OTL logfile created on: 2011-02-09 23:53:18 - Run 3 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\muad\Downloads 64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 60,00% Memory free 8,00 Gb Paging File | 6,00 Gb Available in Paging File | 74,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 268,97 Gb Total Space | 92,71 Gb Free Space | 34,47% Space Free | Partition Type: NTFS Drive D: | 196,69 Gb Total Space | 142,22 Gb Free Space | 72,31% Space Free | Partition Type: NTFS Drive E: | 100,00 Mb Total Space | 71,84 Mb Free Space | 71,84% Space Free | Partition Type: NTFS Drive Y: | 78,13 Gb Total Space | 35,62 Gb Free Space | 45,60% Space Free | Partition Type: NTFS Drive Z: | 33,66 Gb Total Space | 33,57 Gb Free Space | 99,74% Space Free | Partition Type: NTFS Computer Name: MUAD-KOMPUTER | User Name: muad | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011-02-09 22:05:03 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\muad\Downloads\OTL.exe PRC - [2011-01-28 19:04:19 | 000,943,472 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\opera.exe PRC - [2010-11-21 23:06:01 | 001,980,936 | ---- | M] (MetaQuotes Software Corp.) -- C:\Users\muad\XTB-Trader 4 PLN\terminal.exe PRC - [2010-06-07 04:56:06 | 000,347,448 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe PRC - [2010-04-22 14:56:42 | 001,109,120 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\TurboV EVO\TurboVHELP.exe PRC - [2010-03-30 23:00:00 | 002,465,888 | ---- | M] (Lavalys, Inc.) -- C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\everest.exe PRC - [2009-12-28 20:33:02 | 000,096,896 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe PRC - [2009-03-30 07:32:40 | 000,032,768 | R--- | M] () -- C:\Windows\DAODx.exe PRC - [2008-03-20 11:04:46 | 002,127,296 | ---- | M] (Gadu-Gadu S.A.) -- C:\Program Files (x86)\Gadu-Gadu\gg.exe PRC - [2007-08-11 14:50:00 | 000,331,264 | ---- | M] () -- C:\Program Files (x86)\NetMeter\NetMeter.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2011-02-09 22:05:03 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\muad\Downloads\OTL.exe MOD - [2010-08-21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll MOD - [2006-12-21 13:30:44 | 000,102,400 | ---- | M] (Gadu-Gadu S.A.) -- C:\Program Files (x86)\Gadu-Gadu\ggwhook.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2010-11-26 03:54:12 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:[b]64bit:[/b] - [2010-08-31 23:22:23 | 000,551,824 | ---- | M] (Protection Technology) [Auto | Stopped] -- C:\Windows\SysNative\appdrvrem01.exe -- (appdrvrem01) SRV:[b]64bit:[/b] - [2010-05-06 10:30:22 | 000,357,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ) SRV:[b]64bit:[/b] - [2010-03-25 22:48:42 | 000,017,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc) SRV:[b]64bit:[/b] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2009-12-28 20:33:02 | 000,096,896 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe -- (AsSysCtrlService) SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2010-11-26 05:20:20 | 008,120,320 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:[b]64bit:[/b] - [2010-11-26 03:16:46 | 000,289,792 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:[b]64bit:[/b] - [2010-08-31 23:22:24 | 002,667,120 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\appdrv01.sys -- (appdrv01) Application Driver (01) DRV:[b]64bit:[/b] - [2010-08-31 20:33:24 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt) DRV:[b]64bit:[/b] - [2010-08-31 20:33:24 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt) DRV:[b]64bit:[/b] - [2010-08-30 22:06:53 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2010-08-16 11:42:00 | 000,116,240 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService) DRV:[b]64bit:[/b] - [2010-05-31 11:46:50 | 000,333,928 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2010-05-06 10:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV:[b]64bit:[/b] - [2010-04-27 15:57:20 | 000,016,200 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid) DRV:[b]64bit:[/b] - [2010-04-27 15:57:14 | 000,036,936 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmHidLo.sys -- (WmHidLo) DRV:[b]64bit:[/b] - [2010-04-27 15:57:12 | 000,026,440 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum) DRV:[b]64bit:[/b] - [2010-04-27 13:03:12 | 000,077,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore) DRV:[b]64bit:[/b] - [2010-04-27 13:02:42 | 000,043,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter) DRV:[b]64bit:[/b] - [2010-03-18 10:00:16 | 000,057,936 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt) DRV:[b]64bit:[/b] - [2010-03-18 10:00:00 | 000,063,568 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt) DRV:[b]64bit:[/b] - [2010-02-18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64) DRV:[b]64bit:[/b] - [2009-10-07 18:13:34 | 000,070,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2009-10-07 18:13:34 | 000,028,728 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2009-07-16 04:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor) DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-06-10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009-05-05 09:00:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO) DRV - [2011-02-05 11:26:52 | 000,021,712 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS -- (DrvAgent64) DRV - [2010-06-07 04:56:10 | 000,014,648 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\MSI Afterburner\RTCore64.sys -- (RTCore64) DRV - [2010-03-30 23:00:00 | 000,026,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\kerneld.amd64 -- (EverestDriver) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKU\S-1-5-21-4235474191-3633559331-3043723501-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-4235474191-3633559331-3043723501-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-4235474191-3633559331-3043723501-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=206.125.165.20:80 O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O3 - HKU\S-1-5-21-4235474191-3633559331-3043723501-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4:[b]64bit:[/b] - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) O4:[b]64bit:[/b] - HKLM..\Run: [MSSE] C:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:[b]64bit:[/b] - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.) O4 - HKLM..\Run: [MSIAfterburner] C:\Program Files (x86)\MSI Afterburner\MSIAfterburnerWrapper.exe () O4 - HKU\S-1-5-21-4235474191-3633559331-3043723501-1000..\Run: [C:\Program Files (x86)\NetMeter\NetMeter.exe] C:\Program Files (x86)\NetMeter\NetMeter.exe () O4 - HKU\S-1-5-21-4235474191-3633559331-3043723501-1000..\Run: [Gadu-Gadu] C:\Program Files (x86)\Gadu-Gadu\gg.exe (Gadu-Gadu S.A.) O4 - HKLM..\RunOnce: [GrpConv] C:\Windows\SysWow64\grpconv.exe (Microsoft Corporation) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = [binary data] O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = [binary data] O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-4235474191-3633559331-3043723501-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-4235474191-3633559331-3043723501-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-4235474191-3633559331-3043723501-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.30.129.149 217.30.137.200 O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:[b]64bit:[/b] - Winlogon\Notify\LBTWlgn: DllName - Reg Error: Key error. - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008-05-16 19:31:13 | 000,000,000 | ---- | M] () - Y:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = ComFile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011-02-09 22:47:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab [2011-02-09 20:07:43 | 000,000,000 | ---D | C] -- C:\Users\muad\DoctorWeb [2011-02-09 19:37:41 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2011-02-09 00:55:59 | 000,000,000 | ---D | C] -- C:\Windows\temp [2011-02-09 00:33:18 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2011-02-09 00:33:18 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2011-02-09 00:33:18 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2011-02-09 00:33:08 | 000,000,000 | ---D | C] -- C:\ComboFix [2011-02-09 00:31:33 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe [2011-02-09 00:30:39 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT [2011-02-09 00:28:47 | 000,000,000 | ---D | C] -- C:\Qoobox [2011-02-08 23:52:33 | 000,000,000 | ---D | C] -- C:\Users\muad\AppData\Roaming\Malwarebytes [2011-02-08 23:52:27 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2011-02-08 23:52:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011-02-08 23:52:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011-02-08 23:52:23 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2011-02-08 23:52:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2011-02-08 00:10:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ATI Stream SDK v2 [2011-02-08 00:10:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Stream [2011-02-08 00:10:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI [2011-02-08 00:09:33 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies [2011-02-08 00:09:32 | 000,000,000 | ---D | C] -- C:\Program Files\ATI [2011-02-08 00:08:52 | 000,000,000 | ---D | C] -- C:\ATI [2011-02-07 23:59:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Phyxion.net [2011-02-07 22:11:23 | 002,719,504 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll [2011-02-07 22:11:22 | 001,687,552 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll [2011-02-07 22:11:22 | 000,605,696 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl [2011-02-07 22:11:22 | 000,325,632 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll [2011-02-07 22:11:21 | 001,632,256 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll [2011-02-07 22:11:21 | 000,475,920 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll [2011-02-07 22:11:21 | 000,372,936 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll [2011-02-07 22:11:21 | 000,201,928 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll [2011-02-07 22:11:21 | 000,142,848 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll [2011-02-07 22:11:21 | 000,099,016 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll [2011-02-07 22:11:21 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll [2011-02-07 22:11:20 | 001,194,496 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll [2011-02-07 22:11:20 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll [2011-02-07 22:11:20 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll [2011-02-07 22:11:20 | 000,061,952 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInst64.dll [2011-02-07 22:11:19 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll [2011-02-07 22:11:19 | 000,327,584 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll [2011-02-07 22:11:19 | 000,325,904 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll [2011-02-07 22:11:18 | 000,168,864 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll [2011-02-07 22:10:12 | 000,107,552 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RTNUninst64.dll [2011-02-07 21:57:56 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM [2011-02-07 21:57:31 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll [2011-02-07 21:57:30 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll [2011-02-07 21:57:30 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll [2011-02-07 21:57:30 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll [2011-02-07 21:57:29 | 000,121,744 | ---- | C] (Sony Corporation) -- C:\Windows\SysNative\SFSS_APO.dll [2011-02-07 21:57:29 | 000,078,160 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysNative\SFAPO64.dll [2011-02-07 21:57:26 | 001,718,616 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll [2011-02-07 21:57:26 | 000,553,984 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoRes64.dat [2011-02-07 21:57:26 | 000,421,720 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll [2011-02-07 21:57:26 | 000,127,832 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll [2011-02-07 21:57:26 | 000,108,888 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll [2011-02-07 21:57:26 | 000,074,584 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll [2011-02-07 21:57:25 | 000,334,680 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll [2011-02-07 21:57:24 | 000,341,336 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll [2011-02-07 21:57:21 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll [2011-02-07 21:57:21 | 000,475,752 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll [2011-02-07 21:57:20 | 001,327,208 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll [2011-02-07 21:57:20 | 001,179,752 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll [2011-02-07 21:57:20 | 001,111,656 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll [2011-02-07 21:57:20 | 000,504,936 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll [2011-02-07 21:57:20 | 000,317,032 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll [2011-02-07 21:57:20 | 000,269,928 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll [2011-02-07 21:57:20 | 000,266,856 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll [2011-02-07 21:57:20 | 000,126,056 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll [2011-02-07 21:57:20 | 000,125,544 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll [2011-02-07 21:57:20 | 000,125,032 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll [2011-02-07 21:57:19 | 000,108,960 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll [2011-02-07 21:57:16 | 001,251,944 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll [2011-02-07 20:20:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Phyxion.net [2011-02-06 22:54:13 | 000,000,000 | -H-D | C] -- C:\Windows\msdownld.tmp [2011-02-06 22:54:04 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx [2011-02-06 21:31:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate [2011-02-06 21:31:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Seagate [2011-02-05 13:11:47 | 000,000,000 | ---D | C] -- C:\Users\muad\Documents\My 4shared Sync [2011-02-05 13:10:59 | 000,000,000 | ---D | C] -- C:\Users\muad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\4shared Tools [2011-02-05 13:10:59 | 000,000,000 | ---D | C] -- C:\Users\muad\AppData\Roaming\4shared Desktop [2011-02-05 13:10:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\4shared Desktop [2011-02-05 11:32:20 | 000,333,928 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys [2011-02-05 11:26:52 | 000,021,712 | ---- | C] (Phoenix Technologies) -- C:\Windows\SysWow64\drivers\DrvAgent64.SYS [2011-02-05 11:26:52 | 000,000,000 | ---D | C] -- C:\Users\muad\AppData\Local\eSupport.com [2011-02-05 11:17:09 | 000,000,000 | ---D | C] -- C:\Users\muad\Desktop\Nowy folder (2) [2011-02-05 11:07:07 | 000,000,000 | ---D | C] -- C:\Users\muad\Documents\SuperSterownik [2011-02-04 22:13:36 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX [2011-02-04 22:13:33 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE [2011-02-04 22:10:53 | 000,070,200 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys [2011-02-04 22:10:53 | 000,028,728 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys [2011-02-04 22:10:52 | 000,016,440 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\drivers\AtiPcie.sys [2011-02-03 23:26:59 | 000,000,000 | ---D | C] -- C:\Users\muad\AppData\Roaming\RegGenie [2011-02-02 22:26:37 | 000,000,000 | ---D | C] -- C:\Users\muad\AppData\Roaming\HD Tune Pro [2011-02-02 22:26:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HD Tune Pro [2011-01-31 22:45:31 | 000,000,000 | ---D | C] -- C:\Users\muad\AppData\Roaming\Media Player Classic [2011-01-31 22:45:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Real Alternative [2011-01-31 12:00:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client [2011-01-31 11:59:49 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client [2011-01-31 09:46:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NOL3 [2011-01-18 13:58:17 | 000,000,000 | ---D | C] -- C:\Users\muad\AppData\Local\AMD [2011-01-18 13:57:21 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD [2011-01-17 20:20:29 | 000,046,136 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdiox64.sys [2011-01-17 20:17:09 | 000,000,000 | ---D | C] -- C:\AMD [2011-01-11 21:37:23 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll [2011-01-11 21:37:23 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011-02-09 23:58:28 | 002,621,440 | -HS- | M] () -- C:\Users\muad\ntuser.dat [2011-02-09 23:36:00 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4235474191-3633559331-3043723501-1000UA.job [2011-02-09 22:42:30 | 000,049,173 | ---- | M] () -- C:\Users\muad\Documents\Wydatki miesięczne.xlsx [2011-02-09 20:36:01 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4235474191-3633559331-3043723501-1000Core.job [2011-02-09 20:01:37 | 000,014,864 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011-02-09 20:01:36 | 000,014,864 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011-02-09 19:53:58 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2011-02-09 19:53:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011-02-09 19:53:44 | 539,037,734 | ---- | M] () -- C:\Windows\MEMORY.DMP [2011-02-09 19:53:41 | 3218,984,960 | -HS- | M] () -- C:\hiberfil.sys [2011-02-09 00:58:02 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini [2011-02-09 00:56:12 | 001,122,422 | -H-- | M] () -- C:\Users\muad\AppData\Local\IconCache.db [2011-02-08 23:52:27 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011-02-08 00:02:52 | 000,005,872 | ---- | M] () -- C:\Users\muad\Documents\2011-02-07.reg [2011-02-07 23:59:19 | 000,001,137 | ---- | M] () -- C:\Users\Public\Desktop\Driver Sweeper.lnk [2011-02-07 23:50:53 | 000,014,174 | ---- | M] () -- C:\Users\muad\Documents\cc_20110207_235048.reg [2011-02-07 22:11:12 | 000,001,769 | ---- | M] () -- C:\Windows\Language_trs.ini [2011-02-06 21:31:01 | 000,002,453 | ---- | M] () -- C:\Users\Public\Desktop\SeaTools for Windows.lnk [2011-02-05 11:26:53 | 000,001,107 | ---- | M] () -- C:\Users\muad\Desktop\Find Drivers with DriverAgent.lnk [2011-02-05 11:26:52 | 000,021,712 | ---- | M] (Phoenix Technologies) -- C:\Windows\SysWow64\drivers\DrvAgent64.SYS [2011-02-05 10:29:11 | 001,532,160 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011-02-05 10:29:11 | 000,690,938 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2011-02-05 10:29:11 | 000,609,896 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011-02-05 10:29:11 | 000,132,432 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2011-02-05 10:29:11 | 000,104,214 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011-02-04 21:32:01 | 000,002,544 | ---- | M] () -- C:\Windows\diagwrn.xml [2011-02-04 21:29:53 | 000,001,890 | ---- | M] () -- C:\Windows\diagerr.xml [2011-02-04 20:37:22 | 000,002,401 | ---- | M] () -- C:\Users\muad\Desktop\Google Chrome.lnk [2011-02-04 19:55:08 | 000,109,632 | ---- | M] () -- C:\Users\muad\AppData\Local\GDIPFONTCACHEV1.DAT [2011-02-04 19:54:35 | 000,524,288 | -HS- | M] () -- C:\Users\muad\ntuser.dat{a0ae85be-308e-11e0-9930-485b39198f7a}.TMContainer00000000000000000002.regtrans-ms [2011-02-04 19:54:35 | 000,524,288 | -HS- | M] () -- C:\Users\muad\ntuser.dat{a0ae85be-308e-11e0-9930-485b39198f7a}.TMContainer00000000000000000001.regtrans-ms [2011-02-04 19:54:35 | 000,065,536 | -HS- | M] () -- C:\Users\muad\ntuser.dat{a0ae85be-308e-11e0-9930-485b39198f7a}.TM.blf [2011-02-02 21:18:56 | 000,009,816 | ---- | M] () -- C:\bootsqm.dat [2011-01-31 22:31:02 | 000,011,246 | ---- | M] () -- C:\Users\muad\Documents\lokata oprocentowanie.xlsx [2011-01-17 00:40:46 | 000,007,589 | ---- | M] () -- C:\Users\muad\AppData\Local\Resmon.ResmonCfg [2011-01-11 19:56:37 | 000,000,390 | ---- | M] () -- C:\Users\muad\Documents\b81f5a1bdc2b18f9cfe6cb99135b053c5f9f632a (1).htm [2011-01-11 19:56:25 | 000,000,390 | ---- | M] () -- C:\Users\muad\Documents\b81f5a1bdc2b18f9cfe6cb99135b053c5f9f632a.htm [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-02-09 00:33:18 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe [2011-02-09 00:33:18 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2011-02-09 00:33:18 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe [2011-02-09 00:33:18 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2011-02-09 00:33:18 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2011-02-08 23:52:27 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011-02-08 23:40:23 | 001,122,422 | -H-- | C] () -- C:\Users\muad\AppData\Local\IconCache.db [2011-02-08 00:02:52 | 000,005,872 | ---- | C] () -- C:\Users\muad\Documents\2011-02-07.reg [2011-02-07 23:59:19 | 000,001,137 | ---- | C] () -- C:\Users\Public\Desktop\Driver Sweeper.lnk [2011-02-07 23:50:50 | 000,014,174 | ---- | C] () -- C:\Users\muad\Documents\cc_20110207_235048.reg [2011-02-07 22:10:12 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll [2011-02-07 21:57:29 | 000,220,496 | ---- | C] () -- C:\Windows\SysNative\SFNHK64.dll [2011-02-07 21:57:29 | 000,081,232 | ---- | C] () -- C:\Windows\SysNative\SFCOM64.dll [2011-02-07 21:57:29 | 000,074,064 | ---- | C] () -- C:\Windows\SysWow64\SFCOM.dll [2011-02-07 21:57:25 | 001,868,944 | ---- | C] () -- C:\Windows\SysNative\MaxxAudioRealtek.dll [2011-02-06 21:31:01 | 000,002,453 | ---- | C] () -- C:\Users\Public\Desktop\SeaTools for Windows.lnk [2011-02-05 11:26:53 | 000,001,107 | ---- | C] () -- C:\Users\muad\Desktop\Find Drivers with DriverAgent.lnk [2011-02-05 10:54:49 | 539,037,734 | ---- | C] () -- C:\Windows\MEMORY.DMP [2011-02-04 21:29:52 | 000,002,544 | ---- | C] () -- C:\Windows\diagwrn.xml [2011-02-04 21:29:52 | 000,001,890 | ---- | C] () -- C:\Windows\diagerr.xml [2011-02-04 19:54:35 | 000,524,288 | -HS- | C] () -- C:\Users\muad\ntuser.dat{a0ae85be-308e-11e0-9930-485b39198f7a}.TMContainer00000000000000000002.regtrans-ms [2011-02-04 19:54:35 | 000,524,288 | -HS- | C] () -- C:\Users\muad\ntuser.dat{a0ae85be-308e-11e0-9930-485b39198f7a}.TMContainer00000000000000000001.regtrans-ms [2011-02-04 19:54:35 | 000,065,536 | -HS- | C] () -- C:\Users\muad\ntuser.dat{a0ae85be-308e-11e0-9930-485b39198f7a}.TM.blf [2011-02-02 21:18:56 | 000,009,816 | ---- | C] () -- C:\bootsqm.dat [2011-01-31 22:31:01 | 000,011,246 | ---- | C] () -- C:\Users\muad\Documents\lokata oprocentowanie.xlsx [2011-01-28 19:04:24 | 000,001,845 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk [2011-01-11 19:56:37 | 000,000,390 | ---- | C] () -- C:\Users\muad\Documents\b81f5a1bdc2b18f9cfe6cb99135b053c5f9f632a (1).htm [2011-01-11 19:56:25 | 000,000,390 | ---- | C] () -- C:\Users\muad\Documents\b81f5a1bdc2b18f9cfe6cb99135b053c5f9f632a.htm [2010-09-28 19:08:19 | 000,000,184 | ---- | C] () -- C:\ProgramData\Setting.dat [2010-09-28 19:08:19 | 000,000,022 | ---- | C] () -- C:\Users\muad\AppData\Roaming\UserFlag.ini [2010-09-14 18:50:52 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll [2010-08-31 19:45:25 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\AsIO.dll [2010-08-31 19:45:25 | 000,013,440 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys [2010-08-31 19:45:23 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys [2010-08-31 19:45:23 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys [2010-08-31 19:10:16 | 001,548,506 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010-08-30 20:01:57 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2010-08-30 20:01:54 | 000,029,654 | ---- | C] () -- C:\Windows\Ascd_tmp.ini [2010-06-03 12:09:13 | 000,000,092 | ---- | C] () -- C:\Users\muad\AppData\Local\fusioncache.dat [2010-05-31 23:03:01 | 000,002,432 | ---- | C] () -- C:\Users\muad\AppData\Local\TempwS4876.html [2010-05-31 23:00:27 | 000,002,432 | ---- | C] () -- C:\Users\muad\AppData\Local\TempcG4544.html [2010-05-31 22:49:02 | 000,002,432 | ---- | C] () -- C:\Users\muad\AppData\Local\TempiR4544.html [2010-05-30 22:17:31 | 000,007,589 | ---- | C] () -- C:\Users\muad\AppData\Local\Resmon.ResmonCfg [2010-05-29 15:52:24 | 000,000,760 | ---- | C] () -- C:\Users\muad\AppData\Roaming\setup_ldm.iss [2009-07-14 05:54:24 | 000,000,174 | -HS- | C] () -- C:\Program Files\desktop.ini [2009-07-14 05:54:24 | 000,000,174 | -HS- | C] () -- C:\Program Files (x86)\desktop.ini [2009-07-14 03:35:42 | 000,001,405 | ---- | C] () -- C:\Windows\msdfmap.ini [2009-07-14 03:34:57 | 000,000,478 | ---- | C] () -- C:\Windows\win.ini [2009-07-14 03:34:57 | 000,000,215 | ---- | C] () -- C:\Windows\system.ini [2009-07-14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009-07-13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009-06-19 19:06:22 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll [2009-06-19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll [2009-06-19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll [2009-06-19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll [2009-06-19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll [2009-06-19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll [2009-06-19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll [2009-06-19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll [2009-06-19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll [2009-06-19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll [2009-04-02 13:30:14 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS [2002-01-01 00:36:03 | 000,109,632 | ---- | C] () -- C:\Users\muad\AppData\Local\GDIPFONTCACHEV1.DAT [color=#E56717]========== LOP Check ==========[/color] [2011-02-05 13:11:47 | 000,000,000 | ---D | M] -- C:\Users\muad\AppData\Roaming\4shared Desktop [2011-02-09 23:27:02 | 000,000,000 | ---D | M] -- C:\Users\muad\AppData\Roaming\AIMP [2010-09-28 19:09:12 | 000,000,000 | ---D | M] -- C:\Users\muad\AppData\Roaming\AutoHideIP [2010-09-16 20:17:40 | 000,000,000 | ---D | M] -- C:\Users\muad\AppData\Roaming\Canon [2010-08-31 18:59:46 | 000,000,000 | ---D | M] -- C:\Users\muad\AppData\Roaming\DAEMON Tools Lite [2010-12-01 20:54:58 | 000,000,000 | ---D | M] -- C:\Users\muad\AppData\Roaming\EAC [2011-01-21 21:57:22 | 000,000,000 | ---D | M] -- C:\Users\muad\AppData\Roaming\FileZilla [2010-09-28 19:06:31 | 000,000,000 | ---D | M] -- C:\Users\muad\AppData\Roaming\FreeHideIP [2010-05-31 23:11:25 | 000,000,000 | ---D | M] -- C:\Users\muad\AppData\Roaming\Gadu-Gadu [2010-07-15 19:49:02 | 000,000,000 | ---D | M] -- C:\Users\muad\AppData\Roaming\gtk-2.0 [2011-02-02 22:28:08 | 000,000,000 | ---D | M] -- C:\Users\muad\AppData\Roaming\HD Tune Pro [2010-10-01 19:35:22 | 000,000,000 | ---D | M] -- C:\Users\muad\AppData\Roaming\ipla [2010-08-31 19:53:00 | 000,000,000 | ---D | M] -- C:\Users\muad\AppData\Roaming\Leadertech [2011-02-04 19:53:14 | 000,000,000 | ---D | M] -- C:\Users\muad\AppData\Roaming\NetMeter [2010-05-28 22:39:40 | 000,000,000 | ---D | M] -- C:\Users\muad\AppData\Roaming\Opera [2011-02-03 23:26:59 | 000,000,000 | ---D | M] -- C:\Users\muad\AppData\Roaming\RegGenie [2010-09-22 22:10:52 | 000,000,000 | ---D | M] -- C:\Users\muad\AppData\Roaming\TuxPaint [2010-09-02 20:05:45 | 000,000,000 | ---D | M] -- C:\Users\muad\AppData\Roaming\Ubisoft [2010-05-30 17:49:59 | 000,000,000 | ---D | M] -- C:\Users\muad\AppData\Roaming\URSoft [2011-02-09 23:25:27 | 000,000,000 | ---D | M] -- C:\Users\muad\AppData\Roaming\uTorrent [2010-06-23 23:23:09 | 000,000,000 | ---D | M] -- C:\Users\muad\AppData\Roaming\WSPWNOUP2007 [2010-07-18 18:52:30 | 000,000,000 | ---D | M] -- C:\Users\muad\AppData\Roaming\XnView [2010-07-15 19:30:02 | 000,000,000 | ---D | M] -- C:\Users\muad\AppData\Roaming\Zoner [2010-12-10 19:30:41 | 000,032,592 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] < End of report >