x-kom hosting

Worm.Win32.VBNA.a

eey
utworzono
utworzono

Sam wirus został zneutralizowany. Jak na stałe usunąć jego skutek - ogólne spowolnienie pracy komputera? Czy konieczna jest reinstallka systemu?
[color="#ff0000"]
//przenoszę do subforum Logi do sprawdzenia
//raaz[/color]

Gość
komentarz
komentarz

full scan mbamem -> http://www.malwarebytes.org/
usun to co znajdzie + pokaz raport.

eey
komentarz
komentarz

[url="http://img682.imageshack.us/i/hihip.jpg/"][IMG]http://img682.imageshack.us/img682/7200/hihip.th.jpg[/IMG][/url]

Plus

[b][log]Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Wersja bazy: 4237

Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.18928

2010-06-25 14:20:54
mbam-log-2010-06-25 (14-20-54).txt

Typ skanowania: Pełne skanowanie (C:\|D:\|E:\|)
Przeskanowano obiektów: 324197
Upłynęło: 52 minut(y), 24 sekund(y)

Zainfekowanych procesów w pamięci: 0
Zainfekowanych modułów w pamięci: 0
Zainfekowanych kluczy rejestru: 1
Zainfekowanych wartości rejestru: 0
Zainfekowane informacje rejestru systemowego: 0
Zainfekowanych folderów: 1
Zainfekowanych plików: 5

Zainfekowanych procesów w pamięci:
(Nie znaleziono zagrożeń)

Zainfekowanych modułów w pamięci:
(Nie znaleziono zagrożeń)

Zainfekowanych kluczy rejestru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{ln45m2g7-wfvq-i566-nc7l-7j4s41wa57v2} (Generic.Bot.H) -> Quarantined and deleted successfully.

Zainfekowanych wartości rejestru:
(Nie znaleziono zagrożeń)

Zainfekowane informacje rejestru systemowego:
(Nie znaleziono zagrożeń)

Zainfekowanych folderów:
C:\Windows\System32\Microsoft_KB57H43 (Trojan.Backdoor) -> Quarantined and deleted successfully.

Zainfekowanych plików:
C:\Users\admin\AppData\Local\Temp\441377778_server.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Local\Temp\server.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Roaming\logs.dat (Bifrose.Trace) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Local\Temp\UuU.uUu (Malware.Trace) -> Quarantined and deleted successfully.
C:\Users\admin\AppData\Local\Temp\XxX.xXx (Malware.Trace) -> Quarantined and deleted successfully.[/b][/log]

Troche wiecej sie znalazło niż Kasperskym ^^

Mateusz J.
komentarz
komentarz

Pokaż log z OTL: http://www.forumpc.pl/index.php?showtopic=104338

eey
komentarz
komentarz

Proszę bardzo:

[log]OTL logfile created on: 2010-06-25 20:45:21 - Run 1
OTL by OldTimer - Version 3.2.7.0 Folder = C:\Users\admin\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 64,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 48,83 Gb Total Space | 6,94 Gb Free Space | 14,22% Space Free | Partition Type: NTFS
Drive D: | 203,12 Gb Total Space | 142,48 Gb Free Space | 70,14% Space Free | Partition Type: NTFS
Drive E: | 213,80 Gb Total Space | 203,65 Gb Free Space | 95,25% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ADMIN-PC
Current User Name: admin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 360 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-06-25 20:42:33 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\admin\Desktop\OTL.exe
PRC - [2010-06-25 19:55:58 | 000,219,128 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2010-06-03 02:50:58 | 001,144,104 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2010-05-28 02:08:46 | 003,493,264 | ---- | M] (Xfire Inc.) -- C:\Program Files (x86)\Xfire\Xfire.exe
PRC - [2010-02-18 11:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
PRC - [2009-07-21 22:46:28 | 000,208,616 | ---- | M] (Kaspersky Lab) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
PRC - [2009-07-03 19:03:20 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2009-03-12 12:18:02 | 002,224,640 | ---- | M] (OrdinarySoft) -- C:\Program Files (x86)\Vista Start Menu\VistaStartMenu.exe
PRC - [2009-02-26 10:49:18 | 000,099,328 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\opera.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-06-25 20:42:33 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\admin\Desktop\OTL.exe
MOD - [2010-05-28 02:09:04 | 000,970,640 | ---- | M] (Xfire Inc.) -- C:\Program Files (x86)\Xfire\xfire_toucan_42784.dll
MOD - [2009-07-17 16:35:11 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2009-06-15 17:25:02 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
MOD - [2009-04-23 14:44:38 | 000,677,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
MOD - [2009-02-13 10:47:47 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
MOD - [2008-11-06 15:14:25 | 011,580,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
MOD - [2008-10-21 07:23:58 | 000,303,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll
MOD - [2008-10-16 06:47:33 | 000,466,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netapi32.dll
MOD - [2008-07-29 20:22:12 | 000,079,112 | ---- | M] (Kaspersky Lab) -- C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll
MOD - [2008-07-29 20:22:08 | 000,079,112 | ---- | M] (Kaspersky Lab) -- C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd.dll
MOD - [2008-02-29 08:53:38 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2008-01-21 04:52:09 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2008-01-21 04:51:05 | 000,234,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll
MOD - [2008-01-21 04:51:04 | 001,315,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll
MOD - [2008-01-21 04:51:02 | 000,806,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll
MOD - [2008-01-21 04:50:59 | 001,165,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
MOD - [2008-01-21 04:50:58 | 000,563,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll
MOD - [2008-01-21 04:50:35 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll
MOD - [2008-01-21 04:50:28 | 001,590,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll
MOD - [2008-01-21 04:50:15 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll
MOD - [2008-01-21 04:50:03 | 000,450,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2008-01-21 04:50:03 | 000,351,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll
MOD - [2008-01-21 04:50:01 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\xmllite.dll
MOD - [2008-01-21 04:50:01 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2008-01-21 04:49:58 | 000,680,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
MOD - [2008-01-21 04:49:48 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll
MOD - [2008-01-21 04:49:45 | 000,798,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll
MOD - [2008-01-21 04:49:43 | 001,076,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2008-01-21 04:49:43 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2008-01-21 04:49:34 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll
MOD - [2008-01-21 04:49:32 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll
MOD - [2008-01-21 04:49:32 | 000,079,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\authz.dll
MOD - [2008-01-21 04:49:24 | 000,116,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll
MOD - [2008-01-21 04:49:14 | 000,648,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll
MOD - [2008-01-21 04:49:13 | 000,501,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll
MOD - [2008-01-21 04:49:12 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mpr.dll
MOD - [2008-01-21 04:49:11 | 000,289,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll
MOD - [2008-01-21 04:49:07 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll
MOD - [2008-01-21 04:49:07 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll
MOD - [2008-01-21 04:49:02 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll
MOD - [2008-01-21 04:49:00 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll
MOD - [2008-01-21 04:48:48 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll
MOD - [2008-01-21 04:48:40 | 000,750,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll
MOD - [2008-01-21 04:48:27 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll
MOD - [2008-01-21 04:48:19 | 000,258,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv
MOD - [2008-01-21 04:48:15 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll
MOD - [2008-01-21 04:48:11 | 001,067,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll
MOD - [2008-01-21 04:48:06 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll
MOD - [2008-01-21 04:48:03 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll
MOD - [2007-11-01 17:23:00 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcr71.dll
MOD - [2006-11-02 11:46:12 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll
MOD - [2006-11-02 11:46:07 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2008-01-21 04:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010-06-25 19:55:58 | 000,219,128 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2009-07-21 22:46:28 | 000,208,616 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe -- (AVP)
SRV - [2009-07-16 18:04:16 | 000,316,664 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009-07-03 19:03:20 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2006-11-02 15:34:14 | 000,000,000 | ---D | M] [Unknown | Stopped] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC)
SRV - [2006-11-02 08:35:15 | 000,060,994 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds)
SRV - [2006-11-02 08:35:15 | 000,055,846 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vss.mof -- (VSS)
SRV - [2006-10-27 00:47:54 | 000,065,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2009-06-30 22:56:11 | 000,227,856 | ---- | M] () [File_System | System | Running] -- C:\Windows\SysNative\DRIVERS\klif.sys -- (KLIF)
DRV:[b]64bit:[/b] - [2009-06-30 22:56:11 | 000,038,416 | ---- | M] () [File_System | Boot | Running] -- C:\Windows\SysNative\DRIVERS\klbg.sys -- (KLBG)
DRV:[b]64bit:[/b] - [2009-06-09 15:12:42 | 000,310,984 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\atksgt.sys -- (atksgt)
DRV:[b]64bit:[/b] - [2009-06-09 15:12:41 | 000,042,696 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\lirsgt.sys -- (lirsgt)
DRV:[b]64bit:[/b] - [2008-10-24 18:16:26 | 000,868,848 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\sptd.sys -- (sptd)
DRV:[b]64bit:[/b] - [2008-07-21 18:34:42 | 000,147,984 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\kl1.sys -- (kl1)
DRV:[b]64bit:[/b] - [2008-07-09 18:28:32 | 000,026,128 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\klim6.sys -- (KLIM6)
DRV:[b]64bit:[/b] - [2008-06-27 08:51:10 | 000,088,632 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs)
DRV:[b]64bit:[/b] - [2008-01-21 04:47:28 | 000,046,080 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:[b]64bit:[/b] - [2007-01-18 09:23:10 | 000,045,440 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RecFltr.sys -- (RecFltr)
DRV:[b]64bit:[/b] - [2006-10-03 04:13:44 | 000,051,200 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV - [2008-10-24 16:58:57 | 000,020,544 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2006-09-18 23:36:40 | 000,003,066 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysWOW64\wbem\tcpip.mof -- (Tcpip)
DRV - [2006-09-18 23:35:23 | 000,001,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\wbem\mpsdrv.mof -- (mpsdrv)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files (x86)\ToggleEN\tbTogg.dll (Conduit Ltd.)


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-4090682708-3521959348-571196124-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2077543
IE - HKU\S-1-5-21-4090682708-3521959348-571196124-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-4090682708-3521959348-571196124-1000\..\URLSearchHook: {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files (x86)\ToggleEN\tbTogg.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-4090682708-3521959348-571196124-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[2010-06-24 22:23:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions

O1 HOSTS File: ([2006-09-18 23:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:[b]64bit:[/b] - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2009\x64\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (ToggleEN Toolbar) - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files (x86)\ToggleEN\tbTogg.dll (Conduit Ltd.)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GRA8E1~1.DLL (Microsoft Corporation)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\ProgramData\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.)
O3 - HKLM\..\Toolbar: (ToggleEN Toolbar) - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files (x86)\ToggleEN\tbTogg.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-4090682708-3521959348-571196124-1000\..\Toolbar\WebBrowser: (ToggleEN Toolbar) - {038CB5C7-48EA-4AF9-94E0-A1646542E62B} - C:\Program Files (x86)\ToggleEN\tbTogg.dll (Conduit Ltd.)
O4:[b]64bit:[/b] - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL ()
O4:[b]64bit:[/b] - HKLM..\Run: [NvMediaCenter] C:\Windows\SysNative\NvMcTray.DLL ()
O4:[b]64bit:[/b] - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HKLM] C:\Users\admin\AppData\Roaming\Microsoft_KB57H43\tmngr.exe File not found
O4 - HKLM..\Run: [QuickTime Task] d:\Trzecia fala\qttask.exe File not found
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-4090682708-3521959348-571196124-1000..\Run: [Advanced Uninstaller PRO Installation Monitor] C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO - Version 9\Monitor.exe File not found
O4 - HKU\S-1-5-21-4090682708-3521959348-571196124-1000..\Run: [duedue] C:\Users\admin\duedue.exe File not found
O4 - HKU\S-1-5-21-4090682708-3521959348-571196124-1000..\Run: [HKCU] C:\Users\admin\AppData\Roaming\Microsoft_KB57H43\tmngr.exe File not found
O4 - HKU\S-1-5-21-4090682708-3521959348-571196124-1000..\Run: [Task Bar] C:\Documents and Settings\All Users\Documents\svchast.exe File not found
O4 - HKU\S-1-5-21-4090682708-3521959348-571196124-1000..\Run: [VistaStartMenu] C:\Program Files (x86)\Vista Start Menu\VistaStartMenu.exe (OrdinarySoft)
O4 - HKU\S-1-5-21-4090682708-3521959348-571196124-1000..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Policies = C:\Users\admin\AppData\Roaming\Microsoft_KB57H43\tmngr.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-4090682708-3521959348-571196124-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4090682708-3521959348-571196124-1000\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-21-4090682708-3521959348-571196124-1000\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-4090682708-3521959348-571196124-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-4090682708-3521959348-571196124-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Policies = C:\Users\admin\AppData\Roaming\Microsoft_KB57H43\tmngr.exe File not found
O7 - HKU\S-1-5-21-4090682708-3521959348-571196124-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-4090682708-3521959348-571196124-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O9:[b]64bit:[/b] - Extra Button: Statystyki ochrony WWW - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2009\x64\SCIEPlgn.dll (Kaspersky Lab)
O9 - Extra Button: Statystyki ochrony WWW - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll (Kaspersky Lab)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GR99D3~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll (Kaspersky Lab)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\klogon: DllName - Reg Error: Key error. - C:\Windows\SysNative\klogon.dll ()
O24 - Desktop WallPaper: C:\Users\admin\AppData\Roaming\Opera\Opera\profile\skin\46_www_clubkings.bmp
O24 - Desktop BackupWallPaper: C:\Users\admin\AppData\Roaming\Opera\Opera\profile\skin\46_www_clubkings.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office12\GRA8E1~1.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: Ias - C:\Windows\SysWOW64\ias [2008-01-21 05:08:35 | 000,000,000 | ---D | M]

MsConfig:64bit - StartUpFolder: C:^Users^admin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk - C:\Pliki programów (x86)\Microsoft Office\Office12\ONENOTEM.EXE - File not found
MsConfig:64bit - StartUpFolder: C:^Users^admin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ubisoft register.lnk - D:\Lock On\Register\schedule.exe - File not found
MsConfig:64bit - StartUpReg: [b]Reclusa[/b] - hkey= - key= - C:\Program Files (x86)\Razer\Reclusa\razerhid.exe (Razer USA Ltd.)
MsConfig:64bit - State: "bootini" - Reg Error: Key error.
MsConfig:64bit - State: "startup" - Reg Error: Key error.

SafeBootMin:[b]64bit:[/b] AppMgmt - Service
SafeBootMin:[b]64bit:[/b] Base - Driver Group
SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group
SafeBootMin:[b]64bit:[/b] File system - Driver Group
SafeBootMin:[b]64bit:[/b] Filter - Driver Group
SafeBootMin:[b]64bit:[/b] HelpSvc - Service
SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group
SafeBootMin:[b]64bit:[/b] sacsvr - Service
SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: VDS - C:\Windows\SysWOW64\wbem\vds.mof ()
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:[b]64bit:[/b] AppMgmt - Service
SafeBootNet:[b]64bit:[/b] Base - Driver Group
SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group
SafeBootNet:[b]64bit:[/b] File system - Driver Group
SafeBootNet:[b]64bit:[/b] Filter - Driver Group
SafeBootNet:[b]64bit:[/b] HelpSvc - Service
SafeBootNet:[b]64bit:[/b] Messenger - Service
SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group
SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group
SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group
SafeBootNet:[b]64bit:[/b] Network - Driver Group
SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group
SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group
SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group
SafeBootNet:[b]64bit:[/b] rdsessmgr - Service
SafeBootNet:[b]64bit:[/b] sacsvr - Service
SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group
SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] TDI - Driver Group
SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: MPSDrv - C:\Windows\SysWOW64\wbem\mpsdrv.mof ()
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: Tcpip - C:\Windows\SysWOW64\wbem\tcpip.mof ()
SafeBootNet: TDI - Driver Group
SafeBootNet: VDS - C:\Windows\SysWOW64\wbem\vds.mof ()
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

[color=#E56717]========== Files/Folders - Created Within 360 Days ==========[/color]

[2010-06-25 20:42:33 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Users\admin\Desktop\OTL.exe
[2010-06-25 13:20:20 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Malwarebytes
[2010-06-25 13:20:12 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010-06-25 13:20:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010-06-20 19:09:57 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\EA Games
[2010-06-20 19:07:11 | 000,000,000 | ---D | C] -- C:\Users\admin\Documents\EA Games
[2010-06-17 17:47:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2010-06-17 14:56:18 | 000,000,000 | ---D | C] -- C:\Users\admin\Desktop\ROBIE MODA!!!
[2010-06-17 14:20:36 | 000,000,000 | ---D | C] -- C:\Users\admin\Documents\KigoImageConverter
[2010-06-10 18:13:34 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2010-06-10 18:03:22 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2010-05-31 15:32:27 | 000,000,000 | ---D | C] -- C:\Users\admin\Documents\BFBC2
[2010-05-25 16:21:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010-05-20 16:21:51 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Local\Ubisoft
[2010-05-20 16:21:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Ubisoft
[2010-05-18 20:24:19 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Xfire
[2010-05-18 20:24:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Xfire
[2010-05-18 20:24:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xfire
[2010-05-16 18:51:43 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\HLSW
[2010-05-04 19:52:53 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\OpenFM
[2010-05-04 19:52:53 | 000,000,000 | ---D | C] -- C:\ProgramData\OpenFM
[2010-05-02 20:21:04 | 002,271,152 | ---- | C] (Codejock Software) -- C:\Windows\SysWow64\Codejock.CommandBars.Unicode.v12.1.1.ocx
[2010-05-02 20:21:02 | 001,779,632 | ---- | C] (Codejock Software) -- C:\Windows\SysWow64\Codejock.Controls.v12.1.1.ocx
[2010-05-02 20:21:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CoD RconTool
[2010-04-27 14:17:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab
[2010-04-27 14:17:49 | 000,000,000 | ---D | C] -- C:\Users\admin\SystemRequirementsLab
[2010-04-27 14:17:36 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2010-04-27 00:04:42 | 000,353,592 | ---- | C] (DivX, Inc.) -- C:\Windows\SysWow64\DivXControlPanelApplet.cpl
[2010-04-26 19:47:51 | 000,811,276 | RH-- | C] (TL3Productions) -- C:\Users\Public\Documents\svchast.exe
[2010-04-25 10:04:41 | 000,000,000 | ---D | C] -- C:\Windows\System\System86
[2010-04-17 09:20:22 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Local\Axialis
[2010-04-11 10:50:33 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Local\Activision
[2010-04-07 17:27:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2010-04-07 17:27:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ToggleEN
[2010-03-29 13:55:56 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2010-03-25 18:56:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Gadu-Gadu 10
[2010-03-25 18:56:29 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Gadu-Gadu 10
[2010-03-10 21:29:32 | 000,094,208 | ---- | C] (DivX, Inc.) -- C:\Windows\SysWow64\dpl100.dll
[2010-02-19 21:27:36 | 000,720,384 | ---- | C] (DivX, Inc.) -- C:\Windows\SysWow64\DivX.dll
[2010-02-19 21:27:16 | 000,856,064 | ---- | C] (DivX, Inc.) -- C:\Windows\SysWow64\divx_xx0c.dll
[2010-02-19 21:27:16 | 000,856,064 | ---- | C] (DivX, Inc.) -- C:\Windows\SysWow64\divx_xx07.dll
[2010-02-19 21:27:16 | 000,847,872 | ---- | C] (DivX, Inc.) -- C:\Windows\SysWow64\divx_xx0a.dll
[2010-02-19 21:27:16 | 000,843,776 | ---- | C] (DivX, Inc.) -- C:\Windows\SysWow64\divx_xx16.dll
[2010-02-19 21:27:16 | 000,839,680 | ---- | C] (DivX, Inc.) -- C:\Windows\SysWow64\divx_xx11.dll
[2010-02-10 19:38:03 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\TS3Client
[2010-02-10 19:37:00 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Local\TeamSpeak 3 Client
[2010-01-14 00:16:31 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\LG Electronics
[2010-01-09 22:54:03 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\DivX
[2010-01-09 19:19:42 | 000,000,000 | ---D | C] -- C:\Users\admin\Documents\GTA San Andreas User Files
[2010-01-08 18:41:16 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Atari
[2010-01-07 18:36:23 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet
[2010-01-07 18:22:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Media Player
[2010-01-07 18:20:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2010-01-07 18:18:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010-01-06 23:42:54 | 000,000,000 | ---D | C] -- C:\Users\admin\Desktop\różne
[2010-01-05 18:37:22 | 000,000,000 | ---D | C] -- C:\Users\admin\Documents\Downloads
[2010-01-05 18:34:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2010-01-05 18:34:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2010-01-05 18:34:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2010-01-04 21:28:24 | 000,000,000 | ---D | C] -- C:\flash_video
[2009-12-28 15:26:37 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\teamspeak2
[2009-12-27 00:01:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2009-12-16 21:37:18 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield
[2009-12-16 21:36:30 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Corel
[2009-12-16 21:36:29 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Spool
[2009-12-16 21:36:05 | 000,000,000 | ---D | C] -- C:\Users\admin\Documents\Moje pliki PSP
[2009-12-12 17:31:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2009-11-18 19:50:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe Systems
[2009-11-18 19:48:11 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Adobe PDF
[2009-11-18 19:47:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe Systems Shared
[2009-11-18 19:45:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2009-11-18 17:54:48 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Softwrap
[2009-11-18 17:54:48 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Fonts
[2009-11-18 17:54:48 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Config
[2009-11-18 17:54:41 | 000,090,112 | ---- | C] (MindVision Software) -- C:\Windows\unvise32.exe
[2009-10-29 21:31:12 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Dark Sector
[2009-10-11 00:03:37 | 002,254,768 | ---- | C] (Codejock Software) -- C:\Windows\SysWow64\Codejock.CommandBars.v12.1.1.ocx
[2009-10-11 00:03:37 | 001,783,728 | ---- | C] (Codejock Software) -- C:\Windows\SysWow64\Codejock.Controls.Unicode.v12.1.1.ocx
[2009-09-26 08:43:41 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\skypePM
[2009-09-26 08:41:24 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Skype
[2009-09-26 08:40:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2009-09-26 08:40:24 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2009-09-26 08:40:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2009-09-12 17:53:29 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2009-09-12 16:04:19 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Local\cache
[2009-09-10 15:59:12 | 000,000,000 | R--D | C] -- C:\Users\admin\Desktop\
[2009-07-19 12:57:29 | 000,000,000 | ---D | C] -- C:\ProgramData\eMule
[2009-07-19 12:56:30 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Local\eMule
[2009-07-08 14:33:34 | 000,000,000 | ---D | C] -- C:\Downloads
[2009-07-08 13:14:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent
[2009-07-08 13:12:37 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\uTorrent
[2009-06-30 22:24:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2009-06-30 22:24:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab
[2009-06-30 22:23:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files
[6 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 360 Days ==========[/color]

[2010-06-25 20:45:28 | 005,767,168 | -HS- | M] () -- C:\Users\admin\NTUSER.DAT
[2010-06-25 20:42:33 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\admin\Desktop\OTL.exe
[2010-06-25 20:34:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010-06-25 20:15:00 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010-06-25 20:15:00 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010-06-25 20:13:29 | 000,004,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010-06-25 20:13:29 | 000,004,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010-06-25 19:55:58 | 000,219,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2010-06-25 19:55:58 | 000,219,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010-06-25 19:03:15 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempRX3048.html
[2010-06-25 15:58:35 | 003,123,826 | ---- | M] () -- C:\Users\admin\Desktop\DJ-Mangoo-Eurodancer.mp3
[2010-06-25 14:35:21 | 001,691,910 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010-06-25 14:35:21 | 000,740,180 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2010-06-25 14:35:21 | 000,657,924 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010-06-25 14:35:21 | 000,166,348 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2010-06-25 14:35:21 | 000,129,658 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010-06-25 14:28:56 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010-06-25 14:28:09 | 007,422,524 | -HS- | M] () -- C:\Windows\SysNative\drivers\fidbox.dat
[2010-06-25 14:28:09 | 001,105,980 | -HS- | M] () -- C:\Windows\SysNative\drivers\fidbox2.dat
[2010-06-25 14:28:09 | 000,072,548 | -HS- | M] () -- C:\Windows\SysNative\drivers\fidbox.idx
[2010-06-25 14:28:09 | 000,010,596 | -HS- | M] () -- C:\Windows\SysNative\drivers\fidbox2.idx
[2010-06-25 14:28:08 | 000,524,288 | -HS- | M] () -- C:\Users\admin\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000001.regtrans-ms
[2010-06-25 14:28:08 | 000,065,536 | -HS- | M] () -- C:\Users\admin\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TM.blf
[2010-06-25 14:27:42 | 006,291,456 | -H-- | M] () -- C:\Users\admin\AppData\Local\IconCache.db
[2010-06-25 14:27:28 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempxF2908.html
[2010-06-25 14:27:28 | 000,002,089 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempnz2908.html
[2010-06-25 13:20:14 | 000,000,601 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010-06-24 22:55:10 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempeg4572.html
[2010-06-24 22:55:10 | 000,002,089 | ---- | M] () -- C:\Users\admin\AppData\Local\TempIM4572.html
[2010-06-24 22:14:08 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TemphK5044.html
[2010-06-24 22:14:08 | 000,002,089 | ---- | M] () -- C:\Users\admin\AppData\Local\TempPs5044.html
[2010-06-24 18:05:46 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TemptX6048.html
[2010-06-24 16:48:43 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempIGV824.html
[2010-06-22 22:36:53 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempzG1820.html
[2010-06-22 22:36:53 | 000,002,089 | ---- | M] () -- C:\Users\admin\AppData\Local\TemppZ1820.html
[2010-06-22 15:24:08 | 003,007,464 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010-06-22 15:21:24 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempSw1208.html
[2010-06-22 15:21:24 | 000,002,089 | ---- | M] () -- C:\Users\admin\AppData\Local\TempdC1208.html
[2010-06-21 20:36:30 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempPT1272.html
[2010-06-21 15:11:07 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempmF4760.html
[2010-06-20 19:07:11 | 000,000,722 | ---- | M] () -- C:\Users\Public\Desktop\The Sims™ 2.lnk
[2010-06-19 23:31:19 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempIz1912.html
[2010-06-19 23:28:20 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempqp5412.html
[2010-06-18 22:18:43 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempXh4712.html
[2010-06-18 17:52:39 | 000,113,576 | ---- | M] () -- C:\Users\admin\AppData\Local\GDIPFONTCACHEV1.DAT
[2010-06-18 15:49:48 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempHRo812.html
[2010-06-17 17:46:41 | 000,151,552 | ---- | M] () -- C:\Windows\SysWow64\nvRegDev.dll
[2010-06-17 17:16:15 | 000,001,194 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
[2010-06-17 15:56:33 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempqU3444.html
[2010-06-17 13:04:13 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempwL5868.html
[2010-06-16 23:34:18 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TemprY6376.html
[2010-06-16 21:24:05 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempgL1936.html
[2010-06-16 19:11:29 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempEY5584.html
[2010-06-16 16:22:13 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempZGQ884.html
[2010-06-16 14:07:06 | 000,038,400 | ---- | M] () -- C:\Users\admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-06-16 11:06:26 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempUZ5804.html
[2010-06-15 16:08:59 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempCe2896.html
[2010-06-15 15:17:05 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempiq4444.html
[2010-06-14 20:32:31 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempjp5004.html
[2010-06-14 18:20:29 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TemphA5316.html
[2010-06-14 14:21:51 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempGn5016.html
[2010-06-13 20:32:01 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempCF4424.html
[2010-06-13 19:17:26 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempmL4332.html
[2010-06-13 17:57:21 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2010-06-13 15:11:23 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempoc4912.html
[2010-06-13 14:50:05 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempAs3800.html
[2010-06-13 14:49:27 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempKt4640.html
[2010-06-13 14:19:53 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempCx5448.html
[2010-06-13 14:19:53 | 000,002,089 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempvx5448.html
[2010-06-12 21:07:12 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempvp1160.html
[2010-06-12 20:35:32 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempXm8160.html
[2010-06-11 23:59:58 | 003,710,693 | ---- | M] () -- C:\Users\admin\Documents\DSC01012.JPG
[2010-06-11 23:59:17 | 003,708,699 | ---- | M] () -- C:\Users\admin\Documents\DSC01011.JPG
[2010-06-11 23:50:46 | 003,678,213 | ---- | M] () -- C:\Users\admin\Documents\DSC01007.JPG
[2010-06-11 23:36:09 | 003,719,146 | ---- | M] () -- C:\Users\admin\Documents\DSC01001.JPG
[2010-06-11 23:32:24 | 003,744,690 | ---- | M] () -- C:\Users\admin\Documents\DSC00980.JPG
[2010-06-11 23:11:22 | 003,808,160 | ---- | M] () -- C:\Users\admin\Documents\DSC00924.JPG
[2010-06-11 14:13:42 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempDt7348.html
[2010-06-10 21:02:01 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempnw5832.html
[2010-06-10 16:41:54 | 001,343,783 | ---- | M] () -- C:\Users\admin\Desktop\Janusz Laskowski - śnił mi się rodzinny dom.mp3
[2010-06-09 19:36:49 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempHW6568.html
[2010-06-09 15:16:57 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempzd5644.html
[2010-06-08 17:53:04 | 000,000,013 | ---- | M] () -- C:\Windows\SysWow64\WinSys16.crc
[2010-06-08 15:43:39 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempKc4296.html
[2010-06-07 15:17:54 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempzA3052.html
[2010-06-07 14:59:28 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempDk2188.html
[2010-06-06 22:16:34 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempFT4956.html
[2010-06-05 11:01:52 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempoie492.html
[2010-06-05 09:18:24 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempgV3580.html
[2010-06-04 22:57:46 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempJx4344.html
[2010-06-04 14:22:49 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempih4984.html
[2010-06-03 18:14:04 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempTc5388.html
[2010-06-03 13:07:48 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempjw4236.html
[2010-06-02 16:23:18 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempja2116.html
[2010-05-30 14:01:13 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempvo2884.html
[2010-05-30 10:08:13 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempqN4568.html
[2010-05-29 22:32:45 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempGT1772.html
[2010-05-29 17:40:33 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempLZ2324.html
[2010-05-29 16:37:26 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempgH3192.html
[2010-05-28 12:10:07 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempcg6608.html
[2010-05-28 08:12:19 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempUl7064.html
[2010-05-28 02:09:00 | 000,041,872 | ---- | M] () -- C:\Windows\SysWow64\xfcodec.dll
[2010-05-28 02:09:00 | 000,027,536 | ---- | M] () -- C:\Windows\SysNative\xfcodec64.dll
[2010-05-26 21:48:18 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempkD5396.html
[2010-05-26 21:29:26 | 000,000,371 | ---- | M] () -- C:\Users\admin\Desktop\Club Music.lnk
[2010-05-26 18:53:52 | 000,048,128 | ---- | M] () -- C:\Windows\SysNative\atmlib.dll
[2010-05-26 17:14:55 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempyo2084.html
[2010-05-26 16:56:53 | 000,366,080 | ---- | M] () -- C:\Windows\SysNative\atmfd.dll
[2010-05-25 21:42:45 | 000,260,277 | ---- | M] () -- C:\Users\admin\Documents\ts3_clientui-win64-10723-2010-05-25 21_42_45.223000.dmp
[2010-05-25 19:55:54 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempzU6072.html
[2010-05-25 19:55:54 | 000,002,089 | ---- | M] () -- C:\Users\admin\AppData\Local\TempTi6072.html
[2010-05-25 19:55:21 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempEJ4716.html
[2010-05-25 19:55:21 | 000,002,089 | ---- | M] () -- C:\Users\admin\AppData\Local\TempGK4716.html
[2010-05-25 15:08:52 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempvq2884.html
[2010-05-24 19:15:16 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Temphw3404.html
[2010-05-24 15:41:38 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempcU6844.html
[2010-05-24 15:41:38 | 000,002,089 | ---- | M] () -- C:\Users\admin\AppData\Local\TempkH6844.html
[2010-05-24 15:14:30 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempYo1548.html
[2010-05-23 22:14:32 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempXA3132.html
[2010-05-23 21:28:16 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempRz3740.html
[2010-05-22 20:06:40 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempyo5432.html
[2010-05-22 18:21:17 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempQN1732.html
[2010-05-22 18:12:34 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempnK5940.html
[2010-05-22 18:12:34 | 000,002,089 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempuh5940.html
[2010-05-22 10:32:54 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempqN4544.html
[2010-05-21 16:15:30 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempFL7208.html
[2010-05-20 21:19:47 | 000,000,802 | ---- | M] () -- C:\Users\admin\Desktop\Xfire.lnk
[2010-05-20 18:07:24 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempOt6572.html
[2010-05-20 16:13:21 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempCR2056.html
[2010-05-19 21:10:59 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempzT7980.html
[2010-05-19 17:26:57 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempui5780.html
[2010-05-19 15:54:32 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TemprT4608.html
[2010-05-17 17:15:20 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempEr5540.html
[2010-05-17 17:15:20 | 000,002,089 | ---- | M] () -- C:\Users\admin\AppData\Local\Temptf5540.html
[2010-05-17 16:01:02 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempGQ2652.html
[2010-05-16 18:22:00 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempVO2316.html
[2010-05-16 18:22:00 | 000,002,089 | ---- | M] () -- C:\Users\admin\AppData\Local\TempyN2316.html
[2010-05-16 16:18:18 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempLV2388.html
[2010-05-16 16:18:18 | 000,002,089 | ---- | M] () -- C:\Users\admin\AppData\Local\TempNK2388.html
[2010-05-16 13:00:22 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempLl3328.html
[2010-05-15 15:53:09 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempkz5900.html
[2010-05-15 13:03:52 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempRr5288.html
[2010-05-15 10:18:18 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempux5592.html
[2010-05-14 20:05:54 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempWN2508.html
[2010-05-13 20:11:40 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempjs2984.html
[2010-05-13 20:11:40 | 000,002,089 | ---- | M] () -- C:\Users\admin\AppData\Local\TempQw2984.html
[2010-05-12 23:43:32 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempWx4776.html
[2010-05-12 15:53:29 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempKO4100.html
[2010-05-12 15:53:29 | 000,002,089 | ---- | M] () -- C:\Users\admin\AppData\Local\TempiQ4100.html
[2010-05-11 18:05:14 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempSZr232.html
[2010-05-10 23:02:19 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempVy2772.html
[2010-05-10 21:43:41 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempYo4040.html
[2010-05-10 21:43:41 | 000,002,089 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempjx4040.html
[2010-05-09 22:27:50 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempxW4324.html
[2010-05-08 23:32:28 | 000,008,412 | ---- | M] () -- C:\Users\admin\AppData\Local\d3d9caps64.dat
[2010-05-08 23:00:53 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempyq8116.html
[2010-05-08 20:58:54 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempoy7536.html
[2010-05-07 20:43:38 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempOl3756.html
[2010-05-07 20:09:23 | 000,000,627 | ---- | M] () -- C:\Users\Public\Desktop\Gadu-Gadu 10.lnk
[2010-05-07 20:08:59 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TemppW2004.html
[2010-05-07 20:08:59 | 000,002,089 | ---- | M] () -- C:\Users\admin\AppData\Local\TempfK2004.html
[2010-05-07 17:00:05 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempfR6668.html
[2010-05-07 12:22:19 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempsI3204.html
[2010-05-06 21:10:28 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempXl5168.html
[2010-05-06 20:22:46 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempDR2056.html
[2010-05-06 20:00:45 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempae4352.html
[2010-05-06 16:08:33 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempMq5576.html
[2010-05-06 14:55:28 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempvU5476.html
[2010-05-05 21:28:50 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempWl1028.html
[2010-05-05 14:52:14 | 000,149,773 | ---- | M] () -- C:\Windows\SysNative\drivers\klin.dat
[2010-05-05 14:52:14 | 000,106,765 | ---- | M] () -- C:\Windows\SysNative\drivers\klick.dat
[2010-05-04 15:11:46 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempVM4760.html
[2010-05-04 08:54:49 | 000,243,712 | ---- | M] () -- C:\Windows\SysNative\occache.dll
[2010-05-04 08:52:45 | 000,706,048 | ---- | M] () -- C:\Windows\SysNative\msfeeds.dll
[2010-05-04 08:52:04 | 001,538,560 | ---- | M] () -- C:\Windows\SysNative\inetcpl.cpl
[2010-05-04 08:51:49 | 000,219,136 | ---- | M] () -- C:\Windows\SysNative\ieui.dll
[2010-05-04 08:51:49 | 000,132,096 | ---- | M] () -- C:\Windows\SysNative\iesysprep.dll
[2010-05-04 08:51:48 | 002,334,208 | ---- | M] () -- C:\Windows\SysNative\iertutil.dll
[2010-05-04 08:51:48 | 000,077,312 | ---- | M] () -- C:\Windows\SysNative\iesetup.dll
[2010-05-04 08:51:48 | 000,072,192 | ---- | M] () -- C:\Windows\SysNative\iernonce.dll
[2010-05-04 08:51:47 | 000,252,416 | ---- | M] () -- C:\Windows\SysNative\iepeers.dll
[2010-05-04 07:01:59 | 000,162,816 | ---- | M] () -- C:\Windows\SysNative\ieUnatt.exe
[2010-05-04 07:01:39 | 000,070,656 | ---- | M] () -- C:\Windows\SysNative\ie4uinit.exe
[2010-05-04 07:01:04 | 000,012,288 | ---- | M] () -- C:\Windows\SysNative\msfeedssync.exe
[2010-05-03 19:14:01 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempZJ3160.html
[2010-05-03 18:59:40 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempmz3948.html
[2010-05-03 15:42:49 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempim6020.html
[2010-05-02 20:21:08 | 000,001,786 | ---- | M] () -- C:\Users\admin\Desktop\CoD RconTool.lnk
[2010-05-02 17:00:38 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempIU5580.html
[2010-05-02 15:36:07 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempds1772.html
[2010-05-01 20:14:25 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempvb4816.html
[2010-05-01 15:36:53 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempPT5684.html
[2010-05-01 14:31:27 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempCs5272.html
[2010-05-01 12:28:02 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempNS1168.html
[2010-04-30 19:24:40 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempPL6660.html
[2010-04-29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010-04-29 15:39:28 | 000,024,664 | ---- | M] () -- C:\Windows\SysNative\drivers\mbam.sys
[2010-04-29 14:21:36 | 000,001,305 | ---- | M] () -- C:\Users\admin\Desktop\MuZaA.lnk
[2010-04-28 21:22:53 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempzR3084.html
[2010-04-28 14:51:03 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempaH4652.html
[2010-04-28 13:59:23 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempbj6628.html
[2010-04-28 13:59:23 | 000,002,089 | ---- | M] () -- C:\Users\admin\AppData\Local\TempFn6628.html
[2010-04-27 20:51:56 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempBt6000.html
[2010-04-27 16:51:11 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TemphY4916.html
[2010-04-27 13:25:30 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempjt6428.html
[2010-04-27 13:25:30 | 000,002,089 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempmf6428.html
[2010-04-27 00:04:42 | 000,353,592 | ---- | M] (DivX, Inc.) -- C:\Windows\SysWow64\DivXControlPanelApplet.cpl
[2010-04-26 19:42:59 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempMz4368.html
[2010-04-26 19:25:11 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempCz5336.html
[2010-04-25 21:40:38 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempcU5540.html
[2010-04-25 15:04:21 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempzq1048.html
[2010-04-25 09:35:06 | 000,035,381 | ---- | M] () -- C:\Users\admin\AppData\Roaming\SQLite3.dll
[2010-04-24 14:31:34 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempDx5504.html
[2010-04-24 09:17:11 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempsc6116.html
[2010-04-23 16:48:08 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempTq6088.html
[2010-04-22 21:16:39 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Temphz1688.html
[2010-04-22 17:34:03 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempDu4240.html
[2010-04-22 15:44:45 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempGT5472.html
[2010-04-21 21:47:46 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempOQ4128.html
[2010-04-21 17:25:51 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempIt4664.html
[2010-04-21 17:19:04 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempmE5484.html
[2010-04-21 15:32:15 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempgT3928.html
[2010-04-21 15:32:15 | 000,002,089 | ---- | M] () -- C:\Users\admin\AppData\Local\TempGp3928.html
[2010-04-20 16:22:25 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempAe2636.html
[2010-04-19 17:22:16 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempao3828.html
[2010-04-19 15:21:00 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempPC2008.html
[2010-04-18 22:13:47 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempQr4828.html
[2010-04-18 21:49:43 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TemphHv916.html
[2010-04-18 21:13:48 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempdx3908.html
[2010-04-17 22:58:12 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TemplH4364.html
[2010-04-17 17:32:58 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempJJ4940.html
[2010-04-17 17:20:14 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TemppH4172.html
[2010-04-16 22:38:43 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempTfb800.html
[2010-04-16 22:38:43 | 000,002,089 | ---- | M] () -- C:\Users\admin\AppData\Local\TempHvc800.html
[2010-04-16 18:40:20 | 001,570,816 | ---- | M] () -- C:\Windows\SysNative\quartz.dll
[2010-04-15 21:59:05 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempwk2440.html
[2010-04-15 17:24:21 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempzK6164.html
[2010-04-15 17:24:21 | 000,002,089 | ---- | M] () -- C:\Users\admin\AppData\Local\TempTp6164.html
[2010-04-14 23:07:08 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TemprI4716.html
[2010-04-14 20:38:30 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempnb4220.html
[2010-04-14 17:19:09 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempMN4268.html
[2010-04-13 22:41:57 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempUc4368.html
[2010-04-13 22:26:57 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempiP4936.html
[2010-04-10 12:17:20 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempeJ5008.html
[2010-04-09 23:45:19 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempJO3716.html
[2010-03-29 13:55:06 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TempHp4288.html
[2010-03-29 13:55:06 | 000,002,089 | ---- | M] () -- C:\Users\admin\AppData\Local\TempVH4288.html
[2010-03-28 15:30:11 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\TemprH4660.html
[2010-03-27 08:39:56 | 000,002,432 | ---- | M] () -- C:\Users\admin\AppData\Local\Tempbs2948.html
[2010-03-21 15:55:44 | 000,002,415 | ---- | M] () -- C:\Users\admin\Desktop\Skype.lnk
[2010-03-10 21:29:32 | 000,094,208 | ---- | M] (DivX, Inc.) -- C:\Windows\SysWow64\dpl100.dll
[2010-03-05 16:32:42 | 000,612,864 | ---- | M] () -- C:\Windows\SysNative\vbscript.dll
[2010-02-24 11:28:20 | 000,294,912 | ---- | M] () -- C:\Windows\SysNative\browserchoice.exe
[2010-02-21 01:44:53 | 000,032,768 | ---- | M] () -- C:\Windows\SysNative\nshhttp.dll
[2010-02-21 01:42:16 | 000,033,792 | ---- | M] () -- C:\Windows\SysNative\httpapi.dll
[2010-02-20 18:49:25 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2010-02-19 21:27:36 | 000,720,384 | ---- | M] (DivX, Inc.) -- C:\Windows\SysWow64\DivX.dll
[2010-02-19 21:27:16 | 000,856,064 | ---- | M] (DivX, Inc.) -- C:\Windows\SysWow64\divx_xx0c.dll
[2010-02-19 21:27:16 | 000,856,064 | ---- | M] (DivX, Inc.) -- C:\Windows\SysWow64\divx_xx07.dll
[2010-02-19 21:27:16 | 000,847,872 | ---- | M] (DivX, Inc.) -- C:\Windows\SysWow64\divx_xx0a.dll
[2010-02-19 21:27:16 | 000,843,776 | ---- | M] (DivX, Inc.) -- C:\Windows\SysWow64\divx_xx16.dll
[2010-02-19 21:27:16 | 000,839,680 | ---- | M] (DivX, Inc.) -- C:\Windows\SysWow64\divx_xx11.dll
[2010-02-18 17:01:52 | 004,690,832 | ---- | M] () -- C:\Windows\SysNative\ntoskrnl.exe
[2010-02-10 19:37:02 | 000,001,052 | ---- | M] () -- C:\Users\admin\Desktop\TeamSpeak 3 Client.lnk
[2010-01-21 18:34:10 | 000,072,192 | ---- | M] () -- C:\Windows\SysNative\l3codeca.acm
[2010-01-18 18:00:22 | 000,811,276 | RH-- | M] (TL3Productions) -- C:\Users\Public\Documents\svchast.exe
[2010-01-13 20:34:43 | 000,104,960 | ---- | M] () -- C:\Windows\SysNative\cabview.dll
[2010-01-07 18:07:32 | 000,003,350 | -HS- | M] () -- C:\Windows\SysWow64\KGyGaAvL.sys
[2010-01-07 18:07:27 | 000,000,088 | RHS- | M] () -- C:\Windows\SysWow64\88B5D96988.sys
[2010-01-05 18:36:48 | 000,002,009 | ---- | M] () -- C:\Users\admin\Desktop\Google Chrome.lnk
[2010-01-04 22:11:08 | 000,000,038 | ---- | M] () -- C:\Windows\avisplitter.INI
[2009-12-28 14:42:32 | 000,143,360 | ---- | M] () -- C:\Windows\SysNative\msvfw32.dll
[2009-12-28 14:41:43 | 000,093,184 | ---- | M] () -- C:\Windows\SysNative\mciavi32.dll
[2009-12-28 14:39:08 | 000,108,544 | ---- | M] () -- C:\Windows\SysNative\avifil32.dll
[2009-12-28 14:39:08 | 000,076,800 | ---- | M] () -- C:\Windows\SysNative\avicap32.dll
[2009-12-23 14:39:32 | 000,218,112 | ---- | M] () -- C:\Windows\SysNative\wintrust.dll
[2009-12-04 09:30:27 | 000,817,664 | ---- | M] () -- C:\Windows\SysNative\jscript.dll
[2009-11-18 17:55:33 | 000,002,493 | ---- | M] () -- C:\Users\Public\Documents\Global.sw2
[2009-11-18 17:54:48 | 000,000,000 | -H-- | M] () -- C:\Windows\SwSys2.bmp
[2009-11-18 17:54:48 | 000,000,000 | -H-- | M] () -- C:\Windows\SwSys1.bmp
[2009-11-04 06:20:59 | 000,033,792 | ---- | M] () -- C:\Windows\SysNative\drivers\pl-PL\http.sys.mui
[2009-10-19 17:23:39 | 000,189,440 | ---- | M] () -- C:\Windows\SysNative\t2embed.dll
[2009-10-19 17:19:17 | 000,096,256 | ---- | M] () -- C:\Windows\SysNative\fontsub.dll
[2009-10-07 14:57:40 | 000,280,576 | ---- | M] () -- C:\Windows\SysNative\rastls.dll
[2009-10-07 14:57:38 | 000,295,936 | ---- | M] () -- C:\Windows\SysNative\raschap.dll
[2009-09-28 17:42:47 | 000,000,027 | ---- | M] () -- C:\Users\admin\Desktop\skamandryta.css
[2009-09-26 08:43:42 | 000,000,056 | -H-- | M] () -- C:\Windows\SysWow64\ezsidmv.dat
[2009-09-09 18:34:07 | 000,000,680 | ---- | M] () -- C:\Users\admin\AppData\Local\d3d9caps.dat
[2009-09-09 18:34:06 | 000,000,552 | ---- | M] () -- C:\Users\admin\AppData\Local\d3d8caps.dat
[2009-09-04 18:44:42 | 000,073,544 | ---- | M] () -- C:\Windows\SysNative\XAPOFX1_3.dll
[2009-09-04 18:44:40 | 000,517,960 | ---- | M] () -- C:\Windows\SysNative\XAudio2_5.dll
[2009-09-04 18:44:40 | 000,176,968 | ---- | M] () -- C:\Windows\SysNative\xactengine3_5.dll
[2009-09-04 18:29:24 | 005,554,512 | ---- | M] () -- C:\Windows\SysNative\d3dcsx_42.dll
[2009-09-04 18:29:24 | 000,523,088 | ---- | M] () -- C:\Windows\SysNative\d3dx10_42.dll
[2009-09-04 18:29:24 | 000,285,024 | ---- | M] () -- C:\Windows\SysNative\d3dx11_42.dll
[2009-09-04 18:29:22 | 002,582,888 | ---- | M] () -- C:\Windows\SysNative\D3DCompiler_42.dll
[2009-09-04 18:29:20 | 002,475,352 | ---- | M] () -- C:\Windows\SysNative\D3DX9_42.dll
[2009-09-04 14:52:46 | 000,082,944 | ---- | M] () -- C:\Windows\SysNative\msasn1.dll
[2009-08-14 19:29:27 | 000,141,312 | ---- | M] () -- C:\Windows\SysNative\netiohlp.dll
[2009-08-14 19:29:26 | 000,017,920 | ---- | M] () -- C:\Windows\SysNative\netevent.dll
[2009-08-14 17:13:04 | 000,010,752 | ---- | M] () -- C:\Windows\SysNative\TCPSVCS.EXE
[2009-08-14 17:13:02 | 000,021,504 | ---- | M] () -- C:\Windows\SysNative\ROUTE.EXE
[2009-08-14 17:13:01 | 000,012,800 | ---- | M] () -- C:\Windows\SysNative\MRINFO.EXE
[2009-08-14 17:12:59 | 000,032,256 | ---- | M] () -- C:\Windows\SysNative\NETSTAT.EXE
[2009-08-14 17:12:59 | 000,023,040 | ---- | M] () -- C:\Windows\SysNative\ARP.EXE
[2009-08-14 17:12:58 | 000,010,240 | ---- | M] () -- C:\Windows\SysNative\HOSTNAME.EXE
[2009-08-14 17:12:57 | 000,011,264 | ---- | M] () -- C:\Windows\SysNative\finger.exe
[2009-08-07 19:51:34 | 000,178,430 | ---- | M] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009-08-07 04:24:27 | 000,038,112 | ---- | M] () -- C:\Windows\SysNative\wups.dll
[2009-08-07 04:24:20 | 000,043,744 | ---- | M] () -- C:\Windows\SysNative\wups2.dll
[2009-08-07 04:24:17 | 000,057,560 | ---- | M] () -- C:\Windows\SysNative\wuauclt.exe
[2009-08-07 04:23:52 | 000,700,640 | ---- | M] () -- C:\Windows\SysNative\wuapi.dll
[2009-08-07 03:59:43 | 002,621,440 | ---- | M] () -- C:\Windows\SysNative\wucltux.dll
[2009-08-07 03:59:07 | 000,098,816 | ---- | M] () -- C:\Windows\SysNative\wudriver.dll
[2009-08-06 19:23:06 | 000,185,416 | ---- | M] () -- C:\Windows\SysNative\wuwebv.dll
[2009-08-06 18:59:12 | 000,036,864 | ---- | M] () -- C:\Windows\SysNative\wuapp.exe
[2009-07-21 21:09:32 | 000,057,667 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2009-07-21 20:31:43 | 000,057,667 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2009-07-17 17:00:43 | 000,088,576 | ---- | M] () -- C:\Windows\SysNative\atl.dll
[2009-07-14 15:21:42 | 013,426,176 | ---- | M] () -- C:\Windows\SysNative\wmp.dll
[2009-07-14 15:21:42 | 000,368,128 | ---- | M] () -- C:\Windows\SysNative\wmpdxm.dll
[2009-07-14 15:20:51 | 000,005,120 | ---- | M] () -- C:\Windows\SysNative\msdxm.ocx
[2009-07-14 15:20:51 | 000,005,120 | ---- | M] () -- C:\Windows\SysNative\dxmasf.dll
[2009-07-14 15:20:06 | 000,009,216 | ---- | M] () -- C:\Windows\SysNative\spwmp.dll
[2009-07-14 13:31:58 | 008,147,968 | ---- | M] () -- C:\Windows\SysNative\wmploc.DLL
[2009-07-14 10:33:07 | 000,043,520 | ---- | M] () -- C:\Windows\SysNative\msdxm.tlb
[2009-07-14 10:33:07 | 000,018,432 | ---- | M] () -- C:\Windows\SysNative\amcompat.tlb
[2009-07-11 21:50:02 | 000,376,832 | ---- | M] () -- C:\Windows\SysNative\wlansec.dll
[2009-07-11 21:50:01 | 000,353,280 | ---- | M] () -- C:\Windows\SysNative\wlanmsm.dll
[2009-07-11 21:50:01 | 000,097,792 | ---- | M] () -- C:\Windows\SysNative\wlanhlp.dll
[2009-07-11 21:50:01 | 000,086,528 | ---- | M] () -- C:\Windows\SysNative\wlanapi.dll
[2009-07-11 21:46:12 | 000,157,184 | ---- | M] () -- C:\Windows\SysNative\L2SecHC.dll
[2009-07-11 19:46:21 | 002,608,803 | ---- | M] () -- C:\Windows\SysNative\wlan.tmf
[2009-07-08 13:14:10 | 000,000,782 | ---- | M] () -- C:\Users\admin\Desktop\µTorrent.lnk
[2009-07-03 19:03:20 | 000,075,064 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2009-07-03 12:46:59 | 000,419,840 | ---- | M] () -- C:\Windows\SysNative\wrap_oal.dll
[2009-07-03 12:46:59 | 000,413,696 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2009-07-03 12:46:59 | 000,133,632 | ---- | M] () -- C:\Windows\SysNative\OpenAL32.dll
[2009-07-03 12:46:59 | 000,110,592 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2009-07-03 10:33:22 | 001,580,100 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009-06-30 22:56:11 | 000,227,856 | ---- | M] () -- C:\Windows\SysNative\drivers\klif.sys
[2009-06-30 22:56:11 | 000,038,416 | ---- | M] () -- C:\Windows\SysNative\drivers\klbg.sys
[6 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-06-25 15:58:15 | 003,123,826 | ---- | C] () -- C:\Users\admin\Desktop\DJ-Mangoo-Eurodancer.mp3
[2010-06-25 14:40:23 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempRX3048.html
[2010-06-25 13:20:14 | 000,000,601 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010-06-25 13:20:11 | 000,024,664 | ---- | C] () -- C:\Windows\SysNative\drivers\mbam.sys
[2010-06-24 23:19:31 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempxF2908.html
[2010-06-24 23:19:31 | 000,002,089 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempnz2908.html
[2010-06-24 22:55:10 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempeg4572.html
[2010-06-24 22:55:10 | 000,002,089 | ---- | C] () -- C:\Users\admin\AppData\Local\TempIM4572.html
[2010-06-24 21:37:27 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TemphK5044.html
[2010-06-24 21:37:27 | 000,002,089 | ---- | C] () -- C:\Users\admin\AppData\Local\TempPs5044.html
[2010-06-24 17:45:11 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TemptX6048.html
[2010-06-24 11:39:28 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempIGV824.html
[2010-06-22 22:36:53 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempzG1820.html
[2010-06-22 22:36:53 | 000,002,089 | ---- | C] () -- C:\Users\admin\AppData\Local\TemppZ1820.html
[2010-06-21 22:28:18 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempSw1208.html
[2010-06-21 22:28:18 | 000,002,089 | ---- | C] () -- C:\Users\admin\AppData\Local\TempdC1208.html
[2010-06-21 16:21:43 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempPT1272.html
[2010-06-20 19:07:11 | 000,000,722 | ---- | C] () -- C:\Users\Public\Desktop\The Sims™ 2.lnk
[2010-06-20 12:12:56 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempmF4760.html
[2010-06-19 23:29:43 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempIz1912.html
[2010-06-19 00:06:31 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempqp5412.html
[2010-06-18 17:58:09 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempXh4712.html
[2010-06-18 15:26:57 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempHRo812.html
[2010-06-17 17:46:52 | 000,151,552 | ---- | C] () -- C:\Windows\SysWow64\nvRegDev.dll
[2010-06-17 17:16:15 | 000,001,194 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
[2010-06-17 15:56:24 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempqU3444.html
[2010-06-17 12:40:41 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempwL5868.html
[2010-06-16 23:34:09 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TemprY6376.html
[2010-06-16 19:52:28 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempgL1936.html
[2010-06-16 18:06:53 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempEY5584.html
[2010-06-16 14:47:41 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempZGQ884.html
[2010-06-15 19:13:44 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempUZ5804.html
[2010-06-15 16:08:11 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempCe2896.html
[2010-06-14 22:26:41 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempiq4444.html
[2010-06-14 19:07:47 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempjp5004.html
[2010-06-14 18:19:50 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TemphA5316.html
[2010-06-13 22:31:52 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempGn5016.html
[2010-06-13 20:29:22 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempCF4424.html
[2010-06-13 19:17:06 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempmL4332.html
[2010-06-13 14:50:11 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempoc4912.html
[2010-06-13 14:49:33 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempAs3800.html
[2010-06-13 14:49:13 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempKt4640.html
[2010-06-12 21:43:31 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempCx5448.html
[2010-06-12 21:43:31 | 000,002,089 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempvx5448.html
[2010-06-12 21:04:35 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempvp1160.html
[2010-06-11 23:59:28 | 003,710,693 | ---- | C] () -- C:\Users\admin\Documents\DSC01012.JPG
[2010-06-11 23:58:47 | 003,708,699 | ---- | C] () -- C:\Users\admin\Documents\DSC01011.JPG
[2010-06-11 23:50:16 | 003,678,213 | ---- | C] () -- C:\Users\admin\Documents\DSC01007.JPG
[2010-06-11 23:35:39 | 003,719,146 | ---- | C] () -- C:\Users\admin\Documents\DSC01001.JPG
[2010-06-11 23:31:25 | 003,744,690 | ---- | C] () -- C:\Users\admin\Documents\DSC00980.JPG
[2010-06-11 23:10:51 | 003,808,160 | ---- | C] () -- C:\Users\admin\Documents\DSC00924.JPG
[2010-06-11 14:14:52 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempXm8160.html
[2010-06-10 21:10:07 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempDt7348.html
[2010-06-10 15:54:00 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempnw5832.html
[2010-06-09 22:51:35 | 001,343,783 | ---- | C] () -- C:\Users\admin\Desktop\Janusz Laskowski - śnił mi się rodzinny dom.mp3
[2010-06-09 19:21:43 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempHW6568.html
[2010-06-09 15:15:55 | 000,366,080 | ---- | C] () -- C:\Windows\SysNative\atmfd.dll
[2010-06-09 15:15:55 | 000,048,128 | ---- | C] () -- C:\Windows\SysNative\atmlib.dll
[2010-06-09 15:15:52 | 009,250,816 | ---- | C] () -- C:\Windows\SysNative\mshtml.dll
[2010-06-09 15:15:51 | 012,468,736 | ---- | C] () -- C:\Windows\SysNative\ieframe.dll
[2010-06-09 15:15:50 | 002,334,208 | ---- | C] () -- C:\Windows\SysNative\iertutil.dll
[2010-06-09 15:15:49 | 001,484,288 | ---- | C] () -- C:\Windows\SysNative\urlmon.dll
[2010-06-09 15:15:49 | 001,147,904 | ---- | C] () -- C:\Windows\SysNative\wininet.dll
[2010-06-09 15:15:48 | 001,538,560 | ---- | C] () -- C:\Windows\SysNative\inetcpl.cpl
[2010-06-09 15:15:48 | 001,062,912 | ---- | C] () -- C:\Windows\SysNative\mstime.dll
[2010-06-09 15:15:48 | 000,706,048 | ---- | C] () -- C:\Windows\SysNative\msfeeds.dll
[2010-06-09 15:15:48 | 000,459,776 | ---- | C] () -- C:\Windows\SysNative\iedkcs32.dll
[2010-06-09 15:15:48 | 000,243,712 | ---- | C] () -- C:\Windows\SysNative\occache.dll
[2010-06-09 15:15:47 | 000,252,416 | ---- | C] () -- C:\Windows\SysNative\iepeers.dll
[2010-06-09 15:15:47 | 000,162,816 | ---- | C] () -- C:\Windows\SysNative\ieUnatt.exe
[2010-06-09 15:15:47 | 000,132,096 | ---- | C] () -- C:\Windows\SysNative\iesysprep.dll
[2010-06-09 15:15:47 | 000,071,680 | ---- | C] () -- C:\Windows\SysNative\msfeedsbs.dll
[2010-06-09 15:15:47 | 000,070,656 | ---- | C] () -- C:\Windows\SysNative\ie4uinit.exe
[2010-06-09 15:15:46 | 001,638,912 | ---- | C] () -- C:\Windows\SysNative\mshtml.tlb
[2010-06-09 15:15:46 | 000,219,136 | ---- | C] () -- C:\Windows\SysNative\ieui.dll
[2010-06-09 15:15:46 | 000,077,312 | ---- | C] () -- C:\Windows\SysNative\iesetup.dll
[2010-06-09 15:15:46 | 000,072,192 | ---- | C] () -- C:\Windows\SysNative\iernonce.dll
[2010-06-09 15:15:46 | 000,031,744 | ---- | C] () -- C:\Windows\SysNative\jsproxy.dll
[2010-06-09 15:15:46 | 000,012,288 | ---- | C] () -- C:\Windows\SysNative\msfeedssync.exe
[2010-06-09 15:13:44 | 000,084,480 | ---- | C] () -- C:\Windows\SysNative\asycfilt.dll
[2010-06-09 15:13:42 | 002,749,952 | ---- | C] () -- C:\Windows\SysNative\win32k.sys
[2010-06-09 15:13:40 | 001,570,816 | ---- | C] () -- C:\Windows\SysNative\quartz.dll
[2010-06-08 17:53:02 | 000,000,013 | ---- | C] () -- C:\Windows\SysWow64\WinSys16.crc
[2010-06-08 15:43:45 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempzd5644.html
[2010-06-07 21:15:11 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempKc4296.html
[2010-06-07 14:59:33 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempzA3052.html
[2010-06-06 22:16:40 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempDk2188.html
[2010-06-06 19:12:38 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempFT4956.html
[2010-06-05 11:01:45 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempoie492.html
[2010-06-05 09:15:53 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempgV3580.html
[2010-06-04 16:29:28 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempJx4344.html
[2010-06-04 13:26:40 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempih4984.html
[2010-06-03 18:04:50 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempTc5388.html
[2010-06-03 12:52:00 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempjw4236.html
[2010-06-02 16:22:23 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempja2116.html
[2010-05-30 14:00:58 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempvo2884.html
[2010-05-30 09:12:09 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempqN4568.html
[2010-05-29 19:44:15 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempGT1772.html
[2010-05-29 17:40:21 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempLZ2324.html
[2010-05-29 16:37:09 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempgH3192.html
[2010-05-28 08:12:34 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempcg6608.html
[2010-05-28 02:09:00 | 000,041,872 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2010-05-28 02:09:00 | 000,027,536 | ---- | C] () -- C:\Windows\SysNative\xfcodec64.dll
[2010-05-27 16:11:33 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempUl7064.html
[2010-05-26 21:29:10 | 000,000,371 | ---- | C] () -- C:\Users\admin\Desktop\Club Music.lnk
[2010-05-26 17:15:00 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempkD5396.html
[2010-05-26 15:08:28 | 000,002,048 | ---- | C] () -- C:\Windows\SysNative\tzres.dll
[2010-05-25 21:42:45 | 000,260,277 | ---- | C] () -- C:\Users\admin\Documents\ts3_clientui-win64-10723-2010-05-25 21_42_45.223000.dmp
[2010-05-25 19:58:32 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempyo2084.html
[2010-05-25 19:55:40 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempzU6072.html
[2010-05-25 19:55:40 | 000,002,089 | ---- | C] () -- C:\Users\admin\AppData\Local\TempTi6072.html
[2010-05-25 19:29:57 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempEJ4716.html
[2010-05-25 19:29:57 | 000,002,089 | ---- | C] () -- C:\Users\admin\AppData\Local\TempGK4716.html
[2010-05-24 19:15:22 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempvq2884.html
[2010-05-24 15:44:00 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Temphw3404.html
[2010-05-24 15:14:36 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempcU6844.html
[2010-05-24 15:14:36 | 000,002,089 | ---- | C] () -- C:\Users\admin\AppData\Local\TempkH6844.html
[2010-05-24 14:49:20 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempYo1548.html
[2010-05-23 21:28:24 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempXA3132.html
[2010-05-22 21:55:16 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempRz3740.html
[2010-05-22 18:43:31 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempyo5432.html
[2010-05-22 18:12:42 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempQN1732.html
[2010-05-22 12:25:31 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempnK5940.html
[2010-05-22 12:25:31 | 000,002,089 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempuh5940.html
[2010-05-21 16:51:28 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempqN4544.html
[2010-05-20 21:19:16 | 000,000,802 | ---- | C] () -- C:\Users\admin\Desktop\Xfire.lnk
[2010-05-20 20:06:29 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempFL7208.html
[2010-05-20 17:51:55 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempOt6572.html
[2010-05-19 21:43:24 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempCR2056.html
[2010-05-19 18:06:43 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempzT7980.html
[2010-05-19 15:57:26 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempui5780.html
[2010-05-18 21:03:04 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TemprT4608.html
[2010-05-17 17:15:20 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempEr5540.html
[2010-05-17 17:15:20 | 000,002,089 | ---- | C] () -- C:\Users\admin\AppData\Local\Temptf5540.html
[2010-05-16 18:51:51 | 000,421,148 | ---- | C] () -- C:\Users\admin\AppData\Local\dd_vcredistMSI4D7F.txt
[2010-05-16 18:51:51 | 000,011,478 | ---- | C] () -- C:\Users\admin\AppData\Local\dd_vcredistUI4D7F.txt
[2010-05-16 18:22:08 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempGQ2652.html
[2010-05-16 18:06:53 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempVO2316.html
[2010-05-16 18:06:53 | 000,002,089 | ---- | C] () -- C:\Users\admin\AppData\Local\TempyN2316.html
[2010-05-16 14:05:51 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempLV2388.html
[2010-05-16 14:05:51 | 000,002,089 | ---- | C] () -- C:\Users\admin\AppData\Local\TempNK2388.html
[2010-05-15 20:57:56 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempLl3328.html
[2010-05-15 15:53:00 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempkz5900.html
[2010-05-15 11:58:06 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempRr5288.html
[2010-05-14 21:04:08 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempux5592.html
[2010-05-14 18:25:58 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempWN2508.html
[2010-05-13 20:11:40 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempjs2984.html
[2010-05-13 20:11:40 | 000,002,089 | ---- | C] () -- C:\Users\admin\AppData\Local\TempQw2984.html
[2010-05-12 22:54:14 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempWx4776.html
[2010-05-12 15:53:29 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempKO4100.html
[2010-05-12 15:53:29 | 000,002,089 | ---- | C] () -- C:\Users\admin\AppData\Local\TempiQ4100.html
[2010-05-12 15:15:40 | 000,974,848 | ---- | C] () -- C:\Windows\SysNative\inetcomm.dll
[2010-05-11 17:52:36 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempSZr232.html
[2010-05-10 22:21:44 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempVy2772.html
[2010-05-10 15:28:27 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempYo4040.html
[2010-05-10 15:28:27 | 000,002,089 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempjx4040.html
[2010-05-09 20:50:10 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempxW4324.html
[2010-05-08 23:00:34 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempyq8116.html
[2010-05-07 20:43:55 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempoy7536.html
[2010-05-07 20:09:30 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempOl3756.html
[2010-05-07 20:08:41 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TemppW2004.html
[2010-05-07 20:08:41 | 000,002,089 | ---- | C] () -- C:\Users\admin\AppData\Local\TempfK2004.html
[2010-05-07 15:02:44 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempfR6668.html
[2010-05-06 21:24:07 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempsI3204.html
[2010-05-06 20:24:50 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempXl5168.html
[2010-05-06 20:00:51 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempDR2056.html
[2010-05-06 16:45:56 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempae4352.html
[2010-05-06 15:13:46 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempMq5576.html
[2010-05-05 21:37:37 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempvU5476.html
[2010-05-05 17:08:00 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempWl1028.html
[2010-05-04 15:11:19 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempVM4760.html
[2010-05-03 18:59:47 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempZJ3160.html
[2010-05-03 18:59:24 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempmz3948.html
[2010-05-03 15:41:56 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempim6020.html
[2010-05-02 20:21:08 | 000,001,786 | ---- | C] () -- C:\Users\admin\Desktop\CoD RconTool.lnk
[2010-05-02 17:00:01 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempIU5580.html
[2010-05-02 15:26:47 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempds1772.html
[2010-05-01 19:58:32 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempvb4816.html
[2010-05-01 15:35:38 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempPT5684.html
[2010-05-01 14:19:21 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempCs5272.html
[2010-04-30 21:26:26 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempNS1168.html
[2010-04-30 19:23:51 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempPL6660.html
[2010-04-29 14:20:13 | 000,001,305 | ---- | C] () -- C:\Users\admin\Desktop\MuZaA.lnk
[2010-04-28 20:46:20 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempzR3084.html
[2010-04-28 14:50:47 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempaH4652.html
[2010-04-27 20:52:03 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempbj6628.html
[2010-04-27 20:52:03 | 000,002,089 | ---- | C] () -- C:\Users\admin\AppData\Local\TempFn6628.html
[2010-04-27 18:11:40 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempBt6000.html
[2010-04-27 13:31:47 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TemphY4916.html
[2010-04-26 21:09:45 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempjt6428.html
[2010-04-26 21:09:45 | 000,002,089 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempmf6428.html
[2010-04-26 19:40:44 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempMz4368.html
[2010-04-25 21:42:35 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempCz5336.html
[2010-04-25 15:05:05 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempcU5540.html
[2010-04-25 09:35:06 | 000,035,381 | ---- | C] () -- C:\Users\admin\AppData\Roaming\SQLite3.dll
[2010-04-24 14:31:55 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempzq1048.html
[2010-04-24 09:17:26 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempDx5504.html
[2010-04-23 16:48:17 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempsc6116.html
[2010-04-22 21:41:36 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempTq6088.html
[2010-04-22 18:42:46 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Temphz1688.html
[2010-04-22 15:45:07 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempDu4240.html
[2010-04-21 22:22:38 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempGT5472.html
[2010-04-21 21:20:50 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempOQ4128.html
[2010-04-21 17:19:47 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempIt4664.html
[2010-04-21 15:33:06 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempmE5484.html
[2010-04-21 15:14:28 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempgT3928.html
[2010-04-21 15:14:28 | 000,002,089 | ---- | C] () -- C:\Users\admin\AppData\Local\TempGp3928.html
[2010-04-19 21:03:35 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempAe2636.html
[2010-04-19 17:22:02 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempao3828.html
[2010-04-18 22:41:18 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempPC2008.html
[2010-04-18 21:49:49 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempQr4828.html
[2010-04-18 21:13:57 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TemphHv916.html
[2010-04-18 14:57:25 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempdx3908.html
[2010-04-17 21:35:51 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TemplH4364.html
[2010-04-17 17:32:51 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempJJ4940.html
[2010-04-17 09:14:56 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TemppH4172.html
[2010-04-16 14:22:40 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempTfb800.html
[2010-04-16 14:22:40 | 000,002,089 | ---- | C] () -- C:\Users\admin\AppData\Local\TempHvc800.html
[2010-04-15 20:18:16 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempwk2440.html
[2010-04-15 15:25:35 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempzK6164.html
[2010-04-15 15:25:35 | 000,002,089 | ---- | C] () -- C:\Users\admin\AppData\Local\TempTp6164.html
[2010-04-14 20:38:35 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TemprI4716.html
[2010-04-14 20:16:24 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempnb4220.html
[2010-04-14 15:05:48 | 000,072,192 | ---- | C] () -- C:\Windows\SysNative\l3codeca.acm
[2010-04-14 15:05:46 | 001,420,688 | ---- | C] () -- C:\Windows\SysNative\drivers\tcpip.sys
[2010-04-14 15:05:45 | 000,224,256 | ---- | C] () -- C:\Windows\SysNative\iphlpsvc.dll
[2010-04-14 15:05:45 | 000,029,696 | ---- | C] () -- C:\Windows\SysNative\drivers\tunnel.sys
[2010-04-14 15:05:42 | 000,273,920 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb10.sys
[2010-04-14 15:05:42 | 000,135,168 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb.sys
[2010-04-14 15:05:42 | 000,105,472 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb20.sys
[2010-04-14 15:05:40 | 004,690,832 | ---- | C] () -- C:\Windows\SysNative\ntoskrnl.exe
[2010-04-14 15:05:38 | 000,612,864 | ---- | C] () -- C:\Windows\SysNative\vbscript.dll
[2010-04-14 15:05:37 | 000,104,960 | ---- | C] () -- C:\Windows\SysNative\cabview.dll
[2010-04-14 15:04:27 | 000,218,112 | ---- | C] () -- C:\Windows\SysNative\wintrust.dll
[2010-04-14 14:59:23 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempMN4268.html
[2010-04-13 22:27:17 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempUc4368.html
[2010-04-13 21:11:09 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempiP4936.html
[2010-04-10 23:00:38 | 000,294,912 | ---- | C] () -- C:\Windows\SysNative\browserchoice.exe
[2010-04-10 11:57:03 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempeJ5008.html
[2010-04-09 23:41:09 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempJO3716.html
[2010-03-29 13:55:06 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TempHp4288.html
[2010-03-29 13:55:06 | 000,002,089 | ---- | C] () -- C:\Users\admin\AppData\Local\TempVH4288.html
[2010-03-28 15:29:17 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\TemprH4660.html
[2010-03-25 22:39:20 | 000,002,432 | ---- | C] () -- C:\Users\admin\AppData\Local\Tempbs2948.html
[2010-03-25 18:56:42 | 000,000,627 | ---- | C] () -- C:\Users\Public\Desktop\Gadu-Gadu 10.lnk
[2010-03-14 13:42:10 | 000,032,768 | ---- | C] () -- C:\Windows\SysNative\nshhttp.dll
[2010-03-14 13:42:06 | 000,610,304 | ---- | C] () -- C:\Windows\SysNative\drivers\http.sys
[2010-03-14 13:42:05 | 000,033,792 | ---- | C] () -- C:\Windows\SysNative\httpapi.dll
[2010-02-24 13:09:45 | 000,817,664 | ---- | C] () -- C:\Windows\SysNative\jscript.dll
[2010-02-20 18:49:25 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2010-02-10 19:37:05 | 000,417,984 | ---- | C] () -- C:\Users\admin\AppData\Local\dd_vcredistMSI7178.txt
[2010-02-10 19:37:04 | 000,011,478 | ---- | C] () -- C:\Users\admin\AppData\Local\dd_vcredistUI7178.txt
[2010-02-10 19:37:02 | 000,001,052 | ---- | C] () -- C:\Users\admin\Desktop\TeamSpeak 3 Client.lnk
[2010-02-09 22:09:19 | 000,054,272 | ---- | C] () -- C:\Windows\SysNative\iyuv_32.dll
[2010-02-09 22:09:19 | 000,038,400 | ---- | C] () -- C:\Windows\SysNative\msvidc32.dll
[2010-02-09 22:09:19 | 000,025,600 | ---- | C] () -- C:\Windows\SysNative\msyuv.dll
[2010-02-09 22:09:19 | 000,015,872 | ---- | C] () -- C:\Windows\SysNative\msrle32.dll
[2010-02-09 22:09:19 | 000,013,824 | ---- | C] () -- C:\Windows\SysNative\tsbyuv.dll
[2010-02-09 22:09:18 | 000,143,360 | ---- | C] () -- C:\Windows\SysNative\msvfw32.dll
[2010-02-09 22:09:18 | 000,108,544 | ---- | C] () -- C:\Windows\SysNative\avifil32.dll
[2010-02-09 22:09:18 | 000,093,184 | ---- | C] () -- C:\Windows\SysNative\mciavi32.dll
[2010-02-09 22:09:18 | 000,076,800 | ---- | C] () -- C:\Windows\SysNative\avicap32.dll
[2010-02-09 22:09:14 | 000,464,384 | ---- | C] () -- C:\Windows\SysNative\drivers\srv.sys
[2010-02-09 22:09:14 | 000,141,824 | ---- | C] () -- C:\Windows\SysNative\drivers\srvnet.sys
[2010-01-13 16:16:12 | 000,189,440 | ---- | C] () -- C:\Windows\SysNative\t2embed.dll
[2010-01-13 16:16:12 | 000,096,256 | ---- | C] () -- C:\Windows\SysNative\fontsub.dll
[2010-01-05 18:50:19 | 000,001,048 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010-01-05 18:50:19 | 000,001,044 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010-01-05 18:36:48 | 000,002,009 | ---- | C] () -- C:\Users\admin\Desktop\Google Chrome.lnk
[2010-01-04 21:44:09 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.INI
[2009-12-16 21:37:29 | 000,003,350 | -HS- | C] () -- C:\Windows\SysWow64\KGyGaAvL.sys
[2009-12-16 21:37:29 | 000,000,088 | RHS- | C] () -- C:\Windows\SysWow64\88B5D96988.sys
[2009-12-16 19:10:01 | 000,028,672 | ---- | C] () -- C:\Windows\eJreadme.exe
[2009-12-12 19:22:53 | 000,442,368 | ---- | C] () -- C:\Windows\SysNative\winhttp.dll
[2009-12-12 19:22:16 | 000,295,936 | ---- | C] () -- C:\Windows\SysNative\raschap.dll
[2009-12-12 19:22:16 | 000,280,576 | ---- | C] () -- C:\Windows\SysNative\rastls.dll
[2009-12-12 17:30:11 | 000,517,960 | ---- | C] () -- C:\Windows\SysNative\XAudio2_5.dll
[2009-12-12 17:30:10 | 002,582,888 | ---- | C] () -- C:\Windows\SysNative\D3DCompiler_42.dll
[2009-12-12 17:30:10 | 000,176,968 | ---- | C] () -- C:\Windows\SysNative\xactengine3_5.dll
[2009-12-12 17:30:08 | 005,554,512 | ---- | C] () -- C:\Windows\SysNative\d3dcsx_42.dll
[2009-12-12 17:30:07 | 000,523,088 | ---- | C] () -- C:\Windows\SysNative\d3dx10_42.dll
[2009-12-12 17:30:07 | 000,285,024 | ---- | C] () -- C:\Windows\SysNative\d3dx11_42.dll
[2009-12-12 17:30:06 | 002,475,352 | ---- | C] () -- C:\Windows\SysNative\D3DX9_42.dll
[2009-12-12 17:30:05 | 002,430,312 | ---- | C] () -- C:\Windows\SysNative\D3DCompiler_41.dll
[2009-12-12 17:30:05 | 000,520,544 | ---- | C] () -- C:\Windows\SysNative\d3dx10_41.dll
[2009-12-12 17:30:04 | 005,425,496 | ---- | C] () -- C:\Windows\SysNative\D3DX9_41.dll
[2009-12-12 17:30:03 | 000,521,560 | ---- | C] () -- C:\Windows\SysNative\XAudio2_4.dll
[2009-12-12 17:30:03 | 000,174,936 | ---- | C] () -- C:\Windows\SysNative\xactengine3_4.dll
[2009-12-12 17:30:03 | 000,073,544 | ---- | C] () -- C:\Windows\SysNative\XAPOFX1_3.dll
[2009-12-12 17:30:02 | 000,024,920 | ---- | C] () -- C:\Windows\SysNative\X3DAudio1_6.dll
[2009-12-12 17:30:00 | 002,605,920 | ---- | C] () -- C:\Windows\SysNative\D3DCompiler_40.dll
[2009-12-12 17:30:00 | 000,519,000 | ---- | C] () -- C:\Windows\SysNative\d3dx10_40.dll
[2009-12-12 17:29:58 | 005,631,312 | ---- | C] () -- C:\Windows\SysNative\D3DX9_40.dll
[2009-12-12 17:29:57 | 000,518,480 | ---- | C] () -- C:\Windows\SysNative\XAudio2_3.dll
[2009-12-12 17:29:57 | 000,175,440 | ---- | C] () -- C:\Windows\SysNative\xactengine3_3.dll
[2009-12-12 17:29:57 | 000,074,576 | ---- | C] () -- C:\Windows\SysNative\XAPOFX1_2.dll
[2009-12-12 17:29:56 | 000,025,936 | ---- | C] () -- C:\Windows\SysNative\X3DAudio1_5.dll
[2009-11-25 13:12:56 | 001,875,456 | ---- | C] () -- C:\Windows\SysNative\msxml3.dll
[2009-11-25 13:12:56 | 001,794,560 | ---- | C] () -- C:\Windows\SysNative\msxml6.dll
[2009-11-18 17:54:48 | 000,002,493 | ---- | C] () -- C:\Users\Public\Documents\Global.sw2
[2009-11-18 17:54:48 | 000,000,000 | -H-- | C] () -- C:\Windows\SwSys2.bmp
[2009-11-18 17:54:48 | 000,000,000 | -H-- | C] () -- C:\Windows\SwSys1.bmp
[2009-11-11 13:48:08 | 000,437,248 | ---- | C] () -- C:\Windows\SysNative\WSDApi.dll
[2009-10-16 18:12:03 | 000,818,688 | ---- | C] () -- C:\Windows\SysNative\WMSPDMOD.DLL
[2009-10-16 18:11:48 | 000,268,800 | ---- | C] () -- C:\Windows\SysNative\msv1_0.dll
[2009-10-16 18:11:43 | 000,174,592 | ---- | C] () -- C:\Windows\SysNative\drivers\srv2.sys
[2009-10-16 18:11:41 | 000,082,944 | ---- | C] () -- C:\Windows\SysNative\msasn1.dll
[2009-10-07 15:08:52 | 002,621,440 | ---- | C] () -- C:\Windows\SysNative\wucltux.dll
[2009-10-07 15:08:52 | 002,424,024 | ---- | C] () -- C:\Windows\SysNative\wuaueng.dll
[2009-10-07 15:08:52 | 000,057,560 | ---- | C] () -- C:\Windows\SysNative\wuauclt.exe
[2009-10-07 15:08:52 | 000,043,744 | ---- | C] () -- C:\Windows\SysNative\wups2.dll
[2009-10-07 15:08:12 | 000,700,640 | ---- | C] () -- C:\Windows\SysNative\wuapi.dll
[2009-10-07 15:08:12 | 000,098,816 | ---- | C] () -- C:\Windows\SysNative\wudriver.dll
[2009-10-07 15:08:12 | 000,038,112 | ---- | C] () -- C:\Windows\SysNative\wups.dll
[2009-10-07 15:07:56 | 000,185,416 | ---- | C] () -- C:\Windows\SysNative\wuwebv.dll
[2009-10-07 15:07:56 | 000,036,864 | ---- | C] () -- C:\Windows\SysNative\wuapp.exe
[2009-10-03 09:05:33 | 000,270,208 | ---- | C] () -- C:\Windows\SysNative\MpSigStub.exe
[2009-09-28 17:42:47 | 000,000,027 | ---- | C] () -- C:\Users\admin\Desktop\skamandryta.css
[2009-09-26 08:43:42 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2009-09-26 08:40:25 | 000,002,415 | ---- | C] () -- C:\Users\admin\Desktop\Skype.lnk
[2009-09-11 21:43:50 | 001,692,160 | ---- | C] () -- C:\Windows\SysNative\lsasrv.dll
[2009-09-11 21:43:50 | 000,656,384 | ---- | C] () -- C:\Windows\SysNative\kerberos.dll
[2009-09-11 21:43:49 | 000,515,656 | ---- | C] () -- C:\Windows\SysNative\drivers\ksecdd.sys
[2009-09-11 21:43:49 | 000,338,944 | ---- | C] () -- C:\Windows\SysNative\schannel.dll
[2009-09-11 21:43:49 | 000,205,312 | ---- | C] () -- C:\Windows\SysNative\wdigest.dll
[2009-09-11 21:43:49 | 000,094,720 | ---- | C] () -- C:\Windows\SysNative\secur32.dll
[2009-09-11 21:43:49 | 000,011,264 | ---- | C] () -- C:\Windows\SysNative\lsass.exe
[2009-09-10 15:59:56 | 002,423,296 | ---- | C] () -- C:\Windows\SysNative\mstscax.dll
[2009-09-10 15:59:49 | 000,057,667 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2009-09-10 15:59:49 | 000,057,667 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2009-09-10 15:59:07 | 002,900,480 | ---- | C] () -- C:\Windows\SysNative\WMVCORE.DLL
[2009-09-10 15:59:06 | 003,547,136 | ---- | C] () -- C:\Windows\SysNative\mf.dll
[2009-09-10 15:59:04 | 000,088,576 | ---- | C] () -- C:\Windows\SysNative\atl.dll
[2009-09-10 15:58:56 | 000,141,312 | ---- | C] () -- C:\Windows\SysNative\netiohlp.dll
[2009-09-10 15:58:56 | 000,032,256 | ---- | C] () -- C:\Windows\SysNative\NETSTAT.EXE
[2009-09-10 15:58:56 | 000,023,040 | ---- | C] () -- C:\Windows\SysNative\ARP.EXE
[2009-09-10 15:58:55 | 000,021,504 | ---- | C] () -- C:\Windows\SysNative\ROUTE.EXE
[2009-09-10 15:58:55 | 000,017,920 | ---- | C] () -- C:\Windows\SysNative\netevent.dll
[2009-09-10 15:58:55 | 000,012,800 | ---- | C] () -- C:\Windows\SysNative\MRINFO.EXE
[2009-09-10 15:58:55 | 000,011,264 | ---- | C] () -- C:\Windows\SysNative\finger.exe
[2009-09-10 15:58:55 | 000,010,752 | ---- | C] () -- C:\Windows\SysNative\TCPSVCS.EXE
[2009-09-10 15:58:55 | 000,010,240 | ---- | C] () -- C:\Windows\SysNative\HOSTNAME.EXE
[2009-09-10 15:58:24 | 000,202,752 | ---- | C] () -- C:\Windows\SysNative\wkssvc.dll
[2009-09-10 15:58:18 | 013,426,176 | ---- | C] () -- C:\Windows\SysNative\wmp.dll
[2009-09-10 15:58:15 | 000,368,128 | ---- | C] () -- C:\Windows\SysNative\wmpdxm.dll
[2009-09-10 15:58:14 | 000,009,216 | ---- | C] () -- C:\Windows\SysNative\spwmp.dll
[2009-09-10 15:58:14 | 000,005,120 | ---- | C] () -- C:\Windows\SysNative\msdxm.ocx
[2009-09-10 15:58:14 | 000,005,120 | ---- | C] () -- C:\Windows\SysNative\dxmasf.dll
[2009-09-10 15:58:13 | 008,147,968 | ---- | C] () -- C:\Windows\SysNative\wmploc.DLL
[2009-09-10 15:58:13 | 000,043,520 | ---- | C] () -- C:\Windows\SysNative\msdxm.tlb
[2009-09-10 15:58:12 | 000,018,432 | ---- | C] () -- C:\Windows\SysNative\amcompat.tlb
[2009-09-10 15:58:10 | 002,608,803 | ---- | C] () -- C:\Windows\SysNative\wlan.tmf
[2009-09-10 15:58:10 | 000,353,280 | ---- | C] () -- C:\Windows\SysNative\wlanmsm.dll
[2009-09-10 15:58:09 | 000,615,936 | ---- | C] () -- C:\Windows\SysNative\wlansvc.dll
[2009-09-10 15:58:09 | 000,376,832 | ---- | C] () -- C:\Windows\SysNative\wlansec.dll
[2009-09-10 15:58:09 | 000,157,184 | ---- | C] () -- C:\Windows\SysNative\L2SecHC.dll
[2009-09-10 15:58:09 | 000,097,792 | ---- | C] () -- C:\Windows\SysNative\wlanhlp.dll
[2009-09-10 15:58:09 | 000,086,528 | ---- | C] () -- C:\Windows\SysNative\wlanapi.dll
[2009-09-09 18:34:06 | 000,000,552 | ---- | C] () -- C:\Users\admin\AppData\Local\d3d8caps.dat
[2009-08-07 19:51:34 | 000,178,430 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009-07-08 13:14:10 | 000,000,782 | ---- | C] () -- C:\Users\admin\Desktop\µTorrent.lnk
[2009-07-05 09:06:22 | 000,161,792 | ---- | C] () -- C:\Windows\SysNative\advpack.dll
[2009-07-05 09:06:22 | 000,088,064 | ---- | C] () -- C:\Windows\SysNative\admparse.dll
[2009-07-05 09:06:22 | 000,085,504 | ---- | C] () -- C:\Windows\SysNative\icardie.dll
[2009-07-05 09:06:22 | 000,022,528 | ---- | C] () -- C:\Windows\SysNative\corpol.dll
[2009-07-05 09:06:21 | 000,223,232 | ---- | C] () -- C:\Windows\SysNative\msls31.dll
[2009-07-05 09:06:21 | 000,157,696 | ---- | C] () -- C:\Windows\SysNative\ieakeng.dll
[2009-07-05 09:06:21 | 000,077,824 | ---- | C] () -- C:\Windows\SysNative\tdc.ocx
[2009-07-05 09:06:20 | 000,125,952 | ---- | C] () -- C:\Windows\SysNative\inseng.dll
[2009-07-05 09:06:20 | 000,076,288 | ---- | C] () -- C:\Windows\SysNative\wextract.exe
[2009-07-05 09:06:20 | 000,063,488 | ---- | C] () -- C:\Windows\SysNative\pngfilt.dll
[2009-07-05 09:06:20 | 000,055,808 | ---- | C] () -- C:\Windows\SysNative\licmgr10.dll
[2009-07-05 09:06:20 | 000,052,736 | ---- | C] () -- C:\Windows\SysNative\imgutil.dll
[2009-07-05 09:06:19 | 000,508,416 | ---- | C] () -- C:\Windows\SysNative\dxtmsft.dll
[2009-07-05 09:06:19 | 000,481,280 | ---- | C] () -- C:\Windows\SysNative\ieapfltr.dll
[2009-07-05 09:06:19 | 000,318,464 | ---- | C] () -- C:\Windows\SysNative\dxtrans.dll
[2009-07-05 09:06:18 | 000,304,640 | ---- | C] () -- C:\Windows\SysNative\webcheck.dll
[2009-07-05 09:06:18 | 000,271,872 | ---- | C] () -- C:\Windows\SysNative\ieaksie.dll
[2009-07-05 09:06:18 | 000,241,664 | ---- | C] () -- C:\Windows\SysNative\msrating.dll
[2009-07-05 09:06:18 | 000,163,840 | ---- | C] () -- C:\Windows\SysNative\ieakui.dll
[2009-07-05 09:06:18 | 000,096,768 | ---- | C] () -- C:\Windows\SysNative\mshtmled.dll
[2009-07-05 09:06:17 | 000,278,528 | ---- | C] () -- C:\Windows\SysNative\WinFXDocObj.exe
[2009-07-05 09:06:17 | 000,131,584 | ---- | C] () -- C:\Windows\SysNative\PDMSetup.exe
[2009-07-05 09:06:17 | 000,129,024 | ---- | C] () -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2009-07-05 09:06:17 | 000,128,512 | ---- | C] () -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2009-07-05 09:06:17 | 000,125,440 | ---- | C] () -- C:\Windows\SysNative\SetDepNx.exe
[2009-07-05 09:06:17 | 000,108,032 | ---- | C] () -- C:\Windows\SysNative\url.dll
[2009-07-05 09:06:17 | 000,041,984 | ---- | C] () -- C:\Windows\SysNative\mshta.exe
[2009-07-05 09:06:16 | 000,479,744 | ---- | C] () -- C:\Windows\SysNative\html.iec
[2009-07-05 09:06:16 | 000,048,128 | ---- | C] () -- C:\Windows\SysNative\mshtmler.dll
[2009-07-05 09:06:15 | 003,698,584 | ---- | C] () -- C:\Windows\SysNative\ieapfltr.dat
[2009-07-05 09:06:15 | 000,193,536 | ---- | C] () -- C:\Windows\SysNative\iexpress.exe
[2009-07-03 20:30:56 | 000,219,128 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2009-07-03 10:10:14 | 000,049,160 | ---- | C] () -- C:\Windows\SysNative\infocardcpl.cpl
[2009-07-03 10:10:09 | 000,052,760 | ---- | C] () -- C:\Windows\SysNative\PresentationHostProxy.dll
[2009-07-03 10:10:09 | 000,011,264 | ---- | C] () -- C:\Windows\SysNative\icardres.dll
[2009-07-03 10:10:08 | 001,383,936 | ---- | C] () -- C:\Windows\SysNative\icardagt.exe
[2009-07-03 10:10:08 | 001,168,928 | ---- | C] () -- C:\Windows\SysNative\PresentationNative_v0300.dll
[2009-07-03 10:10:08 | 000,167,432 | ---- | C] () -- C:\Windows\SysNative\infocardapi.dll
[2009-07-03 10:10:04 | 000,126,520 | ---- | C] () -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2009-07-03 10:10:02 | 000,357,904 | ---- | C] () -- C:\Windows\SysNative\PresentationHost.exe
[2009-07-03 10:04:29 | 000,013,824 | ---- | C] () -- C:\Windows\SysNative\netfxperf.dll
[2009-07-03 10:04:22 | 000,112,120 | ---- | C] () -- C:\Windows\SysNative\dfshim.dll
[2009-07-03 10:04:16 | 000,406,528 | ---- | C] () -- C:\Windows\SysNative\mscoree.dll
[2009-07-03 10:04:12 | 000,158,208 | ---- | C] () -- C:\Windows\SysNative\mscorier.dll
[2009-07-03 10:04:10 | 000,076,288 | ---- | C] () -- C:\Windows\SysNative\mscories.dll
[2009-06-30 22:27:57 | 000,149,773 | ---- | C] () -- C:\Windows\SysNative\drivers\klin.dat
[2009-06-30 22:27:57 | 000,106,765 | ---- | C] () -- C:\Windows\SysNative\drivers\klick.dat
[2009-06-30 22:24:28 | 007,422,524 | -HS- | C] () -- C:\Windows\SysNative\drivers\fidbox.dat
[2009-06-30 22:24:28 | 001,105,980 | -HS- | C] () -- C:\Windows\SysNative\drivers\fidbox2.dat
[2009-06-30 22:24:28 | 000,072,548 | -HS- | C] () -- C:\Windows\SysNative\drivers\fidbox.idx
[2009-06-30 22:24:28 | 000,010,596 | -HS- | C] () -- C:\Windows\SysNative\drivers\fidbox2.idx
[2009-06-30 22:24:16 | 000,227,856 | ---- | C] () -- C:\Windows\SysNative\drivers\klif.sys
[2009-06-30 21:49:58 | 012,240,896 | ---- | C] () -- C:\Windows\SysNative\NlsLexicons0007.dll
[2009-06-30 21:49:57 | 002,644,480 | ---- | C] () -- C:\Windows\SysNative\NlsLexicons0009.dll
[2009-06-30 21:49:45 | 001,361,920 | ---- | C] () -- C:\Windows\SysNative\NaturalLanguage6.dll
[2009-06-30 21:44:56 | 000,791,552 | ---- | C] () -- C:\Windows\SysNative\localspl.dll
[2009-06-30 21:44:53 | 001,280,512 | ---- | C] () -- C:\Windows\SysNative\rpcrt4.dll
[2009-06-30 21:44:49 | 000,660,480 | ---- | C] () -- C:\Windows\SysNative\win32spl.dll
[2009-06-30 21:44:47 | 004,240,384 | ---- | C] () -- C:\Windows\SysNative\GameUXLegacyGDFs.dll
[2009-06-30 21:44:47 | 001,926,656 | ---- | C] () -- C:\Windows\SysNative\gameux.dll
[2009-06-30 21:44:47 | 000,032,256 | ---- | C] () -- C:\Windows\SysNative\Apphlpdm.dll
[2009-06-30 21:44:24 | 001,208,832 | ---- | C] () -- C:\Windows\SysNative\kernel32.dll
[2009-06-30 21:44:23 | 000,025,600 | ---- | C] () -- C:\Windows\SysNative\amxread.dll
[2009-06-30 21:44:23 | 000,015,872 | ---- | C] () -- C:\Windows\SysNative\apilogen.dll
[2009-06-30 21:44:17 | 000,388,608 | ---- | C] () -- C:\Windows\SysNative\gdi32.dll
[2009-06-30 21:44:08 | 001,030,656 | ---- | C] () -- C:\Windows\SysNative\printfilterpipelinesvc.exe
[2009-06-30 21:44:06 | 000,718,336 | ---- | C] () -- C:\Windows\SysNative\rpcss.dll
[2009-06-30 21:44:05 | 000,231,424 | ---- | C] () -- C:\Windows\SysNative\sdohlp.dll
[2009-06-30 21:44:05 | 000,163,840 | ---- | C] () -- C:\Windows\SysNative\iasrecst.dll
[2009-06-30 21:44:05 | 000,075,776 | ---- | C] () -- C:\Windows\SysNative\iasads.dll
[2009-06-30 21:44:05 | 000,061,440 | ---- | C] () -- C:\Windows\SysNative\iasdatastore.dll
[2009-06-30 21:44:05 | 000,036,352 | ---- | C] () -- C:\Windows\SysNative\printfilterpipelineprxy.dll
[2009-06-30 21:44:05 | 000,024,576 | ---- | C] () -- C:\Windows\SysNative\iashost.exe
[2009-06-30 21:43:50 | 001,245,184 | ---- | C] () -- C:\Windows\SysNative\WMNetMgr.dll
[2009-06-30 21:43:50 | 000,112,640 | ---- | C] () -- C:\Windows\SysNative\logagent.exe
[2009-06-30 21:43:21 | 000,730,112 | ---- | C] () -- C:\Windows\SysNative\msdtcprx.dll
[2009-06-30 21:43:21 | 000,048,640 | ---- | C] () -- C:\Windows\SysNative\xolehlp.dll
[2009-06-30 21:43:19 | 012,897,792 | ---- | C] () -- C:\Windows\SysNative\shell32.dll
[2009-01-31 21:58:16 | 000,235,532 | ---- | C] () -- C:\Windows\SysWow64\loadimage.dll
[2009-01-31 21:58:16 | 000,094,208 | ---- | C] () -- C:\Windows\SysWow64\NewWaveAnzeige.dll
[2009-01-31 21:58:16 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\fader.dll
[2009-01-31 21:58:16 | 000,029,696 | ---- | C] () -- C:\Windows\SysWow64\pthread.dll
[2009-01-31 21:56:06 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009-01-31 21:52:16 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\eJ_Tool.dll
[2008-11-05 21:42:59 | 000,000,279 | ---- | C] () -- C:\Windows\game.ini
[2008-10-25 14:27:02 | 001,580,100 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2008-10-24 18:08:36 | 000,164,352 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2008-10-24 18:08:35 | 000,755,027 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2008-10-24 18:08:35 | 000,159,839 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2008-10-24 18:08:34 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2008-10-24 18:08:34 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2008-10-24 18:08:34 | 000,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest
[2008-10-24 16:58:54 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2008-10-07 10:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2008-10-07 10:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2008-01-21 04:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2008-01-21 04:49:49 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[color=#E56717]========== LOP Check ==========[/color]

[2010-01-08 18:41:16 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Atari
[2008-10-24 18:16:19 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\DAEMON Tools
[2009-10-30 16:45:22 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Dark Sector
[2008-10-24 18:06:55 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Gadu-Gadu
[2010-03-25 18:56:31 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Gadu-Gadu 10
[2010-05-18 22:47:43 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\HLSW
[2009-03-19 20:15:03 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Leadertech
[2010-01-14 00:16:31 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\LG Electronics
[2009-05-13 16:06:38 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\My Games
[2009-07-03 21:35:55 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Nowe Gadu-Gadu
[2010-05-04 19:52:53 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\OpenFM
[2009-05-13 15:52:09 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Opera
[2009-01-24 16:59:31 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Sierra
[2010-06-21 20:32:07 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\TS3Client
[2010-06-13 20:29:26 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\uTorrent
[2010-06-23 21:17:36 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Vista Start Menu
[2010-06-25 14:27:55 | 000,032,562 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2008-01-21 04:50:15 | 000,333,203 | RHS- | M] () -- C:\bootmgr
[2008-10-24 23:38:53 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2008-11-08 00:00:58 | 000,000,141 | ---- | M] () -- C:\DevList.txt
[2010-06-25 14:28:49 | 312,033,279 | -HS- | M] () -- C:\pagefile.sys


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2008-01-21 04:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_163188bf770e4ab0\AGP440.sys
[2008-01-21 04:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_181d01cb743015fc\AGP440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2008-01-21 04:46:50 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_3956c39dd9e73fd2\atapi.sys
[2009-04-11 09:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\SoftwareDistribution\Download\b7a36a24530dbf6d856c57e20cf520d9\amd64_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_3b423ca9d7090b1e\atapi.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2008-01-21 04:46:54 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=3B2FB35363423ED60C8FBF15FC8680BD -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_bbc7f7665c24db80\cdrom.sys
[2009-04-11 07:34:39 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=C025AA69BE3D0D25C7A2E746EF6F94FC -- C:\Windows\SoftwareDistribution\Download\b7a36a24530dbf6d856c57e20cf520d9\amd64_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_bdb370725946a6cc\cdrom.sys

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-01-21 04:50:38 | 000,739,384 | ---- | M] (Microsoft Corporation) MD5=2A2EE457AF36C5C9A6808C768BD3A12B -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_03e5c74ad46c7e4e\ndis.sys
[2009-04-11 09:15:34 | 000,738,264 | ---- | M] (Microsoft Corporation) MD5=65950E07329FCEE8E6516B17C8D0ABB6 -- C:\Windows\SoftwareDistribution\Download\b7a36a24530dbf6d856c57e20cf520d9\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_05d14056d18e499a\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2009-04-11 09:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\SoftwareDistribution\Download\b7a36a24530dbf6d856c57e20cf520d9\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_cdcd15a68a70b877\winlogon.exe
[2008-01-21 04:49:47 | 000,406,016 | ---- | M] (Microsoft Corporation) MD5=856491FCED98093D824B9EB2892F564A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_cbe19c9a8d4eed2b\winlogon.exe
[2009-04-11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SoftwareDistribution\Download\b7a36a24530dbf6d856c57e20cf520d9\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008-01-21 04:50:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\SysWOW64\winlogon.exe
[2008-01-21 04:50:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\SysWOW64\winlogon.exe
[2008-01-21 04:50:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< End of report >
[/log]

Wydaje mi się jednak, że wszystko powoli wraca do normy. Dzięki za udzieloną pomoc.

Mateusz J.
komentarz
komentarz

Uruchom OTL i w oknie Custom Scans/Fixes wklej[code]
:Processes
explorer.exe

:OTL
O4 - HKLM..\Run: [HKLM] C:\Users\admin\AppData\Roaming\Microsoft_KB57H43\tmngr.exe File not found
O4 - HKLM..\Run: [QuickTime Task] d:\Trzecia fala\qttask.exe File not found
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe File not found
O4 - HKU\S-1-5-21-4090682708-3521959348-571196124-1000..\Run: [Advanced Uninstaller PRO Installation Monitor] C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO - Version 9\Monitor.exe File not found
O4 - HKU\S-1-5-21-4090682708-3521959348-571196124-1000..\Run: [duedue] C:\Users\admin\duedue.exe File not found
O4 - HKU\S-1-5-21-4090682708-3521959348-571196124-1000..\Run: [HKCU] C:\Users\admin\AppData\Roaming\Microsoft_KB57H43\tmngr.exe File not found
O4 - HKU\S-1-5-21-4090682708-3521959348-571196124-1000..\Run: [Task Bar] C:\Documents and Settings\All Users\Documents\svchast.exe File not found
O4 - HKU\S-1-5-21-4090682708-3521959348-571196124-1000..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Policies = C:\Users\admin\AppData\Roaming\Microsoft_KB57H43\tmngr.exe File not found

:Files
C:\Users\Public\Documents\svchast.exe

:Commands
[emptytemp]
[Reboot][/code]Kliknij Run Fix. Zatwierdź restart komputera.
Po ponownym uruchomieniu komputera tworzysz nowy log i pokazujesz do kontroli wraz z raportem usuwania.

Przeczyść komputer program ATF Cleaner.

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.