x-kom hosting

Logi - Profilaktycznie

Demonrex
utworzono
utworzono

Tak jak w temacie, oraz jeden mały problem. Jak dzisiaj włączyłem komputer, zalogowałem się, to pasek narzędzi nie chciał w ogóle odpowiadać. Niby wszystkie programy się uruchomiły(antywirus, firewall, ,sterowniki) ale tak naprawdę nie działały. Gdy zrzuciłem do paska przeglądarkę nie było jej widać (sprawdziłem czy jest uruchomiona używając alt+tab, i była uruchomiona). Po ponownym uruchomieniu wszystko było dobrze. Nie wiem czy to jest jakiś problem, ale wole to sprawdzić i być pewny na 100%. Poniżej logi :)
OTL [log]OTL logfile created on: 2010-06-20 10:42:22 - Run 3
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Users\Michal\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 46,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 72,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 68,82 Gb Total Space | 27,86 Gb Free Space | 40,49% Space Free | Partition Type: NTFS
Drive D: | 164,06 Gb Total Space | 127,76 Gb Free Space | 77,88% Space Free | Partition Type: NTFS
Drive E: | 237,41 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MICHAL-PC
Current User Name: Michal
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-06-20 10:40:11 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\Michal\Downloads\OTL.exe
PRC - [2010-06-03 11:13:33 | 002,065,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2010-06-03 11:13:29 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010-06-03 11:13:28 | 000,620,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010-06-03 11:13:06 | 000,722,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010-06-03 11:13:05 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010-06-02 07:57:48 | 000,945,648 | ---- | M] (Google Inc.) -- C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
PRC - [2010-05-18 14:36:42 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010-05-14 23:58:15 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe
PRC - [2010-05-04 16:05:48 | 011,981,408 | ---- | M] (GG Network S.A.) -- D:\Gadu-Gadu 10\gg.exe
PRC - [2010-04-01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2010-03-26 12:02:56 | 008,546,848 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
PRC - [2010-02-18 11:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2009-05-16 05:24:24 | 000,335,872 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009-05-16 05:23:56 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009-04-22 17:38:50 | 000,065,536 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
PRC - [2009-04-22 17:37:16 | 000,065,536 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
PRC - [2009-04-11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe
PRC - [2009-04-11 08:28:10 | 001,055,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\VSSVC.exe
PRC - [2009-04-11 08:28:07 | 000,169,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe
PRC - [2009-04-11 08:28:07 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\servicing\TrustedInstaller.exe
PRC - [2009-04-11 08:28:05 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe
PRC - [2009-04-11 08:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe
PRC - [2009-04-11 08:27:59 | 000,441,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe
PRC - [2009-04-11 08:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe
PRC - [2009-04-11 08:27:49 | 003,408,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe
PRC - [2009-04-11 08:27:45 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msiexec.exe
PRC - [2009-04-11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009-04-11 08:27:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe
PRC - [2009-04-11 08:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2008-10-25 11:44:34 | 000,031,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
PRC - [2008-01-18 23:33:42 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exe
PRC - [2008-01-18 23:33:38 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe
PRC - [2008-01-18 23:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-18 23:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-18 23:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-18 23:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-18 23:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-18 23:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-18 23:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-18 23:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-18 23:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-18 23:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-18 23:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-18 23:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-18 23:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-18 23:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-18 23:33:16 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe
PRC - [2008-01-18 23:33:16 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mobsync.exe
PRC - [2008-01-18 23:33:06 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-06-20 10:40:11 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\Michal\Downloads\OTL.exe
MOD - [2010-05-18 14:36:57 | 000,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
MOD - [2010-05-15 00:10:38 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll
MOD - [2010-05-14 23:58:15 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll
MOD - [2010-05-14 23:49:19 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll
MOD - [2010-05-14 22:30:26 | 000,784,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll
MOD - [2009-09-25 00:54:55 | 000,258,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv
MOD - [2009-04-28 10:05:56 | 000,715,264 | ---- | M] (Agnitum Ltd.) -- c:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll
MOD - [2009-04-11 08:28:25 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll
MOD - [2009-04-11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll
MOD - [2009-04-11 08:28:25 | 000,502,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll
MOD - [2009-04-11 08:28:25 | 000,287,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll
MOD - [2009-04-11 08:28:25 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll
MOD - [2009-04-11 08:28:25 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll
MOD - [2009-04-11 08:28:24 | 011,584,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll
MOD - [2009-04-11 08:28:24 | 001,591,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll
MOD - [2009-04-11 08:28:24 | 001,068,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll
MOD - [2009-04-11 08:28:24 | 000,353,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll
MOD - [2009-04-11 08:28:24 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll
MOD - [2009-04-11 08:28:24 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll
MOD - [2009-04-11 08:28:23 | 001,316,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll
MOD - [2009-04-11 08:28:23 | 000,754,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll
MOD - [2009-04-11 08:28:23 | 000,563,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll
MOD - [2009-04-11 08:28:23 | 000,467,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netapi32.dll
MOD - [2009-04-11 08:28:23 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll
MOD - [2009-04-11 08:28:23 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll
MOD - [2009-04-11 08:28:22 | 000,679,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll
MOD - [2009-04-11 08:28:20 | 000,891,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll
MOD - [2009-04-11 08:28:20 | 000,807,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll
MOD - [2009-04-11 08:28:20 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll
MOD - [2009-04-11 08:28:20 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll
MOD - [2009-04-11 08:28:19 | 000,297,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll
MOD - [2009-04-11 08:28:18 | 000,450,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll
MOD - [2009-04-11 08:28:18 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authz.dll
MOD - [2009-04-11 08:28:17 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll
MOD - [2009-04-11 08:28:17 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll
MOD - [2009-04-11 08:27:49 | 001,202,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll
MOD - [2009-04-11 08:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2008-01-18 23:37:14 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll
MOD - [2008-01-18 23:37:10 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ws2_32.dll
MOD - [2008-01-18 23:36:50 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll
MOD - [2008-01-18 23:36:48 | 000,240,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll
MOD - [2008-01-18 23:36:36 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll
MOD - [2008-01-18 23:35:58 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll
MOD - [2008-01-18 23:33:54 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll
MOD - [2008-01-18 23:33:02 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2006-11-02 11:46:12 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2010-05-18 14:36:42 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010-05-03 19:01:00 | 003,658,096 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2009-09-25 03:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009-05-16 05:23:56 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009-04-28 10:06:06 | 001,195,008 | ---- | M] (Agnitum Ltd.) [Auto | Running] -- C:\Program Files\Agnitum\Outpost Firewall\acs.exe -- (acssrv)
SRV - [2008-01-18 23:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2005-08-02 23:18:49 | 000,086,016 | ---- | M] (CACE Technologies) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2010-06-05 19:21:15 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010-06-03 11:13:29 | 000,242,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010-06-03 11:13:29 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010-05-18 14:36:48 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010-03-26 12:24:58 | 003,048,096 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009-09-02 05:09:24 | 000,176,128 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2009-05-16 06:01:22 | 004,933,632 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009-04-24 07:43:36 | 000,095,544 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009-04-06 11:37:12 | 000,704,384 | ---- | M] (Agnitum Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\SandBox.sys -- (SandBox)
DRV - [2009-02-18 17:27:54 | 000,029,208 | ---- | M] (Agnitum Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\afw.sys -- (afw)
DRV - [2009-02-10 16:12:48 | 000,307,224 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afwcore.sys -- (afwcore)
DRV - [2006-11-02 11:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006-11-02 11:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006-11-02 11:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006-11-02 11:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006-11-02 11:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006-11-02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006-11-02 11:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006-11-02 11:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006-11-02 11:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006-11-02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006-11-02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006-11-02 11:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006-11-02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006-11-02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006-11-02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006-11-02 11:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006-11-02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006-11-02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006-11-02 11:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006-11-02 11:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006-11-02 11:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006-11-02 11:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006-11-02 11:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006-11-02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006-11-02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006-11-02 11:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006-11-02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006-11-02 11:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006-11-02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006-11-02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006-11-02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006-11-02 11:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006-11-02 11:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006-11-02 11:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006-11-02 11:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006-11-02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006-11-02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006-11-02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006-11-02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006-11-02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006-11-02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006-11-02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006-11-02 09:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2005-08-02 23:10:13 | 000,032,512 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\npf.sys -- (NPF)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2383811976-2136801530-783135697-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-2383811976-2136801530-783135697-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKU\S-1-5-21-2383811976-2136801530-783135697-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.825
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20

FF - HKLM\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010-06-03 11:15:22 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-05-15 15:37:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-05-25 14:05:54 | 000,000,000 | ---D | M]

[2010-05-15 15:37:32 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\mozilla\Extensions
[2010-06-02 18:36:56 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\mozilla\Firefox\Profiles\cj88mru7.default\extensions
[2010-06-02 18:36:41 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Michal\AppData\Roaming\mozilla\Firefox\Profiles\cj88mru7.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010-05-22 10:47:55 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010-05-17 18:37:19 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010-05-22 10:47:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010-05-22 10:47:39 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010-05-19 16:38:12 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
[2010-04-01 19:33:11 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-04-01 19:33:11 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-04-01 19:33:11 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-04-01 19:33:11 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-04-01 19:33:11 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-04-01 19:33:11 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2006-09-18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\ProgramData\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [EPSON Stylus DX3800 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe File not found
O4 - HKLM..\Run: [OutpostFeedBack] C:\Program Files\Agnitum\Outpost Firewall\feedback.exe (Agnitum Ltd.)
O4 - HKLM..\Run: [OutpostMonitor] C:\Program Files\Agnitum\Outpost Firewall\op_mon.exe (Agnitum Ltd.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2383811976-2136801530-783135697-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-2383811976-2136801530-783135697-1000..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe File not found
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.172.224.160 89.228.7.226
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~1\agnitum\outpos~1\wl_hook.dll) - c:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Agnitum Ltd.)
O20 - AppInit_DLLs: (avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Michal\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg
O24 - Desktop BackupWallPaper: C:\Users\Michal\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2007-11-29 10:19:56 | 000,000,052 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2004-02-26 16:13:53 | 000,372,736 | R--- | M] () - E:\AutoRun.exe -- [ CDFS ]
O33 - MountPoints2\{0c730f3c-5f8b-11df-9f9d-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{0c730f3c-5f8b-11df-9f9d-806e6f6e6963}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2004-02-26 16:13:53 | 000,372,736 | R--- | M] ()
O33 - MountPoints2\{fca3d9ed-70c6-11df-b081-001d7d77753b}\Shell - "" = AutoRun
O33 - MountPoints2\{fca3d9ed-70c6-11df-b081-001d7d77753b}\Shell\AutoRun\command - "" = J:\setup.exe -- File not found
O33 - MountPoints2\{fca3d9ed-70c6-11df-b081-001d7d77753b}\Shell\dinstall\command - "" = J:\DirectX9\DXSETUP.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias [2010-05-15 10:53:43 | 000,000,000 | ---D | M]
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^diPhoto Home diUpdate.lnk - C:\PROGRA~1\River\DIPHOT~1\diupdate.exe - File not found
MsConfig - State: "startup" - 2

SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vsmon - Service
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-06-20 10:36:18 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010-06-19 20:39:14 | 000,000,000 | ---D | C] -- C:\Users\Michal\Documents\Aspyr
[2010-06-19 20:39:14 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Local\Aspyr
[2010-06-18 19:15:02 | 000,000,000 | ---D | C] -- C:\Users\Michal\Documents\NFS SHIFT
[2010-06-18 11:47:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx
[2010-06-18 10:39:24 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks
[2010-06-11 13:53:38 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010-06-11 13:53:37 | 000,000,000 | ---D | C] -- C:\rsit
[2010-06-09 16:22:53 | 000,000,000 | ---D | C] -- C:\Users\Michal\Documents\Eidos
[2010-06-08 18:19:46 | 000,000,000 | ---D | C] -- C:\Users\Michal\Documents\GTA San Andreas User Files
[2010-06-08 17:55:58 | 000,000,000 | ---D | C] -- C:\Users\Michal\Desktop\dodatek simsy
[2010-06-08 15:12:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2010-06-08 15:12:45 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Arts
[2010-06-08 07:33:01 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2010-06-07 17:13:55 | 000,000,000 | ---D | C] -- C:\Users\Michal\Desktop\NaxedOt
[2010-06-07 16:35:12 | 000,000,000 | R--D | C] -- C:\Users\Michal\Desktop\Alissow Ots 3.7 BETA
[2010-06-06 17:59:02 | 000,000,000 | ---D | C] -- C:\Users\Michal\Documents\My Games
[2010-06-06 17:59:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Age of Empires 3
[2010-06-06 17:53:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Games
[2010-06-06 09:25:49 | 000,000,000 | ---D | C] -- C:\Users\Michal\Desktop\pustynia
[2010-06-06 09:25:49 | 000,000,000 | ---D | C] -- C:\Users\Michal\Desktop\expy
[2010-06-06 09:25:49 | 000,000,000 | ---D | C] -- C:\Users\Michal\Desktop\eee
[2010-06-06 09:07:49 | 000,000,000 | ---D | C] -- C:\Users\Michal\Desktop\data
[2010-06-06 09:06:15 | 000,000,000 | ---D | C] -- C:\Program Files\Remere's Map Editor
[2010-06-05 19:32:34 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft WSE
[2010-06-05 19:21:06 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2010-06-05 19:20:32 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\DAEMON Tools Lite
[2010-06-05 19:20:31 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2010-06-05 15:54:47 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2010-06-05 15:53:58 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\uTorrent
[2010-06-04 16:23:51 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\ipla
[2010-06-04 16:23:51 | 000,000,000 | ---D | C] -- C:\ProgramData\ipla
[2010-06-04 16:23:44 | 000,000,000 | ---D | C] -- C:\Program Files\ipla
[2010-06-04 13:49:16 | 000,000,000 | ---D | C] -- C:\Users\Michal\Desktop\Suicideot by Wordan
[2010-06-03 20:30:13 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\Remere's Map Editor
[2010-06-03 12:06:35 | 000,000,000 | ---D | C] -- C:\Users\Michal\Desktop\baba
[2010-06-01 17:18:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\YDP
[2010-06-01 17:18:07 | 000,000,000 | ---D | C] -- C:\Program Files\Gimnazjum klasa 2 - Planeta Nowa
[2010-05-31 13:53:12 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2010-05-30 18:53:38 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2010-05-30 12:48:35 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\Tibia
[2010-05-30 12:48:11 | 000,000,000 | ---D | C] -- C:\Program Files\Asprate
[2010-05-30 12:47:34 | 000,000,000 | -H-D | C] -- C:\$AVG
[2010-05-30 09:03:54 | 000,000,000 | ---D | C] -- C:\Users\Michal\Desktop\do wywolania
[2010-05-30 08:52:44 | 000,000,000 | ---D | C] -- C:\Program Files\River
[2010-05-30 08:52:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Borland Shared
[2010-05-30 08:52:35 | 000,000,000 | ---D | C] -- C:\Program Files\Firebird
[2010-05-25 16:30:36 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\Ventrilo
[2010-05-25 16:28:43 | 000,000,000 | ---D | C] -- C:\Program Files\Ventrilo
[2010-05-25 16:27:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2010-05-25 14:05:54 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect
[2010-05-25 14:05:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
[2010-05-25 14:05:47 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\Winamp
[2010-05-25 14:05:47 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp
[2010-05-24 12:43:08 | 000,000,000 | ---D | C] -- C:\Program Files\WC3Banlist
[2010-05-22 12:33:10 | 000,704,384 | ---- | C] (Agnitum Ltd.) -- C:\Windows\System32\drivers\SandBox.sys
[2010-05-22 12:28:58 | 000,307,224 | ---- | C] (Agnitum Ltd.) -- C:\Windows\System32\drivers\afwcore.sys
[2010-05-22 12:26:11 | 000,029,208 | ---- | C] (Agnitum Ltd.) -- C:\Windows\System32\drivers\afw.sys
[2010-05-22 12:25:49 | 000,000,000 | ---D | C] -- C:\Program Files\Agnitum
[2010-05-22 12:25:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Agnitum
[2010-05-22 12:24:34 | 000,000,000 | ---D | C] -- C:\Windows\Internet Logs
[2010-05-22 11:44:58 | 000,679,936 | ---- | C] (Generated for JEDI. www.delphi-jedi.org) -- C:\Windows\System32\D3DX81ab.dll
[2010-05-22 11:38:22 | 000,000,000 | ---D | C] -- C:\Program Files\WinPcap
[2010-05-22 11:24:13 | 000,139,264 | ---- | C] (Blizzard Entertainment) -- C:\Windows\War3Unin.exe
[2010-05-22 10:48:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010-05-22 10:48:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010-05-22 10:47:36 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010-05-18 18:39:24 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Local\Adobe
[2010-05-18 18:37:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010-05-18 18:37:58 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010-05-18 18:21:14 | 000,000,000 | ---D | C] -- C:\Program Files\EPSON
[2010-05-18 18:17:13 | 000,000,000 | ---D | C] -- C:\ProgramData\EPSON
[2010-05-18 14:36:57 | 000,012,464 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
[2010-05-18 14:36:55 | 000,242,896 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2010-05-18 14:36:48 | 000,216,200 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2010-05-18 14:36:46 | 000,029,584 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2010-05-18 14:36:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\Avg
[2010-05-18 14:36:41 | 000,000,000 | ---D | C] -- C:\ProgramData\avg9
[2010-05-18 14:36:41 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2010-05-17 18:38:15 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\skypePM
[2010-05-17 18:37:50 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\Skype
[2010-05-17 18:36:53 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2010-05-17 18:36:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010-05-17 18:36:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010-05-17 13:47:35 | 000,000,000 | ---D | C] -- C:\Users\Michal\Documents\ForceField Shared Files
[2010-05-17 13:47:35 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\CheckPoint
[2010-05-17 13:47:22 | 000,000,000 | ---D | C] -- C:\Program Files\CheckPoint
[2010-05-17 13:46:34 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint
[2010-05-16 17:21:16 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2010-05-16 17:20:56 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2010-05-16 17:20:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010-05-16 17:20:25 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010-05-16 17:20:25 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010-05-16 17:19:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2010-05-16 17:18:26 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Local\Microsoft Help
[2010-05-16 17:18:16 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010-05-16 17:18:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2010-05-16 17:17:40 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010-05-16 10:51:54 | 000,000,000 | -H-D | C] -- C:\Users\Michal\Documents\Runes of Magic
[2010-05-16 09:55:33 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\LolClient
[2010-05-15 16:20:48 | 000,000,000 | ---D | C] -- C:\Users\Michal\Documents\Dragonica
[2010-05-15 15:41:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010-05-15 15:40:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2010-05-15 15:37:28 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\Mozilla
[2010-05-15 15:37:28 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Local\Mozilla
[2010-05-15 15:37:23 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010-05-15 14:44:29 | 003,658,096 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\GameMon.des
[2010-05-15 14:43:26 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\npptNT2.sys
[2010-05-15 14:42:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared
[2010-05-15 14:36:37 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\WinRAR
[2010-05-15 14:36:07 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010-05-15 14:25:27 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices
[2010-05-15 14:09:25 | 000,000,000 | ---D | C] -- C:\Users\Michal\Documents\Armies of Exigo
[2010-05-15 12:32:47 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\Ashampoo
[2010-05-15 12:30:05 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Local\ashampoo
[2010-05-15 12:30:05 | 000,000,000 | ---D | C] -- C:\ProgramData\ashampoo
[2010-05-15 12:19:48 | 000,000,000 | ---D | C] -- C:\Windows\System32\eu-ES
[2010-05-15 12:19:48 | 000,000,000 | ---D | C] -- C:\Windows\System32\ca-ES
[2010-05-15 12:19:47 | 000,000,000 | ---D | C] -- C:\Windows\System32\vi-VN
[2010-05-15 12:10:45 | 000,000,000 | ---D | C] -- C:\Program Files\Neffy
[2010-05-15 12:09:10 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2010-05-15 10:52:16 | 000,000,000 | ---D | C] -- C:\PerfLogs
[2010-05-15 10:29:55 | 000,000,000 | ---D | C] -- C:\Users\Michal\.gstreamer-0.10
[2010-05-15 10:29:31 | 000,000,000 | ---D | C] -- C:\ProgramData\OpenFM
[2010-05-15 10:29:26 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\OpenFM
[2010-05-14 22:36:32 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\Adobe
[2010-05-14 22:36:29 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Local\cache
[2010-05-14 22:36:28 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\Macromedia
[2010-05-14 22:35:40 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\Gadu-Gadu 10
[2010-05-14 22:00:08 | 000,000,000 | -HSD | C] -- C:\Boot
[2010-05-14 21:59:54 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010-05-14 21:59:54 | 000,000,000 | ---D | C] -- C:\OEM
[2010-05-14 21:59:54 | 000,000,000 | ---D | C] -- C:\Windows\System32\KTINFO
[2010-05-14 21:59:54 | 000,000,000 | ---D | C] -- C:\Windows\Applications
[2010-05-14 21:57:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Gadu-Gadu 10
[2010-05-14 21:56:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2010-05-14 21:39:08 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Local\Microsoft Games
[2010-05-14 21:38:15 | 000,000,000 | ---D | C] -- C:\Users\Michal\Documents\Downloads
[2010-05-14 21:33:32 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Local\Google
[2010-05-14 21:33:18 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Local\Apps
[2010-05-14 21:33:17 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Local\Deployment
[2010-05-14 21:26:39 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\ATI
[2010-05-14 21:26:39 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Local\ATI
[2010-05-14 21:26:39 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2010-05-14 21:22:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2010-05-14 21:21:13 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010-05-14 21:21:08 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2010-05-14 21:21:07 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2010-05-14 21:19:22 | 000,176,128 | ---- | C] (Realtek ) -- C:\Windows\System32\drivers\Rtlh86.sys
[2010-05-14 21:19:22 | 000,094,208 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\System32\RTNUninst32.dll
[2010-05-14 21:16:37 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2010-05-14 21:16:14 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll
[2010-05-14 21:16:14 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2010-05-14 21:16:14 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2010-05-14 21:16:14 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2010-05-14 21:16:14 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2010-05-14 21:16:13 | 000,357,576 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll
[2010-05-14 21:16:13 | 000,293,584 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll
[2010-05-14 21:16:13 | 000,168,648 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll
[2010-05-14 21:16:13 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll
[2010-05-14 21:16:13 | 000,062,664 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll
[2010-05-14 21:16:12 | 001,938,704 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll
[2010-05-14 21:16:12 | 000,427,792 | ---- | C] (DTS) -- C:\Windows\System32\DTSSymmetryDLL.dll
[2010-05-14 21:16:12 | 000,405,776 | ---- | C] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll
[2010-05-14 21:16:12 | 000,311,568 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2010-05-14 21:16:12 | 000,307,616 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2010-05-14 21:16:12 | 000,293,584 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll
[2010-05-14 21:16:12 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll
[2010-05-14 21:16:11 | 001,131,280 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll
[2010-05-14 21:16:11 | 000,961,296 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll
[2010-05-14 21:16:11 | 000,900,368 | ---- | C] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll
[2010-05-14 21:16:11 | 000,448,272 | ---- | C] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll
[2010-05-14 21:16:11 | 000,290,064 | ---- | C] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll
[2010-05-14 21:16:11 | 000,235,280 | ---- | C] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll
[2010-05-14 21:16:11 | 000,223,504 | ---- | C] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll
[2010-05-14 21:16:11 | 000,103,696 | ---- | C] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll
[2010-05-14 21:16:11 | 000,103,696 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll
[2010-05-14 21:16:11 | 000,102,160 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPONS.dll
[2010-05-14 21:16:11 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010-05-14 21:16:11 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2010-05-14 21:16:07 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp
[2010-05-14 21:16:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010-05-14 21:12:24 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\System32\CSVer.dll
[2010-05-14 21:12:24 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2010-05-14 21:12:18 | 000,000,000 | ---D | C] -- C:\Intel
[2010-05-14 21:11:06 | 000,000,000 | R--D | C] -- C:\Users\Michal\Searches
[2010-05-14 21:10:58 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\Identities
[2010-05-14 21:10:57 | 000,000,000 | R--D | C] -- C:\Users\Michal\Contacts
[2010-05-14 21:10:57 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Local\VirtualStore
[2010-05-14 21:10:54 | 000,000,000 | -HSD | C] -- C:\Users\Michal\Ustawienia lokalne
[2010-05-14 21:10:54 | 000,000,000 | -HSD | C] -- C:\Users\Michal\AppData\Local\Temporary Internet Files
[2010-05-14 21:10:54 | 000,000,000 | -HSD | C] -- C:\Users\Michal\Szablony
[2010-05-14 21:10:54 | 000,000,000 | -HSD | C] -- C:\Users\Michal\SendTo
[2010-05-14 21:10:54 | 000,000,000 | -HSD | C] -- C:\Users\Michal\Recent
[2010-05-14 21:10:54 | 000,000,000 | -HSD | C] -- C:\Users\Michal\PrintHood
[2010-05-14 21:10:54 | 000,000,000 | -HSD | C] -- C:\Users\Michal\NetHood
[2010-05-14 21:10:54 | 000,000,000 | -HSD | C] -- C:\Users\Michal\Documents\Moje wideo
[2010-05-14 21:10:54 | 000,000,000 | -HSD | C] -- C:\Users\Michal\Documents\Moje obrazy
[2010-05-14 21:10:54 | 000,000,000 | -HSD | C] -- C:\Users\Michal\Moje dokumenty
[2010-05-14 21:10:54 | 000,000,000 | -HSD | C] -- C:\Users\Michal\Documents\Moja muzyka
[2010-05-14 21:10:54 | 000,000,000 | -HSD | C] -- C:\Users\Michal\Menu Start
[2010-05-14 21:10:54 | 000,000,000 | -HSD | C] -- C:\Users\Michal\AppData\Local\Historia
[2010-05-14 21:10:54 | 000,000,000 | -HSD | C] -- C:\Users\Michal\Dane aplikacji
[2010-05-14 21:10:54 | 000,000,000 | -HSD | C] -- C:\Users\Michal\AppData\Local\Dane aplikacji
[2010-05-14 21:10:54 | 000,000,000 | -HSD | C] -- C:\Users\Michal\Cookies
[2010-05-14 21:10:53 | 000,000,000 | --SD | C] -- C:\Users\Michal\AppData\Roaming\Microsoft
[2010-05-14 21:10:53 | 000,000,000 | R--D | C] -- C:\Users\Michal\Videos
[2010-05-14 21:10:53 | 000,000,000 | R--D | C] -- C:\Users\Michal\Saved Games
[2010-05-14 21:10:53 | 000,000,000 | R--D | C] -- C:\Users\Michal\Pictures
[2010-05-14 21:10:53 | 000,000,000 | R--D | C] -- C:\Users\Michal\Music
[2010-05-14 21:10:53 | 000,000,000 | R--D | C] -- C:\Users\Michal\Links
[2010-05-14 21:10:53 | 000,000,000 | R--D | C] -- C:\Users\Michal\Favorites
[2010-05-14 21:10:53 | 000,000,000 | R--D | C] -- C:\Users\Michal\Downloads
[2010-05-14 21:10:53 | 000,000,000 | R--D | C] -- C:\Users\Michal\Documents
[2010-05-14 21:10:53 | 000,000,000 | R--D | C] -- C:\Users\Michal\Desktop
[2010-05-14 21:10:53 | 000,000,000 | -H-D | C] -- C:\Users\Michal\AppData
[2010-05-14 21:10:53 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Local\Temp
[2010-05-14 21:10:53 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Local\Microsoft
[2010-05-14 21:10:53 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\Media Center Programs
[2010-05-14 21:09:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Ulubione
[2010-05-14 21:09:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Szablony
[2010-05-14 21:09:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Pulpit
[2010-05-14 21:09:24 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje wideo
[2010-05-14 21:09:24 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje obrazy
[2010-05-14 21:09:24 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moja muzyka
[2010-05-14 21:09:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Start
[2010-05-14 21:09:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty
[2010-05-14 21:09:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dane aplikacji
[2010-05-14 21:03:33 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010-05-14 21:02:28 | 000,000,000 | ---D | C] -- C:\Windows\System32\catroot2
[2010-05-14 21:02:19 | 000,000,000 | ---D | C] -- C:\Windows\Debug
[2010-05-14 21:01:17 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2010-05-14 21:01:09 | 000,000,000 | -HSD | C] -- C:\System Volume Information

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-06-20 10:42:15 | 001,310,720 | -HS- | M] () -- C:\Users\Michal\NTUSER.DAT
[2010-06-20 10:38:04 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2383811976-2136801530-783135697-1000UA.job
[2010-06-20 10:27:00 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempIV3336.html
[2010-06-20 10:27:00 | 000,002,089 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempff3336.html
[2010-06-20 10:20:48 | 000,004,048 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010-06-20 10:20:48 | 000,004,048 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010-06-20 10:20:47 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010-06-20 10:20:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010-06-20 10:20:40 | 2145,902,592 | -HS- | M] () -- C:\hiberfil.sys
[2010-06-20 10:19:36 | 000,524,288 | -HS- | M] () -- C:\Users\Michal\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010-06-20 10:19:36 | 000,065,536 | -HS- | M] () -- C:\Users\Michal\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010-06-20 10:19:32 | 002,783,271 | -H-- | M] () -- C:\Users\Michal\AppData\Local\IconCache.db
[2010-06-20 10:19:18 | 061,256,026 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010-06-19 23:57:01 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempsJ3868.html
[2010-06-19 21:38:00 | 000,001,010 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2383811976-2136801530-783135697-1000Core.job
[2010-06-19 20:38:10 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempZu4456.html
[2010-06-19 16:05:03 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempbh2680.html
[2010-06-19 15:49:16 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempXM2948.html
[2010-06-19 14:46:41 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TemptZ4976.html
[2010-06-19 14:16:41 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempCW1204.html
[2010-06-19 14:02:19 | 000,217,297 | ---- | M] () -- C:\Users\Michal\Desktop\eee.rar
[2010-06-19 08:54:46 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempxR1240.html
[2010-06-18 20:11:30 | 000,000,527 | ---- | M] () -- C:\Users\Public\Desktop\GTA San Andreas.lnk
[2010-06-18 19:09:53 | 000,000,553 | ---- | M] () -- C:\Users\Michal\Desktop\Play Need for Speed - Shift.lnk
[2010-06-18 17:19:54 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempGs3768.html
[2010-06-18 15:22:42 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempLP2404.html
[2010-06-18 14:32:40 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempyc3420.html
[2010-06-18 11:47:46 | 000,000,650 | ---- | M] () -- C:\Users\Public\Desktop\League of Legends EU.lnk
[2010-06-18 10:50:55 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempEW4420.html
[2010-06-18 10:38:53 | 002,185,360 | ---- | M] () -- C:\Users\Michal\Desktop\LeagueofLegendsEUDownloader.exe
[2010-06-17 20:39:46 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempcA3816.html
[2010-06-17 15:49:27 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempRAY880.html
[2010-06-17 13:28:38 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempbt2916.html
[2010-06-17 08:51:56 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempdi2332.html
[2010-06-16 21:06:55 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TemptM5720.html
[2010-06-16 16:39:58 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempTh4408.html
[2010-06-16 13:01:45 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempAA3808.html
[2010-06-16 10:41:14 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempAG1508.html
[2010-06-16 09:39:11 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempNB3916.html
[2010-06-16 08:33:05 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TemplN3876.html
[2010-06-15 21:20:46 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempqX3484.html
[2010-06-15 20:53:36 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Temphz4996.html
[2010-06-15 18:34:15 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempbT5936.html
[2010-06-15 16:27:33 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempJP3348.html
[2010-06-15 14:41:33 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempeo4408.html
[2010-06-15 13:50:41 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempaU4784.html
[2010-06-14 19:23:15 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempmJ1540.html
[2010-06-14 19:10:39 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempez2900.html
[2010-06-14 14:26:25 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempQn3448.html
[2010-06-13 15:53:05 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempXU5876.html
[2010-06-13 12:11:00 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempgZd660.html
[2010-06-13 10:54:07 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempgC3392.html
[2010-06-13 10:10:55 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempIK3756.html
[2010-06-13 09:49:13 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempPw3884.html
[2010-06-12 22:01:22 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempQc5324.html
[2010-06-12 19:33:14 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempWn3376.html
[2010-06-12 16:52:36 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempjh5784.html
[2010-06-12 13:07:17 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempTO4204.html
[2010-06-12 10:47:12 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Temppl2908.html
[2010-06-12 09:26:42 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempHV2184.html
[2010-06-12 09:26:42 | 000,002,089 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempaV2184.html
[2010-06-11 22:00:59 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempAV2224.html
[2010-06-11 20:56:22 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempKt5052.html
[2010-06-11 18:50:10 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempdJ3408.html
[2010-06-11 16:09:16 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempxLj156.html
[2010-06-11 14:20:54 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TemptQ1276.html
[2010-06-10 17:05:29 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempVt3688.html
[2010-06-10 15:38:37 | 000,002,047 | ---- | M] () -- C:\Users\Michal\Desktop\Google Chrome.lnk
[2010-06-10 12:24:21 | 000,060,691 | ---- | M] () -- C:\Users\Michal\Desktop\Domek~!.otbm
[2010-06-10 12:24:21 | 000,000,764 | ---- | M] () -- C:\Users\Michal\Desktop\ffaasd-spawn.xml
[2010-06-10 12:24:21 | 000,000,049 | ---- | M] () -- C:\Users\Michal\Desktop\ffaasd-house.xml
[2010-06-10 09:39:40 | 000,385,416 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010-06-10 09:11:30 | 000,102,248 | ---- | M] () -- C:\Users\Michal\AppData\Local\GDIPFONTCACHEV1.DAT
[2010-06-09 20:02:41 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempzJ5156.html
[2010-06-09 16:53:09 | 000,000,000 | ---- | M] () -- C:\Users\Michal\Desktop\Nowy Dokument programu Microsoft Office Word (2).docx
[2010-06-09 16:20:03 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempvFk124.html
[2010-06-08 18:01:09 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TemphL3204.html
[2010-06-08 17:36:06 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempzIA728.html
[2010-06-08 15:14:04 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempnI2264.html
[2010-06-08 14:23:33 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempQg3580.html
[2010-06-07 20:03:46 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempnV2580.html
[2010-06-07 18:21:35 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempXq2904.html
[2010-06-07 18:04:35 | 000,068,061 | ---- | M] () -- C:\Users\Michal\Desktop\Desktop.rar
[2010-06-07 18:00:58 | 004,812,800 | ---- | M] () -- C:\Users\Michal\Documents\emeroncity.otbm
[2010-06-07 17:16:05 | 000,106,153 | ---- | M] () -- C:\Users\Michal\Documents\tabelka.gif
[2010-06-07 16:39:30 | 000,000,495 | ---- | M] () -- C:\Users\Public\Desktop\Tibia.lnk
[2010-06-07 16:30:23 | 000,240,743 | ---- | M] () -- C:\Users\Michal\Desktop\expy.rar
[2010-06-07 15:55:40 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempsm2560.html
[2010-06-07 15:22:53 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempMN2328.html
[2010-06-07 14:01:25 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TemprS2472.html
[2010-06-07 13:32:53 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempPKH992.html
[2010-06-06 17:49:05 | 001,468,980 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010-06-06 17:49:05 | 000,661,818 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2010-06-06 17:49:05 | 000,586,980 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010-06-06 17:49:05 | 000,126,702 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2010-06-06 17:49:05 | 000,101,052 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010-06-06 10:46:39 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TemplV3724.html
[2010-06-06 09:06:15 | 000,001,908 | ---- | M] () -- C:\Users\Public\Desktop\Remere's Map Editor.lnk
[2010-06-05 21:26:55 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempva1388.html
[2010-06-05 19:24:23 | 000,001,356 | ---- | M] () -- C:\Users\Michal\AppData\Local\d3d9caps.dat
[2010-06-05 19:21:42 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempC11652.html
[2010-06-05 19:21:17 | 000,001,735 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2010-06-05 19:21:15 | 000,691,696 | ---- | M] () -- C:\Windows\System32\drivers\sptd.sys
[2010-06-05 19:13:53 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Temprf3756.html
[2010-06-05 17:22:43 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempMR6780.html
[2010-06-05 16:56:01 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempTn4664.html
[2010-06-05 16:45:43 | 023,101,099 | ---- | M] () -- C:\Users\Michal\Desktop\Realmap854.rar
[2010-06-05 15:54:49 | 000,000,752 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2010-06-05 13:14:38 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempfH5656.html
[2010-06-05 11:13:17 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TemppT2660.html
[2010-06-05 08:34:17 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempoO3080.html
[2010-06-04 20:42:21 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempia6808.html
[2010-06-04 19:03:49 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempXR6332.html
[2010-06-04 17:17:41 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempdD4356.html
[2010-06-04 16:23:48 | 000,000,748 | ---- | M] () -- C:\Users\Public\Desktop\ipla.lnk
[2010-06-04 15:20:55 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempXO3652.html
[2010-06-04 11:10:08 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempqmF876.html
[2010-06-04 10:13:51 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempDn4600.html
[2010-06-04 10:12:01 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempDm4056.html
[2010-06-04 10:09:49 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempjbz468.html
[2010-06-03 21:07:28 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempqh4220.html
[2010-06-03 20:54:35 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Temphh3824.html
[2010-06-03 17:46:08 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempWZ3032.html
[2010-06-03 16:37:27 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempvLz460.html
[2010-06-03 12:23:19 | 000,004,608 | ---- | M] () -- C:\Users\Michal\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-06-03 12:00:29 | 000,083,067 | ---- | M] () -- C:\Users\Michal\Desktop\taskmanager.jpg
[2010-06-03 11:13:29 | 000,242,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2010-06-03 11:13:29 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2010-06-02 22:43:47 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempEq2980.html
[2010-06-02 20:16:41 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempXm4076.html
[2010-06-02 19:32:08 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempFU6108.html
[2010-06-02 19:08:35 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempyh4256.html
[2010-06-02 18:38:44 | 000,001,944 | ---- | M] () -- C:\Users\Michal\Desktop\HiJackThis.lnk
[2010-06-02 18:30:59 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempSH2904.html
[2010-06-02 18:30:59 | 000,002,089 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempiX2904.html
[2010-06-02 17:00:58 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TemptL1904.html
[2010-06-02 16:39:05 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempcv3916.html
[2010-06-01 22:23:28 | 000,011,827 | ---- | M] () -- C:\Users\Michal\Desktop\Nowy Dokument programu Microsoft Office Word.docx
[2010-06-01 21:59:53 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempVD1416.html
[2010-06-01 20:12:01 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempXR2844.html
[2010-06-01 17:18:08 | 000,001,433 | ---- | M] () -- C:\Users\Public\Desktop\Gimnazjum klasa 2 - Planeta Nowa.lnk
[2010-06-01 16:06:55 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TemplS3676.html
[2010-05-31 17:58:04 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempFA5888.html
[2010-05-31 15:48:30 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempQv2464.html
[2010-05-30 12:56:11 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempbA3888.html
[2010-05-30 12:56:11 | 000,002,089 | ---- | M] () -- C:\Users\Michal\AppData\Local\TemprP3888.html
[2010-05-30 12:48:12 | 000,001,978 | ---- | M] () -- C:\Users\Public\Desktop\Tibia MULTI-IP Changer.lnk
[2010-05-30 11:44:15 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TemptD1548.html
[2010-05-30 10:21:39 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempjH1360.html
[2010-05-30 09:57:32 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempcN3788.html
[2010-05-29 21:34:45 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempzS5464.html
[2010-05-29 21:34:45 | 000,002,089 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempsb5464.html
[2010-05-29 20:22:50 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempzA2376.html
[2010-05-29 19:02:08 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempiC3056.html
[2010-05-28 18:23:54 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempvb3168.html
[2010-05-28 15:52:26 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempPt6080.html
[2010-05-28 14:21:18 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempzI5340.html
[2010-05-28 12:31:53 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempto5112.html
[2010-05-28 12:01:44 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Temppa2988.html
[2010-05-28 10:32:17 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempDk1964.html
[2010-05-28 09:52:36 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempExB236.html
[2010-05-28 09:25:41 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempEb3320.html
[2010-05-27 17:24:41 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempGU5588.html
[2010-05-27 16:14:04 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempsu2500.html
[2010-05-26 21:19:11 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempNn5712.html
[2010-05-26 19:27:52 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempbM1352.html
[2010-05-26 14:37:49 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempgb1092.html
[2010-05-25 21:36:17 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempdT4156.html
[2010-05-25 17:55:25 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempyi5456.html
[2010-05-25 16:34:46 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempoQ3068.html
[2010-05-25 16:28:46 | 000,000,262 | ---- | M] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2010-05-25 16:28:45 | 000,000,752 | ---- | M] () -- C:\Users\Public\Desktop\Ventrilo.lnk
[2010-05-25 14:39:16 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempwc3496.html
[2010-05-25 14:06:43 | 000,000,776 | ---- | M] () -- C:\Users\Public\Desktop\Winamp.lnk
[2010-05-24 19:47:24 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempVF2784.html
[2010-05-24 12:43:11 | 000,001,736 | ---- | M] () -- C:\Users\Michal\Desktop\WC3Banlist.lnk
[2010-05-24 11:53:43 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempYh4564.html
[2010-05-24 11:51:26 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempxA4808.html
[2010-05-24 11:48:16 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempAp2740.html
[2010-05-24 11:01:18 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempuF3416.html
[2010-05-24 10:54:55 | 000,011,550 | ---- | M] () -- C:\Users\Michal\Desktop\Odyseusz.docx
[2010-05-24 09:44:58 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempVv2612.html
[2010-05-23 18:28:29 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempWa1232.html
[2010-05-23 11:28:14 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempvz1368.html
[2010-05-22 12:41:35 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempet3036.html
[2010-05-22 12:34:37 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempej3456.html
[2010-05-22 12:34:37 | 000,002,089 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempbc3456.html
[2010-05-22 12:22:38 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempGR1260.html
[2010-05-22 12:22:38 | 000,002,089 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempeO1260.html
[2010-05-22 12:06:41 | 000,191,882 | ---- | M] () -- C:\Users\Michal\Desktop\Super Sayajin Shaco ;).rar
[2010-05-22 11:38:47 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempto5788.html
[2010-05-22 11:38:47 | 000,002,089 | ---- | M] () -- C:\Users\Michal\AppData\Local\TemprX5788.html
[2010-05-22 11:29:25 | 000,042,732 | ---- | M] () -- C:\Windows\War3Unin.dat
[2010-05-22 11:29:25 | 000,000,599 | ---- | M] () -- C:\Users\Michal\Desktop\Frozen Throne.lnk
[2010-05-22 11:29:07 | 000,139,264 | ---- | M] (Blizzard Entertainment) -- C:\Windows\War3Unin.exe
[2010-05-22 11:29:07 | 000,002,829 | ---- | M] () -- C:\Windows\War3Unin.pif
[2010-05-22 11:24:33 | 000,000,594 | ---- | M] () -- C:\Users\Michal\Desktop\Warcraft III.lnk
[2010-05-21 19:12:21 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempbh4352.html
[2010-05-21 16:45:27 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempOO2052.html
[2010-05-20 18:02:40 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempqF4744.html
[2010-05-20 18:02:06 | 000,000,566 | ---- | M] () -- C:\Users\Public\Desktop\Gimnazjum klasa 2 - Puls życia.lnk
[2010-05-20 15:03:21 | 000,233,927 | ---- | M] () -- C:\Users\Michal\Desktop\Super Sayajin Shaco ;).jpg
[2010-05-19 17:14:35 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempOW2672.html
[2010-05-19 16:41:12 | 000,843,776 | ---- | M] () -- C:\Users\Michal\Documents\uczniowie.accdb
[2010-05-19 16:40:16 | 000,441,367 | ---- | M] () -- C:\Users\Michal\Documents\Students.accdt
[2010-05-19 15:19:26 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempmg5676.html
[2010-05-18 18:42:35 | 000,001,887 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010-05-18 17:55:06 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempXS5136.html
[2010-05-18 15:12:14 | 733,962,240 | ---- | M] () -- C:\Users\Michal\Desktop\Adrenalina Lektor PL.avi
[2010-05-18 15:05:58 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Temphfm656.html
[2010-05-18 14:36:57 | 000,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
[2010-05-18 14:36:57 | 000,001,647 | ---- | M] () -- C:\Users\Public\Desktop\AVG Free 9.0.lnk
[2010-05-18 14:36:48 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2010-05-18 14:36:46 | 000,113,461 | ---- | M] () -- C:\Windows\System32\drivers\Avg\iavichjw.avm
[2010-05-17 18:38:17 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2010-05-17 18:36:54 | 000,001,880 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010-05-17 16:22:30 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempmn3084.html
[2010-05-17 14:56:21 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempuF3664.html
[2010-05-17 12:58:25 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempZr3928.html
[2010-05-16 18:28:35 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempnT2116.html
[2010-05-16 18:25:11 | 000,000,219 | ---- | M] () -- C:\Windows\win.ini
[2010-05-16 18:23:18 | 000,010,701 | ---- | M] () -- C:\Users\Michal\Desktop\Mary discovered that her uncle was a leader of a band of thieves who lured ships onto the rocks.docx
[2010-05-16 10:00:36 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempcq3460.html
[2010-05-15 16:03:31 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempVjq472.html
[2010-05-15 15:57:56 | 000,814,915 | ---- | M] () -- C:\Users\Michal\Documents\shot(05-15-10)12;39;10.jpg
[2010-05-15 15:57:45 | 000,825,255 | ---- | M] () -- C:\Users\Michal\Documents\shot(05-15-10)12;25;05.jpg
[2010-05-15 15:57:17 | 000,560,986 | ---- | M] () -- C:\Users\Michal\Documents\shot(05-15-10)12;46;06.jpg
[2010-05-15 15:41:17 | 000,000,367 | ---- | M] () -- C:\Users\Public\Desktop\Play League of Legends.lnk
[2010-05-15 15:37:29 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
[2010-05-15 15:37:25 | 000,001,724 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010-05-15 15:03:30 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempgB2492.html
[2010-05-15 14:41:59 | 000,000,528 | ---- | M] () -- C:\Users\Michal\Desktop\Start CABAL.lnk
[2010-05-15 14:24:13 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2010-05-15 14:23:30 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempbG3464.html
[2010-05-15 14:23:30 | 000,002,089 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempPR3464.html
[2010-05-15 14:08:37 | 000,000,518 | ---- | M] () -- C:\Users\Michal\Desktop\Armies of Exigo.lnk
[2010-05-15 12:30:04 | 000,000,559 | ---- | M] () -- C:\Users\Public\Desktop\Ashampoo Burning Studio 2010.lnk
[2010-05-15 12:19:06 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2010-05-15 12:17:03 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempVR3748.html
[2010-05-15 12:17:03 | 000,002,089 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempIv3748.html
[2010-05-15 11:37:02 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempnP2484.html
[2010-05-15 11:37:02 | 000,002,089 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempVj2484.html
[2010-05-15 11:19:02 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempeM3668.html
[2010-05-15 11:19:02 | 000,002,089 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempMS3668.html
[2010-05-15 10:59:48 | 000,000,749 | RH-- | M] () -- C:\Windows\WindowsShell.Manifest
[2010-05-15 10:41:59 | 000,101,888 | ---- | M] (Infineon Technologies AG) -- C:\Windows\System32\ifxcardm.dll
[2010-05-15 10:41:57 | 000,082,432 | ---- | M] (Gemalto, Inc.) -- C:\Windows\System32\axaltocm.dll
[2010-05-15 10:36:33 | 000,196,608 | ---- | M] () -- C:\Windows\SPInstall.etl
[2010-05-15 10:32:25 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempzC1400.html
[2010-05-15 10:06:13 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempjG3996.html
[2010-05-15 00:08:35 | 000,001,820 | ---- | M] () -- C:\Windows\System32\rasctrnm.h
[2010-05-15 00:02:36 | 000,232,011 | ---- | M] () -- C:\Users\Michal\Desktop\fail.jpg
[2010-05-15 00:00:27 | 002,501,921 | ---- | M] () -- C:\Windows\System32\wlan.tmf
[2010-05-15 00:00:24 | 000,015,181 | ---- | M] () -- C:\Windows\System32\gatherWirelessInfo.vbs
[2010-05-14 23:46:04 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempgz3336.html
[2010-05-14 22:49:19 | 027,066,368 | ---- | M] () -- C:\Windows\ocsetup_install_NetFx3.etl
[2010-05-14 22:49:19 | 000,196,608 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_NetFx3.perf
[2010-05-14 22:49:19 | 000,065,536 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_NetFx3.dpx
[2010-05-14 22:00:09 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2010-05-14 21:57:31 | 000,000,555 | ---- | M] () -- C:\Users\Public\Desktop\OpenFM.lnk
[2010-05-14 21:57:31 | 000,000,536 | ---- | M] () -- C:\Users\Public\Desktop\Gadu-Gadu 10.lnk
[2010-05-14 21:26:16 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2010-05-14 21:13:48 | 000,524,288 | -HS- | M] () -- C:\Users\Michal\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2010-05-14 21:10:54 | 000,000,020 | -HS- | M] () -- C:\Users\Michal\ntuser.ini
[2010-05-14 21:06:35 | 000,065,369 | ---- | M] () -- C:\Windows\System32\license.rtf
[2010-05-14 21:04:05 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\UMDF\Msft_User_WpdFs_01_00_00.Wdf
[2010-05-09 16:04:30 | 001,856,512 | ---- | M] () -- C:\Users\Michal\Desktop\ElfCrack.exe
[2010-05-03 19:01:00 | 003,658,096 | ---- | M] (INCA Internet Co., Ltd.) -- C:\Windows\System32\GameMon.des

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-06-20 10:27:00 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempIV3336.html
[2010-06-20 10:27:00 | 000,002,089 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempff3336.html
[2010-06-19 23:40:31 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempsJ3868.html
[2010-06-19 20:21:46 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempZu4456.html
[2010-06-19 15:55:26 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempbh2680.html
[2010-06-19 15:48:38 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempXM2948.html
[2010-06-19 14:27:26 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TemptZ4976.html
[2010-06-19 14:02:18 | 000,217,297 | ---- | C] () -- C:\Users\Michal\Desktop\eee.rar
[2010-06-19 13:56:20 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempCW1204.html
[2010-06-19 08:46:45 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempxR1240.html
[2010-06-18 20:11:30 | 000,000,527 | ---- | C] () -- C:\Users\Public\Desktop\GTA San Andreas.lnk
[2010-06-18 19:09:53 | 000,000,553 | ---- | C] () -- C:\Users\Michal\Desktop\Play Need for Speed - Shift.lnk
[2010-06-18 17:14:22 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempGs3768.html
[2010-06-18 15:13:13 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempLP2404.html
[2010-06-18 14:06:25 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempyc3420.html
[2010-06-18 11:47:46 | 000,000,650 | ---- | C] () -- C:\Users\Public\Desktop\League of Legends EU.lnk
[2010-06-18 11:01:20 | 000,604,676 | ---- | C] () -- C:\Users\Michal\Desktop\SASpeedo.exe
[2010-06-18 10:49:12 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempEW4420.html
[2010-06-18 10:38:44 | 002,185,360 | ---- | C] () -- C:\Users\Michal\Desktop\LeagueofLegendsEUDownloader.exe
[2010-06-17 20:31:36 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempcA3816.html
[2010-06-17 15:44:04 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempRAY880.html
[2010-06-17 10:34:19 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempbt2916.html
[2010-06-17 07:27:26 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempdi2332.html
[2010-06-16 20:56:50 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TemptM5720.html
[2010-06-16 16:38:21 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempTh4408.html
[2010-06-16 11:40:50 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempAA3808.html
[2010-06-16 10:11:04 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempAG1508.html
[2010-06-16 08:42:11 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempNB3916.html
[2010-06-16 08:00:40 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TemplN3876.html
[2010-06-15 21:06:19 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempqX3484.html
[2010-06-15 20:07:33 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Temphz4996.html
[2010-06-15 18:02:22 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempbT5936.html
[2010-06-15 14:42:23 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempJP3348.html
[2010-06-15 14:17:01 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempeo4408.html
[2010-06-15 13:46:54 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempaU4784.html
[2010-06-14 19:13:44 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempmJ1540.html
[2010-06-14 19:09:40 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempez2900.html
[2010-06-14 12:48:46 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempQn3448.html
[2010-06-13 15:43:37 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempXU5876.html
[2010-06-13 11:32:22 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempgZd660.html
[2010-06-13 10:48:08 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempgC3392.html
[2010-06-13 09:57:22 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempIK3756.html
[2010-06-13 09:27:51 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempPw3884.html
[2010-06-12 19:59:52 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempQc5324.html
[2010-06-12 19:33:03 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempWn3376.html
[2010-06-12 15:19:24 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempjh5784.html
[2010-06-12 12:42:09 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempTO4204.html
[2010-06-12 09:32:52 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Temppl2908.html
[2010-06-12 09:16:17 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempHV2184.html
[2010-06-12 09:16:17 | 000,002,089 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempaV2184.html
[2010-06-11 21:34:36 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempAV2224.html
[2010-06-11 20:31:32 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempKt5052.html
[2010-06-11 18:00:09 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempdJ3408.html
[2010-06-11 14:47:46 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempxLj156.html
[2010-06-11 14:10:26 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TemptQ1276.html
[2010-06-10 15:43:59 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempVt3688.html
[2010-06-09 19:25:41 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempzJ5156.html
[2010-06-09 16:53:09 | 000,000,000 | ---- | C] () -- C:\Users\Michal\Desktop\Nowy Dokument programu Microsoft Office Word (2).docx
[2010-06-09 14:47:14 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempvFk124.html
[2010-06-08 17:52:38 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TemphL3204.html
[2010-06-08 17:13:37 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempzIA728.html
[2010-06-08 17:09:40 | 340,467,712 | ---- | C] () -- C:\Users\Michal\Desktop\The Sims 3 Nowoczesny Apartament Akcesoria.iso
[2010-06-08 15:46:19 | 000,000,764 | ---- | C] () -- C:\Users\Michal\Desktop\ffaasd-spawn.xml
[2010-06-08 15:46:19 | 000,000,049 | ---- | C] () -- C:\Users\Michal\Desktop\ffaasd-house.xml
[2010-06-08 15:46:18 | 000,060,691 | ---- | C] () -- C:\Users\Michal\Desktop\Domek~!.otbm
[2010-06-08 14:35:51 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempnI2264.html
[2010-06-08 13:52:43 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempQg3580.html
[2010-06-07 19:50:07 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempnV2580.html
[2010-06-07 17:56:07 | 004,812,800 | ---- | C] () -- C:\Users\Michal\Documents\emeroncity.otbm
[2010-06-07 17:43:44 | 000,068,061 | ---- | C] () -- C:\Users\Michal\Desktop\Desktop.rar
[2010-06-07 17:15:59 | 000,106,153 | ---- | C] () -- C:\Users\Michal\Documents\tabelka.gif
[2010-06-07 16:30:22 | 000,240,743 | ---- | C] () -- C:\Users\Michal\Desktop\expy.rar
[2010-06-07 16:24:47 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempXq2904.html
[2010-06-07 15:34:25 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempsm2560.html
[2010-06-07 15:11:21 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempMN2328.html
[2010-06-07 13:55:24 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TemprS2472.html
[2010-06-07 12:58:39 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempPKH992.html
[2010-06-06 09:06:15 | 000,001,908 | ---- | C] () -- C:\Users\Public\Desktop\Remere's Map Editor.lnk
[2010-06-06 08:59:34 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TemplV3724.html
[2010-06-05 20:22:15 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempva1388.html
[2010-06-05 19:21:26 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempC11652.html
[2010-06-05 19:21:17 | 000,001,735 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2010-06-05 19:21:15 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2010-06-05 18:59:31 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Temprf3756.html
[2010-06-05 17:03:41 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempMR6780.html
[2010-06-05 16:41:37 | 023,101,099 | ---- | C] () -- C:\Users\Michal\Desktop\Realmap854.rar
[2010-06-05 15:54:49 | 000,000,752 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2010-06-05 13:45:12 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempTn4664.html
[2010-06-05 12:08:06 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempfH5656.html
[2010-06-05 10:16:47 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TemppT2660.html
[2010-06-05 07:53:50 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempoO3080.html
[2010-06-04 20:18:15 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempia6808.html
[2010-06-04 18:19:57 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempXR6332.html
[2010-06-04 17:17:10 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempdD4356.html
[2010-06-04 16:23:48 | 000,000,748 | ---- | C] () -- C:\Users\Public\Desktop\ipla.lnk
[2010-06-04 14:36:34 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempXO3652.html
[2010-06-04 11:08:18 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempqmF876.html
[2010-06-04 10:13:35 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempDn4600.html
[2010-06-04 10:10:54 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempDm4056.html
[2010-06-04 09:16:20 | 001,856,512 | ---- | C] () -- C:\Users\Michal\Desktop\ElfCrack.exe
[2010-06-04 08:56:20 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempjbz468.html
[2010-06-03 21:01:16 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempqh4220.html
[2010-06-03 19:38:08 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Temphh3824.html
[2010-06-03 16:37:35 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempWZ3032.html
[2010-06-03 16:03:47 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempvLz460.html
[2010-06-03 12:20:52 | 000,004,608 | ---- | C] () -- C:\Users\Michal\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-06-03 12:00:28 | 000,083,067 | ---- | C] () -- C:\Users\Michal\Desktop\taskmanager.jpg
[2010-06-02 21:38:23 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempEq2980.html
[2010-06-02 20:01:40 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempXm4076.html
[2010-06-02 19:14:06 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempFU6108.html
[2010-06-02 18:43:48 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempyh4256.html
[2010-06-02 18:38:44 | 000,001,944 | ---- | C] () -- C:\Users\Michal\Desktop\HiJackThis.lnk
[2010-06-02 17:51:27 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempSH2904.html
[2010-06-02 17:51:27 | 000,002,089 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempiX2904.html
[2010-06-02 16:47:27 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TemptL1904.html
[2010-06-02 14:45:01 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempcv3916.html
[2010-06-01 21:02:56 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempVD1416.html
[2010-06-01 20:51:11 | 000,011,827 | ---- | C] () -- C:\Users\Michal\Desktop\Nowy Dokument programu Microsoft Office Word.docx
[2010-06-01 19:15:04 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempXR2844.html
[2010-06-01 17:23:41 | 000,000,919 | ---- | C] () -- C:\Users\Michal\.fx1666.log
[2010-06-01 17:18:08 | 000,001,433 | ---- | C] () -- C:\Users\Public\Desktop\Gimnazjum klasa 2 - Planeta Nowa.lnk
[2010-06-01 16:05:06 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TemplS3676.html
[2010-05-31 16:17:24 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempFA5888.html
[2010-05-31 13:42:07 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempQv2464.html
[2010-05-30 12:48:12 | 000,001,978 | ---- | C] () -- C:\Users\Public\Desktop\Tibia MULTI-IP Changer.lnk
[2010-05-30 12:46:39 | 000,000,495 | ---- | C] () -- C:\Users\Public\Desktop\Tibia.lnk
[2010-05-30 11:53:10 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempbA3888.html
[2010-05-30 11:53:10 | 000,002,089 | ---- | C] () -- C:\Users\Michal\AppData\Local\TemprP3888.html
[2010-05-30 11:41:32 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TemptD1548.html
[2010-05-30 10:15:52 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempjH1360.html
[2010-05-30 09:24:40 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempcN3788.html
[2010-05-29 21:13:31 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempzS5464.html
[2010-05-29 21:13:31 | 000,002,089 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempsb5464.html
[2010-05-29 19:50:36 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempzA2376.html
[2010-05-29 17:19:25 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempiC3056.html
[2010-05-28 18:21:03 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempvb3168.html
[2010-05-28 15:42:46 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempPt6080.html
[2010-05-28 13:10:41 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempzI5340.html
[2010-05-28 12:19:34 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempto5112.html
[2010-05-28 11:05:22 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Temppa2988.html
[2010-05-28 10:28:26 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempDk1964.html
[2010-05-28 09:36:10 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempExB236.html
[2010-05-28 09:10:12 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempEb3320.html
[2010-05-27 16:53:31 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempGU5588.html
[2010-05-27 15:50:52 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempsu2500.html
[2010-05-26 20:47:20 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempNn5712.html
[2010-05-26 19:08:29 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempbM1352.html
[2010-05-26 14:36:33 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempgb1092.html
[2010-05-25 21:13:09 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempdT4156.html
[2010-05-25 17:39:23 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempyi5456.html
[2010-05-25 16:28:45 | 000,000,752 | ---- | C] () -- C:\Users\Public\Desktop\Ventrilo.lnk
[2010-05-25 16:28:41 | 000,000,262 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2010-05-25 16:27:40 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempoQ3068.html
[2010-05-25 14:06:43 | 000,000,776 | ---- | C] () -- C:\Users\Public\Desktop\Winamp.lnk
[2010-05-25 13:56:23 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempwc3496.html
[2010-05-24 19:38:20 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempVF2784.html
[2010-05-24 12:43:11 | 000,001,736 | ---- | C] () -- C:\Users\Michal\Desktop\WC3Banlist.lnk
[2010-05-24 11:53:18 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempYh4564.html
[2010-05-24 11:49:26 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempxA4808.html
[2010-05-24 11:41:59 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempAp2740.html
[2010-05-24 10:54:53 | 000,011,550 | ---- | C] () -- C:\Users\Michal\Desktop\Odyseusz.docx
[2010-05-24 10:15:10 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempuF3416.html
[2010-05-24 09:19:04 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempVv2612.html
[2010-05-23 18:21:52 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempWa1232.html
[2010-05-23 11:20:39 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempvz1368.html
[2010-05-22 12:41:08 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempet3036.html
[2010-05-22 12:26:12 | 000,000,049 | ---- | C] () -- C:\Windows\transp.gif
[2010-05-22 12:25:33 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempej3456.html
[2010-05-22 12:25:33 | 000,002,089 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempbc3456.html
[2010-05-22 12:06:41 | 000,191,882 | ---- | C] () -- C:\Users\Michal\Desktop\Super Sayajin Shaco ;).rar
[2010-05-22 11:42:19 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempGR1260.html
[2010-05-22 11:42:19 | 000,002,089 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempeO1260.html
[2010-05-22 11:29:25 | 000,000,599 | ---- | C] () -- C:\Users\Michal\Desktop\Frozen Throne.lnk
[2010-05-22 11:24:33 | 000,000,594 | ---- | C] () -- C:\Users\Michal\Desktop\Warcraft III.lnk
[2010-05-22 11:24:13 | 000,042,732 | ---- | C] () -- C:\Windows\War3Unin.dat
[2010-05-22 11:24:13 | 000,002,829 | ---- | C] () -- C:\Windows\War3Unin.pif
[2010-05-22 10:08:13 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempto5788.html
[2010-05-22 10:08:13 | 000,002,089 | ---- | C] () -- C:\Users\Michal\AppData\Local\TemprX5788.html
[2010-05-21 18:54:28 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempbh4352.html
[2010-05-21 16:42:06 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempOO2052.html
[2010-05-20 18:02:54 | 000,000,000 | ---- | C] () -- C:\Users\Michal\.fls1668.log
[2010-05-20 18:02:06 | 000,000,566 | ---- | C] () -- C:\Users\Public\Desktop\Gimnazjum klasa 2 - Puls życia.lnk
[2010-05-20 17:59:54 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempqF4744.html
[2010-05-20 15:03:21 | 000,233,927 | ---- | C] () -- C:\Users\Michal\Desktop\Super Sayajin Shaco ;).jpg
[2010-05-19 16:40:16 | 000,441,367 | ---- | C] () -- C:\Users\Michal\Documents\Students.accdt
[2010-05-19 16:40:12 | 000,843,776 | ---- | C] () -- C:\Users\Michal\Documents\uczniowie.accdb
[2010-05-19 16:09:23 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempOW2672.html
[2010-05-19 15:11:00 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempmg5676.html
[2010-05-18 18:38:05 | 000,001,887 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010-05-18 17:50:40 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempXS5136.html
[2010-05-18 14:50:05 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Temphfm656.html
[2010-05-18 14:36:57 | 000,001,647 | ---- | C] () -- C:\Users\Public\Desktop\AVG Free 9.0.lnk
[2010-05-18 14:36:46 | 000,113,461 | ---- | C] () -- C:\Windows\System32\drivers\Avg\iavichjw.avm
[2010-05-18 14:36:45 | 061,256,026 | ---- | C] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010-05-17 18:38:17 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010-05-17 18:36:54 | 000,001,880 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010-05-17 16:00:02 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempmn3084.html
[2010-05-17 14:48:47 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempuF3664.html
[2010-05-17 12:40:59 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempZr3928.html
[2010-05-16 18:23:17 | 000,010,701 | ---- | C] () -- C:\Users\Michal\Desktop\Mary discovered that her uncle was a leader of a band of thieves who lured ships onto the rocks.docx
[2010-05-16 17:05:40 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempnT2116.html
[2010-05-16 09:57:12 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempcq3460.html
[2010-05-15 15:56:59 | 000,814,915 | ---- | C] () -- C:\Users\Michal\Documents\shot(05-15-10)12;39;10.jpg
[2010-05-15 15:56:51 | 000,825,255 | ---- | C] () -- C:\Users\Michal\Documents\shot(05-15-10)12;25;05.jpg
[2010-05-15 15:56:46 | 000,560,986 | ---- | C] () -- C:\Users\Michal\Documents\shot(05-15-10)12;46;06.jpg
[2010-05-15 15:41:17 | 000,000,367 | ---- | C] () -- C:\Users\Public\Desktop\Play League of Legends.lnk
[2010-05-15 15:37:29 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010-05-15 15:37:25 | 000,001,724 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010-05-15 15:35:15 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempVjq472.html
[2010-05-15 14:43:26 | 000,005,174 | ---- | C] () -- C:\Windows\System32\nppt9x.vxd
[2010-05-15 14:41:59 | 000,000,528 | ---- | C] () -- C:\Users\Michal\Desktop\Start CABAL.lnk
[2010-05-15 14:31:14 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempgB2492.html
[2010-05-15 14:24:13 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2010-05-15 14:08:37 | 000,000,518 | ---- | C] () -- C:\Users\Michal\Desktop\Armies of Exigo.lnk
[2010-05-15 12:30:39 | 733,962,240 | ---- | C] () -- C:\Users\Michal\Desktop\Adrenalina Lektor PL.avi
[2010-05-15 12:30:04 | 000,000,559 | ---- | C] () -- C:\Users\Public\Desktop\Ashampoo Burning Studio 2010.lnk
[2010-05-15 12:26:34 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempbG3464.html
[2010-05-15 12:26:34 | 000,002,089 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempPR3464.html
[2010-05-15 12:19:06 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2010-05-15 12:07:19 | 000,130,008 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2010-05-15 12:07:17 | 000,009,239 | ---- | C] () -- C:\Windows\System32\spcinstrumentation.man
[2010-05-15 12:07:12 | 000,442,788 | ---- | C] () -- C:\Windows\System32\dot3.tmf
[2010-05-15 12:07:11 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010-05-15 12:07:10 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010-05-15 12:07:09 | 003,662,128 | ---- | C] () -- C:\Windows\System32\locale.nls
[2010-05-15 12:07:09 | 000,392,170 | ---- | C] () -- C:\Windows\System32\onex.tmf
[2010-05-15 12:07:06 | 000,344,698 | ---- | C] () -- C:\Windows\System32\eaphost.tmf
[2010-05-15 12:06:57 | 000,208,966 | ---- | C] () -- C:\Windows\System32\WFP.TMF
[2010-05-15 12:06:56 | 000,092,918 | ---- | C] () -- C:\Windows\System32\slmgr.vbs
[2010-05-15 12:06:32 | 000,009,212 | ---- | C] () -- C:\Windows\System32\RacUR.xml
[2010-05-15 12:06:28 | 000,000,153 | ---- | C] () -- C:\Windows\System32\RacUREx.xml
[2010-05-15 11:40:10 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempVR3748.html
[2010-05-15 11:40:10 | 000,002,089 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempIv3748.html
[2010-05-15 11:23:24 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempnP2484.html
[2010-05-15 11:23:24 | 000,002,089 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempVj2484.html
[2010-05-15 11:15:41 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2010-05-15 11:15:39 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex
[2010-05-15 11:14:14 | 000,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2010-05-15 11:02:15 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempeM3668.html
[2010-05-15 11:02:15 | 000,002,089 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempMS3668.html
[2010-05-15 10:17:13 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempzC1400.html
[2010-05-15 10:14:23 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01007_Inbox_Critical.Wdf
[2010-05-15 10:14:01 | 000,145,455 | ---- | C] () -- C:\Windows\System32\perfmon.msc
[2010-05-15 10:13:46 | 000,144,909 | ---- | C] () -- C:\Windows\System32\fsmgmt.msc
[2010-05-15 10:13:45 | 000,012,198 | ---- | C] () -- C:\Windows\System32\gatherWiredInfo.vbs
[2010-05-15 10:13:40 | 000,195,122 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2010-05-15 10:09:52 | 000,196,608 | ---- | C] () -- C:\Windows\SPInstall.etl
[2010-05-15 09:27:18 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempjG3996.html
[2010-05-15 00:08:35 | 000,001,820 | ---- | C] () -- C:\Windows\System32\rasctrnm.h
[2010-05-15 00:02:35 | 000,232,011 | ---- | C] () -- C:\Users\Michal\Desktop\fail.jpg
[2010-05-15 00:00:27 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2010-05-15 00:00:24 | 000,015,181 | ---- | C] () -- C:\Windows\System32\gatherWirelessInfo.vbs
[2010-05-14 22:43:28 | 027,066,368 | ---- | C] () -- C:\Windows\ocsetup_install_NetFx3.etl
[2010-05-14 22:43:28 | 000,196,608 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_NetFx3.perf
[2010-05-14 22:43:28 | 000,065,536 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_NetFx3.dpx
[2010-05-14 22:36:29 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempgz3336.html
[2010-05-14 22:00:09 | 000,008,192 | R-S- | C] () -- C:\BOOTSECT.BAK
[2010-05-14 22:00:08 | 000,333,257 | RHS- | C] () -- C:\bootmgr
[2010-05-14 21:59:54 | 000,584,219 | R--- | C] () -- C:\Windows\System32\Komputronik.scr
[2010-05-14 21:57:31 | 000,000,555 | ---- | C] () -- C:\Users\Public\Desktop\OpenFM.lnk
[2010-05-14 21:57:31 | 000,000,536 | ---- | C] () -- C:\Users\Public\Desktop\Gadu-Gadu 10.lnk
[2010-05-14 21:36:48 | 000,002,047 | ---- | C] () -- C:\Users\Michal\Desktop\Google Chrome.lnk
[2010-05-14 21:33:35 | 000,001,062 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2383811976-2136801530-783135697-1000UA.job
[2010-05-14 21:33:33 | 000,001,010 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2383811976-2136801530-783135697-1000Core.job
[2010-05-14 21:26:16 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010-05-14 21:26:15 | 2145,902,592 | -HS- | C] () -- C:\hiberfil.sys
[2010-05-14 21:19:22 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2010-05-14 21:10:55 | 000,001,356 | ---- | C] () -- C:\Users\Michal\AppData\Local\d3d9caps.dat
[2010-05-14 21:10:54 | 000,524,288 | -HS- | C] () -- C:\Users\Michal\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2010-05-14 21:10:54 | 000,524,288 | -HS- | C] () -- C:\Users\Michal\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010-05-14 21:10:54 | 000,262,144 | -H-- | C] () -- C:\Users\Michal\ntuser.dat.LOG1
[2010-05-14 21:10:54 | 000,065,536 | -HS- | C] () -- C:\Users\Michal\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010-05-14 21:10:54 | 000,000,020 | -HS- | C] () -- C:\Users\Michal\ntuser.ini
[2010-05-14 21:10:54 | 000,000,000 | -H-- | C] () -- C:\Users\Michal\ntuser.dat.LOG2
[2010-05-14 21:10:53 | 001,310,720 | -HS- | C] () -- C:\Users\Michal\NTUSER.DAT
[2009-05-16 05:22:50 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006-11-02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006-11-02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2005-08-02 23:24:01 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll

[color=#E56717]========== LOP Check ==========[/color]

[2010-05-15 12:35:55 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Ashampoo
[2010-05-22 12:22:38 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\CheckPoint
[2010-06-05 19:25:33 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\DAEMON Tools Lite
[2010-05-14 23:46:05 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Gadu-Gadu 10
[2010-06-05 19:23:58 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\ipla
[2010-05-16 09:55:33 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\LolClient
[2010-05-15 10:29:26 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\OpenFM
[2010-06-06 09:05:17 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Remere's Map Editor
[2010-05-30 12:48:49 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Tibia
[2010-06-19 20:25:47 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\uTorrent
[2010-06-20 10:19:39 | 000,032,590 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2006-09-18 23:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009-04-11 08:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2010-05-14 22:00:09 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2006-09-18 23:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2010-06-20 10:20:40 | 2145,902,592 | -HS- | M] () -- C:\hiberfil.sys
[2010-06-20 10:20:39 | 2459,713,536 | -HS- | M] () -- C:\pagefile.sys


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2008-01-18 23:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008-01-18 23:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008-01-18 23:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008-01-18 23:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006-11-02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006-11-02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009-04-11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009-04-11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009-04-11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008-01-18 23:41:32 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008-01-18 23:41:32 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006-11-02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2010-05-14 23:25:29 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2010-05-14 23:25:29 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2010-05-14 23:25:29 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2008-01-18 21:49:12 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\System32\drivers\beep.sys
[2008-01-18 21:49:12 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6001.18000_none_c420a153079d485b\beep.sys
[2006-11-02 10:51:03 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=AC3DD1708B22761EBD7CBE14DCC3B5D7 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6000.16386_none_c1e9df570ab23787\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2008-01-18 21:49:52 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008-01-18 21:49:52 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009-04-11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys
[2009-04-11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys
[2009-04-11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006-11-02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2009-04-11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys
[2009-04-11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2006-11-02 11:51:42 | 000,500,840 | ---- | M] (Microsoft Corporation) MD5=227C11E1E7CF6EF8AFB2A238D209760C -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.16386_none_a59069cb1f23fc44\ndis.sys
[2008-01-18 23:43:32 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2009-04-11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009-04-11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006-11-02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008-01-18 23:33:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 64 bytes -> C:\Users\Michal\Desktop\Adrenalina Lektor PL.avi:TOC.WMV
@Alternate Data Stream - 255 bytes -> C:\ProgramData\TEMP:6BE50C2B
@Alternate Data Stream - 225 bytes -> C:\ProgramData\TEMP:4EE74317
< End of report >
[/log]
OTL EXTRAS[log]OTL Extras logfile created on: 2010-06-20 10:42:22 - Run 3
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Users\Michal\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 46,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 72,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 68,82 Gb Total Space | 27,86 Gb Free Space | 40,49% Space Free | Partition Type: NTFS
Drive D: | 164,06 Gb Total Space | 127,76 Gb Free Space | 77,88% Space Free | Partition Type: NTFS
Drive E: | 237,41 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MICHAL-PC
Current User Name: Michal
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2383811976-2136801530-783135697-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{24987701-290F-40F2-9287-105EA911E0CA}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{777C2D10-52BD-4B50-8B41-28D9D9FAD451}" = lport=8394 | protocol=17 | dir=in | name=league of legends launcher |
"{90E336A0-0F50-4854-A231-B50245783DC7}" = lport=8394 | protocol=6 | dir=in | name=league of legends launcher |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05B16FD4-58D0-429F-BBE1-25EC70D5B8F6}" = protocol=6 | dir=in | app=d:\age of empires iii\age3y.exe |
"{0748945E-92CD-4876-9EEC-10B2B4E22F99}" = protocol=6 | dir=in | app=d:\league of legends eu\air\lolclient.exe |
"{2E50B807-7FD7-4C5D-AD3F-9721206EDDDC}" = protocol=17 | dir=in | app=d:\league of legends eu\air\lolclient.exe |
"{50FFD961-F2E7-433A-8BC9-CF626B980435}" = dir=in | app=c:\program files\avg\avg9\avgnsx.exe |
"{66F7C7B1-30F6-4158-9320-1807A50294B0}" = protocol=17 | dir=in | app=d:\age of empires iii\age3x.exe |
"{6B12735D-DA16-4852-97AF-71580D26968C}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{81CA2789-0849-4EFA-AAF0-09379C587656}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{86185823-A72C-46BF-82E8-163648E7AB34}" = dir=in | app=c:\program files\avg\avg9\avgupd.exe |
"{8D5D968E-4710-4461-862C-B7DB6E8810D4}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{9666536A-3D15-4572-8490-F422057CE6CD}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{9C927C92-88F2-47D2-8E1F-24E18E24B014}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{AB8362CA-5A3D-4BDC-99B2-7976F6246A6C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AE1F1B64-A26E-47E3-93CB-60D53F801620}" = protocol=6 | dir=in | app=d:\age of empires iii\age3x.exe |
"{B6170EC0-09E3-4BC5-A34A-2BE084330A92}" = protocol=17 | dir=in | app=d:\age of empires iii\age3y.exe |
"{DF445C8E-3767-4023-AFB5-1C7C9A399C26}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{E4619600-1954-423C-B09F-7B9FE55B4C24}" = protocol=17 | dir=in | app=d:\league of legends eu\game\league of legends.exe |
"{F2CFAD65-7DB4-4876-AB56-89785DFC06B5}" = protocol=6 | dir=in | app=d:\league of legends eu\game\league of legends.exe |
"{F99169A7-169B-42C7-A7C9-2E7720E59117}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{FF078E38-179C-43C0-AAB3-9CB246B0A647}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"TCP Query User{17DF4257-15A9-4CCC-ADA7-A4B7254845E8}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{6EEE9D3A-B50F-440B-856D-4C3160EF0FCA}D:\lol\lol.launcher.exe" = protocol=6 | dir=in | app=d:\lol\lol.launcher.exe |
"TCP Query User{84B9FCC7-EF46-4420-9A48-BDD39E6B0EA9}D:\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=d:\gadu-gadu 10\gg.exe |
"TCP Query User{F455962C-91DB-4CAE-82FB-69C8B06DD5CA}D:\warcraft iii\war3.exe" = protocol=6 | dir=in | app=d:\warcraft iii\war3.exe |
"TCP Query User{FA80FC64-D1C6-48D7-98D7-BAFDAC52FDC6}C:\users\michal\desktop\do usuniecia\low war by piorunek. udst. przez areal\loozikots\loozikots\loozikots.exe" = protocol=6 | dir=in | app=c:\users\michal\desktop\do usuniecia\low war by piorunek. udst. przez areal\loozikots\loozikots\loozikots.exe |
"UDP Query User{117EEB81-523C-45B1-8E6A-0C7AE068A81B}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{142A2772-C381-44BB-ADA2-184EDE754F10}C:\users\michal\desktop\do usuniecia\low war by piorunek. udst. przez areal\loozikots\loozikots\loozikots.exe" = protocol=17 | dir=in | app=c:\users\michal\desktop\do usuniecia\low war by piorunek. udst. przez areal\loozikots\loozikots\loozikots.exe |
"UDP Query User{90DF1ED1-97B9-4F8B-A7DD-0D859018D354}D:\warcraft iii\war3.exe" = protocol=17 | dir=in | app=d:\warcraft iii\war3.exe |
"UDP Query User{C1BD984C-2148-4D1E-AF41-A095AEFF5063}D:\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=d:\gadu-gadu 10\gg.exe |
"UDP Query User{E414E93C-FC5A-4DEF-805D-0553F66DE16A}D:\lol\lol.launcher.exe" = protocol=17 | dir=in | app=d:\lol\lol.launcher.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{14F62C36-8B2B-E36F-0A97-8C1D77D9A1E9}" = Catalyst Control Center Graphics Light
"{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21B46459-07FF-78CE-8105-CE25A0EA0904}" = CCC Help Finnish
"{240333EF-BF74-F15F-C29F-3F98D2986FA8}" = CCC Help Spanish
"{25405473-BE48-0710-569C-3032E2F94930}" = CCC Help Turkish
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{399FD6A2-2F49-9C5F-62FE-5D3384B7EBA4}" = CCC Help Korean
"{3AC1563D-00FB-99D6-2521-1821E2065C6E}" = CCC Help Thai
"{4264266B-F749-AAD8-B5DF-614CAB51D179}" = ccc-core-static
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E02E9E3-F0C8-0DED-A2BA-139213554230}" = Catalyst Control Center Core Implementation
"{518AA3D6-5B7D-A795-6368-9BE490CA95E9}" = CCC Help Hungarian
"{55335D80-E1DF-2F9C-640F-44C1C1977EA5}" = CCC Help Russian
"{5ABF0366-64EE-3426-1471-38701AC57820}" = CCC Help Czech
"{626731A9-D679-8C85-AF98-D3318E82CA91}" = CCC Help Japanese
"{630A00D6-85BF-F895-205C-1300E521D493}" = ccc-utility
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76AA1261-AB5F-491F-F040-A59F512E0DD2}" = CCC Help Dutch
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7B44E2CC-C4DB-3E07-ADD5-9D23C0C7A0D3}" = CCC Help Polish
"{7BBAEC14-DB03-E6C9-B739-8ECBFBFD3E07}" = CCC Help Swedish
"{81841A8B-5677-50B7-EF9D-28F75F85A159}" = Catalyst Control Center Graphics Full Existing
"{82F23CC2-37B5-8E55-5705-C08AD57DD7DA}" = CCC Help Greek
"{83729FE3-6785-476A-91F1-312D427B4522}" = League of Legends
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later
"{89B16D09-3C64-AD20-2AF7-FCB4088C69C4}" = Catalyst Control Center InstallProxy
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-001F-0415-0000-0000000FF1CE}_ENTERPRISE_{E9EA2604-8AC9-47D2-8F4B-6BF60787A357}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007
"{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007
"{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9067EE66-E412-48D1-FB63-60DB9B4BC510}" = CCC Help Chinese Traditional
"{919363FE-2701-BFBB-5E78-20BC8B739B95}" = CCC Help French
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{988588CE-4059-CC92-8509-C4A1F682F0F7}" = CCC Help Danish
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk
"{A45F3795-1527-47FA-BE1A-2DD242B439E5}_is1" = Need for Speed - Shift
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A56F087B-547C-C8FD-7885-513934D086B5}" = HydraVision
"{A854B16A-152F-4A7D-C541-8E2DAFE3933F}" = CCC Help English
"{A8B0DAB9-C8BF-4316-9F99-1A57CF3495F7}" = CCC Help Portuguese
"{AC03EB07-8C01-7128-487B-A853C656F2FE}" = CCC Help Chinese Standard
"{AC76BA86-7AD7-1045-7B44-A93000000001}" = Adobe Reader 9.3.2 - Polish
"{B0B9863F-FEE6-489A-3B43-7A56FC3F43BD}" = Catalyst Control Center Graphics Previews Vista
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B8FC3A3D-B433-8235-C5DE-E94F51EF3A41}" = CCC Help Norwegian
"{BD74ABDF-0BAC-1653-DBD1-8014D2C8683A}" = Catalyst Control Center Localization All
"{BFE351D8-49F9-9EC9-3CC0-26A241A4156F}" = Catalyst Control Center HydraVision Full
"{C0C4B69C-D09A-EE09-A8B1-772D8113A4C0}" = Catalyst Control Center Graphics Previews Common
"{C3367470-9944-FD20-0DC4-BA705ED1EF59}" = ATI Catalyst Install Manager
"{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"{C7BEF25F-260C-492A-96FB-5E9BD3360D22}" = Remere's Map Editor
"{CD26604A-5F8A-953B-C070-25480C546756}" = Catalyst Control Center Graphics Full New
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D3B1C799-CB73-42DE-BA0F-2344793A095C}" = Catalyst Control Center - Branding
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{DD51B0FE-180D-C805-12EE-53713D15C8AE}" = ATI AVIVO Codecs
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{EC94BCD5-E64E-30EA-8CF0-C0604064C2E4}" = CCC Help Italian
"{EDB32FFB-FC1C-414B-BF8E-4645217E9AF2}" = League of Legends
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1CBC6F7-D82D-4DC5-B81C-9A14F418593A}_is1" = WC3Banlist
"{F2EB9938-0155-6DDC-FD82-DB8090B209DA}" = CCC Help German
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Agnitum Outpost Firewall_is1" = Outpost Firewall 2009
"Armies of Exigo_is1" = Armies of Exigo
"Ashampoo Burning Studio 2010_is1" = Ashampoo Burning Studio 2010
"AVG9Uninstall" = AVG Free 9.0
"BDESetup.exe_is1" = Borland Database Engine Ver. 5.2.0.2
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON Printer and Utilities" = EPSON Printer Software
"Gadu-Gadu 10" = Gadu-Gadu 10
"Gimnazjum klasa 2 - Planeta Nowa" = Gimnazjum klasa 2 - Planeta Nowa
"Gimnazjum klasa 2 - Puls życia" = Gimnazjum klasa 2 - Puls życia
"InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs
"InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"ipla" = ipla 2.1.4
"League of Legends_is1" = League of Legends
"Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"Tibia_is1" = Tibia 7.6
"TMIPC" = Tibia MULTI-ip changer
"uTorrent" = µTorrent
"Warcraft III" = Warcraft III
"Winamp" = Winamp
"WinPcapInst" = WinPcap 3.1
"WinRAR archiver" = Archiwizator WinRAR

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-2383811976-2136801530-783135697-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Warcraft III" = Warcraft III: wszystkie elementy
"Winamp Detect" = Detektor Winampa

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2010-06-19 02:56:37 | Computer Name = Michal-PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd gta_sa.exe, wersja 0.0.0.0, sygnatura czasowa
0x427101ca, moduł powodujący błąd gta_sa.exe, wersja 0.0.0.0, sygnatura czasowa
0x427101ca, kod wyjątku 0xc0000005, przesunięcie błędu 0x000dd5a3, identyfikator
procesu 0xf98, godzina rozpoczęcia aplikacji 0x01cb0f7c84467be8.

Error - 2010-06-19 03:33:26 | Computer Name = Michal-PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd javaw.exe, wersja 6.0.200.2, sygnatura czasowa
0x4bc398b3, moduł powodujący błąd java.dll, wersja 6.0.200.2, sygnatura czasowa
0x4bc3c8dc, kod wyjątku 0xc0000005, przesunięcie błędu 0x00005875, identyfikator
procesu 0x934, godzina rozpoczęcia aplikacji 0x01cb0f81b4093118.

Error - 2010-06-19 03:35:55 | Computer Name = Michal-PC | Source = Application Hang | ID = 1002
Description = Program gta_sa.exe w wersji 0.0.0.0 zatrzymał interakcję z systemem
Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji
dotyczących tego problemu, sprawdź historię problemu w panelu sterowania raportami
i rozwiązaniami problemów. Identyfikator procesu: b54 Godzina rozpoczęcia: 01cb0f7cf7978a88
Godzina
zakończenia: 33

Error - 2010-06-19 03:36:52 | Computer Name = Michal-PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd gta_sa.exe, wersja 0.0.0.0, sygnatura czasowa
0x427101ca, moduł powodujący błąd gta_sa.exe, wersja 0.0.0.0, sygnatura czasowa
0x427101ca, kod wyjątku 0xc0000005, przesunięcie błędu 0x00086ddf, identyfikator
procesu 0xa5c, godzina rozpoczęcia aplikacji 0x01cb0f820f6c1ea8.

Error - 2010-06-19 14:29:12 | Computer Name = Michal-PC | Source = System Restore | ID = 8193
Description =

Error - 2010-06-19 14:38:02 | Computer Name = Michal-PC | Source = VSS | ID = 8194
Description =

Error - 2010-06-19 17:43:30 | Computer Name = Michal-PC | Source = Application Hang | ID = 1002
Description = Program iexplore.exe w wersji 8.0.6001.18928 zatrzymał interakcję
z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej
informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania
raportami i rozwiązaniami problemów. Identyfikator procesu: 61c Godzina rozpoczęcia:
01cb0ff86326a5ca Godzina zakończenia: 5

Error - 2010-06-20 04:33:53 | Computer Name = Michal-PC | Source = VSS | ID = 8194
Description =

Error - 2010-06-20 04:37:14 | Computer Name = Michal-PC | Source = VSS | ID = 8194
Description =

Error - 2010-06-20 04:47:51 | Computer Name = Michal-PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd gg.exe, wersja 10.1.1.11119, sygnatura czasowa
0x4be02811, moduł powodujący błąd kernel32.dll, wersja 6.0.6002.18005, sygnatura
czasowa 0x49e037dd, kod wyjątku 0xe06d7363, przesunięcie błędu 0x0003fbae, identyfikator
procesu 0xd08, godzina rozpoczęcia aplikacji 0x01cb1052544127dd.

[ System Events ]
Error - 2010-05-15 03:24:05 | Computer Name = Michal-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 2010-05-15 03:24:05 | Computer Name = Michal-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 2010-05-15 03:24:05 | Computer Name = Michal-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 2010-05-15 03:24:05 | Computer Name = Michal-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 2010-05-15 03:24:05 | Computer Name = Michal-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 2010-05-15 03:24:05 | Computer Name = Michal-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 2010-05-15 04:11:32 | Computer Name = Michal-PC | Source = DCOM | ID = 10010
Description =

Error - 2010-05-15 04:42:51 | Computer Name = Michal-PC | Source = DCOM | ID = 10010
Description =

Error - 2010-05-15 04:57:16 | Computer Name = Michal-PC | Source = HTTP | ID = 15016
Description =

Error - 2010-05-15 04:59:55 | Computer Name = Michal-PC | Source = Microsoft-Windows-Eventlog | ID = 30
Description =


< End of report >
[/log]
RSIT[log]Logfile of random's system information tool 1.07 (written by random/random)
Run by Michal at 2010-06-20 10:50:50
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 28 GB (40%) free of 70 GB
Total RAM: 2046 MB (37% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:50:55, on 2010-06-20
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18928)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\conime.exe
C:\Users\Michal\Downloads\OTL.exe
D:\Gadu-Gadu 10\gg.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\notepad.exe
C:\Windows\notepad.exe
C:\Users\Michal\Downloads\RSIT.exe
C:\Program Files\trend micro\Michal.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\ProgramData\Gadu-Gadu 10\_userdata\ggbho.2.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [ISW] "C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /F "C:\Windows\TEMP\E_SE38B.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [OutpostMonitor] C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe /tray /noservice
O4 - HKLM\..\Run: [OutpostFeedBack] "C:\Program Files\Agnitum\Outpost Firewall\feedback.exe" /dump:os_startup
O4 - HKCU\..\Run: [Google Update] "C:\Users\Michal\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'USŁUGA SIECIOWA')
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\progra~1\agnitum\outpos~1\wl_hook.dll avgrsstx.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe

--
End of file - 6921 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2383811976-2136801530-783135697-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2383811976-2136801530-783135697-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-06-03 1615200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-22 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}]
IEPluginBHO Class - C:\ProgramData\Gadu-Gadu 10\_userdata\ggbho.2.dll [2010-05-04 42080]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-18 1008184]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2010-03-26 8546848]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-05-20 98304]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"ISW"=C:\Program Files\CheckPoint\ZAForceField\ForceField.exe /icon=hidden []
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-06-03 2065248]
"EPSON Stylus DX3800 Series"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE [2005-02-08 98304]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"OutpostMonitor"=C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe [2009-04-28 2374464]
"OutpostFeedBack"=C:\Program Files\Agnitum\Outpost Firewall\feedback.exe [2009-04-28 428032]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Michal\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-14 136176]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe -silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^diPhoto Home diUpdate.lnk]
C:\PROGRA~1\River\DIPHOT~1\diupdate.exe []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="c:\progra~1\agnitum\outpos~1\wl_hook.dll avgrsstx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0c730f3c-5f8b-11df-9f9d-806e6f6e6963}]
shell\AutoRun\command - E:\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fca3d9ed-70c6-11df-b081-001d7d77753b}]
shell\AutoRun\command - J:\setup.exe
shell\dinstall\command - J:\DirectX9\DXSETUP.exe


======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-06-20 10:36:18 ----SHD---- C:\Config.Msi
2010-06-18 11:50:02 ----A---- C:\Windows\system32\XAudio2_7.dll
2010-06-18 11:50:02 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2010-06-18 11:50:02 ----A---- C:\Windows\system32\xactengine3_7.dll
2010-06-18 11:50:01 ----A---- C:\Windows\system32\d3dx11_43.dll
2010-06-18 11:50:01 ----A---- C:\Windows\system32\d3dcsx_43.dll
2010-06-18 11:50:01 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2010-06-18 11:49:48 ----A---- C:\Windows\system32\d3dx10_43.dll
2010-06-18 11:49:22 ----A---- C:\Windows\system32\D3DX9_43.dll
2010-06-18 11:47:58 ----D---- C:\Windows\system32\directx
2010-06-18 10:39:24 ----D---- C:\Program Files\Pando Networks
2010-06-11 13:53:38 ----D---- C:\Program Files\trend micro
2010-06-11 13:53:37 ----D---- C:\rsit
2010-06-09 07:50:05 ----A---- C:\Windows\system32\asycfilt.dll
2010-06-09 07:50:02 ----A---- C:\Windows\system32\atmlib.dll
2010-06-09 07:50:02 ----A---- C:\Windows\system32\atmfd.dll
2010-06-09 07:49:56 ----A---- C:\Windows\system32\mshtml.dll
2010-06-09 07:49:55 ----A---- C:\Windows\system32\ieframe.dll
2010-06-09 07:49:54 ----A---- C:\Windows\system32\wininet.dll
2010-06-09 07:49:54 ----A---- C:\Windows\system32\urlmon.dll
2010-06-09 07:49:54 ----A---- C:\Windows\system32\occache.dll
2010-06-09 07:49:54 ----A---- C:\Windows\system32\mstime.dll
2010-06-09 07:49:54 ----A---- C:\Windows\system32\msfeeds.dll
2010-06-09 07:49:54 ----A---- C:\Windows\system32\iertutil.dll
2010-06-09 07:49:54 ----A---- C:\Windows\system32\iedkcs32.dll
2010-06-09 07:49:53 ----A---- C:\Windows\system32\msfeedssync.exe
2010-06-09 07:49:53 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-06-09 07:49:53 ----A---- C:\Windows\system32\jsproxy.dll
2010-06-09 07:49:53 ----A---- C:\Windows\system32\ieUnatt.exe
2010-06-09 07:49:53 ----A---- C:\Windows\system32\ieui.dll
2010-06-09 07:49:53 ----A---- C:\Windows\system32\iesysprep.dll
2010-06-09 07:49:53 ----A---- C:\Windows\system32\iesetup.dll
2010-06-09 07:49:53 ----A---- C:\Windows\system32\iernonce.dll
2010-06-09 07:49:53 ----A---- C:\Windows\system32\iepeers.dll
2010-06-09 07:49:53 ----A---- C:\Windows\system32\ie4uinit.exe
2010-06-08 15:12:50 ----D---- C:\ProgramData\Electronic Arts
2010-06-08 15:12:45 ----D---- C:\Program Files\Electronic Arts
2010-06-08 07:33:01 ----D---- C:\Program Files\MSXML 4.0
2010-06-06 17:59:02 ----D---- C:\ProgramData\Age of Empires 3
2010-06-06 17:53:33 ----D---- C:\Program Files\Common Files\Microsoft Games
2010-06-06 09:06:15 ----D---- C:\Program Files\Remere's Map Editor
2010-06-05 19:32:34 ----D---- C:\Program Files\Microsoft WSE
2010-06-05 19:21:06 ----D---- C:\Program Files\DAEMON Tools Lite
2010-06-05 19:20:32 ----D---- C:\Users\Michal\AppData\Roaming\DAEMON Tools Lite
2010-06-05 19:20:31 ----D---- C:\ProgramData\DAEMON Tools Lite
2010-06-05 15:57:14 ----A---- C:\Windows\system32\XAudio2_6.dll
2010-06-05 15:57:14 ----A---- C:\Windows\system32\XAudio2_5.dll
2010-06-05 15:57:14 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2010-06-05 15:57:14 ----A---- C:\Windows\system32\xactengine3_6.dll
2010-06-05 15:57:14 ----A---- C:\Windows\system32\xactengine3_5.dll
2010-06-05 15:57:14 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2010-06-05 15:57:13 ----A---- C:\Windows\system32\d3dx11_42.dll
2010-06-05 15:57:13 ----A---- C:\Windows\system32\d3dcsx_42.dll
2010-06-05 15:57:13 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2010-06-05 15:57:12 ----A---- C:\Windows\system32\d3dx10_42.dll
2010-06-05 15:57:11 ----A---- C:\Windows\system32\XAudio2_4.dll
2010-06-05 15:57:11 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2010-06-05 15:57:11 ----A---- C:\Windows\system32\D3DX9_41.dll
2010-06-05 15:57:11 ----A---- C:\Windows\system32\d3dx10_41.dll
2010-06-05 15:57:11 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2010-06-05 15:57:10 ----A---- C:\Windows\system32\XAudio2_3.dll
2010-06-05 15:57:10 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2010-06-05 15:57:10 ----A---- C:\Windows\system32\xactengine3_4.dll
2010-06-05 15:57:10 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2010-06-05 15:57:10 ----A---- C:\Windows\system32\D3DX9_40.dll
2010-06-05 15:57:10 ----A---- C:\Windows\system32\d3dx10_40.dll
2010-06-05 15:57:10 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2010-06-05 15:57:09 ----A---- C:\Windows\system32\xactengine3_3.dll
2010-06-05 15:57:09 ----A---- C:\Windows\system32\xactengine3_2.dll
2010-06-05 15:57:09 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2010-06-05 15:57:07 ----A---- C:\Windows\system32\XAudio2_1.dll
2010-06-05 15:57:07 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2010-06-05 15:57:07 ----A---- C:\Windows\system32\xactengine3_1.dll
2010-06-05 15:57:07 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2010-06-05 15:57:06 ----A---- C:\Windows\system32\d3dx10_38.dll
2010-06-05 15:57:06 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2010-06-05 15:57:05 ----A---- C:\Windows\system32\XAudio2_0.dll
2010-06-05 15:57:05 ----A---- C:\Windows\system32\xactengine3_0.dll
2010-06-05 15:57:05 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2010-06-05 15:57:05 ----A---- C:\Windows\system32\D3DX9_38.dll
2010-06-05 15:57:04 ----A---- C:\Windows\system32\xactengine2_10.dll
2010-06-05 15:57:04 ----A---- C:\Windows\system32\D3DX9_37.dll
2010-06-05 15:57:04 ----A---- C:\Windows\system32\d3dx10_37.dll
2010-06-05 15:57:04 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2010-06-05 15:57:03 ----A---- C:\Windows\system32\xactengine2_9.dll
2010-06-05 15:57:03 ----A---- C:\Windows\system32\d3dx9_36.dll
2010-06-05 15:57:03 ----A---- C:\Windows\system32\d3dx10_36.dll
2010-06-05 15:57:03 ----A---- C:\Windows\system32\d3dx10_35.dll
2010-06-05 15:57:03 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2010-06-05 15:57:02 ----A---- C:\Windows\system32\xactengine2_8.dll
2010-06-05 15:57:02 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2010-06-05 15:57:02 ----A---- C:\Windows\system32\d3dx9_35.dll
2010-06-05 15:57:02 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2010-06-05 15:57:01 ----A---- C:\Windows\system32\xinput1_3.dll
2010-06-05 15:57:01 ----A---- C:\Windows\system32\xactengine2_7.dll
2010-06-05 15:57:01 ----A---- C:\Windows\system32\d3dx9_34.dll
2010-06-05 15:57:01 ----A---- C:\Windows\system32\d3dx9_33.dll
2010-06-05 15:57:01 ----A---- C:\Windows\system32\d3dx10_34.dll
2010-06-05 15:57:01 ----A---- C:\Windows\system32\d3dx10_33.dll
2010-06-05 15:57:01 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2010-06-05 15:57:01 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2010-06-05 15:57:00 ----A---- C:\Windows\system32\xactengine2_6.dll
2010-06-05 15:57:00 ----A---- C:\Windows\system32\xactengine2_5.dll
2010-06-05 15:57:00 ----A---- C:\Windows\system32\xactengine2_4.dll
2010-06-05 15:57:00 ----A---- C:\Windows\system32\x3daudio1_1.dll
2010-06-05 15:57:00 ----A---- C:\Windows\system32\d3dx9_32.dll
2010-06-05 15:57:00 ----A---- C:\Windows\system32\d3dx10.dll
2010-06-05 15:56:59 ----A---- C:\Windows\system32\xinput1_2.dll
2010-06-05 15:56:59 ----A---- C:\Windows\system32\xinput1_1.dll
2010-06-05 15:56:59 ----A---- C:\Windows\system32\xactengine2_3.dll
2010-06-05 15:56:59 ----A---- C:\Windows\system32\xactengine2_2.dll
2010-06-05 15:56:58 ----A---- C:\Windows\system32\xactengine2_1.dll
2010-06-05 15:56:51 ----A---- C:\Windows\system32\xactengine2_0.dll
2010-06-05 15:56:51 ----A---- C:\Windows\system32\x3daudio1_0.dll
2010-06-05 15:56:51 ----A---- C:\Windows\system32\d3dx9_30.dll
2010-06-05 15:56:50 ----A---- C:\Windows\system32\d3dx9_29.dll
2010-06-05 15:56:50 ----A---- C:\Windows\system32\d3dx9_28.dll
2010-06-05 15:56:50 ----A---- C:\Windows\system32\d3dx9_27.dll
2010-06-05 15:56:50 ----A---- C:\Windows\system32\d3dx9_26.dll
2010-06-05 15:56:49 ----A---- C:\Windows\system32\d3dx9_24.dll
2010-06-05 15:54:47 ----D---- C:\Program Files\uTorrent
2010-06-05 15:53:58 ----D---- C:\Users\Michal\AppData\Roaming\uTorrent
2010-06-04 16:23:51 ----D---- C:\Users\Michal\AppData\Roaming\ipla
2010-06-04 16:23:51 ----D---- C:\ProgramData\ipla
2010-06-04 16:23:44 ----D---- C:\Program Files\ipla
2010-06-04 16:23:40 ----A---- C:\Windows\system32\Msvcr71.dll
2010-06-04 16:23:40 ----A---- C:\Windows\system32\mfc71.dll
2010-06-04 16:23:40 ----A---- C:\Windows\system32\gdiplus.dll
2010-06-03 20:30:13 ----D---- C:\Users\Michal\AppData\Roaming\Remere's Map Editor
2010-06-01 17:18:07 ----D---- C:\Program Files\Gimnazjum klasa 2 - Planeta Nowa
2010-06-01 17:18:07 ----D---- C:\Program Files\Common Files\YDP
2010-05-31 13:53:12 ----AD---- C:\ProgramData\TEMP
2010-05-30 18:53:38 ----D---- C:\Windows\pss
2010-05-30 12:48:35 ----D---- C:\Users\Michal\AppData\Roaming\Tibia
2010-05-30 12:48:11 ----D---- C:\Program Files\Asprate
2010-05-30 12:47:34 ----HD---- C:\$AVG
2010-05-30 08:52:44 ----D---- C:\Program Files\River
2010-05-30 08:52:40 ----D---- C:\Program Files\Common Files\Borland Shared
2010-05-30 08:52:35 ----D---- C:\Program Files\Firebird
2010-05-26 07:47:51 ----A---- C:\Windows\system32\tzres.dll
2010-05-25 16:30:36 ----D---- C:\Users\Michal\AppData\Roaming\Ventrilo
2010-05-25 16:28:43 ----D---- C:\Program Files\Ventrilo
2010-05-25 16:28:41 ----A---- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
2010-05-25 16:27:12 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-05-25 14:06:42 ----A---- C:\Windows\system32\D3DX9_42.dll
2010-05-25 14:06:39 ----A---- C:\Windows\system32\d3dx9_31.dll
2010-05-25 14:05:54 ----D---- C:\Program Files\Winamp Detect
2010-05-25 14:05:49 ----D---- C:\Program Files\Common Files\PX Storage Engine
2010-05-25 14:05:47 ----D---- C:\Users\Michal\AppData\Roaming\Winamp
2010-05-25 14:05:47 ----D---- C:\Program Files\Winamp
2010-05-24 12:43:08 ----D---- C:\Program Files\WC3Banlist
2010-05-22 12:25:49 ----D---- C:\Program Files\Agnitum
2010-05-22 12:25:37 ----D---- C:\ProgramData\Agnitum
2010-05-22 12:24:34 ----D---- C:\Windows\Internet Logs
2010-05-22 11:44:58 ----A---- C:\Windows\system32\D3DX81ab.dll
2010-05-22 11:38:22 ----D---- C:\Program Files\WinPcap
2010-05-22 11:24:13 ----A---- C:\Windows\War3Unin.exe
2010-05-22 10:48:39 ----D---- C:\ProgramData\Sun
2010-05-22 10:48:38 ----D---- C:\Program Files\Common Files\Java
2010-05-22 10:47:54 ----A---- C:\Windows\system32\javaws.exe
2010-05-22 10:47:54 ----A---- C:\Windows\system32\javaw.exe
2010-05-22 10:47:54 ----A---- C:\Windows\system32\java.exe
2010-05-22 10:47:54 ----A---- C:\Windows\system32\deployJava1.dll
2010-05-22 10:47:36 ----D---- C:\Program Files\Java

======List of files/folders modified in the last 1 months======

2010-06-20 10:50:45 ----D---- C:\Windows\Temp
2010-06-20 10:41:49 ----HD---- C:\Program Files\InstallShield Installation Information
2010-06-20 10:41:40 ----SHD---- C:\Windows\Installer
2010-06-20 10:41:28 ----D---- C:\Windows\winsxs
2010-06-20 10:37:17 ----SHD---- C:\System Volume Information
2010-06-20 10:36:20 ----D---- C:\Windows
2010-06-20 10:36:19 ----RD---- C:\Program Files
2010-06-20 10:36:18 ----D---- C:\Windows\System32
2010-06-20 10:34:48 ----D---- C:\Program Files\Neffy
2010-06-20 10:34:40 ----HD---- C:\ProgramData
2010-06-19 20:28:57 ----RSD---- C:\Windows\assembly
2010-06-19 15:54:52 ----SD---- C:\Users\Michal\AppData\Roaming\Microsoft
2010-06-18 11:50:04 ----D---- C:\Program Files\Adobe
2010-06-18 11:49:57 ----D---- C:\Program Files\Common Files\Adobe AIR
2010-06-17 21:52:47 ----D---- C:\Windows\system32\catroot2
2010-06-17 12:58:01 ----D---- C:\Users\Michal\AppData\Roaming\Skype
2010-06-17 12:48:49 ----D---- C:\Users\Michal\AppData\Roaming\skypePM
2010-06-16 21:48:51 ----D---- C:\ProgramData\OpenFM
2010-06-12 09:26:47 ----D---- C:\Windows\system32\migration
2010-06-12 09:26:47 ----D---- C:\Program Files\Internet Explorer
2010-06-10 09:42:08 ----D---- C:\Windows\Microsoft.NET
2010-06-10 09:40:07 ----D---- C:\Windows\system32\catroot
2010-06-10 09:37:20 ----D---- C:\Windows\system32\wbem
2010-06-10 09:37:20 ----D---- C:\Program Files\Windows Mail
2010-06-10 09:21:47 ----D---- C:\ProgramData\Microsoft Help
2010-06-09 16:20:16 ----RSD---- C:\Windows\Fonts
2010-06-09 12:56:45 ----D---- C:\Windows\system32\Tasks
2010-06-08 14:23:46 ----D---- C:\Windows\Prefetch
2010-06-06 17:53:33 ----D---- C:\Program Files\Common Files
2010-06-06 17:49:05 ----D---- C:\Windows\inf
2010-06-06 17:49:05 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-06-06 17:43:28 ----D---- C:\Program Files\Common Files\InstallShield
2010-06-05 19:21:15 ----D---- C:\Windows\system32\drivers
2010-06-05 15:56:51 ----D---- C:\Windows\Logs
2010-05-28 21:37:34 ----A---- C:\Windows\system32\mrt.exe
2010-05-27 13:07:43 ----D---- C:\Windows\rescache
2010-05-26 14:37:27 ----D---- C:\Windows\system32\pl-PL
2010-05-22 19:33:29 ----D---- C:\Windows\system32\config
2010-05-22 12:23:41 ----D---- C:\Program Files\CheckPoint
2010-05-22 12:22:38 ----D---- C:\Users\Michal\AppData\Roaming\CheckPoint

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 afw;Agnitum Firewall Driver; C:\Windows\system32\DRIVERS\afw.sys [2009-02-18 29208]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\Windows\System32\Drivers\avgldx86.sys [2010-05-18 216200]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\Windows\System32\Drivers\avgmfx86.sys [2010-06-03 29584]
R1 AvgTdiX;AVG Free Network Redirector; C:\Windows\System32\Drivers\avgtdix.sys [2010-06-03 242896]
R1 SandBox;SandBox; \??\C:\Windows\system32\drivers\SandBox.sys [2009-04-06 704384]
R3 afwcore;afwcore; C:\Windows\system32\drivers\afwcore.sys [2009-02-10 307224]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\Windows\system32\drivers\AtiHdmi.sys [2009-04-24 95544]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-05-16 4933632]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2010-03-26 3048096]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2009-09-02 176128]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328]
S3 az5gonny;az5gonny; C:\Windows\system32\drivers\az5gonny.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 HdAudAddService;Sterownik funkcji Microsoft 1.1 UAA dla usługi standardu High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Serwer proxy usługi Microsoft Streaming; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Serwer proxy zegara Microsoft Streaming; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Serwer proxy menedżera jakości Microsoft Streaming; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2005-08-02 32512]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 acssrv;Agnitum Client Security Service; C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe [2009-04-28 1195008]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-05-16 176128]
R2 avg9wd;AVG Free WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-05-18 308064]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-18 21504]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2010-05-03 3658096]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2005-08-02 86016]

-----------------EOF-----------------
[/log]
Z góry dzięki.

Mateusz J.
komentarz
komentarz

Widać tutaj pozostałość po infekcji z pendrive. Pewnie pojawiły się przez nią problemy z powłoką systemową. A brak ikon na pasku zadań to wina crashu bądź chwilowej zmiany wartości MinWidth w HKEY_CURRENT_USER\Control Panel\Desktop\WindowMetrics.

Do notatnika wklej:
[code]Windows Registry Editor Version 5.00

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2]
[/code]Plik ==> Zapisz jako ==> Zmień rozszerzenie na Wszystkie pliki ==> Zapisz pod nazwą [b]FIX.REG[/b]
Uruchom utworzony plik [b]FIX.REG[/b] i potwierdź dodanie do Rejestru i zresetuj komputer.

Ogólnie w porządku.

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.