -- C:\Windows\SysNative\drivers\ksecdd.sys [2009-09-11 21:43:49 | 000,338,944 | ---- | C] () -- C:\Windows\SysNative\schannel.dll [2009-09-11 21:43:49 | 000,205,312 | ---- | C] () -- C:\Windows\SysNative\wdigest.dll [2009-09-11 21:43:49 | 000,094,720 | ---- | C] () -- C:\Windows\SysNative\secur32.dll [2009-09-11 21:43:49 | 000,011,264 | ---- | C] () -- C:\Windows\SysNative\lsass.exe [2009-09-10 15:59:56 | 002,423,296 | ---- | C] () -- C:\Windows\SysNative\mstscax.dll [2009-09-10 15:59:49 | 000,057,667 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2009-09-10 15:59:49 | 000,057,667 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2009-09-10 15:59:07 | 002,900,480 | ---- | C] () -- C:\Windows\SysNative\WMVCORE.DLL [2009-09-10 15:59:06 | 003,547,136 | ---- | C] () -- C:\Windows\SysNative\mf.dll [2009-09-10 15:59:04 | 000,088,576 | ---- | C] () -- C:\Windows\SysNative\atl.dll [2009-09-10 15:58:56 | 000,141,312 | ---- | C] () -- C:\Windows\SysNative\netiohlp.dll [2009-09-10 15:58:56 | 000,032,256 | ---- | C] () -- C:\Windows\SysNative\NETSTAT.EXE [2009-09-10 15:58:56 | 000,023,040 | ---- | C] () -- C:\Windows\SysNative\ARP.EXE [2009-09-10 15:58:55 | 000,021,504 | ---- | C] () -- C:\Windows\SysNative\ROUTE.EXE [2009-09-10 15:58:55 | 000,017,920 | ---- | C] () -- C:\Windows\SysNative\netevent.dll [2009-09-10 15:58:55 | 000,012,800 | ---- | C] () -- C:\Windows\SysNative\MRINFO.EXE [2009-09-10 15:58:55 | 000,011,264 | ---- | C] () -- C:\Windows\SysNative\finger.exe [2009-09-10 15:58:55 | 000,010,752 | ---- | C] () -- C:\Windows\SysNative\TCPSVCS.EXE [2009-09-10 15:58:55 | 000,010,240 | ---- | C] () -- C:\Windows\SysNative\HOSTNAME.EXE [2009-09-10 15:58:24 | 000,202,752 | ---- | C] () -- C:\Windows\SysNative\wkssvc.dll [2009-09-10 15:58:18 | 013,426,176 | ---- | C] () -- C:\Windows\SysNative\wmp.dll [2009-09-10 15:58:15 | 000,368,128 | ---- | C] () -- C:\Windows\SysNative\wmpdxm.dll [2009-09-10 15:58:14 | 000,009,216 | ---- | C] () -- C:\Windows\SysNative\spwmp.dll [2009-09-10 15:58:14 | 000,005,120 | ---- | C] () -- C:\Windows\SysNative\msdxm.ocx [2009-09-10 15:58:14 | 000,005,120 | ---- | C] () -- C:\Windows\SysNative\dxmasf.dll [2009-09-10 15:58:13 | 008,147,968 | ---- | C] () -- C:\Windows\SysNative\wmploc.DLL [2009-09-10 15:58:13 | 000,043,520 | ---- | C] () -- C:\Windows\SysNative\msdxm.tlb [2009-09-10 15:58:12 | 000,018,432 | ---- | C] () -- C:\Windows\SysNative\amcompat.tlb [2009-09-10 15:58:10 | 002,608,803 | ---- | C] () -- C:\Windows\SysNative\wlan.tmf [2009-09-10 15:58:10 | 000,353,280 | ---- | C] () -- C:\Windows\SysNative\wlanmsm.dll [2009-09-10 15:58:09 | 000,615,936 | ---- | C] () -- C:\Windows\SysNative\wlansvc.dll [2009-09-10 15:58:09 | 000,376,832 | ---- | C] () -- C:\Windows\SysNative\wlansec.dll [2009-09-10 15:58:09 | 000,157,184 | ---- | C] () -- C:\Windows\SysNative\L2SecHC.dll [2009-09-10 15:58:09 | 000,097,792 | ---- | C] () -- C:\Windows\SysNative\wlanhlp.dll [2009-09-10 15:58:09 | 000,086,528 | ---- | C] () -- C:\Windows\SysNative\wlanapi.dll [2009-09-09 18:34:06 | 000,000,552 | ---- | C] () -- C:\Users\admin\AppData\Local\d3d8caps.dat [2009-08-07 19:51:34 | 000,178,430 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2009-07-08 13:14:10 | 000,000,782 | ---- | C] () -- C:\Users\admin\Desktop\µTorrent.lnk [2009-07-05 09:06:22 | 000,161,792 | ---- | C] () -- C:\Windows\SysNative\advpack.dll [2009-07-05 09:06:22 | 000,088,064 | ---- | C] () -- C:\Windows\SysNative\admparse.dll [2009-07-05 09:06:22 | 000,085,504 | ---- | C] () -- C:\Windows\SysNative\icardie.dll [2009-07-05 09:06:22 | 000,022,528 | ---- | C] () -- C:\Windows\SysNative\corpol.dll [2009-07-05 09:06:21 | 000,223,232 | ---- | C] () -- C:\Windows\SysNative\msls31.dll [2009-07-05 09:06:21 | 000,157,696 | ---- | C] () -- C:\Windows\SysNative\ieakeng.dll [2009-07-05 09:06:21 | 000,077,824 | ---- | C] () -- C:\Windows\SysNative\tdc.ocx [2009-07-05 09:06:20 | 000,125,952 | ---- | C] () -- C:\Windows\SysNative\inseng.dll [2009-07-05 09:06:20 | 000,076,288 | ---- | C] () -- C:\Windows\SysNative\wextract.exe [2009-07-05 09:06:20 | 000,063,488 | ---- | C] () -- C:\Windows\SysNative\pngfilt.dll [2009-07-05 09:06:20 | 000,055,808 | ---- | C] () -- C:\Windows\SysNative\licmgr10.dll [2009-07-05 09:06:20 | 000,052,736 | ---- | C] () -- C:\Windows\SysNative\imgutil.dll [2009-07-05 09:06:19 | 000,508,416 | ---- | C] () -- C:\Windows\SysNative\dxtmsft.dll [2009-07-05 09:06:19 | 000,481,280 | ---- | C] () -- C:\Windows\SysNative\ieapfltr.dll [2009-07-05 09:06:19 | 000,318,464 | ---- | C] () -- C:\Windows\SysNative\dxtrans.dll [2009-07-05 09:06:18 | 000,304,640 | ---- | C] () -- C:\Windows\SysNative\webcheck.dll [2009-07-05 09:06:18 | 000,271,872 | ---- | C] () -- C:\Windows\SysNative\ieaksie.dll [2009-07-05 09:06:18 | 000,241,664 | ---- | C] () -- C:\Windows\SysNative\msrating.dll [2009-07-05 09:06:18 | 000,163,840 | ---- | C] () -- C:\Windows\SysNative\ieakui.dll [2009-07-05 09:06:18 | 000,096,768 | ---- | C] () -- C:\Windows\SysNative\mshtmled.dll [2009-07-05 09:06:17 | 000,278,528 | ---- | C] () -- C:\Windows\SysNative\WinFXDocObj.exe [2009-07-05 09:06:17 | 000,131,584 | ---- | C] () -- C:\Windows\SysNative\PDMSetup.exe [2009-07-05 09:06:17 | 000,129,024 | ---- | C] () -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2009-07-05 09:06:17 | 000,128,512 | ---- | C] () -- C:\Windows\SysNative\SetIEInstalledDate.exe [2009-07-05 09:06:17 | 000,125,440 | ---- | C] () -- C:\Windows\SysNative\SetDepNx.exe [2009-07-05 09:06:17 | 000,108,032 | ---- | C] () -- C:\Windows\SysNative\url.dll [2009-07-05 09:06:17 | 000,041,984 | ---- | C] () -- C:\Windows\SysNative\mshta.exe [2009-07-05 09:06:16 | 000,479,744 | ---- | C] () -- C:\Windows\SysNative\html.iec [2009-07-05 09:06:16 | 000,048,128 | ---- | C] () -- C:\Windows\SysNative\mshtmler.dll [2009-07-05 09:06:15 | 003,698,584 | ---- | C] () -- C:\Windows\SysNative\ieapfltr.dat [2009-07-05 09:06:15 | 000,193,536 | ---- | C] () -- C:\Windows\SysNative\iexpress.exe [2009-07-03 20:30:56 | 000,219,128 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2009-07-03 10:10:14 | 000,049,160 | ---- | C] () -- C:\Windows\SysNative\infocardcpl.cpl [2009-07-03 10:10:09 | 000,052,760 | ---- | C] () -- C:\Windows\SysNative\PresentationHostProxy.dll [2009-07-03 10:10:09 | 000,011,264 | ---- | C] () -- C:\Windows\SysNative\icardres.dll [2009-07-03 10:10:08 | 001,383,936 | ---- | C] () -- C:\Windows\SysNative\icardagt.exe [2009-07-03 10:10:08 | 001,168,928 | ---- | C] () -- C:\Windows\SysNative\PresentationNative_v0300.dll [2009-07-03 10:10:08 | 000,167,432 | ---- | C] () -- C:\Windows\SysNative\infocardapi.dll [2009-07-03 10:10:04 | 000,126,520 | ---- | C] () -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll [2009-07-03 10:10:02 | 000,357,904 | ---- | C] () -- C:\Windows\SysNative\PresentationHost.exe [2009-07-03 10:04:29 | 000,013,824 | ---- | C] () -- C:\Windows\SysNative\netfxperf.dll [2009-07-03 10:04:22 | 000,112,120 | ---- | C] () -- C:\Windows\SysNative\dfshim.dll [2009-07-03 10:04:16 | 000,406,528 | ---- | C] () -- C:\Windows\SysNative\mscoree.dll [2009-07-03 10:04:12 | 000,158,208 | ---- | C] () -- C:\Windows\SysNative\mscorier.dll [2009-07-03 10:04:10 | 000,076,288 | ---- | C] () -- C:\Windows\SysNative\mscories.dll [2009-06-30 22:27:57 | 000,149,773 | ---- | C] () -- C:\Windows\SysNative\drivers\klin.dat [2009-06-30 22:27:57 | 000,106,765 | ---- | C] () -- C:\Windows\SysNative\drivers\klick.dat [2009-06-30 22:24:28 | 007,422,524 | -HS- | C] () -- C:\Windows\SysNative\drivers\fidbox.dat [2009-06-30 22:24:28 | 001,105,980 | -HS- | C] () -- C:\Windows\SysNative\drivers\fidbox2.dat [2009-06-30 22:24:28 | 000,072,548 | -HS- | C] () -- C:\Windows\SysNative\drivers\fidbox.idx [2009-06-30 22:24:28 | 000,010,596 | -HS- | C] () -- C:\Windows\SysNative\drivers\fidbox2.idx [2009-06-30 22:24:16 | 000,227,856 | ---- | C] () -- C:\Windows\SysNative\drivers\klif.sys [2009-06-30 21:49:58 | 012,240,896 | ---- | C] () -- C:\Windows\SysNative\NlsLexicons0007.dll [2009-06-30 21:49:57 | 002,644,480 | ---- | C] () -- C:\Windows\SysNative\NlsLexicons0009.dll [2009-06-30 21:49:45 | 001,361,920 | ---- | C] () -- C:\Windows\SysNative\NaturalLanguage6.dll [2009-06-30 21:44:56 | 000,791,552 | ---- | C] () -- C:\Windows\SysNative\localspl.dll [2009-06-30 21:44:53 | 001,280,512 | ---- | C] () -- C:\Windows\SysNative\rpcrt4.dll [2009-06-30 21:44:49 | 000,660,480 | ---- | C] () -- C:\Windows\SysNative\win32spl.dll [2009-06-30 21:44:47 | 004,240,384 | ---- | C] () -- C:\Windows\SysNative\GameUXLegacyGDFs.dll [2009-06-30 21:44:47 | 001,926,656 | ---- | C] () -- C:\Windows\SysNative\gameux.dll [2009-06-30 21:44:47 | 000,032,256 | ---- | C] () -- C:\Windows\SysNative\Apphlpdm.dll [2009-06-30 21:44:24 | 001,208,832 | ---- | C] () -- C:\Windows\SysNative\kernel32.dll [2009-06-30 21:44:23 | 000,025,600 | ---- | C] () -- C:\Windows\SysNative\amxread.dll [2009-06-30 21:44:23 | 000,015,872 | ---- | C] () -- C:\Windows\SysNative\apilogen.dll [2009-06-30 21:44:17 | 000,388,608 | ---- | C] () -- C:\Windows\SysNative\gdi32.dll [2009-06-30 21:44:08 | 001,030,656 | ---- | C] () -- C:\Windows\SysNative\printfilterpipelinesvc.exe [2009-06-30 21:44:06 | 000,718,336 | ---- | C] () -- C:\Windows\SysNative\rpcss.dll [2009-06-30 21:44:05 | 000,231,424 | ---- | C] () -- C:\Windows\SysNative\sdohlp.dll [2009-06-30 21:44:05 | 000,163,840 | ---- | C] () -- C:\Windows\SysNative\iasrecst.dll [2009-06-30 21:44:05 | 000,075,776 | ---- | C] () -- C:\Windows\SysNative\iasads.dll [2009-06-30 21:44:05 | 000,061,440 | ---- | C] () -- C:\Windows\SysNative\iasdatastore.dll [2009-06-30 21:44:05 | 000,036,352 | ---- | C] () -- C:\Windows\SysNative\printfilterpipelineprxy.dll [2009-06-30 21:44:05 | 000,024,576 | ---- | C] () -- C:\Windows\SysNative\iashost.exe [2009-06-30 21:43:50 | 001,245,184 | ---- | C] () -- C:\Windows\SysNative\WMNetMgr.dll [2009-06-30 21:43:50 | 000,112,640 | ---- | C] () -- C:\Windows\SysNative\logagent.exe [2009-06-30 21:43:21 | 000,730,112 | ---- | C] () -- C:\Windows\SysNative\msdtcprx.dll [2009-06-30 21:43:21 | 000,048,640 | ---- | C] () -- C:\Windows\SysNative\xolehlp.dll [2009-06-30 21:43:19 | 012,897,792 | ---- | C] () -- C:\Windows\SysNative\shell32.dll [2009-01-31 21:58:16 | 000,235,532 | ---- | C] () -- C:\Windows\SysWow64\loadimage.dll [2009-01-31 21:58:16 | 000,094,208 | ---- | C] () -- C:\Windows\SysWow64\NewWaveAnzeige.dll [2009-01-31 21:58:16 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\fader.dll [2009-01-31 21:58:16 | 000,029,696 | ---- | C] () -- C:\Windows\SysWow64\pthread.dll [2009-01-31 21:56:06 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini [2009-01-31 21:52:16 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\eJ_Tool.dll [2008-11-05 21:42:59 | 000,000,279 | ---- | C] () -- C:\Windows\game.ini [2008-10-25 14:27:02 | 001,580,100 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2008-10-24 18:08:36 | 000,164,352 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2008-10-24 18:08:35 | 000,755,027 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2008-10-24 18:08:35 | 000,159,839 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2008-10-24 18:08:34 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll [2008-10-24 18:08:34 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2008-10-24 18:08:34 | 000,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest [2008-10-24 16:58:54 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini [2008-10-07 10:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll [2008-10-07 10:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll [2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll [2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll [2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll [2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll [2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll [2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll [2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll [2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll [2008-01-21 04:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini [2008-01-21 04:49:49 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [color=#E56717]========== LOP Check ==========[/color] [2010-01-08 18:41:16 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Atari [2008-10-24 18:16:19 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\DAEMON Tools [2009-10-30 16:45:22 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Dark Sector [2008-10-24 18:06:55 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Gadu-Gadu [2010-03-25 18:56:31 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Gadu-Gadu 10 [2010-05-18 22:47:43 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\HLSW [2009-03-19 20:15:03 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Leadertech [2010-01-14 00:16:31 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\LG Electronics [2009-05-13 16:06:38 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\My Games [2009-07-03 21:35:55 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Nowe Gadu-Gadu [2010-05-04 19:52:53 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\OpenFM [2009-05-13 15:52:09 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Opera [2009-01-24 16:59:31 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Sierra [2010-06-21 20:32:07 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\TS3Client [2010-06-13 20:29:26 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\uTorrent [2010-06-23 21:17:36 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Vista Start Menu [2010-06-25 14:27:55 | 000,032,562 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2008-01-21 04:50:15 | 000,333,203 | RHS- | M] () -- C:\bootmgr [2008-10-24 23:38:53 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK [2008-11-08 00:00:58 | 000,000,141 | ---- | M] () -- C:\DevList.txt [2010-06-25 14:28:49 | 312,033,279 | -HS- | M] () -- C:\pagefile.sys [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2008-01-21 04:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_163188bf770e4ab0\AGP440.sys [2008-01-21 04:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_181d01cb743015fc\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2008-01-21 04:46:50 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_3956c39dd9e73fd2\atapi.sys [2009-04-11 09:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\SoftwareDistribution\Download\b7a36a24530dbf6d856c57e20cf520d9\amd64_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_3b423ca9d7090b1e\atapi.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2008-01-21 04:46:54 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=3B2FB35363423ED60C8FBF15FC8680BD -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_bbc7f7665c24db80\cdrom.sys [2009-04-11 07:34:39 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=C025AA69BE3D0D25C7A2E746EF6F94FC -- C:\Windows\SoftwareDistribution\Download\b7a36a24530dbf6d856c57e20cf520d9\amd64_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_bdb370725946a6cc\cdrom.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008-01-21 04:50:38 | 000,739,384 | ---- | M] (Microsoft Corporation) MD5=2A2EE457AF36C5C9A6808C768BD3A12B -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_03e5c74ad46c7e4e\ndis.sys [2009-04-11 09:15:34 | 000,738,264 | ---- | M] (Microsoft Corporation) MD5=65950E07329FCEE8E6516B17C8D0ABB6 -- C:\Windows\SoftwareDistribution\Download\b7a36a24530dbf6d856c57e20cf520d9\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_05d14056d18e499a\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2009-04-11 09:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\SoftwareDistribution\Download\b7a36a24530dbf6d856c57e20cf520d9\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_cdcd15a68a70b877\winlogon.exe [2008-01-21 04:49:47 | 000,406,016 | ---- | M] (Microsoft Corporation) MD5=856491FCED98093D824B9EB2892F564A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_cbe19c9a8d4eed2b\winlogon.exe [2009-04-11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SoftwareDistribution\Download\b7a36a24530dbf6d856c57e20cf520d9\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [2008-01-21 04:50:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\SysWOW64\winlogon.exe [2008-01-21 04:50:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\SysWOW64\winlogon.exe [2008-01-21 04:50:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe < End of report > [/log]Wydaje mi się jednak, że wszystko powoli wraca do normy. Dzięki za udzieloną pomoc.
Mateusz J. komentarz 26 czerwca 2010 komentarz 26 czerwca 2010 Uruchom OTL i w oknie Custom Scans/Fixes wklej[code] :Processes explorer.exe :OTL O4 - HKLM..\Run: [HKLM] C:\Users\admin\AppData\Roaming\Microsoft_KB57H43\tmngr.exe File not found O4 - HKLM..\Run: [QuickTime Task] d:\Trzecia fala\qttask.exe File not found O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe File not found O4 - HKU\S-1-5-21-4090682708-3521959348-571196124-1000..\Run: [Advanced Uninstaller PRO Installation Monitor] C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO - Version 9\Monitor.exe File not found O4 - HKU\S-1-5-21-4090682708-3521959348-571196124-1000..\Run: [duedue] C:\Users\admin\duedue.exe File not found O4 - HKU\S-1-5-21-4090682708-3521959348-571196124-1000..\Run: [HKCU] C:\Users\admin\AppData\Roaming\Microsoft_KB57H43\tmngr.exe File not found O4 - HKU\S-1-5-21-4090682708-3521959348-571196124-1000..\Run: [Task Bar] C:\Documents and Settings\All Users\Documents\svchast.exe File not found O4 - HKU\S-1-5-21-4090682708-3521959348-571196124-1000..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Policies = C:\Users\admin\AppData\Roaming\Microsoft_KB57H43\tmngr.exe File not found :Files C:\Users\Public\Documents\svchast.exe :Commands [emptytemp] [Reboot][/code]Kliknij Run Fix. Zatwierdź restart komputera. Po ponownym uruchomieniu komputera tworzysz nowy log i pokazujesz do kontroli wraz z raportem usuwania. Przeczyść komputer program ATF Cleaner.
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.