OTL logfile created on: 2012-07-06 20:30:39 - Run 1 OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\Filas\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 4,00 Gb Total Physical Memory | 3,26 Gb Available Physical Memory | 81,59% Memory free 7,99 Gb Paging File | 7,33 Gb Available in Paging File | 91,71% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 451,66 Gb Total Space | 31,14 Gb Free Space | 6,90% Space Free | Partition Type: NTFS Computer Name: FILAS-KOMPUTER | User Name: Filas | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2012-07-06 20:27:58 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Filas\Downloads\OTL.exe PRC - [2012-06-19 06:50:50 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2012-06-19 06:50:49 | 000,016,864 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe PRC - [2012-06-12 19:54:54 | 001,104,440 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2012-07-06 20:27:58 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Filas\Downloads\OTL.exe MOD - [2012-06-19 17:35:14 | 004,967,624 | ---- | M] (Skype Technologies S.A.) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll MOD - [2012-06-19 17:29:24 | 003,977,928 | ---- | M] (Skype Technologies S.A.) -- C:\Program Files (x86)\Skype\Toolbars\Shared\SkypePnr.dll MOD - [2012-06-19 06:50:50 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe MOD - [2012-06-19 06:50:50 | 000,258,528 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\freebl3.dll MOD - [2012-06-19 06:50:50 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll MOD - [2012-06-19 06:50:49 | 015,757,792 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\xul.dll MOD - [2012-06-19 06:50:49 | 002,042,848 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2012-06-19 06:50:49 | 000,829,920 | ---- | M] (sqlite.org) -- C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll MOD - [2012-06-19 06:50:49 | 000,637,920 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nss3.dll MOD - [2012-06-19 06:50:49 | 000,624,608 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll MOD - [2012-06-19 06:50:49 | 000,358,368 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll MOD - [2012-06-19 06:50:49 | 000,170,464 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nspr4.dll MOD - [2012-06-19 06:50:49 | 000,155,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\softokn3.dll MOD - [2012-06-19 06:50:49 | 000,145,376 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\ssl3.dll MOD - [2012-06-19 06:50:49 | 000,095,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll MOD - [2012-06-19 06:50:49 | 000,092,640 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nssutil3.dll MOD - [2012-06-19 06:50:49 | 000,091,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\smime3.dll MOD - [2012-06-19 06:50:49 | 000,043,488 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\mozglue.dll MOD - [2012-06-19 06:50:49 | 000,021,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\plc4.dll MOD - [2012-06-19 06:50:49 | 000,020,960 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\plds4.dll MOD - [2012-06-19 06:50:49 | 000,019,424 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\xpcom.dll MOD - [2012-06-19 06:50:49 | 000,016,864 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe MOD - [2012-06-19 06:50:49 | 000,016,352 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll MOD - [2012-06-12 19:54:57 | 000,132,664 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\SiteSafety.dll MOD - [2012-06-12 19:54:57 | 000,029,752 | ---- | M] (AVG Technologies) -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\npsitesafety.dll MOD - [2012-06-12 19:54:54 | 001,104,440 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe MOD - [2012-06-09 15:25:28 | 000,770,384 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll MOD - [2012-06-09 15:25:28 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll MOD - [2012-05-15 05:03:54 | 000,981,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll MOD - [2012-04-24 06:36:42 | 001,158,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll MOD - [2012-04-24 06:36:42 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptnet.dll MOD - [2012-04-21 06:21:01 | 001,625,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll MOD - [2012-04-20 07:00:28 | 001,231,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll MOD - [2012-04-20 06:56:50 | 002,073,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll MOD - [2012-04-20 06:56:49 | 011,020,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieframe.dll MOD - [2012-03-03 07:31:19 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DWrite.dll MOD - [2012-03-01 07:37:41 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll MOD - [2012-03-01 07:33:23 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll MOD - [2012-01-04 10:59:38 | 012,872,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll MOD - [2012-01-04 10:58:41 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll MOD - [2011-12-16 09:52:58 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll MOD - [2011-11-17 07:38:39 | 001,292,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll MOD - [2011-11-17 07:34:52 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll MOD - [2011-11-17 07:28:48 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll MOD - [2011-08-31 10:40:36 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll MOD - [2011-08-31 10:40:36 | 000,569,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll MOD - [2011-08-27 06:26:27 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll MOD - [2011-08-27 06:26:27 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll MOD - [2011-07-16 06:24:22 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll MOD - [2011-07-16 06:24:22 | 000,272,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll MOD - [2011-05-24 12:40:05 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll MOD - [2011-05-24 12:40:05 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devrtl.dll MOD - [2011-05-24 12:39:38 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll MOD - [2011-03-03 07:38:01 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll MOD - [2011-01-17 07:47:13 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1.dll MOD - [2010-11-20 14:21:38 | 002,311,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wpdshext.dll MOD - [2010-11-20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll MOD - [2010-11-20 14:21:36 | 001,010,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll MOD - [2010-11-20 14:21:36 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll MOD - [2010-11-20 14:21:36 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll MOD - [2010-11-20 14:21:34 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll MOD - [2010-11-20 14:21:33 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll MOD - [2010-11-20 14:21:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll MOD - [2010-11-20 14:21:27 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\t2embed.dll MOD - [2010-11-20 14:21:26 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll MOD - [2010-11-20 14:21:24 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll MOD - [2010-11-20 14:21:19 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll MOD - [2010-11-20 14:21:15 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll MOD - [2010-11-20 14:21:14 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll MOD - [2010-11-20 14:21:04 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll MOD - [2010-11-20 14:21:03 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RpcRtRemote.dll MOD - [2010-11-20 14:21:03 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rtutils.dll MOD - [2010-11-20 14:20:57 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll MOD - [2010-11-20 14:20:49 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll MOD - [2010-11-20 14:20:49 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll MOD - [2010-11-20 14:20:30 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll MOD - [2010-11-20 14:20:29 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll MOD - [2010-11-20 14:19:56 | 001,236,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml3.dll MOD - [2010-11-20 14:19:56 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll MOD - [2010-11-20 14:19:45 | 000,481,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll MOD - [2010-11-20 14:19:45 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll MOD - [2010-11-20 14:19:39 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll MOD - [2010-11-20 14:19:23 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL MOD - [2010-11-20 14:19:03 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL MOD - [2010-11-20 14:19:01 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ExplorerFrame.dll MOD - [2010-11-20 14:18:36 | 000,508,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxgi.dll MOD - [2010-11-20 14:18:27 | 000,854,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbghelp.dll MOD - [2010-11-20 14:18:25 | 001,828,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d9.dll MOD - [2010-11-20 14:18:25 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1core.dll MOD - [2010-11-20 14:18:25 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll MOD - [2010-11-20 14:18:23 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll MOD - [2010-11-20 14:18:23 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll MOD - [2010-11-20 14:18:03 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll MOD - [2010-11-20 14:18:02 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll MOD - [2010-11-20 14:16:50 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv MOD - [2010-11-20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll MOD - [2010-11-20 14:08:57 | 000,663,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll MOD - [2010-11-20 14:08:51 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll MOD - [2010-11-20 14:08:51 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll MOD - [2010-11-20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll MOD - [2010-02-28 03:13:36 | 000,049,024 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL MOD - [2009-08-18 11:29:22 | 000,134,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL MOD - [2009-07-14 03:17:54 | 000,249,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcryptprimitives.dll MOD - [2009-07-14 03:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll MOD - [2009-07-14 03:16:20 | 000,308,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wpc.dll MOD - [2009-07-14 03:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll MOD - [2009-07-14 03:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wship6.dll MOD - [2009-07-14 03:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL MOD - [2009-07-14 03:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winrnr.dll MOD - [2009-07-14 03:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll MOD - [2009-07-14 03:16:18 | 000,262,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wevtapi.dll MOD - [2009-07-14 03:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll MOD - [2009-07-14 03:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll MOD - [2009-07-14 03:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll MOD - [2009-07-14 03:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll MOD - [2009-07-14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll MOD - [2009-07-14 03:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll MOD - [2009-07-14 03:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SensApi.dll MOD - [2009-07-14 03:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasapi32.dll MOD - [2009-07-14 03:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasman.dll MOD - [2009-07-14 03:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pnrpnsp.dll MOD - [2009-07-14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll MOD - [2009-07-14 03:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll MOD - [2009-07-14 03:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll MOD - [2009-07-14 03:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll MOD - [2009-07-14 03:16:11 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\npmproxy.dll MOD - [2009-07-14 03:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll MOD - [2009-07-14 03:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netprofm.dll MOD - [2009-07-14 03:16:02 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncrypt.dll MOD - [2009-07-14 03:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\NapiNSP.dll MOD - [2009-07-14 03:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll MOD - [2009-07-14 03:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll MOD - [2009-07-14 03:15:41 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mpr.dll MOD - [2009-07-14 03:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll MOD - [2009-07-14 03:15:27 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\icm32.dll MOD - [2009-07-14 03:15:22 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gpapi.dll MOD - [2009-07-14 03:15:20 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\feclient.dll MOD - [2009-07-14 03:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorShell.dll MOD - [2009-07-14 03:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dui70.dll MOD - [2009-07-14 03:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\duser.dll MOD - [2009-07-14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll MOD - [2009-07-14 03:15:08 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d8thk.dll MOD - [2009-07-14 03:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll MOD - [2009-07-14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll MOD - [2009-07-14 03:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll MOD - [2009-07-14 03:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll MOD - [2009-07-14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx MOD - [2009-07-14 03:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll MOD - [2009-07-14 03:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll MOD - [2009-07-14 03:11:20 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcrypt.dll MOD - [2009-07-14 03:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2010-02-26 19:57:52 | 000,841,248 | ---- | M] (Acer Incorporated) [Auto | Stopped] -- C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe -- (ePowerSvc) SRV:[b]64bit:[/b] - [2010-01-29 01:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Stopped] -- C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe -- (Updater Service) SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2012-06-23 20:09:41 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-06-19 17:32:30 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Stopped] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2012-06-19 06:50:49 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012-06-12 19:54:55 | 000,935,480 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe -- (vToolbarUpdater11.1.0) SRV - [2012-06-07 19:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-05-19 11:12:56 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2011-11-25 16:32:36 | 000,687,400 | ---- | M] (Nero AG) [Auto | Stopped] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate) @C:\Program Files (x86) SRV - [2011-10-13 21:57:27 | 000,075,064 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2011-10-12 07:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent) SRV - [2011-10-01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) SRV - [2011-10-01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2011-08-02 07:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd) SRV - [2011-04-21 07:25:29 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2010-12-28 10:00:34 | 001,296,728 | ---- | M] (www.BitComet.com) [On_Demand | Stopped] -- C:\Program Files (x86)\BitComet\tools\BitCometService.exe -- (BITCOMET_HELPER_SERVICE) SRV - [2010-06-02 00:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU) SRV - [2010-04-13 18:57:58 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R) SRV - [2010-04-04 01:01:24 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Packard Bell Games\Packard Bell Game Console\GameConsoleService.exe -- (GameConsoleService) SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010-01-08 15:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe -- (GREGService) SRV - [2009-10-09 05:45:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor8.0) SRV - [2009-09-17 08:06:00 | 001,246,496 | ---- | M] (SafeNet, Inc) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe -- (SentinelProtectionServer) SRV - [2009-09-17 02:03:00 | 000,369,952 | ---- | M] (SafeNet, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe -- (SentinelKeysServer) SRV - [2009-09-17 02:00:02 | 000,292,128 | ---- | M] (SafeNet, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe -- (SentinelSecurityRuntime) SRV - [2009-07-13 01:08:04 | 000,024,168 | ---- | M] (The Within Network, LLC) [Auto | Stopped] -- C:\Windows\UnsignedThemesSvc.exe -- (UnsignedThemes) SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009-04-29 05:21:18 | 000,436,736 | ---- | M] (Conexant Systems, Inc.) [Auto | Stopped] -- C:\Windows\SysWOW64\XAudio64.dll -- (HsfXAudioService) SRV - [2007-07-24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Stopped] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2011-12-01 11:42:44 | 000,072,240 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVol.sys -- (NBVol) DRV:[b]64bit:[/b] - [2011-12-01 11:42:44 | 000,015,920 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVolUp.sys -- (NBVolUp) DRV:[b]64bit:[/b] - [2011-10-08 14:46:56 | 000,314,016 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt) DRV:[b]64bit:[/b] - [2011-10-08 14:46:56 | 000,043,680 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt) DRV:[b]64bit:[/b] - [2011-10-07 07:23:46 | 000,283,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64) DRV:[b]64bit:[/b] - [2011-10-01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol) DRV:[b]64bit:[/b] - [2011-10-01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay) DRV:[b]64bit:[/b] - [2011-10-01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir) DRV:[b]64bit:[/b] - [2011-10-01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs) DRV:[b]64bit:[/b] - [2011-09-13 07:30:08 | 000,037,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64) DRV:[b]64bit:[/b] - [2011-09-10 17:56:14 | 000,270,912 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:[b]64bit:[/b] - [2011-08-08 07:08:58 | 000,046,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64) DRV:[b]64bit:[/b] - [2011-07-11 02:14:36 | 000,375,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia) DRV:[b]64bit:[/b] - [2011-07-11 02:14:08 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys -- (AVGIDSFilter) DRV:[b]64bit:[/b] - [2011-07-11 02:14:06 | 000,120,400 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys -- (AVGIDSDriver) DRV:[b]64bit:[/b] - [2011-07-11 02:14:06 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVGIDSEH.sys -- (AVGIDSEH) DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2010-11-20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010-11-20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2010-11-20 12:49:51 | 000,146,432 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST) DRV:[b]64bit:[/b] - [2010-05-15 14:48:28 | 000,384,040 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM) DRV:[b]64bit:[/b] - [2010-04-13 18:44:22 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:[b]64bit:[/b] - [2009-12-10 13:25:10 | 000,301,104 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:[b]64bit:[/b] - [2009-10-05 09:49:34 | 006,952,960 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) Sterownik karty Intel(R) DRV:[b]64bit:[/b] - [2009-09-17 08:05:02 | 000,145,448 | ---- | M] (SafeNet, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\sentinel64.sys -- (Sentinel64) DRV:[b]64bit:[/b] - [2009-09-02 03:58:08 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV:[b]64bit:[/b] - [2009-08-21 07:24:04 | 000,084,512 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-07-13 01:09:20 | 000,030,568 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\uxpatch.sys -- (uxpatch) DRV:[b]64bit:[/b] - [2009-06-10 23:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92) DRV:[b]64bit:[/b] - [2009-06-10 23:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac) DRV:[b]64bit:[/b] - [2009-06-10 23:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA) DRV:[b]64bit:[/b] - [2009-06-10 22:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:[b]64bit:[/b] - [2009-06-10 22:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R) DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009-04-29 05:21:08 | 000,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\XAudio64.sys -- (XAudio) DRV:[b]64bit:[/b] - [2009-03-18 18:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi) DRV:[b]64bit:[/b] - [2008-06-16 03:00:00 | 000,055,024 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV:[b]64bit:[/b] - [2006-06-18 00:27:24 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\mdmxsdk.sys -- (mdmxsdk) DRV - [2009-09-02 03:58:08 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://packardbell.msn.com IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://packardbell.msn.com IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=APBTDF&pc=MAPB&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{215BF75F-2740-4922-B093-BCB5F5B23FC4}: "URL" = http://www.bing.com/search?q={searchTerms}&form=APBTDF&pc=MAPB&src=IE-SearchBox IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-991252479-3032653111-3358903248-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = pl.v9.com/idg/idg_1329609496_686247 IE - HKU\S-1-5-21-991252479-3032653111-3358903248-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-991252479-3032653111-3358903248-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie IE - HKU\S-1-5-21-991252479-3032653111-3358903248-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-991252479-3032653111-3358903248-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=112059&tt=060612_8_&babsrc=HP_ss&mntrId=3a292e2a0000000000008ca98241af66 IE - HKU\S-1-5-21-991252479-3032653111-3358903248-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-991252479-3032653111-3358903248-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-991252479-3032653111-3358903248-1000\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233} IE - HKU\S-1-5-21-991252479-3032653111-3358903248-1000\..\SearchScopes\{05FEE37A-D247-412B-BEEB-67A683D0844B}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 IE - HKU\S-1-5-21-991252479-3032653111-3358903248-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://startsear.ch/?aff=1&src=sp&cf=e2f97ed9-f65c-11e0-82f4-1c7508ee2326&q={searchTerms} IE - HKU\S-1-5-21-991252479-3032653111-3358903248-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=112059&tt=060612_8_&babsrc=SP_ss&mntrId=3a292e2a0000000000008ca98241af66 IE - HKU\S-1-5-21-991252479-3032653111-3358903248-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sear IE - HKU\S-1-5-21-991252479-3032653111-3358903248-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={7A104BB2-DB3F-4220-BAC6-CC96E7C27392}&mid=fd090e6d7f2c47d1a2d6cd3c4e0acad5-3116e2bb3a886234aeff8a57aaedf7389097af95&lang=pl&ds=AVG&pr=fr&d=2012-01-27 19:35:19&v=10.0.0.7&sap=dsp&q={searchTerms} IE - HKU\S-1-5-21-991252479-3032653111-3358903248-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - user.js - File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll () FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\\npsitesafety.dll () FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll () FF - HKCU\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: C:\Users\Filas\AppData\Roaming\Mozilla\Firefox\Profiles\8mwwqgja.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll File not found FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Filas\AppData\Local\Facebook\Messenger\2.1.4554.0\npFbDesktopPlugin.dll (Facebook, Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012-02-03 13:38:09 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\11.1.0.7\ [2012-06-12 19:55:01 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-06-19 06:50:50 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-04-22 09:23:09 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-06-19 06:50:50 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-04-22 09:23:09 | 000,000,000 | ---D | M] [2011-08-28 19:11:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Filas\AppData\Roaming\mozilla\Extensions [2012-07-03 15:47:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Filas\AppData\Roaming\mozilla\Firefox\Profiles\8mwwqgja.default\extensions [2011-12-23 21:44:54 | 000,000,000 | ---D | M] () -- C:\Users\Filas\AppData\Roaming\mozilla\Firefox\Profiles\8mwwqgja.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A} [2012-07-03 15:47:42 | 000,000,000 | ---D | M] (Browser Backgrounds) -- C:\Users\Filas\AppData\Roaming\mozilla\Firefox\Profiles\8mwwqgja.default\extensions\{3e0c7f3a-3f50-4730-beb5-4a9a10e2831c} [2011-12-28 15:13:10 | 000,000,000 | ---D | M] (BitComet Video Downloader) -- C:\Users\Filas\AppData\Roaming\mozilla\Firefox\Profiles\8mwwqgja.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB} [2012-05-19 23:49:59 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Filas\AppData\Roaming\mozilla\Firefox\Profiles\8mwwqgja.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2012-06-13 17:22:58 | 000,000,000 | ---D | M] (Browser Companion Helper) -- C:\Users\Filas\AppData\Roaming\mozilla\Firefox\Profiles\8mwwqgja.default\extensions\bbrs_002@blabbers.com [2012-06-16 22:17:56 | 000,000,000 | ---D | M] (samfind Bookmarks Bar) -- C:\Users\Filas\AppData\Roaming\mozilla\Firefox\Profiles\8mwwqgja.default\extensions\sam@samfind.com [2012-07-04 00:18:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2012-07-04 00:19:08 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012-06-19 06:50:50 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011-11-03 08:59:20 | 000,917,816 | ---- | M] (BitComet) -- C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll [2012-04-21 21:17:08 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2011-10-03 11:14:54 | 000,083,456 | ---- | M] (vShare.tv ) -- C:\Program Files (x86)\mozilla firefox\plugins\npvsharetvplg.dll [2012-06-09 15:25:25 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml [2012-06-12 19:54:54 | 000,003,766 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml [2012-06-13 17:23:00 | 000,002,352 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml [2012-06-09 15:25:25 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml [2012-06-09 15:25:25 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml [2012-06-09 15:25:25 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml [2012-01-05 20:39:29 | 000,002,415 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\v9.xml [2012-06-09 15:25:25 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-06-09 15:25:25 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:[b]64bit:[/b] - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (Chatvibes Browser Helper) - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files (x86)\BrowserCompanion\jsloader.dll ( ) O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO) O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (IE5BarLauncherBHO Class) - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll (VShare Inc.) O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll () O2 - BHO: (Chatvibes Browser Helper Verifier) - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll ( ) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll (VShare Inc.) O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll () O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-991252479-3032653111-3358903248-1000\..\Toolbar\WebBrowser: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll (VShare Inc.) O4:[b]64bit:[/b] - HKLM..\Run: [Acer ePower Management] C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe (Acer Incorporated) O4:[b]64bit:[/b] - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe () O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [Browser companion helper] C:\Program Files (x86)\BrowserCompanion\BCHelper.exe (Blabbers Communications LTD) O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files (x86)\Video Web Camera\traybar.exe (Chicony) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [NBAgent] C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe (Nero AG) O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation) O4 - HKLM..\Run: [ROC_roc_dec12] C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe () O4 - HKLM..\Run: [UX Launcher] C:\Program Files (x86)\UX Pack\uxlaunch.exe () O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe () O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-991252479-3032653111-3358903248-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-991252479-3032653111-3358903248-1000..\Run: [Facebook Update] C:\Users\Filas\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O4 - HKU\S-1-5-21-991252479-3032653111-3358903248-1000..\Run: [GG] C:\Users\Filas\AppData\Local\GG\Application\gghub.exe (GG Network S.A.) O4 - HKU\S-1-5-21-991252479-3032653111-3358903248-1000..\Run: [Hvpgpn] H:\RECYCLER\0xFFD12566.exe File not found O4 - HKU\S-1-5-21-991252479-3032653111-3358903248-1000..\Run: [MediaGet2] C:\Users\Filas\AppData\Local\MediaGet2\mediaget.exe --minimized File not found O4 - HKU\S-1-5-21-991252479-3032653111-3358903248-1000..\Run: [winipsec] C:\Users\Filas\AppData\Local\Microsoft\Windows\3827\winipsec.exe () O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - Startup: C:\Users\Filas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk = C:\Users\Filas\AppData\Local\Facebook\Messenger\2.1.4554.0\FacebookMessenger.exe (Facebook) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O7 - HKU\S-1-5-21-991252479-3032653111-3358903248-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0 O7 - HKU\S-1-5-21-991252479-3032653111-3358903248-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0 O7 - HKU\S-1-5-21-991252479-3032653111-3358903248-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0 O7 - HKU\S-1-5-21-991252479-3032653111-3358903248-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0 O8:[b]64bit:[/b] - Extra context menu item: &P&obierz &za pomocą BitComet - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com) O8:[b]64bit:[/b] - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found O8:[b]64bit:[/b] - Extra context menu item: Pobierz wszystko za pomocą BitComet - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com) O8 - Extra context menu item: &P&obierz &za pomocą BitComet - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com) O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Pobierz wszystko za pomocą BitComet - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-991252479-3032653111-3358903248-1000\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites) O15 - HKU\S-1-5-21-991252479-3032653111-3358903248-1000\..Trusted Domains: freerealms.com ([]* in Trusted sites) O15 - HKU\S-1-5-21-991252479-3032653111-3358903248-1000\..Trusted Domains: soe.com ([]* in Trusted sites) O15 - HKU\S-1-5-21-991252479-3032653111-3358903248-1000\..Trusted Domains: sony.com ([]* in Trusted sites) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6C07AA5A-AF64-4B25-9793-D44CF31EBA72}: DhcpNameServer = 192.168.1.1 192.168.1.1 O18:[b]64bit:[/b] - Protocol\Handler\base64 - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\chrome - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.) O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\prox - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\viprotocol - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found O18 - Protocol\Handler\base64 {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd) O18 - Protocol\Handler\chrome {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd) O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\prox {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll () O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKU\S-1-5-21-991252479-3032653111-3358903248-1000 Winlogon: Shell - (expstart.exe) - File not found O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{72760766-1060-11e1-b623-1c7508ee2326}\Shell - "" = AutoRun O33 - MountPoints2\{72760766-1060-11e1-b623-1c7508ee2326}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{7276076a-1060-11e1-b623-1c7508ee2326}\Shell - "" = AutoRun O33 - MountPoints2\{7276076a-1060-11e1-b623-1c7508ee2326}\Shell\AutoRun\command - "" = G:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) MsConfig:64bit - StartUpReg: [b]PCSpeedUp[/b] - hkey= - key= - File not found MsConfig:64bit - StartUpReg: [b]Skype[/b] - hkey= - key= - C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) MsConfig:64bit - StartUpReg: [b]Steam[/b] - hkey= - key= - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) MsConfig:64bit - State: "startup" - Reg Error: Key error. SafeBootMin:[b]64bit:[/b] AppMgmt - Service SafeBootMin:[b]64bit:[/b] Base - Driver Group SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group SafeBootMin:[b]64bit:[/b] File system - Driver Group SafeBootMin:[b]64bit:[/b] Filter - Driver Group SafeBootMin:[b]64bit:[/b] HelpSvc - Service SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group SafeBootMin:[b]64bit:[/b] sacsvr - Service SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] vmms - Service SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:[b]64bit:[/b] AppMgmt - Service SafeBootNet:[b]64bit:[/b] Base - Driver Group SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group SafeBootNet:[b]64bit:[/b] File system - Driver Group SafeBootNet:[b]64bit:[/b] Filter - Driver Group SafeBootNet:[b]64bit:[/b] HelpSvc - Service SafeBootNet:[b]64bit:[/b] Messenger - Service SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group SafeBootNet:[b]64bit:[/b] Network - Driver Group SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group SafeBootNet:[b]64bit:[/b] rdsessmgr - Service SafeBootNet:[b]64bit:[/b] sacsvr - Service SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] TDI - Driver Group SafeBootNet:[b]64bit:[/b] vmms - Service SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2012-07-06 18:36:06 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2012-07-06 18:29:23 | 000,000,000 | ---D | C] -- C:\Users\Filas\AppData\Roaming\hellomoto [2012-07-04 00:18:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012-07-04 00:18:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2012-07-03 22:45:51 | 000,000,000 | ---D | C] -- C:\Users\Filas\Desktop\karta aparat [2012-07-03 15:55:00 | 000,000,000 | ---D | C] -- C:\Users\Filas\Desktop\coma [2012-07-03 14:12:11 | 000,000,000 | ---D | C] -- C:\Users\Filas\Desktop\reggae [2012-06-30 15:58:29 | 000,000,000 | ---D | C] -- C:\Users\Filas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video Strip Poker Supreme [2012-06-30 15:58:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Strip Poker Supreme [2012-06-30 11:24:19 | 000,000,000 | ---D | C] -- C:\Users\Filas\AppData\Roaming\LolClient [2012-06-28 20:55:22 | 000,000,000 | ---D | C] -- C:\Users\Filas\Desktop\muzyka-zakończenie [2012-06-26 22:16:10 | 000,000,000 | ---D | C] -- C:\Users\Filas\AppData\Local\ElevatedDiagnostics [2012-06-26 12:46:26 | 000,000,000 | ---D | C] -- C:\Users\Filas\Desktop\luxtorpeda [2012-06-26 11:17:18 | 000,000,000 | ---D | C] -- C:\Users\Filas\Desktop\koncert ^^ [2012-06-24 15:59:25 | 000,000,000 | ---D | C] -- C:\Users\Filas\AppData\Roaming\LolClient2 [2012-06-24 15:16:59 | 000,000,000 | ---D | C] -- C:\Riot Games [2012-06-24 15:16:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewFeature1 [2012-06-24 14:19:42 | 000,000,000 | ---D | C] -- C:\Users\Filas\Desktop\League of Legends [2012-06-24 14:18:20 | 000,000,000 | ---D | C] -- C:\Users\Filas\AppData\Local\PMB Files [2012-06-24 14:18:18 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files [2012-06-24 14:17:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks [2012-06-23 22:05:04 | 000,000,000 | ---D | C] -- C:\Users\Filas\AppData\Local\Macromedia [2012-06-16 18:03:11 | 000,000,000 | ---D | C] -- C:\Users\Filas\Documents\LDW [2012-06-13 17:23:13 | 000,000,000 | ---D | C] -- C:\Users\Filas\AppData\Roaming\BabylonToolbar [2012-06-13 17:23:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BabylonToolbar [2012-06-13 17:22:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BrowserCompanion [2012-06-13 17:22:49 | 000,000,000 | ---D | C] -- C:\Users\Filas\AppData\Roaming\Babylon [2012-06-13 17:22:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon [2012-06-13 17:22:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PopCap Games [2012-06-13 17:22:34 | 000,000,000 | ---D | C] -- C:\ProgramData\PopCap Games [2012-06-13 17:22:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PopCap Games [2012-06-08 16:06:58 | 000,000,000 | ---D | C] -- C:\Users\Filas\Desktop\Wall.E.DVDSCR.XviD-ALLiANCE [www.btarena.com] [2012-06-08 12:48:47 | 000,000,000 | ---D | C] -- C:\Users\Filas\folder [2012-06-07 22:40:33 | 000,000,000 | ---D | C] -- C:\Users\Filas\Desktop\gp fast [2012-06-07 22:35:55 | 000,000,000 | ---D | C] -- C:\Users\Filas\Desktop\zdjęcia fast [2012-06-07 22:33:52 | 000,000,000 | ---D | C] -- C:\Users\Filas\Desktop\Music [2012-06-06 22:27:41 | 000,000,000 | ---D | C] -- C:\Users\Filas\Desktop\Pamiętniki Wampirów sez.1 [2012-06-03 14:58:46 | 000,000,000 | ---D | C] -- C:\Users\Filas\Documents\Any Video Converter [2012-06-03 14:58:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft [2012-06-03 14:58:39 | 000,000,000 | ---D | C] -- C:\Users\Filas\AppData\Roaming\AnvSoft [2012-06-03 14:58:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AnvSoft [2012-06-02 19:25:23 | 000,000,000 | ---D | C] -- C:\Users\Filas\Documents\Electronic Arts [2012-06-02 16:41:53 | 000,000,000 | ---D | C] -- C:\Users\Filas\Documents\WB Games [2012-06-02 13:28:33 | 000,000,000 | ---D | C] -- C:\Users\Filas\Documents\Games for Windows - LIVE Demos [2012-06-02 13:26:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace [2012-06-02 13:26:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE [2012-06-02 13:08:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Batman Arkham City [2012-06-02 12:15:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Black_Box [2012-06-02 12:08:57 | 000,000,000 | ---D | C] -- C:\Users\Filas\Documents\Square Enix [2012-05-27 15:08:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nero [2012-05-27 15:08:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero [2012-05-27 14:54:28 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE [2012-05-25 22:39:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Video Strip Poker Supreme [2012-05-25 22:24:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Erosgames [2012-05-25 22:24:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Erosgames [2012-05-20 00:39:36 | 000,000,000 | ---D | C] -- C:\Users\Filas\AppData\Local\FlatOut Ultimate Carnage [2012-05-19 20:00:45 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive [2012-05-19 18:12:55 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\AlawarWrapper [2012-05-19 18:10:16 | 000,000,000 | ---D | C] -- C:\ProgramData\AlawarWrapper [2012-05-19 18:09:54 | 000,000,000 | ---D | C] -- C:\Users\Filas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Alawar.pl [2012-05-19 18:09:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Alawar.pl [2012-05-19 15:29:03 | 000,000,000 | ---D | C] -- C:\Users\Filas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Medal of Honor [2012-05-19 15:29:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medal of Honor [2012-05-19 15:23:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Honor_pol [2012-05-19 14:24:00 | 000,000,000 | ---D | C] -- C:\Users\Filas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam [2012-05-19 11:08:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam [2012-05-19 11:08:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [2012-05-19 11:08:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam [2012-05-18 17:54:51 | 000,000,000 | ---D | C] -- C:\Users\Filas\Documents\Penumbra [2012-05-18 17:54:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paradox Interactive [2012-05-18 17:51:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Paradox Interactive [2012-05-18 17:47:49 | 000,000,000 | ---D | C] -- C:\Users\Filas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vampire Hunters [2012-05-18 17:47:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vampire Hunters [2012-05-18 09:41:08 | 000,000,000 | ---D | C] -- C:\Users\Filas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook [2012-05-12 21:19:04 | 000,000,000 | ---D | C] -- C:\Users\Filas\Desktop\nagrania [2012-05-12 21:18:50 | 000,000,000 | R--D | C] -- C:\Users\Filas\Desktop\gitara [2012-05-11 23:24:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2012-05-11 23:24:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2012-07-06 20:17:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-07-06 20:17:53 | 3219,636,224 | -HS- | M] () -- C:\hiberfil.sys [2012-07-06 18:09:03 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-07-06 17:37:37 | 101,200,596 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm [2012-07-06 16:46:53 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-07-06 16:46:53 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-07-06 01:51:18 | 001,580,526 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012-07-06 01:51:18 | 000,708,200 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2012-07-06 01:51:18 | 000,625,454 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012-07-06 01:51:18 | 000,140,924 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2012-07-06 01:51:18 | 000,110,834 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012-07-06 00:40:02 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-991252479-3032653111-3358903248-1000UA.job [2012-07-05 22:37:12 | 000,038,342 | ---- | M] () -- C:\Users\Filas\Desktop\c7c331ba6dc59414ca4672dad9b55346.jpg [2012-07-03 18:40:01 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-991252479-3032653111-3358903248-1000Core.job [2012-06-25 17:33:21 | 000,422,441 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm [2012-06-25 14:54:55 | 003,265,129 | ---- | M] () -- C:\Users\Filas\Desktop\LMFAO - Sorry For Party Rocking.mp3 [2012-06-25 14:25:24 | 003,890,396 | ---- | M] () -- C:\Users\Filas\Desktop\M83 - Midnight City.mp3 [2012-06-24 15:26:42 | 000,001,734 | ---- | M] () -- C:\Users\Public\Desktop\Graj w League of Legends.lnk [2012-06-24 00:41:12 | 000,001,350 | ---- | M] () -- C:\Users\Filas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk [2012-06-16 22:27:30 | 000,086,904 | ---- | M] () -- C:\Users\Filas\Desktop\DarkKnightLogo_860.jpg [2012-06-16 22:24:08 | 000,036,987 | ---- | M] () -- C:\Users\Filas\Desktop\large_The-Dark-Knight-Logo-ji5p0w99.jpg [2012-06-15 07:05:37 | 000,354,664 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012-06-13 17:23:10 | 000,000,250 | ---- | M] () -- C:\user.js [2012-06-13 17:22:40 | 000,001,159 | ---- | M] () -- C:\Users\Public\Desktop\Zuma Deluxe.lnk [2012-06-13 17:22:40 | 000,000,200 | ---- | M] () -- C:\Users\Public\Desktop\Play More Great Games!.url [2012-06-08 16:15:30 | 000,001,006 | ---- | M] () -- C:\Users\Filas\Desktop\Bajki — skrót.lnk [2012-06-08 12:57:41 | 000,001,286 | ---- | M] () -- C:\Users\Filas\Desktop\shutdown.exe.lnk [2012-05-25 22:35:44 | 000,000,528 | RHS- | M] () -- C:\Windows\PCGWIN32.LI4 [2012-05-12 14:46:43 | 001,890,773 | ---- | M] () -- C:\Users\Filas\Documents\fade to black.wma [2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-07-05 22:37:12 | 000,038,342 | ---- | C] () -- C:\Users\Filas\Desktop\c7c331ba6dc59414ca4672dad9b55346.jpg [2012-06-25 14:54:40 | 003,265,129 | ---- | C] () -- C:\Users\Filas\Desktop\LMFAO - Sorry For Party Rocking.mp3 [2012-06-25 14:25:06 | 003,890,396 | ---- | C] () -- C:\Users\Filas\Desktop\M83 - Midnight City.mp3 [2012-06-24 15:26:42 | 000,001,734 | ---- | C] () -- C:\Users\Public\Desktop\Graj w League of Legends.lnk [2012-06-16 22:27:30 | 000,086,904 | ---- | C] () -- C:\Users\Filas\Desktop\DarkKnightLogo_860.jpg [2012-06-16 22:24:08 | 000,036,987 | ---- | C] () -- C:\Users\Filas\Desktop\large_The-Dark-Knight-Logo-ji5p0w99.jpg [2012-06-15 22:49:26 | 003,078,781 | ---- | C] () -- C:\Users\Filas\Desktop\IMG_1240.JPG [2012-06-13 17:23:09 | 000,000,250 | ---- | C] () -- C:\user.js [2012-06-13 17:22:40 | 000,001,159 | ---- | C] () -- C:\Users\Public\Desktop\Zuma Deluxe.lnk [2012-06-13 17:22:40 | 000,000,200 | ---- | C] () -- C:\Users\Public\Desktop\Play More Great Games!.url [2012-06-08 16:15:35 | 000,001,006 | ---- | C] () -- C:\Users\Filas\Desktop\Bajki — skrót.lnk [2012-06-08 12:57:00 | 000,001,286 | ---- | C] () -- C:\Users\Filas\Desktop\shutdown.exe.lnk [2012-06-02 13:25:59 | 000,001,350 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk [2012-05-25 22:35:44 | 000,000,528 | RHS- | C] () -- C:\Windows\PCGWIN32.LI4 [2012-05-19 15:29:03 | 000,122,880 | ---- | C] () -- C:\Windows\UnGins.exe [2012-05-12 14:46:43 | 001,890,773 | ---- | C] () -- C:\Users\Filas\Documents\fade to black.wma [2012-05-05 22:09:05 | 000,000,017 | ---- | C] () -- C:\Users\Filas\AppData\Local\resmon.resmoncfg [2012-04-19 17:33:56 | 000,517,120 | ---- | C] () -- C:\Windows\SysWow64\CLWCP.exe [2012-03-22 23:24:53 | 000,006,656 | ---- | C] () -- C:\Users\Filas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-03-09 18:52:05 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempPj4364.html [2012-03-06 09:03:58 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempkR4920.html [2012-03-05 08:47:55 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\Tempia2340.html [2012-03-05 08:47:55 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\Tempif2340.html [2012-03-04 14:24:17 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempGW2924.html [2012-03-03 18:43:12 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempPQ4036.html [2012-03-03 16:42:50 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempHH4420.html [2012-03-03 16:17:16 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempEn4852.html [2012-03-03 11:10:52 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempeU4448.html [2012-03-02 20:53:09 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempUN5388.html [2012-03-02 20:53:09 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempLD5388.html [2012-02-28 18:08:42 | 000,047,104 | ---- | C] () -- C:\Windows\SysWow64\KMVIDC32.DLL [2012-02-25 16:21:22 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempOr4016.html [2012-02-24 18:33:33 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempWL4484.html [2012-02-24 18:33:33 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempKq4484.html [2012-02-23 21:46:31 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempGi2032.html [2012-02-23 21:46:31 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempfM2032.html [2012-02-23 17:32:42 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempAJ5868.html [2012-02-23 17:32:42 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempZK5868.html [2012-02-22 22:36:43 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempXI2504.html [2012-02-22 22:36:43 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempAm2504.html [2012-02-22 16:53:19 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempBC2020.html [2012-02-21 12:49:02 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempkN1208.html [2012-02-21 12:49:02 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\Tempmq1208.html [2012-02-20 22:14:38 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\Tempau1020.html [2012-02-20 11:21:45 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\Tempna5720.html [2012-02-19 14:51:55 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempPi2080.html [2012-02-19 11:54:33 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempcJ2228.html [2012-02-19 11:54:33 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TemptF2228.html [2012-02-18 23:27:25 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempER2760.html [2012-02-18 23:27:25 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\Tempwq2760.html [2012-02-18 19:00:19 | 000,002,828 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys [2012-02-18 19:00:19 | 000,000,088 | RHS- | C] () -- C:\ProgramData\63EA9B70B1.sys [2012-02-18 14:36:52 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempVe1312.html [2012-02-18 14:36:52 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempmU1312.html [2012-02-18 00:10:40 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\Tempnf3612.html [2012-02-18 00:10:40 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempuZ3612.html [2012-02-17 18:02:37 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\Tempwb3964.html [2012-02-17 18:00:47 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempAA5104.html [2012-02-17 11:52:40 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TemphH3016.html [2012-02-14 08:52:25 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempcW5188.html [2012-02-14 01:18:39 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempQi5100.html [2012-02-14 01:18:39 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempvZ5100.html [2012-02-14 01:14:33 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempIc1636.html [2012-02-13 23:08:36 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempFh3420.html [2012-02-13 16:36:44 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempUrp908.html [2012-02-13 09:20:40 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempIC4840.html [2012-02-12 20:53:07 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempHD1872.html [2012-02-12 20:53:07 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\Tempok1872.html [2012-02-06 10:29:25 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempRb4564.html [2012-02-06 10:29:25 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempdG4564.html [2012-02-04 18:55:59 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempLz1124.html [2012-02-04 18:55:59 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempqU1124.html [2012-02-04 16:13:02 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempYv3032.html [2012-02-04 16:13:02 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempxQ3032.html [2012-01-29 11:34:48 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempDh5340.html [2012-01-29 11:34:48 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempYo5340.html [2012-01-28 23:09:43 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempeR3144.html [2012-01-28 23:09:43 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempWZ3144.html [2012-01-28 00:19:25 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempQj4392.html [2012-01-28 00:19:25 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\Tempfk4392.html [2012-01-22 11:42:15 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempzG3572.html [2012-01-22 11:42:15 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\Temphb3572.html [2012-01-22 09:36:28 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempeG2456.html [2012-01-22 09:36:28 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempRR2456.html [2012-01-21 17:58:28 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempGz4216.html [2012-01-21 17:58:28 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\Tempjv4216.html [2012-01-21 13:06:14 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\Temppk2752.html [2012-01-21 13:06:14 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\Tempjw2752.html [2012-01-20 22:26:25 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempmW3532.html [2012-01-20 22:26:25 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempJJ3532.html [2012-01-18 09:07:23 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempZX3452.html [2012-01-18 09:07:22 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempLe3452.html [2012-01-15 11:58:58 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempbZ1248.html [2012-01-14 15:37:20 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempnI4660.html [2012-01-14 15:37:20 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempPD4660.html [2012-01-08 17:27:41 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempJN2812.html [2012-01-08 17:27:41 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempfK2812.html [2012-01-08 14:44:16 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempYw4776.html [2012-01-08 12:20:26 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempKP3236.html [2012-01-07 22:52:06 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempYE3700.html [2012-01-07 12:25:03 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempkE2416.html [2012-01-06 23:44:43 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempTh4508.html [2012-01-06 23:44:43 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempNR4508.html [2012-01-06 15:16:47 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\Templr4760.html [2012-01-06 15:16:47 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempQA4760.html [2012-01-06 01:37:34 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\Tempgq4820.html [2012-01-05 20:33:37 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempIn2616.html [2012-01-02 10:11:00 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempYN4520.html [2012-01-02 10:11:00 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\Tempfj4520.html [2012-01-01 14:16:09 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\Temppd4456.html [2011-12-31 12:33:06 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempQJ4736.html [2011-12-31 12:33:06 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\Tempte4736.html [2011-12-30 22:43:00 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\Tempec4356.html [2011-12-30 22:43:00 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempxH4356.html [2011-12-30 20:21:42 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempCA1312.html [2011-12-30 20:21:42 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\Temphc1312.html [2011-12-30 16:59:03 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempAa5112.html [2011-12-30 11:27:06 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempoZ4184.html [2011-12-30 00:17:34 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempIW6004.html [2011-12-30 00:17:34 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempVh6004.html [2011-12-29 19:40:50 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempAE2376.html [2011-12-29 19:40:20 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempYx3668.html [2011-12-29 18:51:10 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempkA4500.html [2011-12-29 18:51:10 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempOD4500.html [2011-12-29 12:52:03 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempZo2436.html [2011-12-28 12:15:41 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempgL4360.html [2011-12-27 22:54:45 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempzH2160.html [2011-12-27 22:54:45 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempAM2160.html [2011-12-27 17:28:30 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempPJ4868.html [2011-12-27 17:28:30 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempHM4868.html [2011-12-27 10:07:11 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempED3740.html [2011-12-27 10:07:11 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\Tempew3740.html [2011-12-26 22:13:42 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempFx3332.html [2011-12-26 22:13:42 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\Tempbz3332.html [2011-12-26 11:58:25 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempEK4424.html [2011-12-26 11:58:25 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempEb4424.html [2011-12-23 10:01:33 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\Tempkc3776.html [2011-12-23 10:01:33 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempsZ3776.html [2011-12-22 17:32:23 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempOb1496.html [2011-12-09 18:18:38 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\Tempzs4952.html [2011-12-09 18:18:38 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempuG4952.html [2011-12-04 14:19:53 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\Temply4864.html [2011-12-04 14:19:53 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempDO4864.html [2011-12-04 10:52:23 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempNM4152.html [2011-12-04 10:52:23 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempKY4152.html [2011-12-03 22:19:32 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TemppG4656.html [2011-12-03 22:19:32 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempOY4656.html [2011-12-03 14:20:22 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempUA4348.html [2011-12-02 22:04:02 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\Tempkw4264.html [2011-12-02 19:06:18 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempRG5948.html [2011-11-27 00:01:01 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempRe2568.html [2011-11-27 00:01:01 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\Tempbi2568.html [2011-11-20 22:30:23 | 000,012,393 | ---- | C] () -- C:\Users\Filas\AppData\Local\Bron.tok.A15.em.bin [2011-11-20 02:23:30 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempNo6004.html [2011-11-19 19:17:01 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempuF2980.html [2011-11-19 19:17:01 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempFv2980.html [2011-11-19 17:25:28 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempiJ2620.html [2011-11-19 17:25:28 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\Tempvo2620.html [2011-11-18 23:29:06 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempDE4980.html [2011-11-18 23:29:06 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempCQ4980.html [2011-11-18 12:45:35 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempjX4328.html [2011-11-14 08:56:18 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempIX4052.html [2011-11-13 19:28:02 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\Tempir2272.html [2011-11-13 14:28:38 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempAq3064.html [2011-11-11 11:44:39 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempAM2500.html [2011-11-11 11:44:39 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempAO2500.html [2011-11-10 01:14:14 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempMS4280.html [2011-11-10 01:14:14 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\Temphz4280.html [2011-11-09 17:46:30 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempxW3512.html [2011-11-09 17:46:30 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempjA3512.html [2011-11-08 21:11:08 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempLc4460.html [2011-11-08 21:11:08 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempwT4460.html [2011-11-07 22:16:15 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\Tempaw3776.html [2011-11-07 22:16:15 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempEF3776.html [2011-11-07 08:22:01 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempGe1804.html [2011-11-07 08:22:01 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempHT1804.html [2011-11-06 21:49:17 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempqQ4948.html [2011-11-06 21:49:17 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempNK4948.html [2011-11-06 17:57:11 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\Tempdi3328.html [2011-11-06 17:57:11 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempBi3328.html [2011-11-06 11:39:37 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TemphC4416.html [2011-11-06 11:39:37 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempHJ4416.html [2011-11-05 15:53:05 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempPY3816.html [2011-11-04 23:25:06 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempId2228.html [2011-11-04 23:25:06 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\Tempsf2228.html [2011-11-04 16:35:06 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempeN3660.html [2011-11-04 16:35:06 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempQz3660.html [2011-11-03 22:35:13 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\Tempta3348.html [2011-11-03 22:35:13 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempnW3348.html [2011-11-03 18:32:26 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempEe4684.html [2011-11-03 18:32:26 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempoL4684.html [2011-11-03 00:07:36 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TemptI4212.html [2011-11-03 00:07:36 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempZu4212.html [2011-11-02 18:41:12 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempeQ3496.html [2011-11-01 23:10:08 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\Tempje2988.html [2011-11-01 23:10:08 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempTJ2988.html [2011-11-01 20:33:07 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\Templj3420.html [2011-10-31 13:13:32 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempjF4192.html [2011-10-31 13:13:32 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempFz4192.html [2011-10-31 12:05:09 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempHf4208.html [2011-10-30 20:51:39 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempsO4664.html [2011-10-30 20:51:39 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\Tempwf4664.html [2011-10-29 12:46:17 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\Tempqi2096.html [2011-10-29 12:46:17 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempaN2096.html [2011-10-29 07:42:20 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempRR4400.html [2011-10-29 07:42:20 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempYx4400.html [2011-10-28 18:27:05 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempoX4504.html [2011-10-28 18:11:12 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\Templt4204.html [2011-10-27 21:17:11 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempwC3108.html [2011-10-27 15:48:07 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempSQ3996.html [2011-10-26 14:57:22 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempEg4836.html [2011-10-25 16:42:50 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempZwL148.html [2011-10-24 18:56:30 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\Temphq5024.html [2011-10-23 18:59:24 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempDS5104.html [2011-10-23 18:59:24 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempPn5104.html [2011-10-23 17:27:35 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempON2260.html [2011-10-23 17:27:35 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\Templg2260.html [2011-10-23 12:17:28 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempfY3764.html [2011-10-23 12:17:28 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\Tempou3764.html [2011-10-22 21:33:25 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempaY3360.html [2011-10-22 15:09:20 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempAv3620.html [2011-10-22 13:25:20 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempArM168.html [2011-10-22 11:55:14 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempOh3944.html [2011-10-21 21:51:37 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempKq4696.html [2011-10-21 18:18:57 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempJp4628.html [2011-10-21 18:18:57 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempDK4628.html [2011-10-20 20:14:46 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\Tempoo5684.html [2011-10-19 07:42:27 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TemptM3056.html [2011-10-16 17:56:54 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\Tempfi4376.html [2011-10-16 15:30:37 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempBm4344.html [2011-10-16 14:17:54 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\Tempfj1740.html [2011-10-16 11:49:02 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\Tempgh3300.html [2011-10-16 11:49:02 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempBT3300.html [2011-10-16 10:21:09 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempYK4492.html [2011-10-15 17:59:49 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempNy4372.html [2011-10-15 14:38:31 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\Tempxm4272.html [2011-10-15 14:38:31 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\Temphm4272.html [2011-10-14 21:34:26 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\Tempyh2828.html [2011-10-14 17:30:10 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempkO4560.html [2011-10-13 21:27:14 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempxP4040.html [2011-10-13 21:27:14 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempCJ4040.html [2011-10-12 18:45:19 | 000,000,319 | ---- | C] () -- C:\Windows\game.ini [2011-10-11 17:04:26 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempoX3840.html [2011-10-10 15:29:33 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempAn5020.html [2011-10-10 15:20:35 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\Tempaq2152.html [2011-10-08 23:44:05 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempZc1792.html [2011-10-08 23:13:34 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempDu4612.html [2011-10-08 19:37:53 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempBL2116.html [2011-10-08 08:25:46 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\Tempmk4536.html [2011-10-08 08:25:46 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempsI4536.html [2011-10-07 23:57:52 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\Tempak5428.html [2011-10-07 22:55:38 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\Tempfw6256.html [2011-10-07 17:43:11 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempaD2472.html [2011-10-06 20:38:52 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempYO4800.html [2011-10-06 20:38:52 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempiU4800.html [2011-10-06 16:24:57 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempjBj784.html [2011-10-05 17:22:09 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempVZ4284.html [2011-10-05 17:22:09 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempmR4284.html [2011-10-04 20:12:56 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\Tempmd4256.html [2011-10-04 20:12:56 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\Temptn4256.html [2011-10-02 13:21:15 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempSp3592.html [2011-10-02 13:21:15 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\Tempxi3592.html [2011-10-02 10:27:42 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempSC2988.html [2011-10-02 10:27:42 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempnN2988.html [2011-10-01 20:50:59 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempAX4400.html [2011-10-01 20:50:59 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempmM4400.html [2011-10-01 16:34:11 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempKR4272.html [2011-10-01 16:34:11 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempBp4272.html [2011-10-01 11:23:13 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempvF5392.html [2011-09-28 16:11:15 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempAF4608.html [2011-09-27 20:45:06 | 000,000,301 | ---- | C] () -- C:\Windows\SIERRA.INI [2011-09-27 20:15:22 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempqP3604.html [2011-09-25 20:36:23 | 000,111,928 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011-09-25 20:36:22 | 000,794,408 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe [2011-09-25 20:36:22 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011-09-25 13:50:19 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempOk2152.html [2011-09-25 13:50:19 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempvX2152.html [2011-09-25 10:56:47 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempAT4308.html [2011-09-24 22:49:42 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\Tempwh4440.html [2011-09-24 18:34:22 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempPd3468.html [2011-09-24 13:49:46 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempON2624.html [2011-09-24 13:49:46 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\Temppr2624.html [2011-09-24 10:31:34 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TemptY4724.html [2011-09-24 10:31:34 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\Tempyp4724.html [2011-09-23 22:11:57 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\Tempqv3192.html [2011-09-23 22:11:57 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempSS3192.html [2011-09-22 21:48:27 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempyU3188.html [2011-09-22 21:41:12 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempWL3188.html [2011-09-21 19:29:52 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempVC4236.html [2011-09-21 18:35:16 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempIk4532.html [2011-09-21 18:35:16 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempxT4532.html [2011-09-20 21:03:48 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TemppU4116.html [2011-09-20 21:03:21 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempFU4116.html [2011-09-20 19:30:06 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempaV2188.html [2011-09-20 19:29:17 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempAs2188.html [2011-09-18 15:06:24 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\Tempyt4456.html [2011-09-18 15:06:24 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempIB4456.html [2011-09-18 11:32:40 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempSO3944.html [2011-09-18 10:49:53 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\Tempwz3564.html [2011-09-18 10:49:53 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempFv3564.html [2011-09-17 22:36:12 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempYc4316.html [2011-09-17 11:48:40 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempIO2644.html [2011-09-17 11:48:40 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\Tempkk2644.html [2011-09-16 22:56:27 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempcC3688.html [2011-09-16 22:56:27 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempLt3688.html [2011-09-16 11:51:56 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempVh5064.html [2011-09-15 21:37:19 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempyM5100.html [2011-09-15 21:37:19 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempXO5100.html [2011-09-15 14:26:52 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempOdv736.html [2011-09-14 13:54:12 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempWM4452.html [2011-09-14 13:54:12 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempyT4452.html [2011-09-13 16:14:51 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\Tempnm6716.html [2011-09-13 16:14:51 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempTO6716.html [2011-09-10 23:16:04 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\Tempzc1744.html [2011-09-10 23:16:04 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempyG1744.html [2011-09-10 16:17:00 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempEa5024.html [2011-09-10 16:17:00 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempeD5024.html [2011-09-09 21:32:34 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempMJ4688.html [2011-09-04 11:04:22 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempxE1212.html [2011-09-04 11:04:22 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempRH1212.html [2011-09-03 13:39:17 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempMz4612.html [2011-09-02 17:50:03 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempiX2392.html [2011-09-02 17:50:03 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempmL2392.html [2011-08-31 10:35:43 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\Tempsd1648.html [2011-08-31 10:35:43 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\Tempeh1648.html [2011-08-30 21:44:56 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempGg4700.html [2011-08-30 21:44:56 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempDU4700.html [2011-08-30 16:39:07 | 001,604,568 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011-08-29 23:51:50 | 000,000,016 | ---- | C] () -- C:\Windows\popcinfo.dat [2011-08-29 11:43:11 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempPTT856.html [2011-08-28 22:08:52 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempLS3012.html [2011-08-28 22:08:52 | 000,002,089 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempRJ3012.html [2011-08-28 19:18:04 | 000,002,432 | ---- | C] () -- C:\Users\Filas\AppData\Local\TempqAN740.html [2011-04-21 07:19:44 | 000,206,208 | ---- | C] () -- C:\Windows\PLFSetI.exe [2011-04-21 07:19:44 | 000,000,302 | ---- | C] () -- C:\Windows\PidList_C.ini [2011-04-09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [color=#E56717]========== LOP Check ==========[/color] [2012-05-18 19:00:35 | 000,000,000 | ---D | M] -- C:\Users\Filas\AppData\Roaming\.minecraft [2011-11-15 22:15:56 | 000,000,000 | ---D | M] -- C:\Users\Filas\AppData\Roaming\Activision [2012-06-03 14:58:39 | 000,000,000 | ---D | M] -- C:\Users\Filas\AppData\Roaming\AnvSoft [2012-01-27 20:36:12 | 000,000,000 | ---D | M] -- C:\Users\Filas\AppData\Roaming\AVG2012 [2012-06-13 17:22:49 | 000,000,000 | ---D | M] -- C:\Users\Filas\AppData\Roaming\Babylon [2012-06-13 17:23:13 | 000,000,000 | ---D | M] -- C:\Users\Filas\AppData\Roaming\BabylonToolbar [2012-01-31 21:08:54 | 000,000,000 | ---D | M] -- C:\Users\Filas\AppData\Roaming\Beat Hazard [2012-07-05 09:22:20 | 000,000,000 | ---D | M] -- C:\Users\Filas\AppData\Roaming\BitComet [2011-08-29 12:09:05 | 000,000,000 | ---D | M] -- C:\Users\Filas\AppData\Roaming\CometPlayer [2011-11-02 18:52:01 | 000,000,000 | ---D | M] -- C:\Users\Filas\AppData\Roaming\DAEMON Tools [2011-10-05 17:16:50 | 000,000,000 | ---D | M] -- C:\Users\Filas\AppData\Roaming\DAEMON Tools Lite [2012-03-09 19:02:19 | 000,000,000 | ---D | M] -- C:\Users\Filas\AppData\Roaming\Gadu-Gadu 10 [2011-09-11 00:39:35 | 000,000,000 | ---D | M] -- C:\Users\Filas\AppData\Roaming\GetRightToGo [2012-07-06 18:35:56 | 000,000,000 | ---D | M] -- C:\Users\Filas\AppData\Roaming\GG [2012-07-06 18:29:40 | 000,000,000 | ---D | M] -- C:\Users\Filas\AppData\Roaming\hellomoto [2011-09-22 18:28:46 | 000,000,000 | ---D | M] -- C:\Users\Filas\AppData\Roaming\Leadertech [2012-06-30 11:24:19 | 000,000,000 | ---D | M] -- C:\Users\Filas\AppData\Roaming\LolClient [2012-06-24 15:59:25 | 000,000,000 | ---D | M] -- C:\Users\Filas\AppData\Roaming\LolClient2 [2012-03-12 00:34:22 | 000,000,000 | ---D | M] -- C:\Users\Filas\AppData\Roaming\Mount&Blade [2011-09-10 17:58:19 | 000,000,000 | ---D | M] -- C:\Users\Filas\AppData\Roaming\OpenCandy [2011-08-30 22:03:49 | 000,000,000 | ---D | M] -- C:\Users\Filas\AppData\Roaming\OpenFM [2011-08-28 13:52:13 | 000,000,000 | ---D | M] -- C:\Users\Filas\AppData\Roaming\Packard Bell [2012-01-28 11:06:07 | 000,000,000 | ---D | M] -- C:\Users\Filas\AppData\Roaming\Quest3D [2012-04-10 13:12:11 | 000,000,000 | ---D | M] -- C:\Users\Filas\AppData\Roaming\SoftGrid Client [2011-10-24 17:10:06 | 000,000,000 | ---D | M] -- C:\Users\Filas\AppData\Roaming\Tific [2012-03-11 01:29:23 | 000,000,000 | ---D | M] -- C:\Users\Filas\AppData\Roaming\tigerplayer [2011-08-30 16:39:51 | 000,000,000 | ---D | M] -- C:\Users\Filas\AppData\Roaming\TP [2011-10-16 14:16:43 | 000,000,000 | ---D | M] -- C:\Users\Filas\AppData\Roaming\Ubisoft [2011-08-28 01:51:14 | 000,000,000 | ---D | M] -- C:\Users\Filas\AppData\Roaming\WildTangent [2012-05-02 18:32:22 | 000,000,000 | ---D | M] -- C:\Users\Gość\AppData\Roaming\AVG2012 [2012-07-03 18:40:01 | 000,000,906 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-991252479-3032653111-3358903248-1000Core.job [2012-07-06 00:40:02 | 000,000,928 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-991252479-3032653111-3358903248-1000UA.job [2012-05-13 01:35:15 | 000,032,604 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2010-09-30 09:18:04 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2007-11-07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt [2007-11-07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt [2007-11-07 08:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt [2007-11-07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt [2007-11-07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt [2007-11-07 08:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt [2007-11-07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt [2007-11-07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt [2007-11-07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt [2007-11-07 08:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini [2012-07-06 20:17:53 | 3219,636,224 | -HS- | M] () -- C:\hiberfil.sys [2007-11-07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe [2007-11-07 08:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini [2007-11-07 08:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll [2007-11-07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll [2007-11-07 08:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll [2007-11-07 08:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll [2007-11-07 08:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll [2007-11-07 08:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll [2007-11-07 08:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll [2007-11-07 08:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll [2007-11-07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll [2006-12-01 23:37:14 | 000,904,704 | ---- | M] (Microsoft Corporation) -- C:\msdia80.dll [2012-07-06 20:17:54 | 4292,849,664 | -HS- | M] () -- C:\pagefile.sys [2010-09-30 08:46:29 | 000,003,128 | ---- | M] () -- C:\RHDSetup.log [2012-06-13 17:23:10 | 000,000,250 | ---- | M] () -- C:\user.js [2007-11-07 08:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp [2007-11-07 08:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab [2007-11-07 08:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys [2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys [2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys [2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys [2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2009-07-14 02:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\SysNative\drivers\beep.sys [2009-07-14 02:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2009-07-14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys [2010-11-20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys [2010-11-20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys [2010-11-20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2010-11-20 15:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\SysNative\drivers\ndis.sys [2010-11-20 15:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys [2009-07-14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2010-11-20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe [2010-11-20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe [2009-07-14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe [2010-07-17 21:26:04 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe [2010-07-17 21:26:04 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 107 bytes -> C:\ProgramData\Temp:364682BC < End of report >