OTL logfile created on: 2012-07-14 22:26:59 - Run 1 OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\Empty\Desktop 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,93 Gb Total Physical Memory | 2,13 Gb Available Physical Memory | 72,82% Memory free 5,85 Gb Paging File | 5,15 Gb Available in Paging File | 87,99% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 285,30 Gb Total Space | 111,87 Gb Free Space | 39,21% Space Free | Partition Type: NTFS Computer Name: EMPTY-KOMPUTER | User Name: Empty | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-07-14 22:23:00 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Empty\Desktop\OTL.exe PRC - [2011-07-08 07:48:25 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-04-26 01:15:17 | 008,797,344 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll MOD - [2011-07-08 07:48:26 | 001,000,920 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\js3250.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2012-07-03 16:41:12 | 000,168,864 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Common Files\WireHelpSvc.exe -- (WireHelpSvc) SRV:[b]64bit:[/b] - [2009-11-12 08:33:44 | 000,202,752 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:[b]64bit:[/b] - [2009-11-02 12:48:18 | 000,126,352 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) SRV:[b]64bit:[/b] - [2009-09-30 14:44:58 | 000,844,320 | ---- | M] (Acer Incorporated) [Auto | Stopped] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc) SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009-07-04 04:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Stopped] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service) SRV:[b]64bit:[/b] - [2009-03-28 04:10:16 | 000,016,896 | ---- | M] (LSI Corporation) [Auto | Stopped] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio) SRV - [2012-06-05 15:17:44 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-04-26 01:15:17 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-04-05 15:12:30 | 000,066,872 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2012-02-28 08:34:39 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009-10-01 06:01:32 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R) SRV - [2009-10-01 06:01:30 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R) SRV - [2009-09-25 01:42:28 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc) SRV - [2009-09-11 07:42:46 | 000,305,448 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService) SRV - [2009-08-28 11:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service) SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009-06-05 05:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) Intel(R) SRV - [2009-02-06 17:02:14 | 000,109,056 | ---- | M] (ArcSoft Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2007-05-31 18:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2007-05-31 18:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2012-07-03 16:41:04 | 000,147,472 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\ESLWireACD.sys -- (ESLWireAC) DRV:[b]64bit:[/b] - [2012-04-06 01:42:31 | 000,270,912 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:[b]64bit:[/b] - [2012-02-15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:[b]64bit:[/b] - [2011-08-11 09:39:32 | 000,526,392 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2010-11-20 16:31:34 | 000,007,808 | ---- | M] (SweetLow) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidusbf.sys -- (hidusbf) DRV:[b]64bit:[/b] - [2010-10-12 12:39:04 | 000,039,528 | ---- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL2832UUSB.sys -- (RTL2832UUSB) DRV:[b]64bit:[/b] - [2010-10-12 12:39:02 | 000,232,680 | ---- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL2832UBDA.sys -- (RTL2832UBDA) DRV:[b]64bit:[/b] - [2010-08-12 14:10:24 | 000,025,528 | ---- | M] (Turtle Entertainment GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ESLvnic.sys -- (ESLvnic1) DRV:[b]64bit:[/b] - [2010-03-18 11:00:40 | 000,041,040 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt) DRV:[b]64bit:[/b] - [2010-03-18 11:00:16 | 000,057,936 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt) DRV:[b]64bit:[/b] - [2010-03-18 11:00:00 | 000,063,568 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt) DRV:[b]64bit:[/b] - [2009-11-12 10:31:44 | 006,106,624 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:[b]64bit:[/b] - [2009-11-02 12:48:02 | 000,013,784 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB) DRV:[b]64bit:[/b] - [2009-10-26 22:39:44 | 000,151,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd) DRV:[b]64bit:[/b] - [2009-10-05 15:22:20 | 000,044,320 | ---- | M] (Realtek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL2832U_IRHID.sys -- (RTL2832U_IRHID) DRV:[b]64bit:[/b] - [2009-09-21 21:00:44 | 001,537,024 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:[b]64bit:[/b] - [2009-09-18 06:12:06 | 000,292,912 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:[b]64bit:[/b] - [2009-09-17 22:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R) DRV:[b]64bit:[/b] - [2009-08-13 21:20:46 | 001,209,856 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem) DRV:[b]64bit:[/b] - [2009-08-06 14:43:58 | 000,320,040 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM) DRV:[b]64bit:[/b] - [2009-07-23 00:06:26 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor) DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-07-14 02:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx) DRV:[b]64bit:[/b] - [2009-06-25 04:23:24 | 000,205,472 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService) DRV:[b]64bit:[/b] - [2009-06-20 04:09:57 | 000,054,272 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E) NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20) DRV:[b]64bit:[/b] - [2009-06-10 22:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:[b]64bit:[/b] - [2009-06-10 22:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009-06-05 04:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:[b]64bit:[/b] - [2009-06-03 05:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk) DRV:[b]64bit:[/b] - [2009-06-03 05:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter) DRV:[b]64bit:[/b] - [2009-06-03 05:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ) DRV:[b]64bit:[/b] - [2009-05-18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:[b]64bit:[/b] - [2009-05-06 02:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr) DRV:[b]64bit:[/b] - [2009-05-06 02:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper) DRV:[b]64bit:[/b] - [2009-04-29 17:28:30 | 000,030,208 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\KMWDFILTER.sys -- (KMWDFILTER) DRV:[b]64bit:[/b] - [2009-03-25 17:48:00 | 000,153,128 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018mdm.sys -- (s1018mdm) DRV:[b]64bit:[/b] - [2009-03-25 17:48:00 | 000,146,472 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018unic.sys -- (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM) DRV:[b]64bit:[/b] - [2009-03-25 17:48:00 | 000,133,160 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018mgmt.sys -- (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM) DRV:[b]64bit:[/b] - [2009-03-25 17:48:00 | 000,128,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018obex.sys -- (s1018obex) DRV:[b]64bit:[/b] - [2009-03-25 17:48:00 | 000,113,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018bus.sys -- (s1018bus) Sony Ericsson Device 1018 driver (WDM) DRV:[b]64bit:[/b] - [2009-03-25 17:48:00 | 000,034,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018nd5.sys -- (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS) DRV:[b]64bit:[/b] - [2009-03-25 17:48:00 | 000,019,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018mdfl.sys -- (s1018mdfl) DRV - [2010-10-12 12:39:04 | 000,039,528 | R--- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\RTL2832UUSB.sys -- (RTL2832UUSB) DRV - [2010-10-12 12:39:02 | 000,232,680 | R--- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\RTL2832UBDA.sys -- (RTL2832UBDA) DRV - [2009-10-05 15:22:20 | 000,044,320 | R--- | M] (Realtek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\RTL2832U_IRHID.sys -- (RTL2832U_IRHID) DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0415&m=aspire_5740&r=27360810l826l03f8z105t59i1d748 IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0415&m=aspire_5740&r=27360810l826l03f8z105t59i1d748 IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3973318647-1128835050-2179378286-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gazeta.pl/0,0.html?p=128 IE - HKU\S-1-5-21-3973318647-1128835050-2179378286-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKU\S-1-5-21-3973318647-1128835050-2179378286-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-3973318647-1128835050-2179378286-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://isearch.babylon.com/web/{searchTerms}?babsrc=browsersearch&babsrc=SP_ss&mntrId=a436648800000000000000ff01000001 IE - HKU\S-1-5-21-3973318647-1128835050-2179378286-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_plPL394 IE - HKU\S-1-5-21-3973318647-1128835050-2179378286-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\S-1-5-21-3973318647-1128835050-2179378286-1000\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-search.com/search/web?q={searchTerms} IE - HKU\S-1-5-21-3973318647-1128835050-2179378286-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3973318647-1128835050-2179378286-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)" FF - prefs.js..browser.search.order.1: "Search the web (Babylon)" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.update: false FF - prefs.js..browser.startup.homepage: "google.pl" FF - prefs.js..extensions.enabledItems: zrzuta.eu@gmail.com:1.2 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: IplextoALL@ALLPlayer.org:0.1.0 FF - prefs.js..extensions.enabledItems: stealthyextension@gmail.com:1.2.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31 FF - prefs.js..extensions.enabledItems: YouTubetoALL@ALLPlayer.org:0.7.0 FF - prefs.js..extensions.enabledItems: {de5809e0-2b07-11dd-bd0b-0800200c9a66}:1.2.0 FF - prefs.js..keyword.URL: "http://isearch.babylon.com/?babsrc=adbartrp&babsrc=SP_ss&mntrId=a436648800000000000000ff01000001&q=" FF - prefs.js..network.proxy.type: 0 FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_233.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.609: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.609: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.609: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.609: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Empty\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Empty\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010-12-20 20:13:04 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.19\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011-10-30 21:33:49 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.19\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011-10-27 18:19:14 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010-08-27 00:13:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Empty\AppData\Roaming\mozilla\Extensions [2012-05-31 05:59:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Empty\AppData\Roaming\mozilla\Firefox\Profiles\vqjurbuu.default\extensions [2011-10-27 18:20:23 | 000,000,000 | ---D | M] (Gradient iCool) -- C:\Users\Empty\AppData\Roaming\mozilla\Firefox\Profiles\vqjurbuu.default\extensions\{de5809e0-2b07-11dd-bd0b-0800200c9a66} [2012-05-30 22:18:21 | 000,000,000 | ---D | M] (Iplex to ALLPlayer) -- C:\Users\Empty\AppData\Roaming\mozilla\Firefox\Profiles\vqjurbuu.default\extensions\IplextoALL@ALLPlayer.org [2011-11-23 20:17:17 | 000,000,000 | ---D | M] (Stealthy) -- C:\Users\Empty\AppData\Roaming\mozilla\Firefox\Profiles\vqjurbuu.default\extensions\stealthyextension@gmail.com [2012-05-30 22:18:41 | 000,000,000 | ---D | M] (YouTube to ALLPlayer) -- C:\Users\Empty\AppData\Roaming\mozilla\Firefox\Profiles\vqjurbuu.default\extensions\YouTubetoALL@ALLPlayer.org [2010-12-29 20:16:03 | 000,000,000 | ---D | M] (Zrzuta.eu) -- C:\Users\Empty\AppData\Roaming\mozilla\Firefox\Profiles\vqjurbuu.default\extensions\zrzuta.eu@gmail.com [2011-11-23 20:17:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Empty\AppData\Roaming\mozilla\Firefox\Profiles\vqjurbuu.default\extensions\stealthyextension@gmail.com\chrome [2011-02-20 14:16:53 | 000,002,059 | ---- | M] () -- C:\Users\Empty\AppData\Roaming\Mozilla\Firefox\Profiles\vqjurbuu.default\searchplugins\daemon-search.xml [2012-05-31 05:59:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2010-12-29 20:20:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2012-04-20 03:53:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [2012-04-20 03:53:36 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2010-12-09 12:47:06 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2011-07-08 06:56:17 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml [2012-03-13 00:25:30 | 000,002,298 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml [2011-07-08 06:56:17 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml [2011-07-08 06:56:17 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml [2011-07-08 06:56:17 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml [2011-07-08 06:56:17 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml [2011-07-08 06:56:17 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - homepage: http://www.google.com/ CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - homepage: http://www.google.com/ CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Empty\AppData\Local\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Empty\AppData\Local\Google\Chrome\Application\19.0.1084.56\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Empty\AppData\Local\Google\Chrome\Application\19.0.1084.56\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll CHR - Extension: YouTube = C:\Users\Empty\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Szukaj w Google = C:\Users\Empty\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Empty\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.3_0\ CHR - Extension: Gmail = C:\Users\Empty\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2012-07-13 10:42:57 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) O2 - BHO: (YouTube To ALLPlayer) - {61DB16C5-B733-43F4-872E-B20DC9E72740} - C:\PROGRA~2\ALLPLA~1\YOUTUB~1.DLL (ALLPlayer.org) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~2\ALLPLA~1\Iplex\IPLEXT~1.DLL (ALLCinema Ltd.) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3:[b]64bit:[/b] - HKU\S-1-5-21-3973318647-1128835050-2179378286-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found O3 - HKU\S-1-5-21-3973318647-1128835050-2179378286-1000\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) O4:[b]64bit:[/b] - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe () O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:[b]64bit:[/b] - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [WinSCard] C:\Users\Empty\AppData\Local\Microsoft\Windows\125\WinSCard.exe () O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.) O4 - HKLM..\Run: [NBKeyScan] C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG) O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.) O4 - HKU\S-1-5-21-3973318647-1128835050-2179378286-1000..\Run: [ALLUpdate] C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe () O4 - HKU\S-1-5-21-3973318647-1128835050-2179378286-1000..\Run: [ESL Wire] C:\Program Files\EslWire\wire.exe (Turtle Entertainment GmbH) O4 - HKU\S-1-5-21-3973318647-1128835050-2179378286-1000..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG) O4 - HKU\S-1-5-21-3973318647-1128835050-2179378286-1000..\Run: [Steam] C:\Program Files (x86)\steam\steam.exe (Valve Corporation) O4 - HKU\S-1-5-21-3973318647-1128835050-2179378286-1000..\Run: [Wisdom-soft AutoScreenRecorder 3.1 Free] 0 File not found O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-3973318647-1128835050-2179378286-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-3973318647-1128835050-2179378286-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-3973318647-1128835050-2179378286-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\S-1-5-21-3973318647-1128835050-2179378286-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKU\S-1-5-21-3973318647-1128835050-2179378286-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O8:[b]64bit:[/b] - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found O8:[b]64bit:[/b] - Extra context menu item: Funkcja Google Sidewiki - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html File not found O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Funkcja Google Sidewiki - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html File not found O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe File not found O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation) O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{079E895E-A34A-44CA-AB30-B5385D4D0B79}: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F9C2E428-9D53-4838-BD14-38F705D43380}: DhcpNameServer = 192.168.0.1 O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\ms-itss - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011-10-29 09:58:24 | 000,002,323 | ---- | M] () - C:\AutoMapaSetupLog.txt -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = ComFile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-07-14 22:22:58 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Empty\Desktop\OTL.exe [2012-07-13 10:47:40 | 000,000,000 | ---D | C] -- C:\Windows\temp [2012-07-13 10:43:01 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN [2012-07-13 10:14:20 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2012-07-13 10:14:20 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2012-07-13 10:14:20 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2012-07-13 10:13:23 | 000,000,000 | ---D | C] -- C:\Qoobox [2012-07-13 10:13:05 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2012-07-13 10:12:58 | 004,577,573 | R--- | C] (Swearware) -- C:\Users\Empty\Desktop\ComboFix.exe [2012-07-13 10:00:03 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe [2012-07-13 08:54:16 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro [2012-07-13 08:54:03 | 008,834,304 | ---- | C] (SurfRight B.V.) -- C:\Users\Empty\Desktop\HitmanPro36_x64.exe [2012-07-13 08:27:57 | 000,000,000 | ---D | C] -- C:\Users\Empty\AppData\Roaming\hellomoto [2012-06-22 16:33:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012-06-22 16:33:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2009-11-05 05:33:04 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-07-14 22:29:46 | 005,242,880 | -HS- | M] () -- C:\Users\Empty\ntuser.dat [2012-07-14 22:23:00 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Empty\Desktop\OTL.exe [2012-07-14 22:17:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-07-14 22:17:49 | 2356,539,392 | -HS- | M] () -- C:\hiberfil.sys [2012-07-13 10:55:55 | 000,017,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-07-13 10:55:55 | 000,017,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-07-13 10:51:02 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3973318647-1128835050-2179378286-1000Core.job [2012-07-13 10:51:01 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3973318647-1128835050-2179378286-1000UA.job [2012-07-13 10:48:53 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-07-13 10:48:37 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2012-07-13 10:43:02 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini [2012-07-13 10:42:57 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2012-07-13 10:13:47 | 004,577,573 | R--- | M] (Swearware) -- C:\Users\Empty\Desktop\ComboFix.exe [2012-07-13 10:06:04 | 000,000,783 | ---- | M] () -- C:\Users\Public\Desktop\ESL Wire.lnk [2012-07-13 10:00:03 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe [2012-07-13 08:54:08 | 008,834,304 | ---- | M] (SurfRight B.V.) -- C:\Users\Empty\Desktop\HitmanPro36_x64.exe [2012-07-13 08:47:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-07-13 08:13:00 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-07-12 19:10:35 | 001,549,696 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012-07-12 19:10:35 | 000,697,912 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2012-07-12 19:10:35 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012-07-12 19:10:35 | 000,134,990 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2012-07-12 19:10:35 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012-07-11 09:14:02 | 001,333,850 | ---- | M] () -- C:\Users\Empty\Desktop\1_0001.jpg [2012-07-11 09:12:55 | 002,764,509 | ---- | M] () -- C:\Users\Empty\Desktop\1.jpg [2012-07-03 16:41:12 | 000,168,864 | ---- | M] () -- C:\Program Files\Common Files\WireHelpSvc.exe [2012-07-03 16:41:04 | 000,147,472 | ---- | M] () -- C:\Windows\SysNative\drivers\ESLWireACD.sys [2012-07-02 20:18:25 | 000,000,116 | ---- | M] () -- C:\Windows\NeroDigital.ini [2012-06-28 14:21:35 | 000,215,428 | ---- | M] () -- C:\Users\Empty\Desktop\identyfikator.png [2012-06-28 14:21:35 | 000,004,657 | ---- | M] () -- C:\Users\Empty\.recently-used.xbel [2012-06-28 14:10:57 | 000,129,005 | ---- | M] () -- C:\Users\Empty\Desktop\dscf9933.jpg [2012-06-28 10:26:06 | 000,412,221 | ---- | M] () -- C:\Users\Empty\Desktop\Dyplom III miejsce.jpg [2012-06-28 10:25:13 | 000,411,592 | ---- | M] () -- C:\Users\Empty\Desktop\Dyplom II miejsce.jpg [2012-06-28 10:24:05 | 000,410,624 | ---- | M] () -- C:\Users\Empty\Desktop\Dyplom I miejsce.jpg [2012-06-23 23:44:31 | 000,103,736 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-07-13 10:14:20 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2012-07-13 10:14:20 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2012-07-13 10:14:20 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2012-07-13 10:14:20 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2012-07-13 10:14:20 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2012-07-11 09:14:01 | 001,333,850 | ---- | C] () -- C:\Users\Empty\Desktop\1_0001.jpg [2012-07-11 09:12:55 | 002,764,509 | ---- | C] () -- C:\Users\Empty\Desktop\1.jpg [2012-06-28 14:21:35 | 000,004,657 | ---- | C] () -- C:\Users\Empty\.recently-used.xbel [2012-06-28 14:10:56 | 000,129,005 | ---- | C] () -- C:\Users\Empty\Desktop\dscf9933.jpg [2012-06-28 13:28:55 | 000,215,428 | ---- | C] () -- C:\Users\Empty\Desktop\identyfikator.png [2012-06-26 13:37:11 | 000,412,221 | ---- | C] () -- C:\Users\Empty\Desktop\Dyplom III miejsce.jpg [2012-06-26 13:36:52 | 000,411,592 | ---- | C] () -- C:\Users\Empty\Desktop\Dyplom II miejsce.jpg [2012-06-26 13:36:26 | 000,410,624 | ---- | C] () -- C:\Users\Empty\Desktop\Dyplom I miejsce.jpg [2012-06-08 01:27:23 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempoX4648.html [2012-05-26 00:43:02 | 005,775,456 | R--- | C] ( ) -- C:\Windows\SysWow64\RTKISDBT.dll [2012-05-21 11:23:33 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempIn2864.html [2012-05-21 01:03:04 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempHO4652.html [2012-05-02 00:04:54 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempBW3596.html [2012-05-01 15:34:33 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempFR3204.html [2012-05-01 08:18:25 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempCf3864.html [2012-05-01 00:41:19 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempqf3828.html [2012-04-30 22:23:41 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempez5084.html [2012-04-30 17:17:34 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempVh2668.html [2012-04-28 16:00:03 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempUo9116.html [2012-04-26 10:23:40 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempQ11656.html [2012-04-26 01:02:29 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempWM2568.html [2012-04-24 14:52:55 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Temprj5072.html [2012-04-21 23:03:24 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempfA6224.html [2012-04-20 21:34:06 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempE12200.html [2012-04-20 12:52:10 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempF12884.html [2012-04-19 23:15:12 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempXe5668.html [2012-04-19 23:15:12 | 000,002,089 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempPt5668.html [2012-04-18 14:42:17 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Templk5392.html [2012-04-13 10:59:07 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempPH5152.html [2012-04-12 00:18:02 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempRu4216.html [2012-04-05 15:12:31 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2012-04-05 15:12:24 | 000,103,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012-04-02 00:59:56 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempuG3348.html [2012-04-01 00:50:31 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempQN8288.html [2012-03-23 11:36:09 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempAC4456.html [2012-03-22 02:56:05 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempnJ7960.html [2012-03-21 11:57:01 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempgL4200.html [2012-03-20 14:14:53 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Temphl1216.html [2012-03-19 20:34:18 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempAA9652.html [2012-03-15 14:59:14 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempJl6272.html [2012-03-14 20:48:52 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempJC5864.html [2012-03-14 16:40:54 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempVk1340.html [2012-03-08 13:07:43 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempZq7980.html [2012-02-19 22:27:13 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempRE6988.html [2012-02-06 19:58:37 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempje2064.html [2012-01-31 20:28:47 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempeE3196.html [2012-01-26 22:04:57 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempcC3340.html [2012-01-22 23:49:35 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempvSb852.html [2012-01-20 22:21:40 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempRgv840.html [2012-01-20 20:59:48 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempyJ5952.html [2012-01-20 18:45:44 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempsA5616.html [2012-01-08 16:51:49 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempCD4240.html [2012-01-08 16:51:49 | 000,002,089 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempTd4240.html [2011-12-29 00:07:14 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempxI6908.html [2011-12-27 19:10:09 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempqx6096.html [2011-12-27 10:34:30 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempRx2656.html [2011-12-18 22:02:20 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempMh4208.html [2011-12-13 21:18:11 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempZyX484.html [2011-12-11 15:19:44 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempwZ7940.html [2011-12-10 22:38:17 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempJU3140.html [2011-12-08 19:56:32 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempEm7696.html [2011-12-04 11:22:31 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempGw4308.html [2011-12-01 19:06:33 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempda4924.html [2011-11-22 19:36:59 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempF10904.html [2011-11-20 12:53:39 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempdh4696.html [2011-11-19 23:10:42 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempSQ5824.html [2011-11-19 11:05:21 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempNS1052.html [2011-11-17 16:01:14 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempdX1432.html [2011-11-16 18:23:47 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempD10116.html [2011-11-15 18:09:08 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempIT7876.html [2011-11-13 12:18:44 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempyd2732.html [2011-11-13 01:05:57 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempbo2092.html [2011-11-12 15:46:06 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempYK9860.html [2011-11-03 16:44:55 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempBH9276.html [2011-10-23 20:40:56 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempEu8120.html [2011-10-20 14:46:36 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempQD3184.html [2011-10-15 01:02:37 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempZY3948.html [2011-10-12 19:40:32 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempgN5696.html [2011-10-02 09:21:16 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempEig532.html [2011-09-30 22:10:54 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempwD7360.html [2011-09-27 20:21:54 | 000,122,884 | ---- | C] () -- C:\Windows\UnGins.exe [2011-09-26 22:30:27 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempAB5448.html [2011-09-22 22:14:13 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempJu6820.html [2011-09-19 15:40:42 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempmK3300.html [2011-09-17 23:06:05 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempGQQ712.html [2011-09-16 22:17:08 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempAI3160.html [2011-09-15 22:26:38 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempJY5244.html [2011-09-15 22:26:38 | 000,002,089 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempzx5244.html [2011-09-14 22:36:14 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempWf5036.html [2011-09-14 17:12:34 | 000,000,026 | ---- | C] () -- C:\Windows\Irremote.ini [2011-09-14 17:12:22 | 000,001,024 | ---- | C] () -- C:\Users\Empty\.rnd [2011-09-11 11:26:21 | 000,000,116 | ---- | C] () -- C:\Windows\NeroDigital.ini [2011-09-03 11:57:15 | 000,644,608 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2011-09-03 11:44:25 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempd12140.html [2011-09-01 21:23:39 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempz17460.html [2011-08-24 19:33:33 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempr16404.html [2011-08-22 12:35:46 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TemplK4320.html [2011-08-21 20:02:53 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempJ19384.html [2011-08-18 12:00:37 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempGL6448.html [2011-08-16 16:45:51 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempB14052.html [2011-08-13 16:28:15 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempjH3236.html [2011-08-13 16:28:15 | 000,002,089 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempbc3236.html [2011-08-09 10:31:11 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempso2884.html [2011-08-08 15:22:51 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempHn5348.html [2011-08-04 23:16:09 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempTT3680.html [2011-08-04 20:09:33 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempjr6052.html [2011-08-04 18:33:41 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempKA2612.html [2011-08-04 17:36:10 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempF13380.html [2011-08-03 21:09:15 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempIk9084.html [2011-08-02 19:16:17 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TemptP4520.html [2011-08-01 21:26:23 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempx11456.html [2011-08-01 01:54:20 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempwz4156.html [2011-07-31 12:16:21 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempM11628.html [2011-07-30 15:35:53 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempaw8032.html [2011-07-29 22:03:10 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempVM9236.html [2011-07-28 23:05:09 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Templt5536.html [2011-07-28 12:25:11 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempvf9416.html [2011-07-27 21:59:36 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempP13624.html [2011-07-26 18:49:31 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempjb5648.html [2011-07-25 23:04:46 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempnO9348.html [2011-07-23 23:53:09 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempSx6052.html [2011-07-23 14:03:03 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempr10940.html [2011-07-22 20:16:30 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempfP4224.html [2011-07-20 18:23:21 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempbf5804.html [2011-07-20 17:29:53 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempzn3804.html [2011-07-20 16:10:36 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempq10588.html [2011-07-20 13:41:57 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempgP3372.html [2011-07-20 01:08:08 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempsD6764.html [2011-07-19 22:51:29 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempk11204.html [2011-07-19 18:23:52 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Temptf8384.html [2011-07-17 20:10:27 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempsc7960.html [2011-07-17 16:25:07 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempgc8940.html [2011-07-17 11:40:18 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempjU8364.html [2011-07-16 23:55:22 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempsV7848.html [2011-07-16 20:18:38 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempDR8352.html [2011-07-16 16:17:18 | 000,168,864 | ---- | C] () -- C:\Program Files\Common Files\WireHelpSvc.exe [2011-07-15 21:14:42 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempWuP988.html [2011-07-14 22:38:05 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TemppQ4032.html [2011-07-11 20:17:10 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2011-07-11 20:01:11 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\libFLAC.dll [2011-07-11 19:07:51 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempVB5996.html [2011-07-11 16:02:45 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempNi6652.html [2011-07-10 21:38:32 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempqI7136.html [2011-07-10 17:51:22 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempRe5788.html [2011-07-10 00:03:05 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempXI4452.html [2011-07-09 10:17:59 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempou4264.html [2011-07-08 14:34:33 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempzF3144.html [2011-07-08 12:33:26 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempCE6968.html [2011-07-07 22:20:02 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempeX7640.html [2011-07-06 20:23:33 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempIQ8136.html [2011-07-05 19:53:28 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempxo4576.html [2011-07-05 08:53:34 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempor5548.html [2011-07-04 09:11:14 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempID4132.html [2011-07-03 16:42:35 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempHi6980.html [2011-07-02 15:05:59 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempic7848.html [2011-07-01 09:25:27 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempPi3888.html [2011-06-30 22:47:19 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempOX7596.html [2011-06-30 21:25:49 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempoA9204.html [2011-06-30 18:32:41 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Temppg7476.html [2011-06-30 16:34:29 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempY10480.html [2011-06-30 15:27:10 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempk10608.html [2011-06-30 13:13:01 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempMc4584.html [2011-06-28 21:52:00 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempw20644.html [2011-06-28 18:18:13 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempn20116.html [2011-06-28 15:44:23 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempE17492.html [2011-06-28 12:11:52 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempT16032.html [2011-06-27 21:46:48 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempu11888.html [2011-06-27 20:39:54 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempA10408.html [2011-06-26 22:28:23 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempU16960.html [2011-06-26 21:15:03 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempd23652.html [2011-06-26 19:43:38 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempt16948.html [2011-06-26 19:01:04 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempHn8400.html [2011-06-26 17:16:14 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempy20388.html [2011-06-26 15:39:32 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempm17716.html [2011-06-25 22:49:00 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempXY3988.html [2011-06-25 21:21:25 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempsj7328.html [2011-06-25 16:50:23 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempLb4772.html [2011-06-25 15:57:29 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempB17632.html [2011-06-25 14:54:06 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempQ22976.html [2011-06-25 01:06:11 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempS17544.html [2011-06-24 23:34:00 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempF24296.html [2011-06-23 01:08:12 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempeu8956.html [2011-06-21 20:06:51 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempVU9220.html [2011-06-14 21:46:22 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempJa6448.html [2011-06-13 20:02:34 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempze3932.html [2011-06-11 22:08:54 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempOdU688.html [2011-06-11 13:48:35 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempNb2820.html [2011-06-11 00:46:42 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempFQ2452.html [2011-06-10 23:05:51 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempaQ3856.html [2011-06-07 20:01:53 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempZ10728.html [2011-06-07 16:59:55 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempUP8984.html [2011-06-06 15:49:37 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempTA6828.html [2011-06-04 15:43:23 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TemppE2436.html [2011-06-03 17:40:35 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempFB8796.html [2011-06-03 14:53:00 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempqX5284.html [2011-06-01 13:28:13 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempzE8848.html [2011-05-31 20:01:35 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempXT4444.html [2011-05-29 10:50:33 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempdm6372.html [2011-05-27 23:00:17 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempdk4812.html [2011-05-27 19:24:34 | 000,000,640 | RHS- | C] () -- C:\Users\Empty\ntuser.pol [2011-05-25 22:05:02 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempw10048.html [2011-05-25 19:51:08 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempud6604.html [2011-05-24 17:03:12 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempnc7520.html [2011-05-23 21:29:00 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempBW3316.html [2011-05-23 14:26:43 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Temptf7896.html [2011-05-21 12:07:45 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempB10252.html [2011-05-18 23:31:11 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempex7344.html [2011-05-18 22:11:49 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Temppk4192.html [2011-05-17 20:23:31 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempWF4108.html [2011-05-16 23:10:00 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempFK8400.html [2011-05-16 23:10:00 | 000,002,089 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempCK8400.html [2011-05-16 16:31:04 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempCB9620.html [2011-05-15 22:42:32 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempyp8628.html [2011-05-15 17:03:11 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempuu9400.html [2011-05-15 01:42:31 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempsr6232.html [2011-05-12 17:34:29 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempKi5740.html [2011-05-11 19:12:49 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempVN2788.html [2011-05-11 19:12:49 | 000,002,089 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempOn2788.html [2011-05-11 15:04:10 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempvv8980.html [2011-05-09 23:10:43 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempER3024.html [2011-05-09 16:43:39 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempzg8112.html [2011-05-08 12:58:10 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempGr6952.html [2011-05-07 15:37:14 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempLZ6016.html [2011-05-05 23:50:27 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempbJ8196.html [2011-05-05 14:23:44 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempv11764.html [2011-05-05 11:19:04 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempkk9104.html [2011-05-03 14:55:06 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempur7960.html [2011-05-02 13:18:11 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempH10084.html [2011-05-01 21:49:54 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempKY6152.html [2011-05-01 20:57:17 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempAaH964.html [2011-04-28 16:55:04 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Temptw6976.html [2011-04-27 20:58:44 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempuL6608.html [2011-04-26 20:43:37 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempzb4544.html [2011-04-25 16:33:26 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempQT9172.html [2011-04-23 22:36:57 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempnh8804.html [2011-04-22 23:03:08 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempv10668.html [2011-04-22 17:03:05 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempdQ1252.html [2011-04-22 11:19:51 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempFc8160.html [2011-04-22 02:55:24 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempvE5268.html [2011-04-21 21:46:56 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempNZ3632.html [2011-04-21 15:45:29 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempqm4756.html [2011-04-20 22:34:41 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempXo5972.html [2011-04-20 18:10:01 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempiA2152.html [2011-04-20 16:33:27 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempqt4656.html [2011-04-19 19:17:22 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempYfL924.html [2011-04-18 18:53:36 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempCy7636.html [2011-04-18 16:16:33 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempZM1384.html [2011-04-17 18:53:36 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempfd6748.html [2011-04-17 11:03:10 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempVY8372.html [2011-04-16 21:51:14 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempTJ6876.html [2011-04-16 19:15:00 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempDw5708.html [2011-04-14 20:21:58 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempsj9000.html [2011-04-14 17:58:41 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempoi5660.html [2011-04-12 21:59:56 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempE10104.html [2011-04-11 16:19:54 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempec9644.html [2011-04-10 11:44:35 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempjX9364.html [2011-04-09 12:25:46 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempGZ1308.html [2011-04-08 19:47:23 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempDy6564.html [2011-04-03 19:19:44 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempXm5948.html [2011-04-03 08:52:39 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempe11268.html [2011-04-03 08:52:39 | 000,002,089 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempg11268.html [2011-03-31 20:01:27 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempN12120.html [2011-03-28 15:29:43 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempL11356.html [2011-03-25 19:20:12 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempYm2268.html [2011-03-25 17:18:22 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempjO2340.html [2011-03-16 16:56:50 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempEq6852.html [2011-03-14 21:34:24 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempmI2864.html [2011-03-10 19:15:59 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempsG5056.html [2011-03-07 17:18:25 | 000,003,584 | ---- | C] () -- C:\Users\Empty\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-03-05 11:47:32 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Temprc8376.html [2011-03-04 23:30:41 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Temptu3112.html [2011-02-28 19:42:28 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TemptZ9900.html [2011-02-27 17:26:30 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempYv3160.html [2011-02-27 14:37:19 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempLQ7144.html [2011-02-23 02:54:33 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempzq9448.html [2011-02-22 15:54:53 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempU11064.html [2011-02-20 17:28:57 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempBu2416.html [2011-02-19 00:13:55 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempDq8328.html [2011-02-19 00:13:24 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempwl5276.html [2011-02-19 00:13:24 | 000,002,089 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempTv5276.html [2011-02-17 02:07:29 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempVd9868.html [2011-02-15 01:17:14 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempVc4388.html [2011-02-14 19:21:46 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempop7108.html [2011-02-14 14:02:40 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempx10780.html [2011-02-13 16:55:47 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Temps10876.html [2011-02-13 02:41:14 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempkU5040.html [2011-02-12 23:31:54 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat [2011-02-12 21:59:50 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempwo7716.html [2011-02-12 18:03:23 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempN10848.html [2011-02-12 02:13:08 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempMx3860.html [2011-02-11 23:14:20 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempOH5308.html [2011-02-11 22:34:51 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Temppa5780.html [2011-02-10 14:41:02 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempLi5648.html [2011-02-10 01:51:50 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TemppD9900.html [2011-02-10 01:51:50 | 000,002,089 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempDk9900.html [2011-02-09 00:18:26 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempfn9988.html [2011-02-08 10:56:51 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempyY4228.html [2011-02-05 19:28:13 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempWX5292.html [2011-02-05 13:42:14 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempyZ4912.html [2011-02-03 16:58:26 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempOzS628.html [2011-02-03 16:58:26 | 000,002,089 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempPpk628.html [2011-02-03 11:27:51 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempY10876.html [2011-02-02 17:14:23 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempct9644.html [2011-02-02 17:14:23 | 000,002,089 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempLk9644.html [2011-02-01 15:59:24 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TemptN6348.html [2011-01-31 23:45:25 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempTU1904.html [2011-01-30 16:11:37 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempU10808.html [2011-01-27 10:50:05 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempJg3152.html [2011-01-26 15:56:04 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempUm5604.html [2011-01-25 21:05:33 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll [2011-01-25 21:05:33 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll [2011-01-25 21:05:33 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll [2011-01-25 17:36:07 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempmK7196.html [2011-01-25 15:59:58 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempvoz928.html [2011-01-24 20:33:33 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Temprg4624.html [2011-01-23 16:08:38 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempdv5228.html [2011-01-23 13:18:43 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempNy4908.html [2011-01-22 16:00:16 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempfO4432.html [2011-01-22 01:22:21 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempe11980.html [2011-01-21 23:54:59 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempvq8148.html [2011-01-21 19:07:10 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempCx8620.html [2011-01-21 18:38:54 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempww1660.html [2011-01-21 16:09:04 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempts9900.html [2011-01-20 17:27:08 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempBQ2740.html [2011-01-18 13:22:02 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempsL5636.html [2011-01-18 01:01:15 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempM10608.html [2011-01-16 20:46:58 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempgh5012.html [2011-01-16 16:31:41 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempik5464.html [2011-01-16 14:29:23 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempgt8888.html [2011-01-15 23:15:13 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempWg6456.html [2011-01-15 19:43:27 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempdp4260.html [2011-01-15 15:42:47 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempeb3048.html [2011-01-15 13:50:10 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempk10632.html [2011-01-15 00:06:43 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempFE9784.html [2011-01-14 22:39:18 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempgW2300.html [2011-01-14 16:30:04 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempw10132.html [2011-01-13 15:21:12 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempMI4780.html [2011-01-12 16:07:07 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempJv5868.html [2011-01-11 19:38:10 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempvO6624.html [2011-01-11 15:26:25 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempUS7652.html [2011-01-10 17:11:12 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempOQ8492.html [2011-01-09 14:55:40 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Temprr7096.html [2011-01-09 12:31:32 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempEq1408.html [2011-01-08 18:53:28 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempue8576.html [2011-01-08 00:36:24 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempRT6668.html [2011-01-07 15:00:20 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempWne880.html [2011-01-06 21:07:35 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempR11020.html [2011-01-06 17:50:57 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempjq7060.html [2011-01-06 14:11:09 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempxg7344.html [2011-01-05 22:51:19 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempyN9420.html [2011-01-05 16:37:08 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempIch868.html [2011-01-05 15:30:04 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempX10732.html [2011-01-04 16:29:38 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempHX9956.html [2011-01-03 18:24:41 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempkZ3188.html [2011-01-02 12:14:31 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempbe9476.html [2011-01-01 23:28:50 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempsP9092.html [2011-01-01 17:30:49 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempcQ1616.html [2010-12-31 13:54:09 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempyd7476.html [2010-12-31 00:47:42 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempzr5776.html [2010-12-30 23:17:32 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempmx6096.html [2010-12-30 21:59:53 | 048,562,476 | ---- | C] () -- C:\Users\Empty\111111111111111111111111111111111111111.wav [2010-12-30 21:57:30 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempYK2100.html [2010-12-30 16:46:23 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempDC5196.html [2010-12-30 03:05:17 | 000,524,288 | -HS- | C] () -- C:\Users\Empty\ntuser.dat{5b8e7b66-13a3-11e0-bcda-00ff01000001}.TMContainer00000000000000000002.regtrans-ms [2010-12-30 03:05:17 | 000,524,288 | -HS- | C] () -- C:\Users\Empty\ntuser.dat{5b8e7b66-13a3-11e0-bcda-00ff01000001}.TMContainer00000000000000000001.regtrans-ms [2010-12-30 03:05:17 | 000,065,536 | -HS- | C] () -- C:\Users\Empty\ntuser.dat{5b8e7b66-13a3-11e0-bcda-00ff01000001}.TM.blf [2010-12-29 20:01:27 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempjj5968.html [2010-12-29 18:08:10 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempXo4876.html [2010-12-29 13:47:44 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempdo3196.html [2010-12-29 01:27:42 | 000,127,244 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat [2010-12-28 22:14:33 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempRD5324.html [2010-12-28 19:47:56 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempOn5764.html [2010-12-28 15:54:55 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempGy9104.html [2010-12-27 19:47:06 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempYW7012.html [2010-12-27 16:59:51 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempmN8752.html [2010-12-27 03:51:31 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempBo5836.html [2010-12-27 00:12:45 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempYa9120.html [2010-12-26 16:09:42 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempcz7448.html [2010-12-25 12:00:26 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempu10904.html [2010-12-25 10:41:54 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempJAk612.html [2010-12-25 03:09:14 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempdn6136.html [2010-12-24 13:24:03 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempg10460.html [2010-12-23 14:25:45 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempNx4888.html [2010-12-23 12:22:23 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempRI9896.html [2010-12-22 23:06:50 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempEu6116.html [2010-12-22 22:11:49 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempHM7936.html [2010-12-22 12:35:50 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempVH6032.html [2010-12-21 23:44:54 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempxdi552.html [2010-12-21 18:11:46 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempmS5056.html [2010-12-20 19:39:18 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempEfJ936.html [2010-12-20 16:35:24 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempbR4428.html [2010-12-19 16:35:54 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempffy128.html [2010-12-19 15:55:16 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempdT4944.html [2010-12-19 10:09:45 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempyQ5068.html [2010-12-19 00:54:33 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\Tempaz4680.html [2010-12-18 11:51:25 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempKD4184.html [2010-12-18 00:46:06 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempVr2592.html [2010-12-18 00:46:06 | 000,002,089 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempBv2592.html [2010-12-17 20:10:11 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempOj3260.html [2010-12-17 18:20:22 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempEm2564.html [2010-12-16 22:42:09 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempQT4700.html [2010-12-16 20:32:12 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempHh2992.html [2010-12-16 15:13:26 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempDv4756.html [2010-12-15 22:47:23 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempRZ4476.html [2010-12-15 14:51:15 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempRP2052.html [2010-12-14 22:33:26 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempCe2564.html [2010-12-14 18:45:26 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempnF4288.html [2010-12-14 15:18:31 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempqP4040.html [2010-12-14 12:20:31 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempBK3708.html [2010-12-13 21:46:41 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempzS3372.html [2010-12-13 16:42:27 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempDd3320.html [2010-12-12 15:51:46 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempqC2708.html [2010-12-10 18:40:07 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempBE3800.html [2010-12-10 16:03:43 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempbD4712.html [2010-12-09 19:13:56 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TemprI1040.html [2010-12-09 16:08:03 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempKb4996.html [2010-11-20 08:16:54 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempwR4544.html [2010-11-20 08:16:54 | 000,002,089 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempGx4544.html [2010-11-20 00:50:01 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempnK3056.html [2010-11-13 21:36:40 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempPl2072.html [2010-11-13 21:15:15 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempjB1884.html [2010-11-13 18:26:41 | 000,002,432 | ---- | C] () -- C:\Users\Empty\AppData\Local\TempSr2928.html [2010-10-24 23:39:29 | 000,000,418 | ---- | C] () -- C:\Users\Empty\AppData\Roaming\wklnhst.dat [2010-10-02 17:42:17 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\libFLAC.dll.bak [2010-08-27 00:13:26 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2010-08-25 06:09:26 | 000,001,751 | ---- | C] () -- C:\Windows\WPatchProgress.ini [2010-08-24 20:40:57 | 000,200,704 | ---- | C] () -- C:\Windows\PLFSetI.exe [2010-08-24 20:40:57 | 000,000,188 | ---- | C] () -- C:\Windows\PidList.ini [2010-08-24 20:40:55 | 000,106,496 | ---- | C] () -- C:\Windows\FixUVC.exe [2010-08-24 20:35:31 | 000,087,240 | ---- | C] () -- C:\Users\Empty\AppData\Local\GDIPFONTCACHEV1.DAT [2010-08-24 20:34:54 | 000,000,020 | -HS- | C] () -- C:\Users\Empty\ntuser.ini [2010-08-24 20:34:53 | 000,524,288 | -HS- | C] () -- C:\Users\Empty\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms [2010-08-24 20:34:53 | 000,524,288 | -HS- | C] () -- C:\Users\Empty\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms [2010-08-24 20:34:52 | 005,242,880 | -HS- | C] () -- C:\Users\Empty\ntuser.dat [2010-08-24 20:34:52 | 000,065,536 | -HS- | C] () -- C:\Users\Empty\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf [2010-08-24 20:30:30 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [color=#E56717]========== LOP Check ==========[/color] [2011-12-30 13:28:48 | 000,000,000 | ---D | M] -- C:\Users\Empty\AppData\Roaming\A4366 [2011-09-06 08:01:46 | 000,000,000 | ---D | M] -- C:\Users\Empty\AppData\Roaming\Ashampoo [2012-03-13 00:24:29 | 000,000,000 | ---D | M] -- C:\Users\Empty\AppData\Roaming\Babylon [2011-04-16 18:21:36 | 000,000,000 | ---D | M] -- C:\Users\Empty\AppData\Roaming\Canon [2011-02-20 14:18:41 | 000,000,000 | ---D | M] -- C:\Users\Empty\AppData\Roaming\DAEMON Tools Lite [2011-01-16 22:17:11 | 000,000,000 | ---D | M] -- C:\Users\Empty\AppData\Roaming\DAEMON Tools Net [2011-08-14 13:29:23 | 000,000,000 | ---D | M] -- C:\Users\Empty\AppData\Roaming\Expressivo [2012-07-12 01:36:09 | 000,000,000 | ---D | M] -- C:\Users\Empty\AppData\Roaming\foobar2000 [2011-06-24 23:35:57 | 000,000,000 | ---D | M] -- C:\Users\Empty\AppData\Roaming\Gadu-Gadu 10 [2010-08-28 20:28:45 | 000,000,000 | ---D | M] -- C:\Users\Empty\AppData\Roaming\GameConsole [2010-12-30 00:58:27 | 000,000,000 | ---D | M] -- C:\Users\Empty\AppData\Roaming\GetRightToGo [2012-04-25 15:51:14 | 000,000,000 | ---D | M] -- C:\Users\Empty\AppData\Roaming\GHISLER [2012-06-28 13:28:55 | 000,000,000 | ---D | M] -- C:\Users\Empty\AppData\Roaming\gtk-2.0 [2012-07-13 08:28:03 | 000,000,000 | ---D | M] -- C:\Users\Empty\AppData\Roaming\hellomoto [2011-12-11 22:57:32 | 000,000,000 | ---D | M] -- C:\Users\Empty\AppData\Roaming\HLSW [2011-12-03 23:23:21 | 000,000,000 | ---D | M] -- C:\Users\Empty\AppData\Roaming\iPlus [2011-07-13 11:28:59 | 000,000,000 | ---D | M] -- C:\Users\Empty\AppData\Roaming\IrfanView [2010-11-20 16:19:30 | 000,000,000 | ---D | M] -- C:\Users\Empty\AppData\Roaming\Leadertech [2011-01-08 19:10:02 | 000,000,000 | ---D | M] -- C:\Users\Empty\AppData\Roaming\LolClient [2012-05-28 10:35:25 | 000,000,000 | ---D | M] -- C:\Users\Empty\AppData\Roaming\LolClient2 [2011-03-14 16:27:35 | 000,000,000 | ---D | M] -- C:\Users\Empty\AppData\Roaming\Maluch Racer 3 [2011-10-07 23:10:26 | 000,000,000 | ---D | M] -- C:\Users\Empty\AppData\Roaming\Mumble [2012-01-26 12:31:31 | 000,000,000 | ---D | M] -- C:\Users\Empty\AppData\Roaming\NapiProjekt [2010-12-21 18:12:04 | 000,000,000 | ---D | M] -- C:\Users\Empty\AppData\Roaming\OpenFM [2011-09-22 19:42:11 | 000,000,000 | ---D | M] -- C:\Users\Empty\AppData\Roaming\OpenOffice.org [2011-05-04 08:51:31 | 000,000,000 | ---D | M] -- C:\Users\Empty\AppData\Roaming\pokerth [2011-10-29 20:26:52 | 000,000,000 | ---D | M] -- C:\Users\Empty\AppData\Roaming\PowerCinema [2010-12-29 20:37:49 | 000,000,000 | ---D | M] -- C:\Users\Empty\AppData\Roaming\Publish Providers [2011-02-20 14:29:56 | 000,000,000 | ---D | M] -- C:\Users\Empty\AppData\Roaming\RedDotGames [2011-05-16 15:58:17 | 000,000,000 | ---D | M] -- C:\Users\Empty\AppData\Roaming\SoftDMA [2012-05-03 01:41:57 | 000,000,000 | ---D | M] -- C:\Users\Empty\AppData\Roaming\Softpark [2011-06-01 19:15:03 | 000,000,000 | ---D | M] -- C:\Users\Empty\AppData\Roaming\Sony [2010-11-20 09:31:36 | 000,000,000 | ---D | M] -- C:\Users\Empty\AppData\Roaming\SteelSeries Xai [2011-01-08 16:24:03 | 000,000,000 | ---D | M] -- C:\Users\Empty\AppData\Roaming\TeamViewer [2010-10-24 23:39:37 | 000,000,000 | ---D | M] -- C:\Users\Empty\AppData\Roaming\Template [2012-03-14 13:49:21 | 000,000,000 | ---D | M] -- C:\Users\Empty\AppData\Roaming\TS3Client [2012-03-14 22:15:54 | 000,000,000 | ---D | M] -- C:\Users\Empty\AppData\Roaming\ts3overlay [2012-07-02 20:24:08 | 000,000,000 | ---D | M] -- C:\Users\Empty\AppData\Roaming\uTorrent [2011-01-25 20:00:57 | 000,000,000 | ---D | M] -- C:\Users\Empty\AppData\Roaming\VoipCheapCom [2011-11-23 20:01:28 | 000,032,604 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:AB689DEA @Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:5D7E5A8F @Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:4D066AD2 @Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:E3C56885 @Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:E1F04E8D @Alternate Data Stream - 110 bytes -> C:\ProgramData\Temp:888AFB86 < End of report >