OTL logfile created on: 21/02/2012 22:44:40 - Run 2
OTL by OldTimer - Version 3.2.33.1     Folder = E:\Instalatory\system-wirusy-anonimowosc-bezpieczenstwo
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
 
4.00 Gb Total Physical Memory | 2.66 Gb Available Physical Memory | 66.43% Memory free
4.00 Gb Paging File | 2.55 Gb Available in Paging File | 63.93% Paging File free
Paging file location(s):  [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 39.88 Gb Total Space | 10.68 Gb Free Space | 26.78% Space Free | Partition Type: NTFS
Drive D: | 200.00 Gb Total Space | 93.63 Gb Free Space | 46.82% Space Free | Partition Type: NTFS
Drive E: | 225.77 Gb Total Space | 10.49 Gb Free Space | 4.65% Space Free | Partition Type: NTFS
 
Computer Name: SLAYER | User Name: Aadvark | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012/02/21 22:41:52 | 000,583,168 | ---- | M] (OldTimer Tools) -- E:\Instalatory\system-wirusy-anonimowosc-bezpieczenstwo\OTL.exe
PRC - [2012/02/15 07:03:14 | 024,246,216 | ---- | M] (Dropbox, Inc.) -- C:\Users\Aadvark\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2011/01/12 23:41:42 | 000,810,144 | ---- | M] (ESET) -- E:\Programy\eset\x86\ekrn.exe
PRC - [2010/09/16 21:06:22 | 000,080,896 | ---- | M] () -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2010/06/01 17:09:52 | 001,268,808 | ---- | M] (Panda Security) -- E:\Programy\security\Panda USB Vaccine\USBVaccine.exe
PRC - [2010/04/14 11:28:44 | 000,073,728 | ---- | M] (Software602 a.s.) -- C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
PRC - [2009/12/16 14:49:00 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files (x86)\Edimax\Common\RaRegistry.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2012/02/15 13:03:36 | 000,429,040 | ---- | M] () -- C:\Users\Aadvark\AppData\Local\Google\Chrome\Application\17.0.963.56\ppGoogleNaClPluginChrome.dll
MOD - [2012/02/15 13:03:34 | 003,772,912 | ---- | M] () -- C:\Users\Aadvark\AppData\Local\Google\Chrome\Application\17.0.963.56\pdf.dll
MOD - [2012/02/15 13:02:10 | 000,122,880 | ---- | M] () -- C:\Users\Aadvark\AppData\Local\Google\Chrome\Application\17.0.963.56\avutil-51.dll
MOD - [2012/02/15 13:02:08 | 000,220,672 | ---- | M] () -- C:\Users\Aadvark\AppData\Local\Google\Chrome\Application\17.0.963.56\avformat-53.dll
MOD - [2012/02/15 13:02:07 | 001,747,456 | ---- | M] () -- C:\Users\Aadvark\AppData\Local\Google\Chrome\Application\17.0.963.56\avcodec-53.dll
MOD - [2012/02/15 10:00:24 | 008,593,568 | ---- | M] () -- C:\Users\Aadvark\AppData\Local\Google\Chrome\Application\17.0.963.56\gcswf32.dll
MOD - [2012/02/15 10:00:24 | 008,593,568 | ---- | M] () -- C:\Users\Aadvark\AppData\Local\Google\Chrome\APPLIC~1\170963~1.56\gcswf32.dll
MOD - [2011/11/09 04:46:02 | 000,093,696 | ---- | M] () -- E:\Programy\FileZilla FTP Client\fzshellext.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2011/10/12 17:55:12 | 005,739,008 | ---- | M] (Native Instruments GmbH) [Auto | Running] -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService)
SRV:[b]64bit:[/b] - [2011/03/03 04:59:03 | 001,436,424 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:[b]64bit:[/b] - [2010/08/19 17:43:23 | 000,386,344 | ---- | M] () [Auto | Running] -- C:\Program Files\Cyberlink\Shared files\RichVideo64.exe -- (RichVideo64)
SRV:[b]64bit:[/b] - [2009/08/14 10:15:40 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2009/07/14 09:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009/07/14 09:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011/07/01 17:46:40 | 000,014,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe -- (OpenVPNService)
SRV - [2011/01/12 23:44:02 | 000,042,360 | ---- | M] (ESET) [On_Demand | Stopped] -- E:\Programy\eset\EHttpSrv.exe -- (EhttpSrv)
SRV - [2011/01/12 23:41:42 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- E:\Programy\eset\x86\ekrn.exe -- (ekrn)
SRV - [2010/09/16 21:06:22 | 000,080,896 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2010/05/21 23:40:13 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/04/14 11:28:44 | 000,073,728 | ---- | M] (Software602 a.s.) [Auto | Running] -- C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe -- (602XML Updater)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/12/16 14:49:12 | 000,212,256 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Program Files (x86)\Edimax\Common\RaRegistry64.exe -- (RalinkRegistryWriter64)
SRV - [2009/12/16 14:49:00 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Program Files (x86)\Edimax\Common\RaRegistry.exe -- (RalinkRegistryWriter)
SRV - [2009/06/11 05:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2006/10/27 07:47:54 | 000,065,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- E:\Programy\Microsoft Office 2007\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2012/01/11 18:34:08 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:[b]64bit:[/b] - [2011/12/19 13:45:22 | 000,146,736 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:[b]64bit:[/b] - [2011/12/15 08:46:42 | 000,222,904 | ---- | M] (QFX Software Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\keyscrambler.sys -- (KeyScrambler)
DRV:[b]64bit:[/b] - [2011/09/09 14:45:30 | 001,660,480 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:[b]64bit:[/b] - [2011/07/29 13:54:56 | 000,016,776 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\epmntdrv.sys -- (epmntdrv)
DRV:[b]64bit:[/b] - [2011/07/29 13:54:56 | 000,009,096 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\EuGdiDrv.sys -- (EuGdiDrv)
DRV:[b]64bit:[/b] - [2011/04/11 20:30:36 | 000,097,360 | ---- | M] (Native Instruments GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\a4djusb.sys -- (a4djusb_svc)
DRV:[b]64bit:[/b] - [2011/04/11 20:30:35 | 000,358,480 | ---- | M] (Native Instruments GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\a4djavs.sys -- (a4djavs)
DRV:[b]64bit:[/b] - [2011/03/11 14:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011/03/11 14:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2011/02/18 23:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:[b]64bit:[/b] - [2011/02/11 10:07:00 | 000,416,032 | ---- | M] (Audiotrack) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Maya44.sys -- (MAYA44)
DRV:[b]64bit:[/b] - [2011/02/11 10:07:00 | 000,054,560 | ---- | M] (usb-audio.de) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pgusbmm3.sys -- (pgusbmme)
DRV:[b]64bit:[/b] - [2010/12/21 22:04:06 | 000,170,640 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:[b]64bit:[/b] - [2010/12/21 22:04:06 | 000,141,264 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:[b]64bit:[/b] - [2010/12/21 20:47:38 | 000,170,640 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:[b]64bit:[/b] - [2010/12/21 20:47:38 | 000,050,624 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:[b]64bit:[/b] - [2010/12/21 20:47:38 | 000,034,144 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\epfwndis.sys -- (Epfwndis)
DRV:[b]64bit:[/b] - [2010/11/23 15:34:00 | 000,030,720 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:[b]64bit:[/b] - [2010/11/20 21:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010/11/20 19:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010/11/20 19:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2010/11/20 18:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:[b]64bit:[/b] - [2010/11/20 17:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2010/06/26 00:08:10 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot)
DRV:[b]64bit:[/b] - [2010/04/16 22:01:40 | 000,042,496 | ---- | M] (ZOOM) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\zmhhpau.sys -- (ZMHHPAudioSrv)
DRV:[b]64bit:[/b] - [2009/12/30 10:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:[b]64bit:[/b] - [2009/12/23 18:36:04 | 000,105,592 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Tpkd.sys -- (Tpkd)
DRV:[b]64bit:[/b] - [2009/11/12 21:48:56 | 000,005,504 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\StarOpen.sys -- (StarOpen)
DRV:[b]64bit:[/b] - [2009/11/02 03:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:[b]64bit:[/b] - [2009/08/14 12:30:12 | 006,201,856 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:[b]64bit:[/b] - [2009/08/10 05:25:45 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:[b]64bit:[/b] - [2009/07/14 09:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/14 09:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/14 09:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/07/14 08:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:[b]64bit:[/b] - [2009/06/25 22:13:44 | 000,055,296 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimspx64.sys -- (rimsptsk)
DRV:[b]64bit:[/b] - [2009/06/11 05:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:[b]64bit:[/b] - [2009/06/11 05:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:[b]64bit:[/b] - [2009/06/11 05:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:[b]64bit:[/b] - [2009/06/11 04:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:[b]64bit:[/b] - [2009/06/11 04:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Sterownik karty Intel(R)
DRV:[b]64bit:[/b] - [2009/06/11 04:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/11 04:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/11 04:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/11 04:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009/03/26 22:44:13 | 000,044,560 | ---- | M] (Native Instruments GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\a4djavs_x64.sys -- (a4djavs_x64)
DRV:[b]64bit:[/b] - [2009/03/26 22:44:10 | 000,249,872 | ---- | M] (Native Instruments GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\a4djusb_x64.sys -- (a4djusb_x64)
DRV:[b]64bit:[/b] - [2007/08/03 11:35:54 | 000,011,392 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)
DRV:[b]64bit:[/b] - [2007/04/17 18:51:50 | 000,014,112 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\regi.sys -- (regi)
DRV - [2011/07/29 13:54:56 | 000,014,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\epmntdrv.sys -- (epmntdrv)
DRV - [2011/07/29 13:54:56 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2009/11/12 21:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysWow64\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/07/14 09:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-3595348222-1430447603-2233241379-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-3595348222-1430447603-2233241379-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3595348222-1430447603-2233241379-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/ncr"
FF - prefs.js..extensions.enabledItems: en-GB@dictionaries.addons.mozilla.org:1.19.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: isreaditlater@ideashower.com:2.1.1
FF - prefs.js..extensions.enabledItems: {ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}:2.7.2
FF - prefs.js..extensions.enabledItems: pl@dictionaries.addons.mozilla.org:1.0.20110211
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: E:\Programy\PDF-XChange\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf:  File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: E:\Programy\Picasa 3\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Aadvark\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Aadvark\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Aadvark\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Aadvark\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.14\extensions\\Components: E:\Programy\Mozilla Firefox\components [2012/01/03 13:31:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.14\extensions\\Plugins: E:\Programy\Mozilla Firefox\plugins [2011/05/06 06:34:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: E:\Programy\eset\Mozilla Thunderbird [2011/08/13 15:52:47 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: E:\Programy\Mozilla Firefox\components [2012/01/03 13:31:39 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: E:\Programy\Mozilla Firefox\plugins [2011/05/06 06:34:04 | 000,000,000 | ---D | M]
 
[2010/07/08 17:18:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Aadvark\AppData\Roaming\mozilla\Extensions
[2010/07/08 17:18:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Aadvark\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2012/02/05 19:11:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Aadvark\AppData\Roaming\mozilla\Firefox\Profiles\y8wm17at.default\extensions
[2012/02/05 19:11:56 | 000,000,000 | ---D | M] (SeoQuake) -- C:\Users\Aadvark\AppData\Roaming\mozilla\Firefox\Profiles\y8wm17at.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}
[2011/01/14 18:41:31 | 000,000,000 | ---D | M] (British English Dictionary) -- C:\Users\Aadvark\AppData\Roaming\mozilla\Firefox\Profiles\y8wm17at.default\extensions\en-GB@dictionaries.addons.mozilla.org
[2012/01/06 21:16:24 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Users\Aadvark\AppData\Roaming\mozilla\Firefox\Profiles\y8wm17at.default\extensions\foxmarks@kei.com
[2012/01/10 00:27:27 | 000,000,000 | ---D | M] (KeyScrambler) -- C:\Users\Aadvark\AppData\Roaming\mozilla\Firefox\Profiles\y8wm17at.default\extensions\keyscrambler@qfx.software.corporation
[2011/06/29 19:03:34 | 000,000,000 | ---D | M] (Polski slownik poprawnej pisowni) -- C:\Users\Aadvark\AppData\Roaming\mozilla\Firefox\Profiles\y8wm17at.default\extensions\pl@dictionaries.addons.mozilla.org
[2011/12/29 21:15:56 | 000,000,000 | ---D | M] (samfind Bookmarks Bar) -- C:\Users\Aadvark\AppData\Roaming\mozilla\Firefox\Profiles\y8wm17at.default\extensions\sam@samfind.com
[2011/11/07 00:33:08 | 000,001,980 | ---- | M] () -- C:\Users\Aadvark\AppData\Roaming\Mozilla\Firefox\Profiles\y8wm17at.default\searchplugins\wolframalpha.xml
() (No name found) -- C:\USERS\AADVARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y8WM17AT.DEFAULT\EXTENSIONS\{E968FC70-8F95-4AB9-9E79-304DE2A71EE1}.XPI
() (No name found) -- C:\USERS\AADVARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y8WM17AT.DEFAULT\EXTENSIONS\ISREADITLATER@IDEASHOWER.COM.XPI
() (No name found) -- C:\USERS\AADVARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y8WM17AT.DEFAULT\EXTENSIONS\KGEN@ELITWORK.COM.XPI
() (No name found) -- C:\USERS\AADVARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y8WM17AT.DEFAULT\EXTENSIONS\SAVE-AS-PDF-FF@PDFCROWD.COM.XPI
() (No name found) -- C:\USERS\AADVARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y8WM17AT.DEFAULT\EXTENSIONS\YSLOW@YAHOO-INC.COM.XPI
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Aadvark\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Aadvark\AppData\Local\Google\Chrome\Application\17.0.963.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Aadvark\AppData\Local\Google\Chrome\Application\17.0.963.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Aadvark\AppData\Local\Google\Chrome\Application\17.0.963.56\pdf.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Aadvark\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Aadvark\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = E:\Programy\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = E:\Programy\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = E:\Programy\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = E:\Programy\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = E:\Programy\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = E:\Programy\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = E:\Programy\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = E:\Programy\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Picasa (Enabled) = E:\Programy\Picasa 3\Picasa3\npPicasa3.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
 
O1 HOSTS File: ([2011/11/16 17:36:13 | 000,076,176 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O1 - Hosts: 127.0.0.1 crl.verisign.net CRL.VERISIGN.NET ood.opsource.net
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.newoa
O1 - Hosts: 127.0.0.1 practivate.adobe.ntp
O1 - Hosts: 127.0.0.1 practivate.adobe.ipp
O1 - Hosts: 127.0.0.1 adobeereg.com
O1 - Hosts: 127.0.0.1 activate.wip1.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip2.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip4.adobe.com
O1 - Hosts: 127.0.0.1 www.adobeereg.com
O1 - Hosts: 127.0.0.1 hl2rcv.adobe.com
O1 - Hosts: 127.0.0.1 wip.adobe.com
O1 - Hosts: 127.0.0.1 wip1.aobe.com
O1 - Hosts: 127.0.0.1 wip2.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip4.adobe.com
O1 - Hosts: 127.0.0.1 www.wip.adobe.com
O1 - Hosts: 127.0.0.1 www.wip1.adobe.com
O1 - Hosts: 127.0.0.1 www.wip2.adobe.com
O1 - Hosts: 2273 more lines...
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll File not found
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\Programy\Microsoft Office 2007\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Programy\Java\bin\jp2ssv.dll File not found
O4:[b]64bit:[/b] - HKLM..\Run: [egui] E:\Programy\eset\egui.exe (ESET)
O4:[b]64bit:[/b] - HKLM..\Run: [itype] C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun File not found
O4 - HKU\S-1-5-20..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun File not found
O4 - HKU\S-1-5-21-3595348222-1430447603-2233241379-1000..\Run: [AdobeBridge]  File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Aadvark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Aadvark\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-3595348222-1430447603-2233241379-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-21-3595348222-1430447603-2233241379-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-21-3595348222-1430447603-2233241379-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-3595348222-1430447603-2233241379-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:[b]64bit:[/b] - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:[b]64bit:[/b] - Extra context menu item: E&ksportuj do programu Microsoft Excel - E:\Programy\Microsoft Office 2007\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - E:\Programy\Microsoft Office 2007\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\Programy\Microsoft Office 2007\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{26A502DE-B7FB-435A-8319-EF05765C6CD0}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C8207E25-6BD5-4916-8DD1-A754D77B4D63}: DhcpNameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D142B8F9-A940-4683-B630-917056296746}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F37A3676-47AD-40D0-BDE3-480C1B4EA9E1}: DhcpNameServer = 192.168.1.1
O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - E:\Programy\Microsoft Office 2007\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - E:\Programy\Microsoft Office 2007\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012/02/21 22:21:56 | 000,000,000 | ---D | C] -- C:\Users\Aadvark\AppData\Roaming\Malwarebytes
[2012/02/21 22:21:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/02/21 22:21:41 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2012/02/21 22:21:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/02/21 16:24:16 | 000,000,000 | ---D | C] -- C:\Users\Aadvark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Replace Pioneer
[2012/02/21 15:20:22 | 000,000,000 | ---D | C] -- C:\Users\Aadvark\Desktop\FaceCrackers-Viral-Script-F_uckcopyright.net
[2012/02/21 12:53:11 | 000,000,000 | ---D | C] -- C:\Users\Aadvark\AppData\Roaming\Sublime Text 2
[2012/02/20 21:26:00 | 000,000,000 | ---D | C] -- C:\Users\Aadvark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/02/20 05:38:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TweetAttacks
[2012/02/19 22:42:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
[2012/02/19 22:02:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Extreme Picture Finder 3
[2012/02/19 22:02:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Extreme Picture Finder
[2012/02/19 21:46:24 | 000,000,000 | ---D | C] -- C:\Users\Aadvark\Desktop\Template Feminina
[2012/02/18 10:43:42 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/02/18 10:43:41 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/02/18 10:43:40 | 002,308,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/02/18 10:43:40 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/02/18 10:43:40 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/02/18 10:43:40 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/02/18 10:43:39 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/02/18 10:43:39 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/02/18 10:43:39 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/02/18 10:43:38 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/02/18 10:43:38 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/02/18 10:41:40 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012/02/14 02:54:35 | 000,000,000 | ---D | C] -- C:\Users\Aadvark\Desktop\AUTOBLOGGING
[2012/02/10 14:49:35 | 000,000,000 | ---D | C] -- C:\Users\Aadvark\AppData\Local\DarkRoom
[2012/02/10 14:48:54 | 000,000,000 | ---D | C] -- C:\Users\Aadvark\Desktop\Dark Room 0.8b
[2012/02/09 10:43:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2012/02/06 22:39:50 | 000,000,000 | ---D | C] -- C:\Users\Aadvark\AppData\Local\Google
[2012/02/05 18:07:10 | 000,000,000 | ---D | C] -- C:\Users\Aadvark\AppData\Roaming\CyberLink
[2012/02/05 18:02:02 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2012/02/05 18:01:51 | 000,000,000 | ---D | C] -- C:\Users\Aadvark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink WaveEditor
[2012/02/05 18:00:46 | 000,000,000 | ---D | C] -- C:\ProgramData\SmartSound Software Inc
[2012/02/05 18:00:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SmartSound Software
[2012/02/05 17:59:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cyberlink
[2012/02/05 17:59:27 | 000,000,000 | ---D | C] -- C:\Program Files\Cyberlink
[2012/02/05 17:46:19 | 000,000,000 | ---D | C] -- C:\ProgramData\CLSK
[2012/02/05 17:46:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2012/02/02 01:14:35 | 000,000,000 | ---D | C] -- C:\Users\Aadvark\AppData\Local\reakktor
[2012/02/02 01:01:21 | 000,000,000 | ---D | C] -- C:\Users\Aadvark\Documents\Reakktor Media
[2012/02/02 00:50:50 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2012/02/02 00:50:50 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2012/02/02 00:50:50 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2012/02/02 00:50:50 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2012/02/02 00:50:50 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2012/02/02 00:50:50 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2012/02/02 00:50:50 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2012/02/02 00:50:50 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2012/02/02 00:50:50 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2012/02/02 00:50:50 | 000,069,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2012/02/02 00:50:50 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2012/02/02 00:50:50 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2012/02/02 00:50:49 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2012/02/02 00:50:49 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2012/02/02 00:50:49 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2012/02/02 00:50:49 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2012/02/02 00:50:49 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2012/02/02 00:50:49 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2012/02/02 00:50:49 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2012/02/02 00:50:49 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2012/02/02 00:50:49 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2012/02/02 00:50:49 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2012/02/02 00:50:48 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2012/02/02 00:50:48 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2012/02/02 00:50:48 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2012/02/02 00:50:48 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2012/02/02 00:50:48 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2012/02/02 00:50:48 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2012/02/02 00:50:48 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2012/02/02 00:50:48 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2012/02/02 00:50:48 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2012/02/02 00:50:48 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2012/02/02 00:50:47 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2012/02/02 00:50:47 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2012/02/02 00:50:47 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2012/02/02 00:50:47 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2012/02/02 00:50:47 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2012/02/02 00:50:47 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2012/02/02 00:50:47 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2012/02/02 00:50:47 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2012/02/02 00:50:47 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2012/02/02 00:50:47 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2012/02/02 00:50:46 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2012/02/02 00:50:46 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2012/02/02 00:50:46 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2012/02/02 00:50:46 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2012/02/02 00:50:46 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2012/02/02 00:50:46 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2012/02/02 00:50:46 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2012/02/02 00:50:46 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2012/02/02 00:50:45 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2012/02/02 00:50:45 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2012/02/02 00:50:45 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2012/02/02 00:50:45 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2012/02/02 00:50:43 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2012/02/02 00:50:43 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2012/02/02 00:50:43 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2012/02/02 00:50:43 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2012/02/02 00:50:43 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2012/02/02 00:50:43 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2012/02/02 00:50:42 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2012/02/02 00:50:42 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2012/02/02 00:50:42 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2012/02/02 00:50:42 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2012/02/02 00:50:42 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2012/02/02 00:50:42 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2012/02/02 00:50:42 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2012/02/02 00:50:42 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2012/02/02 00:50:41 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2012/02/02 00:50:41 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2012/02/02 00:50:41 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2012/02/02 00:50:41 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2012/02/02 00:50:41 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2012/02/02 00:50:41 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2012/02/02 00:49:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gamigo
[2012/02/01 22:33:00 | 000,000,000 | ---D | C] -- C:\Users\Aadvark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TunnelBear
[2012/02/01 19:14:04 | 000,000,000 | ---D | C] -- C:\Users\Aadvark\AppData\Roaming\GetRightToGo
[2012/01/28 15:03:57 | 001,660,480 | ---- | C] (Ralink Technology Corp.) -- C:\Windows\SysNative\drivers\netr28ux.sys
[2012/01/28 15:03:57 | 000,327,008 | ---- | C] (Ralink Technology, Inc.) -- C:\Windows\SysNative\RaCoInstx.dll
[2012/01/28 15:03:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Ralink Driver
[2012/01/28 15:01:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Ralink
[2012/01/28 14:51:26 | 031,894,080 | ---- | C] (Macrovision Corporation) -- C:\Users\Aadvark\Desktop\IS_AP_STA_RT2870_D-3.2.4.0_VA-3.2.4.0_W7-3.2.4.0_RU-4.1.3.0_AU-4.1.1.0_091511_1.5.14.0WP_Free.exe
[2012/01/27 00:01:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Edimax Wireless
[2012/01/27 00:01:16 | 001,063,200 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\SysNative\RAIHV.dll
[2012/01/27 00:01:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Edimax
[2012/01/27 00:00:06 | 000,000,000 | ---D | C] -- C:\Users\Aadvark\Desktop\EW-7711HPn_Win_100226
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012/02/21 22:41:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/02/21 22:31:39 | 000,017,360 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/02/21 22:31:39 | 000,017,360 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/02/21 22:23:52 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/02/21 22:23:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/02/21 22:21:44 | 000,000,657 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2012/02/21 22:15:00 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3595348222-1430447603-2233241379-1000UA.job
[2012/02/21 21:15:01 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3595348222-1430447603-2233241379-1000Core.job
[2012/02/21 18:20:26 | 000,139,228 | ---- | M] () -- C:\Users\Aadvark\Desktop\lose-weight-fast.jpg
[2012/02/21 16:24:16 | 000,000,684 | ---- | M] () -- C:\Users\Aadvark\Desktop\Replace Pioneer.lnk
[2012/02/21 15:18:33 | 000,383,565 | ---- | M] () -- C:\Users\Aadvark\Desktop\FaceCrackers-Viral-Script-F_uckcopyright.net.rar
[2012/02/21 14:28:32 | 000,531,702 | ---- | M] () -- C:\Users\Aadvark\Desktop\%242300_in_3_Days_using_Twitter_Traffic.rar
[2012/02/21 14:03:04 | 000,014,651 | ---- | M] () -- C:\Users\Aadvark\Desktop\index.html
[2012/02/21 09:32:35 | 000,315,020 | ---- | M] () -- C:\Users\Aadvark\Desktop\make-money-online-resource.png
[2012/02/20 23:42:56 | 000,002,324 | ---- | M] () -- C:\Users\Aadvark\Desktop\Google Chrome.lnk
[2012/02/20 18:16:53 | 000,252,173 | ---- | M] () -- C:\Users\Aadvark\Desktop\Justin-Bieber-Cute.jpg
[2012/02/20 15:06:51 | 000,115,073 | ---- | M] () -- C:\Users\Aadvark\Desktop\Justin-Bieber1111.jpg
[2012/02/20 06:33:44 | 001,663,128 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/02/20 06:33:44 | 000,738,122 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2012/02/20 06:33:44 | 000,652,290 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/02/20 06:33:44 | 000,154,778 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2012/02/20 06:33:44 | 000,121,222 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/02/20 05:47:44 | 000,050,497 | ---- | M] () -- C:\Users\Aadvark\Desktop\Przechwytywaniaa111e.JPG
[2012/02/20 05:38:19 | 000,002,539 | ---- | M] () -- C:\Users\Public\Desktop\TweetAttacks.lnk
[2012/02/20 04:44:23 | 000,063,803 | ---- | M] () -- C:\Users\Aadvark\Desktop\leonardo-dicaprio.jpg
[2012/02/19 22:43:01 | 000,000,762 | ---- | M] () -- C:\Users\Public\Desktop\Picasa 3.lnk
[2012/02/19 22:02:30 | 000,000,874 | ---- | M] () -- C:\Users\Aadvark\Desktop\Extreme Picture Finder.lnk
[2012/02/19 21:43:23 | 000,054,171 | ---- | M] () -- C:\Users\Aadvark\Desktop\Blogger-Template- Feminina.zip
[2012/02/18 12:40:35 | 004,133,936 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/02/18 10:57:21 | 001,638,538 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/02/17 18:47:37 | 000,033,530 | ---- | M] () -- C:\Users\Aadvark\Desktop\index-what02.PNG
[2012/02/17 10:13:23 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/02/16 23:02:06 | 000,001,456 | ---- | M] () -- C:\Users\Aadvark\AppData\Local\Adobe Save for Web 12.0 Prefs
[2012/02/16 14:59:05 | 000,001,001 | ---- | M] () -- C:\Users\Aadvark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012/02/16 11:27:25 | 000,045,544 | ---- | M] () -- C:\Users\Aadvark\Desktop\semantic-on-side-seo.PNG
[2012/02/13 19:46:57 | 000,556,383 | ---- | M] () -- C:\Users\Aadvark\Desktop\282222-admin.jpg
[2012/02/13 15:37:02 | 000,156,671 | ---- | M] () -- C:\Users\Aadvark\Desktop\mmorpgblast.com.jpg
[2012/02/13 01:20:42 | 000,000,132 | ---- | M] () -- C:\Users\Aadvark\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012/02/13 01:07:22 | 000,005,595 | ---- | M] () -- C:\Users\Aadvark\Desktop\ory_lo.png
[2012/02/12 17:51:12 | 000,037,276 | ---- | M] () -- C:\Users\Aadvark\Desktop\Halo_Reach_Noble_Team-670x360.jpg
[2012/02/12 01:21:10 | 000,050,569 | ---- | M] () -- C:\Users\Aadvark\Desktop\screenshot.jpg
[2012/02/11 13:51:43 | 000,346,763 | ---- | M] () -- C:\Users\Aadvark\Desktop\dating.zip
[2012/02/11 13:14:51 | 000,864,493 | ---- | M] () -- C:\Users\Aadvark\Desktop\evoreactor.com-click.jpg
[2012/02/09 23:38:21 | 000,034,754 | ---- | M] () -- C:\Users\Aadvark\Desktop\GOPROUSER.png
[2012/02/09 21:28:20 | 014,412,602 | ---- | M] () -- C:\Users\Aadvark\Desktop\18 - Yngwie Malmsteen - Gimme Gimme Gimme (Abba).mp3
[2012/02/09 21:14:06 | 000,076,798 | ---- | M] () -- C:\Users\Aadvark\Desktop\image.jpeg
[2012/02/09 12:01:38 | 000,360,889 | ---- | M] () -- C:\Users\Aadvark\Desktop\I love my girlfriend. But partially reverting to the single life when she's out of town can be pretty awesome..jpg
[2012/02/09 10:43:53 | 000,002,212 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2012/02/07 18:15:51 | 003,029,869 | ---- | M] () -- C:\Users\Aadvark\Desktop\The Game - Neil Strauss.pdf
[2012/02/07 00:23:33 | 000,951,751 | ---- | M] () -- C:\Users\Aadvark\Desktop\Untitled-1.jpg
[2012/02/05 23:15:35 | 010,905,839 | ---- | M] () -- C:\Users\Aadvark\Desktop\SIA - Breath me [-ALexBULDOZER-] .mp3
[2012/02/05 18:01:51 | 000,002,083 | ---- | M] () -- C:\Users\Aadvark\Desktop\CyberLink WaveEditor.lnk
[2012/02/05 17:59:40 | 000,000,838 | ---- | M] () -- C:\Users\Public\Desktop\CyberLink PowerDirector 10.lnk
[2012/02/05 14:52:02 | 000,517,125 | ---- | M] () -- C:\Users\Aadvark\Desktop\evoreactor.com-1.jpg
[2012/02/05 14:34:54 | 000,276,459 | ---- | M] () -- C:\Users\Aadvark\Desktop\evoreactor11.jpg
[2012/02/05 11:47:04 | 001,031,760 | ---- | M] () -- C:\Users\Aadvark\Desktop\szymon_sliwowski.jpg
[2012/02/04 21:11:40 | 000,000,730 | ---- | M] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2012/02/01 16:35:55 | 000,002,002 | ---- | M] () -- C:\Users\Aadvark\Desktop\Untitled-8.png
[2012/02/01 16:32:12 | 000,028,699 | ---- | M] () -- C:\Users\Aadvark\Desktop\Untitled-5.png
[2012/01/29 23:31:04 | 000,094,295 | ---- | M] () -- C:\Users\Aadvark\Desktop\evo2.jpg
[2012/01/29 18:29:47 | 000,228,803 | ---- | M] () -- C:\Users\Aadvark\Desktop\wnetwatcher.zip
[2012/01/29 01:01:58 | 000,000,472 | ---- | M] () -- C:\Users\Aadvark\Desktop\mac addresses
[2012/01/28 14:54:43 | 031,894,080 | ---- | M] (Macrovision Corporation) -- C:\Users\Aadvark\Desktop\IS_AP_STA_RT2870_D-3.2.4.0_VA-3.2.4.0_W7-3.2.4.0_RU-4.1.3.0_AU-4.1.1.0_091511_1.5.14.0WP_Free.exe
[2012/01/23 00:11:41 | 000,000,629 | ---- | M] () -- C:\Users\Aadvark\Desktop\fb share.act
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012/02/21 22:21:44 | 000,000,657 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2012/02/21 18:20:26 | 000,139,228 | ---- | C] () -- C:\Users\Aadvark\Desktop\lose-weight-fast.jpg
[2012/02/21 16:24:16 | 000,000,684 | ---- | C] () -- C:\Users\Aadvark\Desktop\Replace Pioneer.lnk
[2012/02/21 15:18:33 | 000,383,565 | ---- | C] () -- C:\Users\Aadvark\Desktop\FaceCrackers-Viral-Script-F_uckcopyright.net.rar
[2012/02/21 14:29:06 | 000,551,177 | ---- | C] () -- C:\Users\Aadvark\Desktop\$2300 in 3 Days using Twitter Traffic.pdf
[2012/02/21 14:28:32 | 000,531,702 | ---- | C] () -- C:\Users\Aadvark\Desktop\%242300_in_3_Days_using_Twitter_Traffic.rar
[2012/02/21 14:01:29 | 000,014,651 | ---- | C] () -- C:\Users\Aadvark\Desktop\index.html
[2012/02/21 12:52:04 | 000,000,649 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sublime Text 2.lnk
[2012/02/21 09:32:34 | 000,315,020 | ---- | C] () -- C:\Users\Aadvark\Desktop\make-money-online-resource.png
[2012/02/20 23:42:56 | 000,002,324 | ---- | C] () -- C:\Users\Aadvark\Desktop\Google Chrome.lnk
[2012/02/20 21:10:13 | 000,000,916 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3595348222-1430447603-2233241379-1000UA.job
[2012/02/20 21:10:13 | 000,000,864 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3595348222-1430447603-2233241379-1000Core.job
[2012/02/20 18:15:24 | 000,252,173 | ---- | C] () -- C:\Users\Aadvark\Desktop\Justin-Bieber-Cute.jpg
[2012/02/20 15:06:50 | 000,115,073 | ---- | C] () -- C:\Users\Aadvark\Desktop\Justin-Bieber1111.jpg
[2012/02/20 05:47:44 | 000,050,497 | ---- | C] () -- C:\Users\Aadvark\Desktop\Przechwytywaniaa111e.JPG
[2012/02/20 05:38:19 | 000,002,539 | ---- | C] () -- C:\Users\Public\Desktop\TweetAttacks.lnk
[2012/02/20 04:43:38 | 000,063,803 | ---- | C] () -- C:\Users\Aadvark\Desktop\leonardo-dicaprio.jpg
[2012/02/19 22:43:01 | 000,000,762 | ---- | C] () -- C:\Users\Public\Desktop\Picasa 3.lnk
[2012/02/19 22:02:30 | 000,000,874 | ---- | C] () -- C:\Users\Aadvark\Desktop\Extreme Picture Finder.lnk
[2012/02/19 21:46:24 | 000,179,911 | ---- | C] () -- C:\Users\Aadvark\Desktop\Template Feminina3.xml
[2012/02/19 21:43:22 | 000,054,171 | ---- | C] () -- C:\Users\Aadvark\Desktop\Blogger-Template- Feminina.zip
[2012/02/17 18:47:37 | 000,033,530 | ---- | C] () -- C:\Users\Aadvark\Desktop\index-what02.PNG
[2012/02/16 11:27:25 | 000,045,544 | ---- | C] () -- C:\Users\Aadvark\Desktop\semantic-on-side-seo.PNG
[2012/02/13 19:46:57 | 000,556,383 | ---- | C] () -- C:\Users\Aadvark\Desktop\282222-admin.jpg
[2012/02/13 15:36:56 | 000,156,671 | ---- | C] () -- C:\Users\Aadvark\Desktop\mmorpgblast.com.jpg
[2012/02/13 01:07:21 | 000,005,595 | ---- | C] () -- C:\Users\Aadvark\Desktop\ory_lo.png
[2012/02/12 17:51:12 | 000,037,276 | ---- | C] () -- C:\Users\Aadvark\Desktop\Halo_Reach_Noble_Team-670x360.jpg
[2012/02/12 01:19:14 | 000,050,569 | ---- | C] () -- C:\Users\Aadvark\Desktop\screenshot.jpg
[2012/02/11 13:51:43 | 000,346,763 | ---- | C] () -- C:\Users\Aadvark\Desktop\dating.zip
[2012/02/11 13:11:58 | 000,864,493 | ---- | C] () -- C:\Users\Aadvark\Desktop\evoreactor.com-click.jpg
[2012/02/09 23:38:20 | 000,034,754 | ---- | C] () -- C:\Users\Aadvark\Desktop\GOPROUSER.png
[2012/02/09 21:27:42 | 014,412,602 | ---- | C] () -- C:\Users\Aadvark\Desktop\18 - Yngwie Malmsteen - Gimme Gimme Gimme (Abba).mp3
[2012/02/09 21:14:06 | 000,076,798 | ---- | C] () -- C:\Users\Aadvark\Desktop\image.jpeg
[2012/02/09 12:01:38 | 000,360,889 | ---- | C] () -- C:\Users\Aadvark\Desktop\I love my girlfriend. But partially reverting to the single life when she's out of town can be pretty awesome..jpg
[2012/02/09 10:43:53 | 000,002,212 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2012/02/07 18:15:33 | 003,029,869 | ---- | C] () -- C:\Users\Aadvark\Desktop\The Game - Neil Strauss.pdf
[2012/02/07 00:23:30 | 000,951,751 | ---- | C] () -- C:\Users\Aadvark\Desktop\Untitled-1.jpg
[2012/02/05 23:15:06 | 010,905,839 | ---- | C] () -- C:\Users\Aadvark\Desktop\SIA - Breath me [-ALexBULDOZER-] .mp3
[2012/02/05 18:01:51 | 000,002,083 | ---- | C] () -- C:\Users\Aadvark\Desktop\CyberLink WaveEditor.lnk
[2012/02/05 17:59:40 | 000,000,838 | ---- | C] () -- C:\Users\Public\Desktop\CyberLink PowerDirector 10.lnk
[2012/02/05 14:52:00 | 000,517,125 | ---- | C] () -- C:\Users\Aadvark\Desktop\evoreactor.com-1.jpg
[2012/02/05 14:34:54 | 000,276,459 | ---- | C] () -- C:\Users\Aadvark\Desktop\evoreactor11.jpg
[2012/02/05 11:46:55 | 001,031,760 | ---- | C] () -- C:\Users\Aadvark\Desktop\szymon_sliwowski.jpg
[2012/02/04 21:11:40 | 000,000,730 | ---- | C] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2012/02/02 00:56:26 | 001,638,538 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/02/01 23:55:07 | 000,001,456 | ---- | C] () -- C:\Users\Aadvark\AppData\Local\Adobe Save for Web 12.0 Prefs
[2012/02/01 23:41:59 | 000,000,132 | ---- | C] () -- C:\Users\Aadvark\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012/02/01 16:58:23 | 000,001,001 | ---- | C] () -- C:\Users\Aadvark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012/02/01 16:35:55 | 000,002,002 | ---- | C] () -- C:\Users\Aadvark\Desktop\Untitled-8.png
[2012/02/01 16:32:12 | 000,028,699 | ---- | C] () -- C:\Users\Aadvark\Desktop\Untitled-5.png
[2012/01/29 23:30:27 | 000,094,295 | ---- | C] () -- C:\Users\Aadvark\Desktop\evo2.jpg
[2012/01/29 18:29:47 | 000,228,803 | ---- | C] () -- C:\Users\Aadvark\Desktop\wnetwatcher.zip
[2012/01/29 02:11:59 | 000,000,472 | ---- | C] () -- C:\Users\Aadvark\Desktop\mac addresses
[2012/01/28 15:03:57 | 000,014,119 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat
[2012/01/28 15:03:57 | 000,014,119 | ---- | C] () -- C:\Windows\SysNative\RaCoInst.dat
[2012/01/23 00:11:41 | 000,000,629 | ---- | C] () -- C:\Users\Aadvark\Desktop\fb share.act
[2012/01/11 21:09:46 | 000,000,001 | ---- | C] () -- C:\Users\Aadvark\AppData\Local\llftool.4.25.agreement
[2011/11/23 08:37:27 | 000,158,720 | ---- | C] () -- C:\Windows\SysWow64\WS_VideoConverterContextMenu.dll
[2011/11/10 15:40:05 | 000,001,496 | ---- | C] () -- C:\Users\Aadvark\AppData\Local\Adobe Zapisz dla Internetu 12.0 Prefs
[2011/11/10 03:05:59 | 000,000,132 | ---- | C] () -- C:\Users\Aadvark\AppData\Roaming\Preferencje Adobe CS5 dla formatu PNG
[2011/11/10 02:42:33 | 000,000,132 | ---- | C] () -- C:\Users\Aadvark\AppData\Roaming\Preferencje Adobe CS5 dla formatu BMP
[2011/11/06 20:33:12 | 002,469,760 | ---- | C] () -- C:\Windows\SysWow64\BootMan.exe
[2011/11/06 20:33:12 | 000,086,408 | ---- | C] () -- C:\Windows\SysWow64\setupempdrv03.exe
[2011/11/06 20:33:12 | 000,019,840 | ---- | C] () -- C:\Windows\SysWow64\EuEpmGdi.dll
[2011/11/06 20:33:12 | 000,014,216 | ---- | C] () -- C:\Windows\SysWow64\epmntdrv.sys
[2011/11/06 20:33:12 | 000,008,456 | ---- | C] () -- C:\Windows\SysWow64\EuGdiDrv.sys
[2011/10/12 16:16:30 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011/08/30 21:19:28 | 000,002,828 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2011/08/30 21:19:28 | 000,000,088 | RHS- | C] () -- C:\ProgramData\9E604C2DF0.sys
[2011/06/25 10:06:27 | 006,904,040 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall.exe
[2011/06/25 10:06:27 | 000,017,852 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Music Converter.dat
[2011/05/20 23:14:30 | 000,000,414 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/05/10 16:32:07 | 000,000,600 | ---- | C] () -- C:\Users\Aadvark\AppData\Local\PUTTY.RND
[2011/03/11 05:34:06 | 000,168,960 | ---- | C] () -- C:\Windows\HoboCopy.exe
[2010/08/08 00:20:24 | 000,245,760 | ---- | C] () -- C:\Windows\SysWow64\ImxEx.dll
[2010/07/11 02:54:52 | 000,163,840 | ---- | C] () -- C:\Windows\SysWow64\ArtFfct.dll
[2010/06/12 14:45:09 | 000,000,279 | ---- | C] () -- C:\Windows\game.ini
[2010/05/17 21:52:46 | 000,007,603 | ---- | C] () -- C:\Users\Aadvark\AppData\Local\Resmon.ResmonCfg
[2010/05/17 06:12:53 | 000,007,168 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
[2010/05/17 03:49:59 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2011/11/09 03:11:03 | 000,000,000 | ---D | M] -- C:\Users\Aadvark\AppData\Roaming\602Installer
[2011/05/16 20:48:29 | 000,000,000 | ---D | M] -- C:\Users\Aadvark\AppData\Roaming\Ableton
[2011/03/03 22:49:22 | 000,000,000 | ---D | M] -- C:\Users\Aadvark\AppData\Roaming\Autodesk
[2010/06/02 23:09:01 | 000,000,000 | ---D | M] -- C:\Users\Aadvark\AppData\Roaming\Canneverbe Limited
[2011/04/24 17:41:35 | 000,000,000 | ---D | M] -- C:\Users\Aadvark\AppData\Roaming\Cycling '74
[2011/06/28 16:20:00 | 000,000,000 | ---D | M] -- C:\Users\Aadvark\AppData\Roaming\dBpoweramp
[2011/01/28 20:10:46 | 000,000,000 | ---D | M] -- C:\Users\Aadvark\AppData\Roaming\DMCache
[2012/02/21 22:26:12 | 000,000,000 | ---D | M] -- C:\Users\Aadvark\AppData\Roaming\Dropbox
[2010/08/28 01:48:14 | 000,000,000 | ---D | M] -- C:\Users\Aadvark\AppData\Roaming\EPSON
[2011/01/30 01:02:16 | 000,000,000 | ---D | M] -- C:\Users\Aadvark\AppData\Roaming\ESET
[2012/02/05 20:34:59 | 000,000,000 | ---D | M] -- C:\Users\Aadvark\AppData\Roaming\FileZilla
[2011/03/09 21:32:04 | 000,000,000 | ---D | M] -- C:\Users\Aadvark\AppData\Roaming\Fit3DLive
[2012/02/19 20:34:10 | 000,000,000 | ---D | M] -- C:\Users\Aadvark\AppData\Roaming\foobar2000
[2012/02/02 00:43:18 | 000,000,000 | ---D | M] -- C:\Users\Aadvark\AppData\Roaming\GetRightToGo
[2010/11/10 09:52:55 | 000,000,000 | ---D | M] -- C:\Users\Aadvark\AppData\Roaming\gtk-2.0
[2011/01/28 06:33:44 | 000,000,000 | ---D | M] -- C:\Users\Aadvark\AppData\Roaming\Leadertech
[2010/05/17 05:29:00 | 000,000,000 | ---D | M] -- C:\Users\Aadvark\AppData\Roaming\Opera
[2012/01/10 00:28:11 | 000,000,000 | ---D | M] -- C:\Users\Aadvark\AppData\Roaming\QFX Software
[2011/12/01 16:08:48 | 000,000,000 | ---D | M] -- C:\Users\Aadvark\AppData\Roaming\Software Informer
[2011/11/29 19:03:15 | 000,000,000 | ---D | M] -- C:\Users\Aadvark\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012/02/21 12:53:11 | 000,000,000 | ---D | M] -- C:\Users\Aadvark\AppData\Roaming\Sublime Text 2
[2011/11/25 22:56:56 | 000,000,000 | ---D | M] -- C:\Users\Aadvark\AppData\Roaming\TeamViewer
[2010/05/29 01:20:50 | 000,000,000 | ---D | M] -- C:\Users\Aadvark\AppData\Roaming\Thinstall
[2010/09/11 23:05:03 | 000,000,000 | ---D | M] -- C:\Users\Aadvark\AppData\Roaming\Uniblue
[2011/11/15 14:33:34 | 000,000,000 | ---D | M] -- C:\Users\Aadvark\AppData\Roaming\Wise Registry Cleaner
[2011/11/23 08:37:24 | 000,000,000 | ---D | M] -- C:\Users\Aadvark\AppData\Roaming\Wondershare
[2011/11/09 03:53:51 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\602Installer
[2011/03/10 08:07:56 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\ESET
[2011/03/10 08:12:08 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Fit3DLive
[2011/03/10 08:08:14 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\HTC
[2011/03/10 08:09:13 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Opera
[2012/02/01 11:23:35 | 000,032,604 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 1230 bytes -> C:\Users\Aadvark\AppData\Local\Temp:MSjKFdhKsKZQQcUWBIV06
@Alternate Data Stream - 1218 bytes -> C:\Users\Aadvark\Ustawienia lokalne:OVb6OuSvgnAZ74vM0nnxGBsyyA
@Alternate Data Stream - 1218 bytes -> C:\Users\Aadvark\AppData\Local\Dane aplikacji:OVb6OuSvgnAZ74vM0nnxGBsyyA
@Alternate Data Stream - 1152 bytes -> C:\Users\Aadvark\AppData\Local\Temp:tne448FOArf5SLoBv57ZqMI

< End of report >