OTL logfile created on: 2012-11-22 15:13:11 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\ardo\Moje dokumenty\Pobieranie Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1013,42 Mb Total Physical Memory | 454,09 Mb Available Physical Memory | 44,81% Memory free 2,39 Gb Paging File | 2,01 Gb Available in Paging File | 84,29% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 48,83 Gb Total Space | 1,60 Gb Free Space | 3,27% Space Free | Partition Type: NTFS Drive D: | 249,25 Gb Total Space | 51,58 Gb Free Space | 20,69% Space Free | Partition Type: NTFS Computer Name: ESEKUBA-12345 | User Name: ardo | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-11-22 13:14:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ardo\Moje dokumenty\Pobieranie\OTL.exe PRC - [2012-11-19 21:48:14 | 001,435,568 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe PRC - [2012-10-27 23:48:51 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2009-10-16 18:45:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-10-27 23:48:50 | 002,295,264 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2012-08-29 08:46:50 | 009,465,032 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll MOD - [2010-01-21 00:34:10 | 008,793,952 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll MOD - [2010-01-09 19:18:18 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF MOD - [2009-10-16 18:45:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll MOD - [2009-02-27 18:04:20 | 000,311,296 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.POL [color=#E56717]========== Services (SafeList) ==========[/color] SRV - File not found [Auto | Stopped] -- -- (WebOptimizer) SRV - File not found [Auto | Stopped] -- C:\Program Files\Web Assistant\ExtensionUpdaterService.exe -- (Web Assistant Updater) SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ) SRV - [2012-11-19 21:48:14 | 001,435,568 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2012-10-27 23:48:50 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012-08-29 08:46:50 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-07-13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-07-03 17:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2011-03-16 09:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2010-01-21 16:51:12 | 030,963,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service) SRV - [2008-09-08 06:59:00 | 000,575,488 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\FsUsbExDisk.SYS -- (FsUsbExDisk) DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\dgderdrv.sys -- (dgderdrv) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\btcusb.sys -- (Btcsrusb) DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\btcombus.sys -- (BTCOMBUS) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btcomport.sys -- (BTCOM) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btnetdrv.sys -- (BT) DRV - [2012-11-19 21:24:11 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV - [2012-11-19 21:12:17 | 000,466,008 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd) DRV - [2012-07-29 15:30:54 | 000,025,200 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc) DRV - [2012-07-29 15:30:54 | 000,012,400 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt) DRV - [2012-07-03 17:21:54 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2012-07-03 17:21:53 | 000,721,000 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2012-07-03 17:21:53 | 000,353,688 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2012-07-03 17:21:53 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2012-07-03 17:21:53 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr) DRV - [2012-07-03 17:21:53 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2012-07-03 17:21:52 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2012-05-16 23:26:25 | 000,015,600 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv) DRV - [2011-08-29 23:54:22 | 000,097,552 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MijXfilt.sys -- (MotioninJoyXFilter) DRV - [2011-07-29 12:54:56 | 000,013,192 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\epmntdrv.sys -- (epmntdrv) DRV - [2011-07-29 12:54:56 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\EuGdiDrv.sys -- (EuGdiDrv) DRV - [2010-12-21 06:55:02 | 000,123,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdm.sys -- (ss_mdm) DRV - [2010-12-21 06:55:02 | 000,098,560 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bus.sys -- (ss_bus) DRV - [2010-12-21 06:55:02 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdfl.sys -- (ss_mdfl) DRV - [2010-04-06 17:33:10 | 000,025,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btnetBus.sys -- (btnetBUs) DRV - [2010-04-06 17:32:48 | 000,023,048 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\IvtBtBus.sys -- (IvtBtBUs) DRV - [2010-04-06 17:32:44 | 000,020,104 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\BtHidBus.sys -- (BtHidBus) DRV - [2010-01-27 03:09:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (npf) DRV - [2009-10-16 18:45:00 | 000,215,856 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\Si3132r5.sys -- (Si3132r5) DRV - [2009-10-16 18:45:00 | 000,212,520 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\Si3531.sys -- (Si3531) DRV - [2009-10-16 18:45:00 | 000,195,072 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\drivers\Si3114r5.sys -- (Si3114r5) DRV - [2009-10-16 18:45:00 | 000,074,672 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\si3132.sys -- (Si3132) DRV - [2009-10-16 18:45:00 | 000,069,248 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\si3124.sys -- (Si3124) DRV - [2009-10-16 18:45:00 | 000,062,336 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\si3112.sys -- (Si3112) DRV - [2009-03-18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi) DRV - [2008-08-26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2007-04-23 11:12:28 | 004,402,176 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) DRV - [2006-12-14 09:44:06 | 000,085,120 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp) DRV - [2006-07-24 15:05:00 | 000,005,632 | ---- | M] () [File_System | System | Stopped] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://pl.v9.com/?utm_source=b&utm_medium=prs IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000&st=18&barid={4CBB9309-CDB0-11E1-B6EF-001D7D950CE8} IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=18&q={searchTerms}&barid={4CBB9309-CDB0-11E1-B6EF-001D7D950CE8} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-527237240-1202660629-1606980848-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://pl.v9.com/?utm_source=b&utm_medium=prs IE - HKU\S-1-5-21-527237240-1202660629-1606980848-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000&st=18&barid={4CBB9309-CDB0-11E1-B6EF-001D7D950CE8} IE - HKU\S-1-5-21-527237240-1202660629-1606980848-1003\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.) IE - HKU\S-1-5-21-527237240-1202660629-1606980848-1003\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847} IE - HKU\S-1-5-21-527237240-1202660629-1606980848-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC IE - HKU\S-1-5-21-527237240-1202660629-1606980848-1003\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=110819&tt=060612_5_&babsrc=SP_ss&mntrId=b41d9523000000000000001d7d950ce8 IE - HKU\S-1-5-21-527237240-1202660629-1606980848-1003\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredibar.com/mb139/?search={searchTerms}&loc=IB_DS&a=6OyMN3p9fB&i=26 IE - HKU\S-1-5-21-527237240-1202660629-1606980848-1003\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=18&q={searchTerms}&barid={4CBB9309-CDB0-11E1-B6EF-001D7D950CE8} IE - HKU\S-1-5-21-527237240-1202660629-1606980848-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "MyStart Search" FF - prefs.js..browser.search.defaulturl: "" FF - prefs.js..browser.search.order.1: "Search the web (Babylon)" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "https://www.google.pl/" FF - prefs.js..extensions.enabledAddons: jqs@sun.com:1.0 FF - prefs.js..keyword.URL: "http://search.sweetim.com/search.asp?src=2&q=" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.) FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@onlive.com/OnLiveGameClientDetector,version=1.0.0: C:\Program Files\OnLive\Plugin\npolgdet.dll (OnLive) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\ardo\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-07-17 12:46:28 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-10-27 23:48:51 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-10-27 23:48:41 | 000,000,000 | ---D | M] [2012-05-16 17:49:06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\ardo\Dane aplikacji\Mozilla\Extensions [2012-10-29 17:10:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\ardo\Dane aplikacji\Mozilla\Firefox\Profiles\nn3jo0xd.default\extensions [2012-10-02 18:55:22 | 000,000,000 | ---D | M] ("TimeLineRemove.Com") -- C:\Documents and Settings\ardo\Dane aplikacji\Mozilla\Firefox\Profiles\nn3jo0xd.default\extensions\jid0-YxzrUsJ0WOiOaU89TngAzLcIs18@jetpack [2012-08-03 22:00:45 | 000,010,043 | ---- | M] () (No name found) -- C:\Documents and Settings\ardo\Dane aplikacji\Mozilla\Firefox\Profiles\nn3jo0xd.default\extensions\IplextoALL@ALLPlayer.org.xpi [2012-09-01 11:28:58 | 000,002,203 | ---- | M] () -- C:\Documents and Settings\ardo\Dane aplikacji\Mozilla\Firefox\Profiles\nn3jo0xd.default\searchplugins\MyStart Search.xml [2012-10-29 17:07:26 | 000,003,915 | ---- | M] () -- C:\Documents and Settings\ardo\Dane aplikacji\Mozilla\Firefox\Profiles\nn3jo0xd.default\searchplugins\sweetim.xml [2012-10-27 23:48:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012-07-01 10:57:44 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2012-10-27 23:48:51 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012-07-01 10:57:44 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011-12-09 18:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll [2012-07-19 21:19:54 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2012-06-17 21:05:20 | 000,002,352 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml [2012-07-19 21:19:54 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2012-07-19 21:19:54 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2012-07-19 21:19:54 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2012-05-16 19:08:05 | 000,000,428 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\v9.xml [2012-07-19 21:19:54 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-07-19 21:19:54 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2009-10-16 18:45:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll File not found O2 - BHO: (Incredibar.com Helper Object) - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll (Montera Technologeis LTD) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Free Download Manager) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll () O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.) O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll (Yontoo LLC) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3 - HKLM\..\Toolbar: (Incredibar Toolbar) - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll (Montera Technologeis LTD) O3 - HKU\S-1-5-21-527237240-1202660629-1606980848-1003\..\Toolbar\WebBrowser: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [NPSStartup] File not found O4 - HKLM..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.) O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.) O4 - HKLM..\Run: [VDownloader] C:\Program Files\VDownloadere\VDownloader.exe (Vitzo) O4 - HKU\S-1-5-21-527237240-1202660629-1606980848-1003..\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe () O4 - HKU\S-1-5-21-527237240-1202660629-1606980848-1003..\Run: [AQQ] C:\Program Files\WapSter\WapSter AQQ\AQQ.exe () O4 - HKU\S-1-5-21-527237240-1202660629-1606980848-1003..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-527237240-1202660629-1606980848-1003..\Run: [DS3 Tool] C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe (www.motioninjoy.com) O4 - HKU\S-1-5-21-527237240-1202660629-1606980848-1003..\Run: [OfficeSyncProcess] C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation) O4 - HKU\S-1-5-21-527237240-1202660629-1606980848-1003..\Run: [Steam] C:\Program Files\Steam\steam.exe (Valve Corporation) O4 - Startup: C:\Documents and Settings\ardo\Menu Start\Programy\Autostart\ctfmon.lnk = C:\Documents and Settings\All Users\Dane aplikacji\lsass.exe (Microsoft Corporation) O4 - Startup: C:\Documents and Settings\ardo\Menu Start\Programy\Autostart\WTW.lnk = File not found O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-527237240-1202660629-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Pobierz plik wideo w FDM - C:\Program Files\Free Download Manager\dlfvideo.htm () O8 - Extra context menu item: Pobierz w FDM - C:\Program Files\Free Download Manager\dllink.htm () O8 - Extra context menu item: Pobierz wszystkie pliki w FDM - C:\Program Files\Free Download Manager\dlall.htm () O8 - Extra context menu item: Pobierz zaznaczone pliki w FDM - C:\Program Files\Free Download Manager\dlselected.htm () O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O13 - gopher Prefix: missing O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites) O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in Trusted sites) O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in Trusted sites) O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in Trusted sites) O15 - HKU\S-1-5-21-527237240-1202660629-1606980848-1003\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites) O15 - HKU\S-1-5-21-527237240-1202660629-1606980848-1003\..Trusted Domains: freerealms.com ([]* in Trusted sites) O15 - HKU\S-1-5-21-527237240-1202660629-1606980848-1003\..Trusted Domains: soe.com ([]* in Trusted sites) O15 - HKU\S-1-5-21-527237240-1202660629-1606980848-1003\..Trusted Domains: sony.com ([]* in Trusted sites) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6428A06E-81E1-45D9-80BC-2C232EF98FF5}: DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 () - https://fbcdn-sphotos-a.akamaihd.net/hphotos-ak-snc6/195833_1760593546895_1734455_n.jpg O24 - Desktop Components:1 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\ardo\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\ardo\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012-05-16 17:18:53 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{117d5a43-d989-11e1-a5c0-001d7d950ce8}\Shell - "" = AutoRun O33 - MountPoints2\{117d5a43-d989-11e1-a5c0-001d7d950ce8}\Shell\AutoRun\command - "" = H:\Startme.exe O33 - MountPoints2\{117d5a4f-d989-11e1-a5c0-001d7d950ce8}\Shell - "" = AutoRun O33 - MountPoints2\{117d5a4f-d989-11e1-a5c0-001d7d950ce8}\Shell\AutoRun\command - "" = H:\Startme.exe O33 - MountPoints2\{a1bf7d40-b8b8-11e1-8149-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{a1bf7d40-b8b8-11e1-8149-806d6172696f}\Shell\AutoRun\command - "" = F:\Install.exe O33 - MountPoints2\{aa7529d4-a568-11e1-bb10-001d7d950ce8}\Shell\AutoRun\command - "" = H:\Toshiba\Launcher\start.exe O33 - MountPoints2\{b615ab3f-9f76-11e1-baf6-001d7d950ce8}\Shell - "" = AutoRun O33 - MountPoints2\{b615ab3f-9f76-11e1-baf6-001d7d950ce8}\Shell\AutoRun\command - "" = F:\Install.exe O33 - MountPoints2\{c8c614c0-3285-11e2-bf38-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{c8c614c0-3285-11e2-bf38-806d6172696f}\Shell\AutoRun\command - "" = F:\autorun.exe O33 - MountPoints2\{c8c615c1-3285-11e2-bf38-001d7d950ce8}\Shell - "" = AutoRun O33 - MountPoints2\{c8c615c1-3285-11e2-bf38-001d7d950ce8}\Shell\AutoRun\command - "" = G:\Install.exe O33 - MountPoints2\{fd5a4f40-c4e3-11e1-8c4d-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{fd5a4f40-c4e3-11e1-8c4d-806d6172696f}\Shell\AutoRun\command - "" = F:\Launch.exe O33 - MountPoints2\{fd5a5046-c4e3-11e1-8c4d-001d7d950ce8}\Shell - "" = AutoRun O33 - MountPoints2\{fd5a5046-c4e3-11e1-8c4d-001d7d950ce8}\Shell\AutoRun\command - "" = G:\Install.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-11-22 13:11:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC [2012-11-22 11:42:02 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Dane aplikacji\lsass.exe [2012-11-21 13:42:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Eidos [2012-11-21 10:37:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ardo\Moje dokumenty\[TorrThem] Hitman 3 - Contracts (2004) [2012-11-21 10:02:33 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi [2012-11-21 10:02:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\LogMeIn Hamachi [2012-11-20 22:56:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Atari [2012-11-20 14:21:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ardo\Moje dokumenty\Prison Architect Alpha 2 [2012-11-20 14:16:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ardo\Moje dokumenty\Prison Architect PC [2012-11-19 21:47:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ardo\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi [2012-11-19 21:46:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi [2012-11-19 21:45:47 | 000,026,176 | -H-- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\hamachi.sys [2012-11-19 21:40:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ardo\Moje dokumenty\Command and Conquer Generals Data [2012-11-19 21:29:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\EA Games [2012-11-19 21:28:59 | 000,000,000 | ---D | C] -- C:\Program Files\EA Games [2012-11-19 21:16:54 | 000,242,240 | ---- | C] (DT Soft Ltd) -- C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2012-11-19 21:12:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\DAEMON Tools Lite [2012-11-19 21:12:04 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite [2012-11-18 18:11:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ardo\.towns [2012-11-18 01:16:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ardo\Moje dokumenty\CC Generals [2012-11-17 18:32:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ardo\Moje dokumenty\ZomboidRC2.5wCrack [2012-11-17 15:02:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ardo\Dane aplikacji\Dwarfs [2012-11-17 09:23:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel [2012-11-16 23:29:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ardo\Dane aplikacji\.mono [2012-11-16 23:18:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ardo\Dane aplikacji\Full Control [2012-11-16 22:58:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ardo\Dane aplikacji\Carbon [2012-11-15 21:30:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ardo\Pulpit\Nowy folder (9) [2012-11-11 17:18:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ardo\Moje dokumenty\Project Zomboid v0.2.0q [2012-11-09 17:14:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Rome - Total War [2012-11-09 17:04:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ardo\Menu Start\Programy\Rome - Total War [2012-11-08 21:38:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ardo\Moje dokumenty\Rome Total War [2012-11-03 10:27:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ardo\Moje dokumenty\prisonarchitect-alpha3-pc [2012-10-29 17:07:13 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2012-10-27 23:48:38 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-11-22 14:50:40 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2012-11-22 13:16:08 | 000,557,028 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2012-11-22 13:16:08 | 000,495,518 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2012-11-22 13:16:08 | 000,104,780 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2012-11-22 13:16:08 | 000,084,106 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2012-11-22 13:16:06 | 001,259,772 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2012-11-22 13:11:41 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012-11-22 13:10:37 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cd9e05b5990c46.job [2012-11-22 13:10:37 | 000,000,522 | -H-- | M] () -- C:\WINDOWS\tasks\OptimizerPro1UpdaterTask{17D83740-5756-4B0D-85CD-3D5FDEFF3B80}.job [2012-11-22 13:10:37 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job [2012-11-22 13:10:37 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\Game_Booster_AutoUpdate.job [2012-11-22 13:10:34 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2012-11-22 11:45:16 | 095,023,320 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\dsgsdgdsgdsgw.pad [2012-11-22 11:44:06 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012-11-22 11:42:04 | 000,001,050 | ---- | M] () -- C:\Documents and Settings\ardo\Menu Start\Programy\Autostart\ctfmon.lnk [2012-11-22 11:42:02 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Dane aplikacji\lsass.exe [2012-11-22 06:23:01 | 007,340,032 | -H-- | M] () -- C:\Documents and Settings\ardo\NTUSER.DAT [2012-11-22 06:23:01 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\ardo\ntuser.ini [2012-11-21 23:26:56 | 000,000,505 | ---- | M] () -- C:\Documents and Settings\ardo\Pulpit\config.ini [2012-11-21 23:26:51 | 002,648,162 | -H-- | M] () -- C:\Documents and Settings\ardo\Ustawienia lokalne\Dane aplikacji\IconCache.db [2012-11-21 13:42:42 | 000,000,683 | ---- | M] () -- C:\Documents and Settings\ardo\Pulpit\Play Hitman Contracts.lnk [2012-11-20 14:18:14 | 086,633,449 | ---- | M] () -- C:\Documents and Settings\ardo\Moje dokumenty\Prison Architect Alpha 2.rar [2012-11-20 13:23:10 | 000,276,560 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012-11-19 22:45:35 | 000,072,336 | ---- | M] () -- C:\Documents and Settings\ardo\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2012-11-19 21:36:06 | 000,000,617 | ---- | M] () -- C:\WINDOWS\eReg.dat [2012-11-19 21:27:32 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012-11-19 21:24:11 | 000,242,240 | ---- | M] (DT Soft Ltd) -- C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2012-11-19 21:12:19 | 000,001,613 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\DAEMON Tools Lite.lnk [2012-11-19 21:12:17 | 000,466,008 | ---- | M] (Duplex Secure Ltd.) -- C:\WINDOWS\System32\drivers\sptd.sys [2012-11-17 18:27:12 | 081,464,708 | ---- | M] () -- C:\Documents and Settings\ardo\Moje dokumenty\Dont_Starve_Beta_13Nov_setup.exe [2012-11-16 23:16:00 | 000,000,193 | ---- | M] () -- C:\Documents and Settings\ardo\Pulpit\Frontline Tactics.url [2012-11-16 15:18:13 | 000,020,151 | ---- | M] () -- C:\Documents and Settings\ardo\Pulpit\q2.m3u [2012-11-15 16:05:57 | 000,001,555 | ---- | M] () -- C:\Documents and Settings\ardo\Pulpit\aaaaaa213.m3u [2012-11-13 19:38:20 | 001,098,722 | ---- | M] () -- C:\Documents and Settings\ardo\Pulpit\IMG_20121113_193820.jpg [2012-11-13 19:35:29 | 000,102,460 | ---- | M] () -- C:\Documents and Settings\ardo\Pulpit\joanna.jpeg [2012-11-13 19:14:56 | 001,486,074 | ---- | M] () -- C:\Documents and Settings\ardo\Pulpit\IMG_20121113_191454.jpg [2012-11-13 18:32:15 | 000,002,347 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\LauncherA.lnk [2012-11-11 17:21:05 | 000,001,561 | ---- | M] () -- C:\Documents and Settings\ardo\Pulpit\Project Zomboid v0.2.0q Launcher.lnk [2012-11-09 17:04:01 | 000,000,249 | ---- | M] () -- C:\WINDOWS\RomeTW.ini [2012-11-03 10:00:21 | 083,826,308 | ---- | M] () -- C:\Documents and Settings\ardo\Moje dokumenty\prisonarchitect-alpha3-pc.zip [2012-11-03 00:06:41 | 000,029,941 | ---- | M] () -- C:\Documents and Settings\ardo\Pulpit\ja.jpeg [2012-11-01 12:40:22 | 001,072,640 | ---- | M] () -- C:\Documents and Settings\ardo\Moje dokumenty\prison architect.exe [2012-11-01 12:29:12 | 067,645,970 | ---- | M] () -- C:\Documents and Settings\ardo\Moje dokumenty\sounds.dat [2012-11-01 12:21:30 | 015,058,282 | ---- | M] () -- C:\Documents and Settings\ardo\Moje dokumenty\main.dat [2012-10-30 20:34:35 | 000,011,350 | ---- | M] () -- C:\Documents and Settings\ardo\Moje dokumenty\efv014376_RDM_10_12.pdf [2012-10-29 17:06:50 | 000,000,229 | ---- | M] () -- C:\Documents and Settings\ardo\Pulpit\Search the Web.url [2012-10-27 20:38:56 | 000,366,787 | ---- | M] () -- C:\Documents and Settings\ardo\Pulpit\frontxqx.jpg [2012-10-27 18:13:43 | 000,031,195 | ---- | M] () -- C:\Documents and Settings\ardo\Pulpit\Fiesty2Guns-StreetScriptures.jpg [2012-10-27 17:42:57 | 000,073,674 | ---- | M] () -- C:\Documents and Settings\ardo\Pulpit\l.jpg [2012-10-27 17:32:30 | 000,244,251 | ---- | M] () -- C:\Documents and Settings\ardo\Pulpit\Pistolero.gif [2012-10-26 17:08:39 | 003,206,369 | ---- | M] () -- C:\Documents and Settings\ardo\Pulpit\Okna,%20Zas%88ony,%20Etc-vert.jpg [2012-10-24 18:20:32 | 000,015,364 | ---- | M] () -- C:\Documents and Settings\ardo\Pulpit\IMG_1282tzle_400.jpg [2012-10-24 18:20:07 | 000,014,816 | ---- | M] () -- C:\Documents and Settings\ardo\Pulpit\IMG_1283tok_400.jpg [2012-10-24 18:08:43 | 000,016,207 | ---- | M] () -- C:\Documents and Settings\ardo\Pulpit\IMG_1398t_400.jpg [2012-10-24 18:04:41 | 000,031,809 | ---- | M] () -- C:\Documents and Settings\ardo\Pulpit\956.jpg [2012-10-24 16:43:06 | 000,015,826 | ---- | M] () -- C:\Documents and Settings\ardo\Pulpit\d1c06c3b-m.jpg [2012-10-24 16:31:12 | 000,020,992 | ---- | M] () -- C:\Documents and Settings\ardo\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-10-24 16:19:54 | 000,017,352 | ---- | M] () -- C:\Documents and Settings\ardo\Pulpit\924d248b-m.jpg [2012-10-24 15:49:13 | 002,339,600 | ---- | M] () -- C:\Documents and Settings\ardo\Pulpit\Chuck_Norris_Approves.gif [2012-10-24 15:48:05 | 000,036,673 | ---- | M] () -- C:\Documents and Settings\ardo\Pulpit\7b8ed328_picard-facepalm.png [2012-10-24 15:44:15 | 000,075,542 | ---- | M] () -- C:\Documents and Settings\ardo\Pulpit\z3617084X[1].jpg [2012-10-24 15:37:11 | 000,116,240 | ---- | M] () -- C:\Documents and Settings\ardo\Pulpit\tumblr_l44o7qkZ4J1qa1z20o1_500.jpg [2012-10-24 15:30:35 | 000,012,635 | ---- | M] () -- C:\Documents and Settings\ardo\Pulpit\185px-Facepalm_facepalm.png [2012-10-24 15:29:40 | 000,021,026 | ---- | M] () -- C:\Documents and Settings\ardo\Pulpit\MegaFacepalm-150x150.png [2012-10-24 15:28:34 | 000,005,631 | ---- | M] () -- C:\Documents and Settings\ardo\Pulpit\facepalm.png [2012-10-24 15:23:32 | 000,149,600 | ---- | M] () -- C:\Documents and Settings\ardo\Pulpit\facepalm2.png [2012-10-24 14:00:39 | 000,091,876 | ---- | M] () -- C:\Documents and Settings\ardo\Pulpit\Ale_upal_2653134.jpg [2012-10-24 13:56:44 | 000,041,238 | ---- | M] () -- C:\Documents and Settings\ardo\Pulpit\best-friends-society.gif [2012-10-24 13:53:18 | 000,110,000 | ---- | M] () -- C:\Documents and Settings\ardo\Pulpit\wallpaper_pets_016-1024x768.jpeg [2012-10-24 13:48:01 | 000,017,135 | ---- | M] () -- C:\Documents and Settings\ardo\Pulpit\img07c.jpg [2012-10-24 13:39:49 | 000,019,507 | ---- | M] () -- C:\Documents and Settings\ardo\Pulpit\bmhg_n__bc.jpg [2012-10-23 17:05:37 | 000,034,316 | ---- | M] () -- C:\Documents and Settings\ardo\Pulpit\a.aaa-Sweet-Cat1.jpg [2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-11-22 11:42:04 | 000,001,050 | ---- | C] () -- C:\Documents and Settings\ardo\Menu Start\Programy\Autostart\ctfmon.lnk [2012-11-22 11:42:02 | 095,023,320 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\dsgsdgdsgdsgw.pad [2012-11-21 13:42:42 | 000,000,683 | ---- | C] () -- C:\Documents and Settings\ardo\Pulpit\Play Hitman Contracts.lnk [2012-11-20 14:16:26 | 086,633,449 | ---- | C] () -- C:\Documents and Settings\ardo\Moje dokumenty\Prison Architect Alpha 2.rar [2012-11-19 21:36:06 | 000,000,617 | ---- | C] () -- C:\WINDOWS\eReg.dat [2012-11-19 21:12:19 | 000,001,613 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\DAEMON Tools Lite.lnk [2012-11-17 18:23:57 | 081,464,708 | ---- | C] () -- C:\Documents and Settings\ardo\Moje dokumenty\Dont_Starve_Beta_13Nov_setup.exe [2012-11-16 23:16:00 | 000,000,193 | ---- | C] () -- C:\Documents and Settings\ardo\Pulpit\Frontline Tactics.url [2012-11-16 15:18:13 | 000,020,151 | ---- | C] () -- C:\Documents and Settings\ardo\Pulpit\q2.m3u [2012-11-15 16:05:57 | 000,001,555 | ---- | C] () -- C:\Documents and Settings\ardo\Pulpit\aaaaaa213.m3u [2012-11-14 17:59:28 | 001,098,722 | ---- | C] () -- C:\Documents and Settings\ardo\Pulpit\IMG_20121113_193820.jpg [2012-11-14 17:58:17 | 001,486,074 | ---- | C] () -- C:\Documents and Settings\ardo\Pulpit\IMG_20121113_191454.jpg [2012-11-13 19:35:28 | 000,102,460 | ---- | C] () -- C:\Documents and Settings\ardo\Pulpit\joanna.jpeg [2012-11-09 17:04:01 | 000,000,249 | ---- | C] () -- C:\WINDOWS\RomeTW.ini [2012-11-03 10:26:57 | 015,058,282 | ---- | C] () -- C:\Documents and Settings\ardo\Moje dokumenty\main.dat [2012-11-03 10:26:57 | 001,072,640 | ---- | C] () -- C:\Documents and Settings\ardo\Moje dokumenty\prison architect.exe [2012-11-03 10:26:57 | 000,364,032 | ---- | C] () -- C:\Documents and Settings\ardo\Moje dokumenty\SDL.dll [2012-11-03 10:26:55 | 067,645,970 | ---- | C] () -- C:\Documents and Settings\ardo\Moje dokumenty\sounds.dat [2012-11-03 09:59:26 | 083,826,308 | ---- | C] () -- C:\Documents and Settings\ardo\Moje dokumenty\prisonarchitect-alpha3-pc.zip [2012-11-03 00:06:38 | 000,029,941 | ---- | C] () -- C:\Documents and Settings\ardo\Pulpit\ja.jpeg [2012-10-30 20:34:35 | 000,011,350 | ---- | C] () -- C:\Documents and Settings\ardo\Moje dokumenty\efv014376_RDM_10_12.pdf [2012-10-28 09:20:20 | 000,000,229 | ---- | C] () -- C:\Documents and Settings\ardo\Pulpit\Search the Web.url [2012-10-27 20:38:52 | 000,366,787 | ---- | C] () -- C:\Documents and Settings\ardo\Pulpit\frontxqx.jpg [2012-10-27 17:42:56 | 000,073,674 | ---- | C] () -- C:\Documents and Settings\ardo\Pulpit\l.jpg [2012-10-27 17:42:33 | 000,031,195 | ---- | C] () -- C:\Documents and Settings\ardo\Pulpit\Fiesty2Guns-StreetScriptures.jpg [2012-10-27 17:32:14 | 000,244,251 | ---- | C] () -- C:\Documents and Settings\ardo\Pulpit\Pistolero.gif [2012-10-26 17:08:39 | 003,206,369 | ---- | C] () -- C:\Documents and Settings\ardo\Pulpit\Okna,%20Zas%88ony,%20Etc-vert.jpg [2012-10-24 18:20:31 | 000,015,364 | ---- | C] () -- C:\Documents and Settings\ardo\Pulpit\IMG_1282tzle_400.jpg [2012-10-24 18:20:06 | 000,014,816 | ---- | C] () -- C:\Documents and Settings\ardo\Pulpit\IMG_1283tok_400.jpg [2012-10-24 18:08:42 | 000,016,207 | ---- | C] () -- C:\Documents and Settings\ardo\Pulpit\IMG_1398t_400.jpg [2012-10-24 18:04:39 | 000,031,809 | ---- | C] () -- C:\Documents and Settings\ardo\Pulpit\956.jpg [2012-10-24 16:43:06 | 000,015,826 | ---- | C] () -- C:\Documents and Settings\ardo\Pulpit\d1c06c3b-m.jpg [2012-10-24 16:19:53 | 000,017,352 | ---- | C] () -- C:\Documents and Settings\ardo\Pulpit\924d248b-m.jpg [2012-10-24 15:48:05 | 000,036,673 | ---- | C] () -- C:\Documents and Settings\ardo\Pulpit\7b8ed328_picard-facepalm.png [2012-10-24 15:47:41 | 002,339,600 | ---- | C] () -- C:\Documents and Settings\ardo\Pulpit\Chuck_Norris_Approves.gif [2012-10-24 15:44:15 | 000,075,542 | ---- | C] () -- C:\Documents and Settings\ardo\Pulpit\z3617084X[1].jpg [2012-10-24 15:37:10 | 000,116,240 | ---- | C] () -- C:\Documents and Settings\ardo\Pulpit\tumblr_l44o7qkZ4J1qa1z20o1_500.jpg [2012-10-24 15:30:34 | 000,012,635 | ---- | C] () -- C:\Documents and Settings\ardo\Pulpit\185px-Facepalm_facepalm.png [2012-10-24 15:29:40 | 000,021,026 | ---- | C] () -- C:\Documents and Settings\ardo\Pulpit\MegaFacepalm-150x150.png [2012-10-24 15:23:32 | 000,149,600 | ---- | C] () -- C:\Documents and Settings\ardo\Pulpit\facepalm2.png [2012-10-24 15:22:56 | 000,005,631 | ---- | C] () -- C:\Documents and Settings\ardo\Pulpit\facepalm.png [2012-10-24 14:00:39 | 000,091,876 | ---- | C] () -- C:\Documents and Settings\ardo\Pulpit\Ale_upal_2653134.jpg [2012-10-24 13:56:43 | 000,041,238 | ---- | C] () -- C:\Documents and Settings\ardo\Pulpit\best-friends-society.gif [2012-10-24 13:53:17 | 000,110,000 | ---- | C] () -- C:\Documents and Settings\ardo\Pulpit\wallpaper_pets_016-1024x768.jpeg [2012-10-24 13:48:01 | 000,017,135 | ---- | C] () -- C:\Documents and Settings\ardo\Pulpit\img07c.jpg [2012-10-24 13:39:48 | 000,019,507 | ---- | C] () -- C:\Documents and Settings\ardo\Pulpit\bmhg_n__bc.jpg [2012-10-23 17:05:36 | 000,034,316 | ---- | C] () -- C:\Documents and Settings\ardo\Pulpit\a.aaa-Sweet-Cat1.jpg [2012-09-23 08:01:59 | 000,362,104 | ---- | C] () -- C:\WINDOWS\System32\dmwu.exe [2012-09-23 08:01:59 | 000,028,160 | ---- | C] () -- C:\WINDOWS\System32\ImHttpComm.dll [2012-08-22 00:53:53 | 000,000,890 | ---- | C] () -- C:\Documents and Settings\ardo\Ustawienia lokalne\Dane aplikacji\recently-used.xbel [2012-08-04 15:14:34 | 000,000,025 | ---- | C] () -- C:\WINDOWS\popcinfot.dat [2012-08-03 12:20:33 | 000,178,688 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2012-08-03 12:14:01 | 000,644,608 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2012-08-03 12:14:01 | 000,258,048 | ---- | C] () -- C:\WINDOWS\System32\libFLAC.dll [2012-08-02 19:18:43 | 000,281,610 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-S-1-5-21-527237240-1202660629-1606980848-1003-0.dat [2012-08-02 19:18:42 | 000,285,058 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat [2012-07-17 15:38:26 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\ardo\Dane aplikacji\$_hpcst$.hpc [2012-07-17 14:31:56 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\LauncherAccess.dt [2012-07-17 14:30:43 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys [2012-07-13 19:45:53 | 000,444,283 | ---- | C] () -- C:\Program Files\Common Files\WinPcapNmap.exe [2012-07-11 14:26:02 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat [2012-07-08 14:24:53 | 000,092,337 | ---- | C] () -- C:\Documents and Settings\ardo\Dane aplikacji\Kadukadu-0.12.conf.xml.backup.2012.07.08.15.24.53 [2012-07-08 14:22:20 | 000,028,672 | ---- | C] () -- C:\Documents and Settings\ardo\Dane aplikacji\Kaduhistory2.db [2012-07-08 14:22:14 | 000,093,244 | ---- | C] () -- C:\Documents and Settings\ardo\Dane aplikacji\Kadukadu-0.12.conf.xml [2012-07-08 14:22:14 | 000,008,634 | ---- | C] () -- C:\Documents and Settings\ardo\Dane aplikacji\Kadukadu-0.12.conf.xml.backup.2012.07.08.15.22.14 [2012-07-03 09:17:19 | 000,233,472 | R--- | C] () -- C:\WINDOWS\System32\MafiaSetup.exe [2012-07-02 14:39:37 | 000,484,352 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll [2012-07-02 09:06:17 | 000,000,060 | ---- | C] () -- C:\WINDOWS\wininit.ini [2012-06-26 15:02:38 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll [2012-06-26 15:02:38 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll [2012-06-26 15:02:38 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll [2012-06-26 15:02:38 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll [2012-06-24 08:21:44 | 000,323,720 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2012-06-17 20:02:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PowerReg.dat [2012-06-07 08:12:33 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2012-05-27 13:08:17 | 002,469,760 | ---- | C] () -- C:\WINDOWS\System32\BootMan.exe [2012-05-27 13:08:17 | 000,086,408 | ---- | C] () -- C:\WINDOWS\System32\setupempdrv03.exe [2012-05-27 13:08:17 | 000,019,840 | ---- | C] () -- C:\WINDOWS\System32\EuEpmGdi.dll [2012-05-27 13:08:17 | 000,013,192 | ---- | C] () -- C:\WINDOWS\System32\epmntdrv.sys [2012-05-27 13:08:17 | 000,008,456 | ---- | C] () -- C:\WINDOWS\System32\EuGdiDrv.sys [2012-05-26 08:23:34 | 000,020,992 | ---- | C] () -- C:\Documents and Settings\ardo\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-05-21 16:03:14 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\ardo\Dane aplikacji\Preferencje Adobe CS5 dla formatu PNG [2012-05-16 23:08:34 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2012-05-16 19:08:14 | 001,259,772 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2012-05-16 19:08:11 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2012-05-16 19:07:02 | 000,276,560 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012-05-16 17:37:43 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe [2012-05-16 17:35:53 | 000,204,800 | R--- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4820.dll [2012-05-16 17:35:44 | 000,072,336 | ---- | C] () -- C:\Documents and Settings\ardo\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2012-05-16 17:34:27 | 002,648,162 | -H-- | C] () -- C:\Documents and Settings\ardo\Ustawienia lokalne\Dane aplikacji\IconCache.db [2012-05-16 17:27:56 | 000,000,188 | -HS- | C] () -- C:\Documents and Settings\ardo\ntuser.ini [2012-05-16 17:27:55 | 007,340,032 | -H-- | C] () -- C:\Documents and Settings\ardo\NTUSER.DAT [2012-05-16 17:25:04 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2012-05-16 17:18:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\control.ini [2012-05-16 17:17:03 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest [2012-05-16 17:16:59 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest [2012-05-16 17:15:05 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2012-05-16 17:14:56 | 000,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini [2012-05-16 17:14:56 | 000,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini [2012-05-16 17:14:15 | 000,026,717 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini [2012-05-16 17:14:15 | 000,003,813 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini [2012-02-02 00:25:08 | 000,735,353 | ---- | C] () -- C:\Documents and Settings\ardo\ace_uninstaller.exe [color=#E56717]========== ZeroAccess Check ==========[/color] [2012-06-17 17:57:41 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2009-10-16 18:45:00 | 001,509,888 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009-10-16 18:45:00 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2009-10-16 18:45:00 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2012-05-27 12:51:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software [2012-06-17 21:05:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Babylon [2012-05-16 18:23:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2012-08-02 19:16:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations [2012-09-01 11:49:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\InstallMate [2012-05-16 18:01:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\IObit [2012-08-20 13:29:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\LightScribe [2012-06-15 14:35:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MTA San Andreas All [2012-09-01 11:27:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OptimizerPro1 [2012-08-02 19:30:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite [2012-11-18 15:23:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PMB Files [2012-08-04 00:28:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PopCap Games [2012-09-01 11:49:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Premium [2012-05-21 15:33:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\regid.1986-12.com.adobe [2012-07-05 16:13:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\RELOADED [2012-08-12 20:35:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Samsung [2012-10-29 17:07:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SweetIM [2012-09-21 19:19:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Tarma Installer [2012-07-01 11:01:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ardo\Dane aplikacji\.minecraft [2012-11-16 23:29:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ardo\Dane aplikacji\.mono [2012-07-08 14:48:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ardo\Dane aplikacji\.wtw [2012-06-17 21:05:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ardo\Dane aplikacji\Babylon [2012-11-21 18:30:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ardo\Dane aplikacji\BitTorrent [2012-11-16 22:58:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ardo\Dane aplikacji\Carbon [2012-05-16 18:22:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ardo\Dane aplikacji\DAEMON Tools Lite [2012-11-17 15:14:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ardo\Dane aplikacji\Dwarfs [2012-10-17 18:20:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ardo\Dane aplikacji\EurekaLog [2012-11-20 23:52:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ardo\Dane aplikacji\Free Download Manager [2012-07-02 14:39:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ardo\Dane aplikacji\FreeAudioPack [2012-08-30 20:48:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ardo\Dane aplikacji\fretsonfire [2012-11-16 23:18:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ardo\Dane aplikacji\Full Control [2012-09-01 14:45:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ardo\Dane aplikacji\Incredibar.com [2012-07-08 14:22:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ardo\Dane aplikacji\Kadu [2012-07-08 14:24:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ardo\Dane aplikacji\Kaduavatars [2012-05-20 11:54:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ardo\Dane aplikacji\LolClient [2012-05-24 16:14:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ardo\Dane aplikacji\LolClient2 [2012-08-01 15:54:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ardo\Dane aplikacji\LucasArts [2012-07-07 13:35:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ardo\Dane aplikacji\MotioninJoy [2012-07-24 14:56:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ardo\Dane aplikacji\NapiProjekt [2012-06-08 09:28:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ardo\Dane aplikacji\OnLive App [2012-09-28 11:29:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ardo\Dane aplikacji\Opera [2012-06-30 13:10:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ardo\Dane aplikacji\Oracle [2012-08-02 19:30:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ardo\Dane aplikacji\PC Suite [2012-06-09 10:05:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ardo\Dane aplikacji\Petroglyph [2012-08-03 13:22:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ardo\Dane aplikacji\RotMG.Production [2012-09-01 11:17:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ardo\Dane aplikacji\SA-MP Audio Plugin [2012-09-06 21:33:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ardo\Dane aplikacji\Samsung [2012-08-03 18:50:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ardo\Dane aplikacji\ScummVM [2012-09-01 11:33:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ardo\Dane aplikacji\SendSpace [2012-07-29 16:25:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ardo\Dane aplikacji\Sony [2012-08-10 12:38:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ardo\Dane aplikacji\Sony Online Entertainment [2012-07-24 14:56:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ardo\Dane aplikacji\VDownloader [2012-06-24 10:15:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ardo\Dane aplikacji\Vessel [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 68 bytes -> C:\WINDOWS\tasks\Adobe Flash Player Updater.job:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\xpsp2res.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wzcsvc.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wups.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wuauserv.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wuaueng.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wuaucpl.cpl:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wuapi.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wshtcpip.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wscsvc.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wscntfy.exe:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ws2help.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ws2_32.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wpdshserviceobj.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wmi.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wlnotify.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wldap32.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wkssvc.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wintrust.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\winsta.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\winsrv.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\winspool.drv:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\winscard.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\winrnr.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\winlogon.exe:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\winhttp.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\win32spl.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\webclnt.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\webcheck.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wdmaud.drv:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wdigest.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\w32time.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\vga.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\verclsid.exe:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\usp10.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\userinit.exe:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\userenv.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\user32.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\usbmon.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\urlmon.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\upnp.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\umpnpmgr.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\trkwks.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\themeui.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\termsrv.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\tcpmon.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\tapi32.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sxs.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\svchost.exe:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\stobject.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\stdole2.tlb:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ssdpsrv.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ssdpapi.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\srvsvc.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\srsvc.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\spoolsv.exe:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\smss.exe:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\shlwapi.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\shimeng.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\shfolder.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sfc_os.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sfc.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\services.exe:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sensapi.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sens.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\secur32.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\seclogon.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\schedsvc.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\scesrv.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\scecli.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\samsrv.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\samlib.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\rtutils.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\rsaenh.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\rpcss.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\rpcrt4.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\riched20.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\regsvc.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\regapi.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\rastls.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\rasmans.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\rasman.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\rasdlg.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\raschap.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\rasapi32.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\rasadhlp.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\qutil.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\qmgr.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\pstorsvc.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\psbase.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\profmap.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\portabledevicetypes.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\portabledeviceapi.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\pngfilt.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\pjlmon.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\onex.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\olepro32.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ole32.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\odbcint.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\odbc32.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\oakley.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ntshrui.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ntdsapi.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ntdll.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\normaliz.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\netman.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\netlogon.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\netcfgx.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nddeapi.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ncobjapi.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mydocs.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msxml3.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mswsock.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msvcrt.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msvcr100_clr0400.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msvcp60.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msv1_0.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mstlsapi.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msprivs.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mspatcha.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msls31.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msidle.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mshtml.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msgina.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\MSCTFIME.IME:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\MSCTF.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mscoree.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msasn1.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msacm32.drv:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mprapi.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\moricons.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\midimap.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\lsass.exe:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\lsasrv.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\logonui.exe:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\localspl.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\lmhsvc.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\linkinfo.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ksuser.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\kerberos.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\jscript.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ipsecsvc.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ipnathlp.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\iphlpapi.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\inetpp.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\imgutil.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\imapi.exe:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\imagehlp.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\iertutil.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ieframe.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\icaapi.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\hnetcfg.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\gdi32.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\eventlog.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\esent.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\es.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ersvc.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\eappprxy.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\eappcfg.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\eapolqec.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dssenh.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\kmixer.sys:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\acpi.sys:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dot3dlg.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dot3api.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dnsrslvr.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dnsapi.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dmserver.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dimsntfy.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dhcpcsvc.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ddrawex.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ddraw.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dciman32.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ctfmon.exe:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\csrss.exe:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\csrsrv.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\cscui.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\cryptui.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\cryptsvc.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\cryptdll.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\credui.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\comsvcs.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\comres.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\comdlg32.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\colbact.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\cnbjmon.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\certcli.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\cabinet.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\browseui.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\browser.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\batmeter.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\basesrv.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\authz.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\audiosrv.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\apphelp.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\advpack.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\advapi32.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\adsldpc.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\activeds.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\Program Files\Messenger\msmsgs.exe:KAVICHS @Alternate Data Stream - 68 bytes -> C:\Documents and Settings\ardo\Moje dokumenty\desktop.ini:KAVICHS @Alternate Data Stream - 68 bytes -> C:\Documents and Settings\ardo\Menu Start\Programy\desktop.ini:KAVICHS @Alternate Data Stream - 68 bytes -> C:\Documents and Settings\ardo\Menu Start\Programy\Autostart\desktop.ini:KAVICHS @Alternate Data Stream - 68 bytes -> C:\Documents and Settings\ardo\Dane aplikacji\desktop.ini:KAVICHS @Alternate Data Stream - 68 bytes -> C:\Documents and Settings\All Users\Menu Start\Programy\desktop.ini:KAVICHS @Alternate Data Stream - 68 bytes -> C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\desktop.ini:KAVICHS @Alternate Data Stream - 68 bytes -> C:\boot.ini:KAVICHS @Alternate Data Stream - 40 bytes -> C:\Documents and Settings\ardo\Dane aplikacji:NT @Alternate Data Stream - 36 bytes -> C:\WINDOWS\win.ini:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\tasks\Game_Booster_AutoUpdate.job:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\xpsp3res.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\xpsp1res.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\xpob2res.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wzcsapi.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wupdmgr.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wuauclt.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wshext.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wsecedit.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wscui.cpl:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wpa.dbl:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wow32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmvcore.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmasf.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winmine.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winipsec.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\win32k.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wiashext.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wfwnet.drv:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\watchdog.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vssvc.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vssapi.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vga64k.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vga256.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vga.drv:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vdmdbg.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\utilman.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\utildll.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\user.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\url.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ups.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\uniplat.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\unimdm.tsp:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\unicode.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tssoft32.acm:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tsbyuv.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tourstart.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tlntsvr.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\timer.drv:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\taskmgr.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tapisrv.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\t2embed.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\system.drv:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sysmon.ocx:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\spoolss.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\spider.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sound.drv:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sorttbls.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sortkey.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sol.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sndvol32.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sndrec32.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\smlogsvc.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sl_anet.acm:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\shmgrate.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\shgina.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sfcfiles.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sessmgr.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\secupd.sig:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\secupd.dat:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sclgntfy.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\scardsvr.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rundll32.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsvp.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\resutils.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\regsvr32.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rcimlby.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rcbdyctl.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rastapi.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasqec.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasppp.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\psapi.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\progman.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\osk.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\olethk32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\olesvr32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\oledlg.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\olecnv32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\olecli32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\oleaccrc.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\oleacc.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\oembios.sig:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\oembios.dat:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\oembios.bin:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\odbcad32.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nwprovau.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nwc.cpl:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntvdm.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntoskrnl.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntmarta.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntlsapi.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntlanman.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntkrnlpa.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntbackup.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\notepad.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\netui2.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\netui1.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\netui0.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\netsetup.cpl:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\netrap.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\netmsg.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\netevent.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\netdde.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ndptsp.tsp:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mycomput.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mtxclu.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msyuv.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msxml3r.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msvidc32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msvfw32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msvcrt40.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mstsc.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mstask.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msrle32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mspaint.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msnsspc.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mshearts.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msh263.drv:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msh261.drv:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msgsm32.acm:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msg723.acm:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msg711.acm:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msdtc.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msdmo.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mscms.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msaud32.acm:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msapsspc.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msadp32.acm:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mouse.drv:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mobsync.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mnmsrvc.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mmsystem.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mmdrv.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mlang.dat:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mfc42loc.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mfc42.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mapi32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\magnify.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lz32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\locator.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\locale.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\l3codeca.acm:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kmddsp.tsp:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\keyboard.drv:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdus.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iyuv_32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\irprops.cpl:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ir50_32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ir41_32.ax:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ir32_32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ipconf.tsp:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\input.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\inetcpl.cpl:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\imm32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\imaadp32.acm:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ieudinit.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ie4uinit.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\icm32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iccvid.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iac25_32.ax:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\hnetwiz.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\hidphone.tsp:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\hid.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\hhctrl.ocx:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\hal.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\h323.tsp:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\freecell.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\framebuf.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\FNTCACHE.DAT:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\firewall.cpl:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\filemgmt.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\feclient.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\els.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ega.cpi:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dxdiagn.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\duser.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dsound.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drwtsn32.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drprov.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\wudfrd.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\wudfpf.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\wmilib.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\wdmaud.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\wanarp.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\videoprt.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\vga.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\usbuhci.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\USBSTOR.SYS:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\usbport.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\usbhub.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\usbehci.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\usbd.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\update.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\udfs.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\termdd.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\tcpip.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\sysaudio.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\swmidi.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\swenum.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\srv.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\sr.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\splitter.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\sfloppy.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\serial.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\serenum.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\secdrv.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\redbook.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\rdpdr.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\rdpcdd.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\rdbss.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\raspti.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\raspptp.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\raspppoe.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\rasl2tp.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\rasacd.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\ptilink.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\psched.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\portcls.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\pciide.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\pci.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\parvdm.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\parport.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\nwlnkfwd.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\nwlnkflt.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\null.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\npfs.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\netbt.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\netbios.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\ndproxy.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\ndiswan.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\ndisuio.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\ndistapi.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\mssmbios.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\MSPQM.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\MSPCLOCK.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\MSKSSRV.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\msgpc.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\msfs.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\mrxsmb.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\mrxdav.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\mouhid.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\mouclass.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\mnmdd.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\ks.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\kbdclass.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\isapnp.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\irenum.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\ipsec.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\ipnat.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\ipinip.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\ipfltdrv.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\ip6fw.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\intelppm.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\imapi.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\i8042prt.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\http.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\hidusb.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\hidparse.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\hidclass.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\hdaudbus.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\ftdisk.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\fs_rec.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\fltMgr.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\flpydisk.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\fips.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\fdc.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\fastfat.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\dxgthk.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\dxg.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\dxapi.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\drmkaud.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\drmk.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\DMusic.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\dmload.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\dmio.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\dmboot.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\disk.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\cdrom.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\cdfs.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\cdaudio.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\beep.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\audstub.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\atmarpc.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\atapi.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\asyncmac.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\afd.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\aec.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dpnhpast.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dpcdll.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dmadmin.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllhost.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dinput8.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\digest.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dfrgres.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\devmgr.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\devenum.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\desk.cpl:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dbghelp.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\davclnt.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\d3dim700.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\d3d9.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\d3d8thk.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\d3d8.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ctype.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cryptnet.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\control.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\compatUI.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\comm.drv:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cmd.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\clusapi.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\clipsrv.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cleanmgr.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\clbcatq.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cisvc.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\charmap.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cfgmgr32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\calc.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_20127.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_1252.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\bthprops.cpl:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\bootvid.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\avicap32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\autochk.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\atl.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\alg.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\actxprxy.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\accwiz.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\$winnt$.inf:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\system.ini:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\SchedLgU.Txt:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\hh.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\bootstat.dat:KAVICHS @Alternate Data Stream - 36 bytes -> C:\Documents and Settings\ardo\Pulpit\Mój komputer.lnk:KAVICHS @Alternate Data Stream - 36 bytes -> C:\Documents and Settings\ardo\Pulpit\AQQ.lnk:KAVICHS @Alternate Data Stream - 36 bytes -> C:\Documents and Settings\ardo\ntuser.ini:KAVICHS @Alternate Data Stream - 36 bytes -> C:\Documents and Settings\ardo\Menu Start\Programy\Pomoc zdalna.lnk:KAVICHS @Alternate Data Stream - 36 bytes -> C:\Documents and Settings\ardo\Menu Start\Programy\Outlook Express.lnk:KAVICHS @Alternate Data Stream - 36 bytes -> C:\Documents and Settings\ardo\Menu Start\Programy\Internet Explorer.lnk:KAVICHS @Alternate Data Stream - 36 bytes -> C:\Documents and Settings\All Users\Pulpit\Switch to Gaming Mode.lnk:KAVICHS @Alternate Data Stream - 36 bytes -> C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk:KAVICHS @Alternate Data Stream - 36 bytes -> C:\Documents and Settings\All Users\Pulpit\Game Booster 3.lnk:KAVICHS @Alternate Data Stream - 36 bytes -> C:\Documents and Settings\All Users\Menu Start\Programy\Windows Movie Maker.lnk:KAVICHS @Alternate Data Stream - 36 bytes -> C:\Documents and Settings\All Users\Menu Start\Programy\Windows Messenger.lnk:KAVICHS @Alternate Data Stream - 36 bytes -> C:\Documents and Settings\All Users\Menu Start\Programy\Mozilla Firefox.lnk:KAVICHS @Alternate Data Stream - 36 bytes -> C:\Documents and Settings\All Users\Dokumenty\desktop.ini:KAVICHS @Alternate Data Stream - 132 bytes -> C:\WINDOWS\WindowsUpdate.log:KAVICHS @Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\wtsapi32.dll:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\wsock32.dll:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\winmm.dll:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\wininet.dll:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\version.dll:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\uxtheme.dll:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\shsvcs.dll:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\shell32.dll:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\shdocvw.dll:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\setupapi.dll:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\schannel.dll:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\powrprof.dll:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\oleaut32.dll:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\netshell.dll:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\netapi32.dll:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\msutb.dll:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\MSIMTF.dll:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\msimg32.dll:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\msacm32.dll:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\mpr.dll:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\mlang.dll:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\kernel32.dll:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\dxtrans.dll:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\dxtmsft.dll:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\cscdll.dll:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\crypt32.dll:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\comctl32.dll:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\explorer.exe:KAVICHS < End of report >