OTL logfile created on: 2013-04-27 13:49:52 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\DonDe\Downloads 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 15,98 Gb Total Physical Memory | 13,93 Gb Available Physical Memory | 87,16% Memory free 31,96 Gb Paging File | 29,79 Gb Available in Paging File | 93,21% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 232,88 Gb Total Space | 140,44 Gb Free Space | 60,31% Space Free | Partition Type: NTFS Drive D: | 48,83 Gb Total Space | 1,00 Gb Free Space | 2,04% Space Free | Partition Type: NTFS Drive E: | 97,65 Gb Total Space | 4,58 Gb Free Space | 4,69% Space Free | Partition Type: NTFS Drive F: | 97,66 Gb Total Space | 6,16 Gb Free Space | 6,31% Space Free | Partition Type: NTFS Drive G: | 97,66 Gb Total Space | 3,57 Gb Free Space | 3,65% Space Free | Partition Type: NTFS Drive H: | 58,59 Gb Total Space | 2,45 Gb Free Space | 4,18% Space Free | Partition Type: NTFS Drive I: | 19,53 Gb Total Space | 2,47 Gb Free Space | 12,64% Space Free | Partition Type: NTFS Drive J: | 45,82 Gb Total Space | 9,83 Gb Free Space | 21,46% Space Free | Partition Type: NTFS Drive L: | 360,57 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: DONDE-KOMPUTER | User Name: DonDe | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013-04-27 13:42:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\DonDe\Downloads\OTL.exe PRC - [2013-04-13 01:13:01 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2013-04-02 10:57:02 | 001,822,424 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe PRC - [2013-03-07 22:32:38 | 000,248,240 | ---- | M] (Facebook) -- C:\Users\DonDe\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe PRC - [2013-03-07 01:32:44 | 004,767,304 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2013-03-07 01:32:44 | 000,045,248 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2013-02-10 05:25:27 | 001,266,464 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2013-02-09 19:43:48 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2013-01-25 17:48:16 | 023,980,072 | ---- | M] () -- C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Reader.exe PRC - [2008-06-15 16:34:20 | 000,071,096 | ---- | M] () -- C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2013-04-13 01:13:01 | 003,133,336 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2013-04-02 10:57:02 | 014,717,144 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll MOD - [2013-03-07 22:32:40 | 021,014,960 | ---- | M] () -- C:\Users\DonDe\AppData\Local\Facebook\Messenger\2.1.4814.0\libcef.dll MOD - [2013-03-07 22:32:38 | 000,292,272 | ---- | M] () -- C:\Users\DonDe\AppData\Local\Facebook\Messenger\2.1.4814.0\CefSharp.dll MOD - [2013-03-07 22:32:38 | 000,179,632 | ---- | M] () -- C:\Users\DonDe\AppData\Local\Facebook\Messenger\2.1.4814.0\CefSharp.WinForms.dll MOD - [2013-01-25 17:48:16 | 023,980,072 | ---- | M] () -- C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Reader.exe MOD - [2012-08-23 14:06:36 | 000,233,472 | ---- | M] () -- C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\Speech.fpi MOD - [2009-07-14 19:55:04 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll MOD - [2009-07-14 06:55:55 | 006,618,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\7f457271e765b5d72f081942b829469c\System.Data.ni.dll MOD - [2009-07-14 06:55:32 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\fedf1ba58dced4f0b3f8c457648ceed9\System.Windows.Forms.ni.dll MOD - [2009-07-14 06:55:26 | 001,586,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ead6be8b410d56b5576b10e56af2c180\System.Drawing.ni.dll MOD - [2009-07-14 06:55:09 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5dd9f783008543df3e642ff1e99de4e8\System.Xml.ni.dll MOD - [2009-07-14 06:55:06 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\4b1350e31ff09cc583b34854816d8036\System.Configuration.ni.dll MOD - [2009-07-14 06:55:05 | 007,949,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5ba3bf5367fc012300c6566f20cb7f54\System.ni.dll MOD - [2009-07-14 06:55:00 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\8c1770d45c63cf5c462eeb945ef9aa5d\mscorlib.ni.dll MOD - [2009-07-14 03:15:51 | 000,232,448 | ---- | M] () -- \\?\globalroot\systemroot\syswow64\mswsock.DLL MOD - [2009-07-14 03:15:51 | 000,232,448 | ---- | M] () -- \\.\globalroot\systemroot\syswow64\mswsock.dll MOD - [2009-06-10 23:23:17 | 002,933,248 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2013-03-07 01:32:44 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV:[b]64bit:[/b] - [2011-08-05 13:53:12 | 000,467,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc) SRV:[b]64bit:[/b] - [2011-08-05 13:53:12 | 000,306,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm) SRV:[b]64bit:[/b] - [2011-08-05 13:53:06 | 008,277,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc) SRV:[b]64bit:[/b] - [2010-12-28 10:00:34 | 001,296,728 | ---- | M] (www.BitComet.com) [On_Demand | Stopped] -- C:\Program Files\BitComet\tools\BitCometService.exe -- (BITCOMET_HELPER_SERVICE) SRV:[b]64bit:[/b] - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2013-04-13 01:13:01 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013-04-06 14:58:26 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2013-04-05 02:06:38 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2013-04-02 15:59:19 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013-02-10 05:25:27 | 001,266,464 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2013-02-09 19:43:48 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008-06-15 16:34:20 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2013-03-29 15:04:03 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:[b]64bit:[/b] - [2013-03-28 11:26:53 | 000,868,848 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2013-03-07 01:33:21 | 001,025,808 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:[b]64bit:[/b] - [2013-03-07 01:33:21 | 000,377,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:[b]64bit:[/b] - [2013-03-07 01:33:21 | 000,178,624 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm) DRV:[b]64bit:[/b] - [2013-03-07 01:33:21 | 000,070,992 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) DRV:[b]64bit:[/b] - [2013-03-07 01:33:21 | 000,068,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi) DRV:[b]64bit:[/b] - [2013-03-07 01:33:21 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt) DRV:[b]64bit:[/b] - [2013-03-07 01:33:20 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:[b]64bit:[/b] - [2013-03-07 01:33:20 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk) DRV:[b]64bit:[/b] - [2012-11-08 15:12:32 | 000,125,816 | ---- | M] (Focusrite Audio Engineering Limited.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ffusb2audio.sys -- (ffusb2audio) DRV:[b]64bit:[/b] - [2012-08-29 12:50:38 | 000,057,408 | ---- | M] (MusicLab, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mlkumidi.sys -- (mlkumidi) DRV:[b]64bit:[/b] - [2011-05-13 04:21:04 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm) DRV:[b]64bit:[/b] - [2011-05-13 04:21:04 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd) DRV:[b]64bit:[/b] - [2011-05-13 04:21:02 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus) DRV:[b]64bit:[/b] - [2011-05-13 04:21:02 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb) DRV:[b]64bit:[/b] - [2011-05-13 04:21:02 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl) DRV:[b]64bit:[/b] - [2011-02-16 18:11:08 | 000,428,136 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2010-10-20 00:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:[b]64bit:[/b] - [2010-04-27 11:25:14 | 000,161,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_mdm.sys -- (ss_mdm) DRV:[b]64bit:[/b] - [2010-04-27 11:25:14 | 000,127,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bus.sys -- (ss_bus) DRV:[b]64bit:[/b] - [2010-04-27 11:25:14 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_mdfl.sys -- (ss_mdfl) DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2002-07-17 16:20:32 | 000,084,832 | ---- | M] (Adaptec) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\ASPI32.SYS -- (ASPI) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1 FF - user.js - File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll () FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\DonDe\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-04-27 12:47:49 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013-04-13 01:13:01 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013-04-07 19:32:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DonDe\AppData\Roaming\mozilla\Extensions [2013-04-22 21:28:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DonDe\AppData\Roaming\mozilla\Firefox\Profiles\97iz4frw.default\extensions [2013-04-22 21:28:40 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\DonDe\AppData\Roaming\mozilla\firefox\profiles\97iz4frw.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-04-13 01:12:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013-04-13 01:13:01 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2013-03-27 06:10:45 | 000,002,980 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml [2013-03-27 06:10:45 | 000,001,619 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml [2013-03-27 06:10:45 | 000,001,130 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml [2013-03-27 06:10:45 | 000,001,071 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml [2013-03-27 06:10:45 | 000,001,396 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml [2013-03-27 06:10:45 | 000,001,896 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2013-04-01 00:17:39 | 000,000,921 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 genuine.microsoft.com O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com O1 - Hosts: 127.0.0.1 sls.microsoft.com O2:[b]64bit:[/b] - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:[b]64bit:[/b] - HKLM..\Run: [Zune Launcher] C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd) O4 - HKCU..\Run: [Facebook Update] C:\Users\DonDe\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O4 - Startup: C:\Users\DonDe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk = C:\Users\DonDe\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe (Facebook) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O8:[b]64bit:[/b] - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000001 - mmswsock.dll File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000002 - mmswsock.dll File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000003 - mmswsock.dll File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000004 - mmswsock.dll File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000005 - mmswsock.dll File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000006 - mmswsock.dll File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000007 - mmswsock.dll File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000008 - mmswsock.dll File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000009 - mmswsock.dll File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000010 - mmswsock.dll File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O16:[b]64bit:[/b] - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.50.50.1 213.199.225.14 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F63D9F2D-2B29-4294-9F87-D80C4D2B8C92}: DhcpNameServer = 10.50.50.1 213.199.225.14 O18:[b]64bit:[/b] - Protocol\Handler\msdaipp - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\mso-offdap - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\mso-offdap11 - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Filter\text/xml - No CLSID value found O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2007-01-02 12:00:38 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2013-01-13 14:04:36 | 022,466,708 | ---- | M] () - J:\AutoCAD Civil I.pdf -- [ NTFS ] O32 - AutoRun File - [2003-09-04 19:47:58 | 000,000,188 | RH-- | M] () - L:\AUTORUN.INF -- [ CDFS ] O33 - MountPoints2\{a7bd492b-9847-11e2-ade8-f46d0465f4af}\Shell - "" = AutoRun O33 - MountPoints2\{a7bd492b-9847-11e2-ade8-f46d0465f4af}\Shell\AutoRun\command - "" = L:\SETUP.EXE -- [2003-08-26 12:52:32 | 000,418,904 | R--- | M] (Microsoft Corporation) O33 - MountPoints2\{a7bd492b-9847-11e2-ade8-f46d0465f4af}\Shell\configure\command - "" = L:\SETUP.EXE -- [2003-08-26 12:52:32 | 000,418,904 | R--- | M] (Microsoft Corporation) O33 - MountPoints2\{a7bd492b-9847-11e2-ade8-f46d0465f4af}\Shell\install\command - "" = L:\SETUP.EXE -- [2003-08-26 12:52:32 | 000,418,904 | R--- | M] (Microsoft Corporation) O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=consrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) NetSvcs:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013-04-27 12:29:02 | 000,000,000 | ---D | C] -- C:\Users\DonDe\Desktop\RK_Quarantine [2013-04-27 12:21:41 | 000,000,000 | ---D | C] -- C:\Users\DonDe\AppData\Roaming\Anvisoft [2013-04-27 12:21:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\anvisoft [2013-04-27 12:21:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Anvisoft [2013-04-27 12:21:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Anvisoft [2013-04-27 12:02:12 | 000,000,000 | ---D | C] -- C:\Users\DonDe\Desktop\DonDe [2013-04-26 22:32:32 | 000,000,000 | ---D | C] -- C:\FRST [2013-04-24 11:47:17 | 000,000,000 | ---D | C] -- C:\Program Files\Image-Line [2013-04-24 11:47:08 | 000,000,000 | ---D | C] -- C:\Users\DonDe\AppData\Roaming\FlowStone [2013-04-24 11:47:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DSPRobotics [2013-04-24 11:24:17 | 000,000,000 | ---D | C] -- C:\Windows\system64 [2013-04-21 18:51:35 | 000,000,000 | ---D | C] -- C:\Users\DonDe\AppData\Roaming\Sony Creative Software Inc [2013-04-20 23:56:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AutoClickerbyShocker [2013-04-18 14:28:24 | 000,000,000 | ---D | C] -- C:\Firmowe [2013-04-17 10:39:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2013-04-17 10:38:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER [2013-04-17 10:38:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET [2013-04-17 10:38:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office [2013-04-17 10:37:35 | 000,000,000 | RH-D | C] -- C:\MSOCache [2013-04-15 17:04:46 | 000,000,000 | ---D | C] -- C:\Users\DonDe\Desktop\DonDe_Step [2013-04-15 15:49:00 | 000,000,000 | ---D | C] -- C:\Bezczel KPRP [2013-04-15 15:44:41 | 000,000,000 | ---D | C] -- C:\Users\DonDe\AppData\Roaming\DAEMON Tools Lite [2013-04-14 16:19:44 | 000,000,000 | ---D | C] -- C:\Lysol_pompuj_rap [2013-04-13 01:12:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013-04-11 16:51:57 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2013-04-10 20:18:04 | 000,000,000 | ---D | C] -- C:\Users\DonDe\Desktop\WARSZTATY [2013-04-08 19:16:07 | 000,000,000 | ---D | C] -- C:\remix [2013-04-08 18:38:34 | 000,000,000 | ---D | C] -- C:\WARSZTATY [2013-04-08 18:25:08 | 000,000,000 | ---D | C] -- C:\RA3_92BPM [2013-04-07 19:33:06 | 000,000,000 | ---D | C] -- C:\Users\DonDe\AppData\Local\Macromedia [2013-04-07 19:32:18 | 000,000,000 | ---D | C] -- C:\Users\DonDe\AppData\Roaming\Mozilla [2013-04-07 19:32:18 | 000,000,000 | ---D | C] -- C:\Users\DonDe\AppData\Local\Mozilla [2013-04-07 19:31:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2013-04-07 19:31:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2013-04-07 19:25:55 | 021,804,520 | ---- | C] (Mozilla) -- C:\Users\DonDe\Desktop\Firefox Setup 20.0.exe [2013-04-07 16:08:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spectrasonics [2013-04-06 15:02:45 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet [2013-04-06 15:01:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour [2013-04-06 15:00:13 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\spool [2013-04-06 14:58:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe [2013-04-06 14:58:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Macrovision Shared [2013-04-06 14:58:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2013-04-06 12:04:56 | 000,000,000 | ---D | C] -- C:\Windows\Sun [2013-04-03 19:52:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader [2013-04-03 19:52:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Software [2013-04-03 18:39:36 | 000,000,000 | ---D | C] -- C:\Users\DonDe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg Hypersonic [2013-04-03 18:39:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steinberg Hypersonic [2013-04-02 10:57:02 | 000,693,976 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013-04-01 00:06:39 | 000,073,432 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013-04-01 00:06:02 | 000,000,000 | ---D | C] -- C:\Users\DonDe\Desktop\fp_10.3.183.68_archive [2013-03-31 23:59:00 | 000,000,000 | ---D | C] -- C:\Users\DonDe\AppData\Local\Solid State Networks [2013-03-31 23:56:15 | 000,706,776 | ---- | C] (Adobe Systems Incorporated) -- C:\Users\DonDe\Desktop\uninstall_flash_player.exe [2013-03-30 16:02:37 | 000,000,000 | ---D | C] -- C:\Users\DonDe\Desktop\DjDanek_DonDe [2013-03-30 12:46:07 | 000,000,000 | ---D | C] -- C:\Users\DonDe\Desktop\download [2013-03-29 15:05:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2 [2013-03-29 15:04:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Euro Truck Simulator 2 [2013-03-29 15:04:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite [2013-03-29 15:04:03 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys [2013-03-29 15:04:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite [2013-03-29 15:03:19 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite [2013-03-29 13:57:50 | 000,000,000 | ---D | C] -- C:\Downloads [2013-03-29 13:57:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitComet (64-bit) [2013-03-29 13:57:45 | 000,000,000 | ---D | C] -- C:\Program Files\BitComet [2013-03-28 18:25:45 | 000,161,280 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\ss_mdm.sys [2013-03-28 18:25:45 | 000,127,488 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\ss_bus.sys [2013-03-28 18:25:45 | 000,018,944 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\ss_mdfl.sys [2013-03-28 18:25:45 | 000,015,872 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\ss_whnt.sys [2013-03-28 18:25:45 | 000,015,872 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\ss_wh.sys [2013-03-28 18:25:45 | 000,015,360 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\ss_cmnt.sys [2013-03-28 18:25:45 | 000,015,360 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\ss_cm.sys [2013-03-28 18:25:45 | 000,000,000 | ---D | C] -- C:\Program Files\SAMSUNG [2013-03-28 18:25:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung [2013-03-28 16:23:27 | 001,554,944 | ---- | C] (HMS http://hp.vector.co.jp/authors/VA012897/) -- C:\Windows\SysWow64\vorbis.acm [2013-03-28 14:00:38 | 000,000,000 | ---D | C] -- C:\Users\DonDe\Desktop\Trap Drum Kit [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013-04-27 13:49:48 | 000,009,584 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013-04-27 13:49:48 | 000,009,584 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013-04-27 12:55:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013-04-27 12:51:55 | 001,548,324 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013-04-27 12:51:55 | 000,699,820 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2013-04-27 12:51:55 | 000,611,076 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013-04-27 12:51:55 | 000,135,210 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2013-04-27 12:51:55 | 000,107,262 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013-04-27 12:47:54 | 000,001,922 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2013-04-27 12:47:52 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2013-04-27 12:47:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013-04-27 12:47:18 | 4280,201,214 | -HS- | M] () -- C:\hiberfil.sys [2013-04-27 12:04:09 | 031,690,715 | ---- | M] () -- C:\Users\DonDe\Desktop\DonDe.rar [2013-04-25 20:10:48 | 003,898,583 | ---- | M] () -- C:\Users\DonDe\Desktop\Mac1 (overwritten at 19h55)_2.mp3 [2013-04-25 16:39:16 | 031,589,766 | ---- | M] () -- C:\Users\DonDe\Desktop\beat_c4.wav [2013-04-25 16:28:18 | 030,653,354 | ---- | M] () -- C:\Users\DonDe\Desktop\Smaplege1.wav [2013-04-24 22:18:21 | 010,462,633 | ---- | M] () -- C:\Users\DonDe\Desktop\DonDe_sale11.mp3 [2013-04-24 12:08:54 | 000,636,174 | ---- | M] () -- C:\Users\DonDe\Desktop\untitled.wav [2013-04-24 12:02:00 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1296577008-907188539-2852996125-1000UA.job [2013-04-24 11:47:27 | 000,002,040 | ---- | M] () -- C:\Users\Public\Desktop\FL Studio 11.lnk [2013-04-24 11:29:10 | 000,046,768 | ---- | M] () -- C:\Users\DonDe\Desktop\tata2.mp3.zpa [2013-04-23 18:11:28 | 034,371,202 | ---- | M] () -- C:\Users\DonDe\Desktop\remix2.wav [2013-04-23 18:02:43 | 000,000,016 | ---- | M] () -- C:\Windows\SysWow64\w3data.vss [2013-04-23 18:02:43 | 000,000,016 | ---- | M] () -- C:\Windows\SysWow64\msvcsv60.dll [2013-04-23 18:02:43 | 000,000,016 | ---- | M] () -- C:\Windows\msocreg32.dat [2013-04-23 17:24:55 | 004,577,768 | ---- | M] () -- C:\Users\DonDe\Desktop\REIIIXX2.mp3 [2013-04-23 16:32:18 | 003,278,958 | ---- | M] () -- C:\Users\DonDe\Desktop\REIIIXX.mp3 [2013-04-23 12:06:00 | 005,129,473 | ---- | M] () -- C:\Users\DonDe\Desktop\dubyy1.mp3 [2013-04-23 00:02:00 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1296577008-907188539-2852996125-1000Core.job [2013-04-22 12:42:18 | 000,963,465 | ---- | M] () -- C:\Users\DonDe\Desktop\nowy7.mp3 [2013-04-22 12:02:30 | 006,164,968 | ---- | M] () -- C:\Users\DonDe\Desktop\DonDe_sale10.mp3 [2013-04-21 18:51:33 | 000,000,460 | ---- | M] () -- C:\Users\DonDe\Desktop\deagle-1.sfk [2013-04-21 18:51:31 | 000,025,656 | ---- | M] () -- C:\Users\DonDe\Documents\aaaa.veg [2013-04-21 14:26:20 | 001,407,546 | ---- | M] () -- C:\Users\DonDe\Desktop\dfdfd.mp3 [2013-04-21 12:51:56 | 001,938,354 | ---- | M] () -- C:\Users\DonDe\Desktop\OPodatek1.mp3 [2013-04-18 12:52:19 | 000,196,746 | ---- | M] () -- C:\Users\DonDe\Desktop\MINISTROWIE.jpg [2013-04-18 12:18:06 | 017,614,958 | ---- | M] () -- C:\Users\DonDe\Desktop\ZIN_MIX.mp3 [2013-04-18 11:01:02 | 002,287,904 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013-04-17 21:02:00 | 001,239,318 | ---- | M] () -- C:\Users\DonDe\Desktop\remix2.mp3 [2013-04-17 13:09:05 | 000,098,976 | R--- | M] () -- C:\Users\DonDe\Desktop\historia_2013-04-17_7432.csv [2013-04-17 13:07:26 | 044,699,010 | ---- | M] () -- C:\Users\DonDe\Desktop\XNx.wav [2013-04-17 13:02:25 | 024,002,322 | ---- | M] () -- C:\Users\DonDe\Desktop\4.01.10.wav [2013-04-17 12:45:40 | 006,621,587 | ---- | M] () -- C:\Users\DonDe\Desktop\remix2 (overwritten at 12h29).mp3 [2013-04-17 10:39:43 | 000,000,412 | ---- | M] () -- C:\Windows\ODBC.INI [2013-04-16 19:11:20 | 000,851,660 | ---- | M] () -- C:\Users\DonDe\Desktop\tata2.mp3 [2013-04-16 14:34:36 | 108,174,302 | ---- | M] () -- C:\KPRP_bit_acapella_cuty.rar [2013-04-16 14:08:43 | 082,696,350 | ---- | M] () -- C:\Zin_cuty.wav [2013-04-16 14:06:06 | 082,696,350 | ---- | M] () -- C:\Zin_wokal.wav [2013-04-16 12:45:01 | 005,595,498 | ---- | M] () -- C:\Users\DonDe\Desktop\Don_1.mp3 [2013-04-16 12:39:30 | 074,643,146 | ---- | M] () -- C:\Zin.wav [2013-04-16 12:39:30 | 074,643,146 | ---- | M] () -- C:\KPRP_instrumental_DonDe.wav [2013-04-15 17:27:21 | 120,147,482 | ---- | M] () -- C:\Users\DonDe\Desktop\DonDe_Step.rar [2013-04-15 17:02:28 | 016,611,857 | ---- | M] () -- C:\Users\DonDe\Desktop\KPRP_Z_BESZCZELEM.mp3 [2013-04-15 16:02:46 | 073,249,534 | ---- | M] () -- C:\Users\DonDe\Desktop\KPRP_Z_BESZCZELEM.wav [2013-04-15 15:37:31 | 038,778,994 | ---- | M] () -- C:\Users\DonDe\Desktop\nowyy3.wav [2013-04-14 20:44:13 | 003,537,087 | ---- | M] () -- C:\Users\DonDe\Desktop\fort wspolny.mp3 [2013-04-14 20:26:35 | 000,000,946 | ---- | M] () -- C:\Users\DonDe\Documents\Zyczyli.rtf [2013-04-14 19:40:20 | 002,823,212 | ---- | M] () -- C:\Users\DonDe\Desktop\Lysol_Malibu.mp3 [2013-04-14 18:23:43 | 008,672,723 | ---- | M] () -- C:\Users\DonDe\Desktop\Krin_LYS.mp3 [2013-04-14 17:51:23 | 013,577,474 | ---- | M] () -- C:\Users\DonDe\Desktop\Lobuz_DonDe_Lysol_FREE.mp3 [2013-04-14 17:03:07 | 000,001,000 | ---- | M] () -- C:\Users\DonDe\Documents\Dokument.rtf [2013-04-14 16:34:27 | 002,522,452 | ---- | M] () -- C:\Lysol_pompuje1.mp3 [2013-04-14 16:33:49 | 011,114,758 | ---- | M] () -- C:\Lysol_pompuje1.wav [2013-04-14 13:44:12 | 030,969,402 | ---- | M] () -- C:\Users\DonDe\Desktop\Scarlet.wav [2013-04-14 13:12:35 | 036,106,446 | ---- | M] () -- C:\Users\DonDe\Desktop\hfhd.wav [2013-04-13 12:09:19 | 765,182,012 | ---- | M] () -- C:\Windows\MEMORY.DMP [2013-04-10 19:36:58 | 013,983,939 | ---- | M] () -- C:\Users\DonDe\Desktop\donde_sale05.mp3 [2013-04-10 19:16:39 | 005,975,840 | ---- | M] () -- C:\Users\DonDe\Desktop\Nowyy11.mp3 [2013-04-10 18:42:59 | 000,143,274 | ---- | M] () -- C:\Users\DonDe\Desktop\en3.flp [2013-04-09 20:35:21 | 000,001,535 | ---- | M] () -- C:\Users\DonDe\Documents\POMOPUJ RAP.rtf [2013-04-09 20:35:09 | 000,144,624 | ---- | M] () -- C:\Users\DonDe\Documents\POMPUJ.veg [2013-04-09 18:34:21 | 048,981,817 | ---- | M] () -- C:\POMPUJ22.wmv [2013-04-09 18:10:19 | 000,000,860 | ---- | M] () -- C:\Users\DonDe\Documents\Warsztaty.rtf [2013-04-09 18:07:20 | 048,981,817 | ---- | M] () -- C:\POMPUJ.wmv [2013-04-09 18:02:13 | 000,144,624 | ---- | M] () -- C:\Users\DonDe\Documents\POMPUJ.veg.bak [2013-04-09 17:55:58 | 000,103,384 | ---- | M] () -- C:\Users\DonDe\Desktop\Pompuj_DonDe.mp3.sfk [2013-04-09 17:52:46 | 000,000,000 | ---- | M] () -- C:\MOV00820.MPG.scc [2013-04-09 17:52:25 | 000,035,472 | ---- | M] () -- C:\MOV00820.MPG.sfk [2013-04-09 17:51:59 | 000,217,544 | ---- | M] () -- C:\MYCHA.sfk [2013-04-09 16:48:10 | 092,739,987 | ---- | M] () -- C:\MOV00820.MPG [2013-04-09 16:45:44 | 104,097,161 | ---- | M] () -- C:\MOV00819.MPG [2013-04-09 16:43:34 | 060,057,743 | ---- | M] () -- C:\MOV00818.MPG [2013-04-09 16:35:34 | 016,059,599 | ---- | M] () -- C:\MOV00817.MPG [2013-04-09 12:52:22 | 000,063,088 | -H-- | M] () -- C:\Folder.jpg [2013-04-08 18:35:37 | 075,552,477 | ---- | M] () -- C:\RA3_92BPM.rar [2013-04-08 17:19:22 | 085,928,681 | ---- | M] () -- C:\Ciężar Milczenia IVE RMX.rar [2013-04-08 12:11:16 | 023,250,526 | ---- | M] () -- C:\DONDI2.wav [2013-04-07 20:49:36 | 001,639,513 | ---- | M] () -- C:\Users\DonDe\Desktop\skor.mp3 [2013-04-07 19:31:53 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013-04-07 19:29:57 | 021,804,520 | ---- | M] (Mozilla) -- C:\Users\DonDe\Desktop\Firefox Setup 20.0.exe [2013-04-07 18:53:50 | 001,639,513 | ---- | M] () -- C:\Users\DonDe\Desktop\skor1w.mp3 [2013-04-07 18:51:27 | 001,639,513 | ---- | M] () -- C:\Users\DonDe\Desktop\skor1.mp3 [2013-04-07 17:23:16 | 002,998,926 | ---- | M] () -- C:\Users\DonDe\Desktop\Pompuj_DonDe.mp3 [2013-04-07 17:16:36 | 011,114,714 | ---- | M] () -- C:\pomp6.wav [2013-04-07 17:16:28 | 011,114,714 | ---- | M] () -- C:\pomp5.wav [2013-04-07 17:16:17 | 011,114,714 | ---- | M] () -- C:\pomp4.wav [2013-04-07 16:21:38 | 006,598,770 | ---- | M] () -- C:\pomp3.wav [2013-04-07 16:21:31 | 006,598,770 | ---- | M] () -- C:\pomp2.wav [2013-04-07 16:21:17 | 006,598,770 | ---- | M] () -- C:\pomp1.wav [2013-04-07 14:27:00 | 002,522,452 | ---- | M] () -- C:\Users\DonDe\Desktop\pompuj_lysola_rap_czwarty_raz.mp3 [2013-04-06 15:34:35 | 028,226,626 | ---- | M] () -- C:\Users\DonDe\Desktop\majkel1gh.wav [2013-04-05 17:35:39 | 035,324,278 | ---- | M] () -- C:\Users\DonDe\Desktop\Nowyy8.wav [2013-04-05 16:39:33 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2013-04-04 18:40:18 | 013,465,670 | ---- | M] () -- C:\Users\DonDe\Desktop\DonDe_sale04.mp3 [2013-04-04 17:47:23 | 004,353,880 | ---- | M] () -- C:\Users\DonDe\Desktop\06-tak_mialo_byc_ft._jamal_(acapella)-ahh.mp3.MP3 [2013-04-04 13:55:24 | 025,854,431 | ---- | M] () -- C:\01.Gra o tron - Rozdział 01.mp3 [2013-04-04 13:55:00 | 022,266,335 | ---- | M] () -- C:\09.Gra o tron - Rozdział 09.mp3 [2013-04-04 13:54:20 | 020,703,071 | ---- | M] () -- C:\07.Gra o tron - Rozdział 07.mp3 [2013-04-04 13:53:43 | 016,702,175 | ---- | M] () -- C:\08.Gra o tron - Rozdział 08.mp3 [2013-04-04 13:53:25 | 027,166,559 | ---- | M] () -- C:\04.Gra o tron - Rozdział 04.mp3 [2013-04-04 13:51:24 | 020,708,063 | ---- | M] () -- C:\06.Gra o tron - Rozdział 06.mp3 [2013-04-04 13:50:28 | 023,264,351 | ---- | M] () -- C:\05.Gra o tron - Rozdział 05.mp3 [2013-04-04 13:50:28 | 018,976,223 | ---- | M] () -- C:\02.Gra o tron - Rozdział 02.mp3 [2013-04-04 13:49:49 | 013,144,799 | ---- | M] () -- C:\03.Gra o tron - Rozdział 03.mp3 [2013-04-04 13:47:33 | 013,521,503 | ---- | M] () -- C:\10.Gra o tron - Rozdział 10.mp3 [2013-04-03 19:52:21 | 000,001,126 | ---- | M] () -- C:\Users\Public\Desktop\Foxit Reader.lnk [2013-04-03 19:44:49 | 001,760,722 | ---- | M] () -- C:\Users\DonDe\Desktop\Scarlet.mp3 [2013-04-03 19:34:29 | 004,082,441 | ---- | M] () -- C:\Users\DonDe\Desktop\Sprawy_Santander.zip [2013-04-03 16:15:57 | 000,000,930 | ---- | M] () -- C:\Users\DonDe\Documents\YOYLOYL.rtf [2013-04-02 15:59:19 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013-04-02 15:59:19 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013-04-02 14:53:06 | 001,752,362 | ---- | M] () -- C:\Users\DonDe\Desktop\Nowyy9.mp3 [2013-04-02 14:15:28 | 001,291,562 | ---- | M] () -- C:\Users\DonDe\Desktop\Nowyy8.mp3 [2013-04-02 12:05:43 | 008,607,938 | ---- | M] () -- C:\Users\DonDe\Desktop\Di8uuuuuu.mp3 [2013-04-02 10:13:20 | 002,332,968 | ---- | M] () -- C:\DSC00815.JPG [2013-04-02 10:12:04 | 002,196,582 | ---- | M] () -- C:\DSC00814.JPG [2013-04-02 10:11:56 | 002,087,919 | ---- | M] () -- C:\DSC00813.JPG [2013-04-02 10:11:48 | 002,343,391 | ---- | M] () -- C:\DSC00812.JPG [2013-04-01 00:05:48 | 064,182,252 | ---- | M] () -- C:\Users\DonDe\Desktop\fp_10.3.183.68_archive.zip [2013-03-31 23:57:24 | 000,860,200 | ---- | M] () -- C:\Users\DonDe\Desktop\adobe.flash.player_idg_downloader_28198_pc.exe [2013-03-31 23:56:15 | 000,706,776 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\DonDe\Desktop\uninstall_flash_player.exe [2013-03-30 18:21:40 | 053,092,217 | ---- | M] () -- C:\Users\DonDe\Desktop\DjDanek_DonDe.rar [2013-03-30 17:17:43 | 002,263,318 | ---- | M] () -- C:\Users\DonDe\Desktop\nowyy7.mp3 [2013-03-30 14:17:05 | 007,764,705 | ---- | M] () -- C:\Users\DonDe\Desktop\nowyy4.mp3 [2013-03-30 12:45:47 | 001,931,036 | ---- | M] () -- C:\Users\DonDe\Desktop\download.zip [2013-03-30 12:38:55 | 012,347,629 | ---- | M] () -- C:\Users\DonDe\Desktop\DonDe_sale03.mp3 [2013-03-30 12:34:40 | 040,277,774 | ---- | M] () -- C:\Users\DonDe\Desktop\SmaplowanyZAM1_NEW.wav [2013-03-30 11:58:08 | 025,412,802 | ---- | M] () -- C:\Users\DonDe\Desktop\nazmowienei1.wav [2013-03-29 21:38:38 | 005,764,771 | ---- | M] () -- C:\Users\DonDe\Desktop\nazmowienei1.mp3 [2013-03-29 15:05:48 | 000,001,332 | ---- | M] () -- C:\Users\Public\Desktop\Euro Truck Simulator 2.lnk [2013-03-29 15:04:03 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys [2013-03-28 20:38:17 | 001,453,522 | ---- | M] () -- C:\Users\DonDe\Desktop\nowyy3.mp3 [2013-03-28 19:09:52 | 027,600,578 | ---- | M] () -- C:\Users\DonDe\Desktop\Di8uuuuuu.wav [2013-03-28 18:58:40 | 011,414,538 | ---- | M] () -- C:\Users\DonDe\Desktop\satyresco2.mp3 [2013-03-28 18:27:29 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ssadadb_01005.Wdf [2013-03-28 16:23:35 | 000,001,146 | ---- | M] () -- C:\Users\Public\Desktop\FL Studio 10.lnk [2013-03-28 16:21:58 | 000,819,729 | ---- | M] ( ) -- C:\Windows\SysWow64\mrvcl32.exe [2013-03-28 16:21:33 | 062,619,270 | ---- | M] () -- C:\Users\DonDe\Desktop\DONDI2.zip [2013-03-28 16:18:38 | 006,164,967 | ---- | M] () -- C:\Users\DonDe\Desktop\DONDI2.mp3 [2013-03-28 15:02:10 | 000,004,608 | ---- | M] () -- C:\Users\DonDe\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013-03-28 14:19:59 | 261,425,667 | ---- | M] () -- C:\Users\DonDe\Desktop\Trap Drum Kit.rar [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013-04-27 12:47:54 | 000,001,922 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2013-04-27 12:04:04 | 031,690,715 | ---- | C] () -- C:\Users\DonDe\Desktop\DonDe.rar [2013-04-25 20:07:05 | 003,898,583 | ---- | C] () -- C:\Users\DonDe\Desktop\Mac1 (overwritten at 19h55)_2.mp3 [2013-04-25 16:39:05 | 031,589,766 | ---- | C] () -- C:\Users\DonDe\Desktop\beat_c4.wav [2013-04-25 16:27:56 | 030,653,354 | ---- | C] () -- C:\Users\DonDe\Desktop\Smaplege1.wav [2013-04-24 22:18:03 | 010,462,633 | ---- | C] () -- C:\Users\DonDe\Desktop\DonDe_sale11.mp3 [2013-04-24 12:08:52 | 000,636,174 | ---- | C] () -- C:\Users\DonDe\Desktop\untitled.wav [2013-04-24 11:47:27 | 000,002,040 | ---- | C] () -- C:\Users\Public\Desktop\FL Studio 11.lnk [2013-04-24 11:47:16 | 000,002,052 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FL Studio 11.lnk [2013-04-24 11:29:10 | 000,046,768 | ---- | C] () -- C:\Users\DonDe\Desktop\tata2.mp3.zpa [2013-04-23 18:11:11 | 034,371,202 | ---- | C] () -- C:\Users\DonDe\Desktop\remix2.wav [2013-04-23 17:23:36 | 004,577,768 | ---- | C] () -- C:\Users\DonDe\Desktop\REIIIXX2.mp3 [2013-04-23 16:27:50 | 003,278,958 | ---- | C] () -- C:\Users\DonDe\Desktop\REIIIXX.mp3 [2013-04-23 12:05:38 | 005,129,473 | ---- | C] () -- C:\Users\DonDe\Desktop\dubyy1.mp3 [2013-04-22 12:42:14 | 000,963,465 | ---- | C] () -- C:\Users\DonDe\Desktop\nowy7.mp3 [2013-04-22 12:02:20 | 006,164,968 | ---- | C] () -- C:\Users\DonDe\Desktop\DonDe_sale10.mp3 [2013-04-21 18:51:31 | 000,025,656 | ---- | C] () -- C:\Users\DonDe\Documents\aaaa.veg [2013-04-21 18:48:17 | 000,000,460 | ---- | C] () -- C:\Users\DonDe\Desktop\deagle-1.sfk [2013-04-21 14:26:15 | 001,407,546 | ---- | C] () -- C:\Users\DonDe\Desktop\dfdfd.mp3 [2013-04-21 12:55:01 | 074,643,146 | ---- | C] () -- C:\KPRP_instrumental_DonDe.wav [2013-04-21 12:51:47 | 001,938,354 | ---- | C] () -- C:\Users\DonDe\Desktop\OPodatek1.mp3 [2013-04-18 12:52:19 | 000,196,746 | ---- | C] () -- C:\Users\DonDe\Desktop\MINISTROWIE.jpg [2013-04-18 12:16:43 | 017,614,958 | ---- | C] () -- C:\Users\DonDe\Desktop\ZIN_MIX.mp3 [2013-04-17 21:01:54 | 001,239,318 | ---- | C] () -- C:\Users\DonDe\Desktop\remix2.mp3 [2013-04-17 13:09:08 | 000,098,976 | R--- | C] () -- C:\Users\DonDe\Desktop\historia_2013-04-17_7432.csv [2013-04-17 13:07:05 | 044,699,010 | ---- | C] () -- C:\Users\DonDe\Desktop\XNx.wav [2013-04-17 13:02:16 | 024,002,322 | ---- | C] () -- C:\Users\DonDe\Desktop\4.01.10.wav [2013-04-17 12:45:19 | 006,621,587 | ---- | C] () -- C:\Users\DonDe\Desktop\remix2 (overwritten at 12h29).mp3 [2013-04-17 10:39:43 | 000,000,412 | ---- | C] () -- C:\Windows\ODBC.INI [2013-04-16 19:11:16 | 000,851,660 | ---- | C] () -- C:\Users\DonDe\Desktop\tata2.mp3 [2013-04-16 14:34:14 | 108,174,302 | ---- | C] () -- C:\KPRP_bit_acapella_cuty.rar [2013-04-16 14:07:48 | 082,696,350 | ---- | C] () -- C:\Zin_cuty.wav [2013-04-16 14:05:11 | 082,696,350 | ---- | C] () -- C:\Zin_wokal.wav [2013-04-16 12:44:52 | 005,595,498 | ---- | C] () -- C:\Users\DonDe\Desktop\Don_1.mp3 [2013-04-16 12:37:50 | 074,643,146 | ---- | C] () -- C:\Zin.wav [2013-04-15 17:27:00 | 120,147,482 | ---- | C] () -- C:\Users\DonDe\Desktop\DonDe_Step.rar [2013-04-15 17:01:58 | 016,611,857 | ---- | C] () -- C:\Users\DonDe\Desktop\KPRP_Z_BESZCZELEM.mp3 [2013-04-15 16:01:04 | 073,249,534 | ---- | C] () -- C:\Users\DonDe\Desktop\KPRP_Z_BESZCZELEM.wav [2013-04-15 15:36:36 | 038,778,994 | ---- | C] () -- C:\Users\DonDe\Desktop\nowyy3.wav [2013-04-14 20:44:12 | 003,537,087 | ---- | C] () -- C:\Users\DonDe\Desktop\fort wspolny.mp3 [2013-04-14 19:55:00 | 000,000,946 | ---- | C] () -- C:\Users\DonDe\Documents\Zyczyli.rtf [2013-04-14 19:40:19 | 002,823,212 | ---- | C] () -- C:\Users\DonDe\Desktop\Lysol_Malibu.mp3 [2013-04-14 18:23:02 | 008,672,723 | ---- | C] () -- C:\Users\DonDe\Desktop\Krin_LYS.mp3 [2013-04-14 17:50:16 | 013,577,474 | ---- | C] () -- C:\Users\DonDe\Desktop\Lobuz_DonDe_Lysol_FREE.mp3 [2013-04-14 16:34:09 | 002,522,452 | ---- | C] () -- C:\Lysol_pompuje1.mp3 [2013-04-14 16:33:36 | 011,114,758 | ---- | C] () -- C:\Lysol_pompuje1.wav [2013-04-14 13:43:58 | 030,969,402 | ---- | C] () -- C:\Users\DonDe\Desktop\Scarlet.wav [2013-04-14 13:12:14 | 036,106,446 | ---- | C] () -- C:\Users\DonDe\Desktop\hfhd.wav [2013-04-11 16:51:52 | 765,182,012 | ---- | C] () -- C:\Windows\MEMORY.DMP [2013-04-11 06:08:52 | 022,266,335 | ---- | C] () -- C:\09.Gra o tron - Rozdział 09.mp3 [2013-04-11 06:08:52 | 020,708,063 | ---- | C] () -- C:\06.Gra o tron - Rozdział 06.mp3 [2013-04-11 06:08:52 | 020,703,071 | ---- | C] () -- C:\07.Gra o tron - Rozdział 07.mp3 [2013-04-11 06:08:52 | 016,702,175 | ---- | C] () -- C:\08.Gra o tron - Rozdział 08.mp3 [2013-04-11 06:08:51 | 027,166,559 | ---- | C] () -- C:\04.Gra o tron - Rozdział 04.mp3 [2013-04-11 06:08:51 | 023,264,351 | ---- | C] () -- C:\05.Gra o tron - Rozdział 05.mp3 [2013-04-11 06:08:51 | 013,521,503 | ---- | C] () -- C:\10.Gra o tron - Rozdział 10.mp3 [2013-04-10 19:36:32 | 013,983,939 | ---- | C] () -- C:\Users\DonDe\Desktop\donde_sale05.mp3 [2013-04-10 18:33:43 | 000,143,274 | ---- | C] () -- C:\Users\DonDe\Desktop\en3.flp [2013-04-10 10:56:13 | 000,063,088 | -H-- | C] () -- C:\Folder.jpg [2013-04-09 18:29:09 | 048,981,817 | ---- | C] () -- C:\POMPUJ22.wmv [2013-04-09 18:02:28 | 048,981,817 | ---- | C] () -- C:\POMPUJ.wmv [2013-04-09 17:58:03 | 000,144,624 | ---- | C] () -- C:\Users\DonDe\Documents\POMPUJ.veg.bak [2013-04-09 17:58:03 | 000,144,624 | ---- | C] () -- C:\Users\DonDe\Documents\POMPUJ.veg [2013-04-09 17:53:03 | 000,103,384 | ---- | C] () -- C:\Users\DonDe\Desktop\Pompuj_DonDe.mp3.sfk [2013-04-09 17:52:46 | 000,000,000 | ---- | C] () -- C:\MOV00820.MPG.scc [2013-04-09 17:52:25 | 000,035,472 | ---- | C] () -- C:\MOV00820.MPG.sfk [2013-04-09 17:51:55 | 000,217,544 | ---- | C] () -- C:\MYCHA.sfk [2013-04-09 17:50:40 | 104,097,161 | ---- | C] () -- C:\MOV00819.MPG [2013-04-09 17:50:36 | 060,057,743 | ---- | C] () -- C:\MOV00818.MPG [2013-04-09 17:50:35 | 016,059,599 | ---- | C] () -- C:\MOV00817.MPG [2013-04-09 17:50:28 | 092,739,987 | ---- | C] () -- C:\MOV00820.MPG [2013-04-09 12:52:11 | 025,854,431 | ---- | C] () -- C:\01.Gra o tron - Rozdział 01.mp3 [2013-04-09 12:52:11 | 018,976,223 | ---- | C] () -- C:\02.Gra o tron - Rozdział 02.mp3 [2013-04-09 12:52:11 | 013,144,799 | ---- | C] () -- C:\03.Gra o tron - Rozdział 03.mp3 [2013-04-09 11:54:23 | 000,001,000 | ---- | C] () -- C:\Users\DonDe\Documents\Dokument.rtf [2013-04-08 19:15:51 | 085,928,681 | ---- | C] () -- C:\Ciężar Milczenia IVE RMX.rar [2013-04-08 18:35:12 | 075,552,477 | ---- | C] () -- C:\RA3_92BPM.rar [2013-04-08 17:38:59 | 000,000,860 | ---- | C] () -- C:\Users\DonDe\Documents\Warsztaty.rtf [2013-04-08 12:11:06 | 023,250,526 | ---- | C] () -- C:\DONDI2.wav [2013-04-07 20:49:29 | 001,639,513 | ---- | C] () -- C:\Users\DonDe\Desktop\skor.mp3 [2013-04-07 19:31:53 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2013-04-07 19:31:53 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013-04-07 18:53:44 | 001,639,513 | ---- | C] () -- C:\Users\DonDe\Desktop\skor1w.mp3 [2013-04-07 18:51:21 | 001,639,513 | ---- | C] () -- C:\Users\DonDe\Desktop\skor1.mp3 [2013-04-07 17:22:58 | 002,998,926 | ---- | C] () -- C:\Users\DonDe\Desktop\Pompuj_DonDe.mp3 [2013-04-07 17:16:35 | 011,114,714 | ---- | C] () -- C:\pomp6.wav [2013-04-07 17:16:28 | 011,114,714 | ---- | C] () -- C:\pomp5.wav [2013-04-07 17:16:16 | 011,114,714 | ---- | C] () -- C:\pomp4.wav [2013-04-07 16:21:38 | 006,598,770 | ---- | C] () -- C:\pomp3.wav [2013-04-07 16:21:31 | 006,598,770 | ---- | C] () -- C:\pomp2.wav [2013-04-07 16:21:17 | 006,598,770 | ---- | C] () -- C:\pomp1.wav [2013-04-07 15:50:24 | 000,001,535 | ---- | C] () -- C:\Users\DonDe\Documents\POMOPUJ RAP.rtf [2013-04-07 14:26:50 | 002,522,452 | ---- | C] () -- C:\Users\DonDe\Desktop\pompuj_lysola_rap_czwarty_raz.mp3 [2013-04-06 15:34:19 | 028,226,626 | ---- | C] () -- C:\Users\DonDe\Desktop\majkel1gh.wav [2013-04-06 15:02:12 | 000,001,137 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS3.lnk [2013-04-06 15:01:28 | 000,001,223 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Stock Photos CS3.lnk [2013-04-06 15:00:59 | 000,001,403 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit 2.lnk [2013-04-06 15:00:51 | 000,001,192 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS3.lnk [2013-04-06 14:59:40 | 000,001,099 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS3.lnk [2013-04-05 17:35:26 | 035,324,278 | ---- | C] () -- C:\Users\DonDe\Desktop\Nowyy8.wav [2013-04-05 16:39:33 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2013-04-04 18:39:52 | 013,465,670 | ---- | C] () -- C:\Users\DonDe\Desktop\DonDe_sale04.mp3 [2013-04-04 17:46:49 | 004,353,880 | ---- | C] () -- C:\Users\DonDe\Desktop\06-tak_mialo_byc_ft._jamal_(acapella)-ahh.mp3.MP3 [2013-04-03 19:52:21 | 000,001,126 | ---- | C] () -- C:\Users\Public\Desktop\Foxit Reader.lnk [2013-04-03 19:44:41 | 001,760,722 | ---- | C] () -- C:\Users\DonDe\Desktop\Scarlet.mp3 [2013-04-03 19:39:05 | 000,000,016 | ---- | C] () -- C:\Windows\SysWow64\w3data.vss [2013-04-03 19:39:05 | 000,000,016 | ---- | C] () -- C:\Windows\SysWow64\msvcsv60.dll [2013-04-03 19:39:05 | 000,000,016 | ---- | C] () -- C:\Windows\msocreg32.dat [2013-04-03 19:34:08 | 004,082,441 | ---- | C] () -- C:\Users\DonDe\Desktop\Sprawy_Santander.zip [2013-04-03 18:51:42 | 000,144,144 | ---- | C] () -- C:\ez3.flp [2013-04-03 18:39:36 | 000,510,976 | ---- | C] () -- C:\Windows\SysWow64\synsoacc.dll [2013-04-03 16:15:57 | 000,000,930 | ---- | C] () -- C:\Users\DonDe\Documents\YOYLOYL.rtf [2013-04-02 17:46:18 | 005,975,840 | ---- | C] () -- C:\Users\DonDe\Desktop\Nowyy11.mp3 [2013-04-02 14:53:00 | 001,752,362 | ---- | C] () -- C:\Users\DonDe\Desktop\Nowyy9.mp3 [2013-04-02 14:15:22 | 001,291,562 | ---- | C] () -- C:\Users\DonDe\Desktop\Nowyy8.mp3 [2013-04-02 12:04:55 | 008,607,938 | ---- | C] () -- C:\Users\DonDe\Desktop\Di8uuuuuu.mp3 [2013-04-02 11:15:46 | 002,343,391 | ---- | C] () -- C:\DSC00812.JPG [2013-04-02 11:15:46 | 002,332,968 | ---- | C] () -- C:\DSC00815.JPG [2013-04-02 11:15:46 | 002,196,582 | ---- | C] () -- C:\DSC00814.JPG [2013-04-02 11:15:46 | 002,087,919 | ---- | C] () -- C:\DSC00813.JPG [2013-04-02 10:57:04 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013-04-01 00:02:20 | 064,182,252 | ---- | C] () -- C:\Users\DonDe\Desktop\fp_10.3.183.68_archive.zip [2013-03-31 23:57:24 | 000,860,200 | ---- | C] () -- C:\Users\DonDe\Desktop\adobe.flash.player_idg_downloader_28198_pc.exe [2013-03-30 18:21:31 | 053,092,217 | ---- | C] () -- C:\Users\DonDe\Desktop\DjDanek_DonDe.rar [2013-03-30 17:17:34 | 002,263,318 | ---- | C] () -- C:\Users\DonDe\Desktop\nowyy7.mp3 [2013-03-30 14:06:47 | 007,764,705 | ---- | C] () -- C:\Users\DonDe\Desktop\nowyy4.mp3 [2013-03-30 12:45:45 | 001,931,036 | ---- | C] () -- C:\Users\DonDe\Desktop\download.zip [2013-03-30 12:38:35 | 012,347,629 | ---- | C] () -- C:\Users\DonDe\Desktop\DonDe_sale03.mp3 [2013-03-30 12:34:06 | 040,277,774 | ---- | C] () -- C:\Users\DonDe\Desktop\SmaplowanyZAM1_NEW.wav [2013-03-30 11:57:53 | 025,412,802 | ---- | C] () -- C:\Users\DonDe\Desktop\nazmowienei1.wav [2013-03-29 21:38:12 | 005,764,771 | ---- | C] () -- C:\Users\DonDe\Desktop\nazmowienei1.mp3 [2013-03-29 15:05:48 | 000,001,332 | ---- | C] () -- C:\Users\Public\Desktop\Euro Truck Simulator 2.lnk [2013-03-28 20:38:05 | 001,453,522 | ---- | C] () -- C:\Users\DonDe\Desktop\nowyy3.mp3 [2013-03-28 19:09:31 | 027,600,578 | ---- | C] () -- C:\Users\DonDe\Desktop\Di8uuuuuu.wav [2013-03-28 18:57:25 | 011,414,538 | ---- | C] () -- C:\Users\DonDe\Desktop\satyresco2.mp3 [2013-03-28 18:27:29 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ssadadb_01005.Wdf [2013-03-28 16:23:35 | 000,001,146 | ---- | C] () -- C:\Users\Public\Desktop\FL Studio 10.lnk [2013-03-28 16:21:58 | 000,819,729 | ---- | C] ( ) -- C:\Windows\SysWow64\mrvcl32.exe [2013-03-28 16:21:27 | 062,619,270 | ---- | C] () -- C:\Users\DonDe\Desktop\DONDI2.zip [2013-03-28 16:17:39 | 006,164,967 | ---- | C] () -- C:\Users\DonDe\Desktop\DONDI2.mp3 [2013-03-28 14:00:26 | 092,727,288 | ---- | C] () -- C:\Users\DonDe\Desktop\Trap Drum Kit - Kopia.rar [2013-03-28 12:53:22 | 000,004,608 | ---- | C] () -- C:\Users\DonDe\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013-03-28 12:53:14 | 000,036,734 | ---- | C] () -- C:\Windows\SysWow64\OggDSuninst.exe [2013-03-27 16:45:01 | 000,000,004 | ---- | C] () -- C:\ProgramData\sysid100.dat [2013-03-25 11:28:47 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2013-03-23 13:02:17 | 019,606,068 | ---- | C] ( ) -- C:\Users\DonDe\K-Lite_Codec_Pack_980_Full_[www.programosy.pl].exe [2013-03-23 12:44:42 | 120,647,199 | ---- | C] () -- C:\Users\DonDe\Realtek_Audio_V51006235_Xp_V6016235_VistaWin7.zip [2013-03-22 16:35:08 | 000,002,892 | ---- | C] () -- C:\Windows\SysWow64\audcon.sys [2013-03-22 16:34:29 | 000,000,051 | ---- | C] () -- C:\Windows\SysWow64\SYNSOPOS.exe.cfg [2013-03-22 16:34:28 | 000,086,016 | ---- | C] () -- C:\Windows\SysWow64\SYNSOPOS.exe [2013-03-22 14:59:28 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2012-07-02 22:11:02 | 000,016,384 | ---- | C] () -- C:\Windows\SysWow64\theowl.dll [2012-02-03 05:00:58 | 000,139,264 | ---- | C] () -- C:\Windows\SysWow64\TCPClient.dll [2011-06-15 13:37:00 | 001,108,992 | ---- | C] () -- C:\Windows\SysWow64\phidget21.dll [color=#E56717]========== ZeroAccess Check ==========[/color] [2009-07-14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [2013-04-27 12:47:22 | 000,004,096 | -HS- | M] () -- C:\Windows\assembly\GAC_32\Desktop.ini [2013-04-27 12:47:22 | 000,005,120 | -HS- | M] () -- C:\Windows\assembly\GAC_64\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2009-07-14 03:41:54 | 014,161,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2009-07-14 03:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009-07-14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717]========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========[/color] [C:\Windows\system64] -> \systemroot\system32 -> Mount Point [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:C8B8CEBD < End of report >