Demonrex utworzono 20 czerwca 2010 utworzono 20 czerwca 2010 Tak jak w temacie, oraz jeden mały problem. Jak dzisiaj włączyłem komputer, zalogowałem się, to pasek narzędzi nie chciał w ogóle odpowiadać. Niby wszystkie programy się uruchomiły(antywirus, firewall, ,sterowniki) ale tak naprawdę nie działały. Gdy zrzuciłem do paska przeglądarkę nie było jej widać (sprawdziłem czy jest uruchomiona używając alt+tab, i była uruchomiona). Po ponownym uruchomieniu wszystko było dobrze. Nie wiem czy to jest jakiś problem, ale wole to sprawdzić i być pewny na 100%. Poniżej logi OTL [log]OTL logfile created on: 2010-06-20 10:42:22 - Run 3 OTL by OldTimer - Version 3.2.6.0 Folder = C:\Users\Michal\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18928) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 46,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 72,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 68,82 Gb Total Space | 27,86 Gb Free Space | 40,49% Space Free | Partition Type: NTFS Drive D: | 164,06 Gb Total Space | 127,76 Gb Free Space | 77,88% Space Free | Partition Type: NTFS Drive E: | 237,41 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: MICHAL-PC Current User Name: Michal Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 60 Days Output = Standard [color=#E56717]========== Processes (All) ==========[/color] PRC - [2010-06-20 10:40:11 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\Michal\Downloads\OTL.exe PRC - [2010-06-03 11:13:33 | 002,065,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe PRC - [2010-06-03 11:13:29 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe PRC - [2010-06-03 11:13:28 | 000,620,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe PRC - [2010-06-03 11:13:06 | 000,722,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe PRC - [2010-06-03 11:13:05 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe PRC - [2010-06-02 07:57:48 | 000,945,648 | ---- | M] (Google Inc.) -- C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe PRC - [2010-05-18 14:36:42 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe PRC - [2010-05-14 23:58:15 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe PRC - [2010-05-04 16:05:48 | 011,981,408 | ---- | M] (GG Network S.A.) -- D:\Gadu-Gadu 10\gg.exe PRC - [2010-04-01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe PRC - [2010-03-26 12:02:56 | 008,546,848 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe PRC - [2010-02-18 11:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe PRC - [2009-05-16 05:24:24 | 000,335,872 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe PRC - [2009-05-16 05:23:56 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe PRC - [2009-04-22 17:38:50 | 000,065,536 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe PRC - [2009-04-22 17:37:16 | 000,065,536 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe PRC - [2009-04-11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe PRC - [2009-04-11 08:28:10 | 001,055,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\VSSVC.exe PRC - [2009-04-11 08:28:07 | 000,169,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe PRC - [2009-04-11 08:28:07 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\servicing\TrustedInstaller.exe PRC - [2009-04-11 08:28:05 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe PRC - [2009-04-11 08:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe PRC - [2009-04-11 08:27:59 | 000,441,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe PRC - [2009-04-11 08:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe PRC - [2009-04-11 08:27:49 | 003,408,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe PRC - [2009-04-11 08:27:45 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msiexec.exe PRC - [2009-04-11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009-04-11 08:27:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe PRC - [2009-04-11 08:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe PRC - [2008-10-25 11:44:34 | 000,031,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe PRC - [2008-01-18 23:33:42 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exe PRC - [2008-01-18 23:33:38 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe PRC - [2008-01-18 23:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-18 23:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-18 23:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-18 23:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-18 23:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-18 23:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-18 23:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-18 23:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-18 23:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-18 23:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-18 23:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-18 23:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-18 23:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-18 23:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-18 23:33:16 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe PRC - [2008-01-18 23:33:16 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mobsync.exe PRC - [2008-01-18 23:33:06 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2010-06-20 10:40:11 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\Michal\Downloads\OTL.exe MOD - [2010-05-18 14:36:57 | 000,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll MOD - [2010-05-15 00:10:38 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll MOD - [2010-05-14 23:58:15 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll MOD - [2010-05-14 23:49:19 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll MOD - [2010-05-14 22:30:26 | 000,784,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll MOD - [2009-09-25 00:54:55 | 000,258,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv MOD - [2009-04-28 10:05:56 | 000,715,264 | ---- | M] (Agnitum Ltd.) -- c:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll MOD - [2009-04-11 08:28:25 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll MOD - [2009-04-11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll MOD - [2009-04-11 08:28:25 | 000,502,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll MOD - [2009-04-11 08:28:25 | 000,287,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll MOD - [2009-04-11 08:28:25 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll MOD - [2009-04-11 08:28:25 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll MOD - [2009-04-11 08:28:24 | 011,584,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll MOD - [2009-04-11 08:28:24 | 001,591,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll MOD - [2009-04-11 08:28:24 | 001,068,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll MOD - [2009-04-11 08:28:24 | 000,353,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll MOD - [2009-04-11 08:28:24 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll MOD - [2009-04-11 08:28:24 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll MOD - [2009-04-11 08:28:23 | 001,316,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll MOD - [2009-04-11 08:28:23 | 000,754,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll MOD - [2009-04-11 08:28:23 | 000,563,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll MOD - [2009-04-11 08:28:23 | 000,467,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netapi32.dll MOD - [2009-04-11 08:28:23 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll MOD - [2009-04-11 08:28:23 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll MOD - [2009-04-11 08:28:22 | 000,679,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll MOD - [2009-04-11 08:28:20 | 000,891,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll MOD - [2009-04-11 08:28:20 | 000,807,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll MOD - [2009-04-11 08:28:20 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll MOD - [2009-04-11 08:28:20 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll MOD - [2009-04-11 08:28:19 | 000,297,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll MOD - [2009-04-11 08:28:18 | 000,450,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll MOD - [2009-04-11 08:28:18 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authz.dll MOD - [2009-04-11 08:28:17 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll MOD - [2009-04-11 08:28:17 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll MOD - [2009-04-11 08:27:49 | 001,202,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll MOD - [2009-04-11 08:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll MOD - [2008-01-18 23:37:14 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll MOD - [2008-01-18 23:37:10 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ws2_32.dll MOD - [2008-01-18 23:36:50 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll MOD - [2008-01-18 23:36:48 | 000,240,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll MOD - [2008-01-18 23:36:36 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll MOD - [2008-01-18 23:35:58 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll MOD - [2008-01-18 23:33:54 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll MOD - [2008-01-18 23:33:02 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx MOD - [2006-11-02 11:46:12 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2010-05-18 14:36:42 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd) SRV - [2010-05-03 19:01:00 | 003,658,096 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc) SRV - [2009-09-25 03:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2009-05-16 05:23:56 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2009-04-28 10:06:06 | 001,195,008 | ---- | M] (Agnitum Ltd.) [Auto | Running] -- C:\Program Files\Agnitum\Outpost Firewall\acs.exe -- (acssrv) SRV - [2008-01-18 23:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2005-08-02 23:18:49 | 000,086,016 | ---- | M] (CACE Technologies) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010-06-05 19:21:15 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2010-06-03 11:13:29 | 000,242,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (AvgTdiX) DRV - [2010-06-03 11:13:29 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (AvgMfx86) DRV - [2010-05-18 14:36:48 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (AvgLdx86) DRV - [2010-03-26 12:24:58 | 003,048,096 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2009-09-02 05:09:24 | 000,176,128 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2009-05-16 06:01:22 | 004,933,632 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2009-04-24 07:43:36 | 000,095,544 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV - [2009-04-06 11:37:12 | 000,704,384 | ---- | M] (Agnitum Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\SandBox.sys -- (SandBox) DRV - [2009-02-18 17:27:54 | 000,029,208 | ---- | M] (Agnitum Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\afw.sys -- (afw) DRV - [2009-02-10 16:12:48 | 000,307,224 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afwcore.sys -- (afwcore) DRV - [2006-11-02 11:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2006-11-02 11:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2006-11-02 11:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2006-11-02 11:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2006-11-02 11:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2006-11-02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2006-11-02 11:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2006-11-02 11:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2006-11-02 11:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2006-11-02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006-11-02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006-11-02 11:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2006-11-02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2006-11-02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006-11-02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006-11-02 11:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2006-11-02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2006-11-02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006-11-02 11:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2006-11-02 11:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2006-11-02 11:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2) DRV - [2006-11-02 11:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2006-11-02 11:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2006-11-02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006-11-02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006-11-02 11:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2006-11-02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006-11-02 11:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2006-11-02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006-11-02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006-11-02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006-11-02 11:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2006-11-02 11:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2006-11-02 11:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2006-11-02 11:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2006-11-02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006-11-02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006-11-02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006-11-02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006-11-02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006-11-02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006-11-02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006-11-02 09:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R) DRV - [2005-08-02 23:10:13 | 000,032,512 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\npf.sys -- (NPF) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2383811976-2136801530-783135697-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ IE - HKU\S-1-5-21-2383811976-2136801530-783135697-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2 IE - HKU\S-1-5-21-2383811976-2136801530-783135697-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198 FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.825 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - HKLM\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010-06-03 11:15:22 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-05-15 15:37:28 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-05-25 14:05:54 | 000,000,000 | ---D | M] [2010-05-15 15:37:32 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\mozilla\Extensions [2010-06-02 18:36:56 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\mozilla\Firefox\Profiles\cj88mru7.default\extensions [2010-06-02 18:36:41 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Michal\AppData\Roaming\mozilla\Firefox\Profiles\cj88mru7.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-05-22 10:47:55 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2010-05-17 18:37:19 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2010-05-22 10:47:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010-05-22 10:47:39 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2010-05-19 16:38:12 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll [2010-04-01 19:33:11 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-04-01 19:33:11 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-04-01 19:33:11 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-04-01 19:33:11 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-04-01 19:33:11 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-04-01 19:33:11 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2006-09-18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\ProgramData\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.) O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [EPSON Stylus DX3800 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe File not found O4 - HKLM..\Run: [OutpostFeedBack] C:\Program Files\Agnitum\Outpost Firewall\feedback.exe (Agnitum Ltd.) O4 - HKLM..\Run: [OutpostMonitor] C:\Program Files\Agnitum\Outpost Firewall\op_mon.exe (Agnitum Ltd.) O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-2383811976-2136801530-783135697-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-2383811976-2136801530-783135697-1000..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe File not found O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.172.224.160 89.228.7.226 O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (c:\progra~1\agnitum\outpos~1\wl_hook.dll) - c:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Agnitum Ltd.) O20 - AppInit_DLLs: (avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Michal\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg O24 - Desktop BackupWallPaper: C:\Users\Michal\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2007-11-29 10:19:56 | 000,000,052 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ] O32 - AutoRun File - [2004-02-26 16:13:53 | 000,372,736 | R--- | M] () - E:\AutoRun.exe -- [ CDFS ] O33 - MountPoints2\{0c730f3c-5f8b-11df-9f9d-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{0c730f3c-5f8b-11df-9f9d-806e6f6e6963}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2004-02-26 16:13:53 | 000,372,736 | R--- | M] () O33 - MountPoints2\{fca3d9ed-70c6-11df-b081-001d7d77753b}\Shell - "" = AutoRun O33 - MountPoints2\{fca3d9ed-70c6-11df-b081-001d7d77753b}\Shell\AutoRun\command - "" = J:\setup.exe -- File not found O33 - MountPoints2\{fca3d9ed-70c6-11df-b081-001d7d77753b}\Shell\dinstall\command - "" = J:\DirectX9\DXSETUP.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias [2010-05-15 10:53:43 | 000,000,000 | ---D | M] NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation) NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^diPhoto Home diUpdate.lnk - C:\PROGRA~1\River\DIPHOT~1\diupdate.exe - File not found MsConfig - State: "startup" - 2 SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vsmon - Service SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet: WudfPf - Driver SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2010-06-20 10:36:18 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2010-06-19 20:39:14 | 000,000,000 | ---D | C] -- C:\Users\Michal\Documents\Aspyr [2010-06-19 20:39:14 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Local\Aspyr [2010-06-18 19:15:02 | 000,000,000 | ---D | C] -- C:\Users\Michal\Documents\NFS SHIFT [2010-06-18 11:47:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx [2010-06-18 10:39:24 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks [2010-06-11 13:53:38 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro [2010-06-11 13:53:37 | 000,000,000 | ---D | C] -- C:\rsit [2010-06-09 16:22:53 | 000,000,000 | ---D | C] -- C:\Users\Michal\Documents\Eidos [2010-06-08 18:19:46 | 000,000,000 | ---D | C] -- C:\Users\Michal\Documents\GTA San Andreas User Files [2010-06-08 17:55:58 | 000,000,000 | ---D | C] -- C:\Users\Michal\Desktop\dodatek simsy [2010-06-08 15:12:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts [2010-06-08 15:12:45 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Arts [2010-06-08 07:33:01 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0 [2010-06-07 17:13:55 | 000,000,000 | ---D | C] -- C:\Users\Michal\Desktop\NaxedOt [2010-06-07 16:35:12 | 000,000,000 | R--D | C] -- C:\Users\Michal\Desktop\Alissow Ots 3.7 BETA [2010-06-06 17:59:02 | 000,000,000 | ---D | C] -- C:\Users\Michal\Documents\My Games [2010-06-06 17:59:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Age of Empires 3 [2010-06-06 17:53:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Games [2010-06-06 09:25:49 | 000,000,000 | ---D | C] -- C:\Users\Michal\Desktop\pustynia [2010-06-06 09:25:49 | 000,000,000 | ---D | C] -- C:\Users\Michal\Desktop\expy [2010-06-06 09:25:49 | 000,000,000 | ---D | C] -- C:\Users\Michal\Desktop\eee [2010-06-06 09:07:49 | 000,000,000 | ---D | C] -- C:\Users\Michal\Desktop\data [2010-06-06 09:06:15 | 000,000,000 | ---D | C] -- C:\Program Files\Remere's Map Editor [2010-06-05 19:32:34 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft WSE [2010-06-05 19:21:06 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite [2010-06-05 19:20:32 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\DAEMON Tools Lite [2010-06-05 19:20:31 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite [2010-06-05 15:54:47 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent [2010-06-05 15:53:58 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\uTorrent [2010-06-04 16:23:51 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\ipla [2010-06-04 16:23:51 | 000,000,000 | ---D | C] -- C:\ProgramData\ipla [2010-06-04 16:23:44 | 000,000,000 | ---D | C] -- C:\Program Files\ipla [2010-06-04 13:49:16 | 000,000,000 | ---D | C] -- C:\Users\Michal\Desktop\Suicideot by Wordan [2010-06-03 20:30:13 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\Remere's Map Editor [2010-06-03 12:06:35 | 000,000,000 | ---D | C] -- C:\Users\Michal\Desktop\baba [2010-06-01 17:18:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\YDP [2010-06-01 17:18:07 | 000,000,000 | ---D | C] -- C:\Program Files\Gimnazjum klasa 2 - Planeta Nowa [2010-05-31 13:53:12 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP [2010-05-30 18:53:38 | 000,000,000 | ---D | C] -- C:\Windows\pss [2010-05-30 12:48:35 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\Tibia [2010-05-30 12:48:11 | 000,000,000 | ---D | C] -- C:\Program Files\Asprate [2010-05-30 12:47:34 | 000,000,000 | -H-D | C] -- C:\$AVG [2010-05-30 09:03:54 | 000,000,000 | ---D | C] -- C:\Users\Michal\Desktop\do wywolania [2010-05-30 08:52:44 | 000,000,000 | ---D | C] -- C:\Program Files\River [2010-05-30 08:52:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Borland Shared [2010-05-30 08:52:35 | 000,000,000 | ---D | C] -- C:\Program Files\Firebird [2010-05-25 16:30:36 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\Ventrilo [2010-05-25 16:28:43 | 000,000,000 | ---D | C] -- C:\Program Files\Ventrilo [2010-05-25 16:27:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard [2010-05-25 14:05:54 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect [2010-05-25 14:05:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine [2010-05-25 14:05:47 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\Winamp [2010-05-25 14:05:47 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp [2010-05-24 12:43:08 | 000,000,000 | ---D | C] -- C:\Program Files\WC3Banlist [2010-05-22 12:33:10 | 000,704,384 | ---- | C] (Agnitum Ltd.) -- C:\Windows\System32\drivers\SandBox.sys [2010-05-22 12:28:58 | 000,307,224 | ---- | C] (Agnitum Ltd.) -- C:\Windows\System32\drivers\afwcore.sys [2010-05-22 12:26:11 | 000,029,208 | ---- | C] (Agnitum Ltd.) -- C:\Windows\System32\drivers\afw.sys [2010-05-22 12:25:49 | 000,000,000 | ---D | C] -- C:\Program Files\Agnitum [2010-05-22 12:25:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Agnitum [2010-05-22 12:24:34 | 000,000,000 | ---D | C] -- C:\Windows\Internet Logs [2010-05-22 11:44:58 | 000,679,936 | ---- | C] (Generated for JEDI. www.delphi-jedi.org) -- C:\Windows\System32\D3DX81ab.dll [2010-05-22 11:38:22 | 000,000,000 | ---D | C] -- C:\Program Files\WinPcap [2010-05-22 11:24:13 | 000,139,264 | ---- | C] (Blizzard Entertainment) -- C:\Windows\War3Unin.exe [2010-05-22 10:48:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2010-05-22 10:48:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2010-05-22 10:47:36 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2010-05-18 18:39:24 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Local\Adobe [2010-05-18 18:37:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2010-05-18 18:37:58 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2010-05-18 18:21:14 | 000,000,000 | ---D | C] -- C:\Program Files\EPSON [2010-05-18 18:17:13 | 000,000,000 | ---D | C] -- C:\ProgramData\EPSON [2010-05-18 14:36:57 | 000,012,464 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll [2010-05-18 14:36:55 | 000,242,896 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys [2010-05-18 14:36:48 | 000,216,200 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys [2010-05-18 14:36:46 | 000,029,584 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys [2010-05-18 14:36:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\Avg [2010-05-18 14:36:41 | 000,000,000 | ---D | C] -- C:\ProgramData\avg9 [2010-05-18 14:36:41 | 000,000,000 | ---D | C] -- C:\Program Files\AVG [2010-05-17 18:38:15 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\skypePM [2010-05-17 18:37:50 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\Skype [2010-05-17 18:36:53 | 000,000,000 | R--D | C] -- C:\Program Files\Skype [2010-05-17 18:36:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2010-05-17 18:36:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2010-05-17 13:47:35 | 000,000,000 | ---D | C] -- C:\Users\Michal\Documents\ForceField Shared Files [2010-05-17 13:47:35 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\CheckPoint [2010-05-17 13:47:22 | 000,000,000 | ---D | C] -- C:\Program Files\CheckPoint [2010-05-17 13:46:34 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint [2010-05-16 17:21:16 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works [2010-05-16 17:20:56 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio [2010-05-16 17:20:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2010-05-16 17:20:25 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2010-05-16 17:20:25 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [2010-05-16 17:19:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8 [2010-05-16 17:18:26 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Local\Microsoft Help [2010-05-16 17:18:16 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2010-05-16 17:18:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help [2010-05-16 17:17:40 | 000,000,000 | RH-D | C] -- C:\MSOCache [2010-05-16 10:51:54 | 000,000,000 | -H-D | C] -- C:\Users\Michal\Documents\Runes of Magic [2010-05-16 09:55:33 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\LolClient [2010-05-15 16:20:48 | 000,000,000 | ---D | C] -- C:\Users\Michal\Documents\Dragonica [2010-05-15 15:41:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2010-05-15 15:40:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR [2010-05-15 15:37:28 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\Mozilla [2010-05-15 15:37:28 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Local\Mozilla [2010-05-15 15:37:23 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2010-05-15 14:44:29 | 003,658,096 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\GameMon.des [2010-05-15 14:43:26 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\npptNT2.sys [2010-05-15 14:42:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared [2010-05-15 14:36:37 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\WinRAR [2010-05-15 14:36:07 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR [2010-05-15 14:25:27 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices [2010-05-15 14:09:25 | 000,000,000 | ---D | C] -- C:\Users\Michal\Documents\Armies of Exigo [2010-05-15 12:32:47 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\Ashampoo [2010-05-15 12:30:05 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Local\ashampoo [2010-05-15 12:30:05 | 000,000,000 | ---D | C] -- C:\ProgramData\ashampoo [2010-05-15 12:19:48 | 000,000,000 | ---D | C] -- C:\Windows\System32\eu-ES [2010-05-15 12:19:48 | 000,000,000 | ---D | C] -- C:\Windows\System32\ca-ES [2010-05-15 12:19:47 | 000,000,000 | ---D | C] -- C:\Windows\System32\vi-VN [2010-05-15 12:10:45 | 000,000,000 | ---D | C] -- C:\Program Files\Neffy [2010-05-15 12:09:10 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders [2010-05-15 10:52:16 | 000,000,000 | ---D | C] -- C:\PerfLogs [2010-05-15 10:29:55 | 000,000,000 | ---D | C] -- C:\Users\Michal\.gstreamer-0.10 [2010-05-15 10:29:31 | 000,000,000 | ---D | C] -- C:\ProgramData\OpenFM [2010-05-15 10:29:26 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\OpenFM [2010-05-14 22:36:32 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\Adobe [2010-05-14 22:36:29 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Local\cache [2010-05-14 22:36:28 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\Macromedia [2010-05-14 22:35:40 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\Gadu-Gadu 10 [2010-05-14 22:00:08 | 000,000,000 | -HSD | C] -- C:\Boot [2010-05-14 21:59:54 | 000,000,000 | ---D | C] -- C:\Windows\Panther [2010-05-14 21:59:54 | 000,000,000 | ---D | C] -- C:\OEM [2010-05-14 21:59:54 | 000,000,000 | ---D | C] -- C:\Windows\System32\KTINFO [2010-05-14 21:59:54 | 000,000,000 | ---D | C] -- C:\Windows\Applications [2010-05-14 21:57:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Gadu-Gadu 10 [2010-05-14 21:56:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed [2010-05-14 21:39:08 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Local\Microsoft Games [2010-05-14 21:38:15 | 000,000,000 | ---D | C] -- C:\Users\Michal\Documents\Downloads [2010-05-14 21:33:32 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Local\Google [2010-05-14 21:33:18 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Local\Apps [2010-05-14 21:33:17 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Local\Deployment [2010-05-14 21:26:39 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\ATI [2010-05-14 21:26:39 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Local\ATI [2010-05-14 21:26:39 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2010-05-14 21:22:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies [2010-05-14 21:21:13 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2010-05-14 21:21:08 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies [2010-05-14 21:21:07 | 000,000,000 | ---D | C] -- C:\Program Files\ATI [2010-05-14 21:19:22 | 000,176,128 | ---- | C] (Realtek ) -- C:\Windows\System32\drivers\Rtlh86.sys [2010-05-14 21:19:22 | 000,094,208 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\System32\RTNUninst32.dll [2010-05-14 21:16:37 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM [2010-05-14 21:16:14 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll [2010-05-14 21:16:14 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll [2010-05-14 21:16:14 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll [2010-05-14 21:16:14 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll [2010-05-14 21:16:14 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll [2010-05-14 21:16:13 | 000,357,576 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll [2010-05-14 21:16:13 | 000,293,584 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll [2010-05-14 21:16:13 | 000,168,648 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll [2010-05-14 21:16:13 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll [2010-05-14 21:16:13 | 000,062,664 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll [2010-05-14 21:16:12 | 001,938,704 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll [2010-05-14 21:16:12 | 000,427,792 | ---- | C] (DTS) -- C:\Windows\System32\DTSSymmetryDLL.dll [2010-05-14 21:16:12 | 000,405,776 | ---- | C] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll [2010-05-14 21:16:12 | 000,311,568 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll [2010-05-14 21:16:12 | 000,307,616 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll [2010-05-14 21:16:12 | 000,293,584 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll [2010-05-14 21:16:12 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll [2010-05-14 21:16:11 | 001,131,280 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll [2010-05-14 21:16:11 | 000,961,296 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll [2010-05-14 21:16:11 | 000,900,368 | ---- | C] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll [2010-05-14 21:16:11 | 000,448,272 | ---- | C] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll [2010-05-14 21:16:11 | 000,290,064 | ---- | C] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll [2010-05-14 21:16:11 | 000,235,280 | ---- | C] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll [2010-05-14 21:16:11 | 000,223,504 | ---- | C] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll [2010-05-14 21:16:11 | 000,103,696 | ---- | C] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll [2010-05-14 21:16:11 | 000,103,696 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll [2010-05-14 21:16:11 | 000,102,160 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPONS.dll [2010-05-14 21:16:11 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information [2010-05-14 21:16:11 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2010-05-14 21:16:07 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp [2010-05-14 21:16:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield [2010-05-14 21:12:24 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\System32\CSVer.dll [2010-05-14 21:12:24 | 000,000,000 | ---D | C] -- C:\Program Files\Intel [2010-05-14 21:12:18 | 000,000,000 | ---D | C] -- C:\Intel [2010-05-14 21:11:06 | 000,000,000 | R--D | C] -- C:\Users\Michal\Searches [2010-05-14 21:10:58 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\Identities [2010-05-14 21:10:57 | 000,000,000 | R--D | C] -- C:\Users\Michal\Contacts [2010-05-14 21:10:57 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Local\VirtualStore [2010-05-14 21:10:54 | 000,000,000 | -HSD | C] -- C:\Users\Michal\Ustawienia lokalne [2010-05-14 21:10:54 | 000,000,000 | -HSD | C] -- C:\Users\Michal\AppData\Local\Temporary Internet Files [2010-05-14 21:10:54 | 000,000,000 | -HSD | C] -- C:\Users\Michal\Szablony [2010-05-14 21:10:54 | 000,000,000 | -HSD | C] -- C:\Users\Michal\SendTo [2010-05-14 21:10:54 | 000,000,000 | -HSD | C] -- C:\Users\Michal\Recent [2010-05-14 21:10:54 | 000,000,000 | -HSD | C] -- C:\Users\Michal\PrintHood [2010-05-14 21:10:54 | 000,000,000 | -HSD | C] -- C:\Users\Michal\NetHood [2010-05-14 21:10:54 | 000,000,000 | -HSD | C] -- C:\Users\Michal\Documents\Moje wideo [2010-05-14 21:10:54 | 000,000,000 | -HSD | C] -- C:\Users\Michal\Documents\Moje obrazy [2010-05-14 21:10:54 | 000,000,000 | -HSD | C] -- C:\Users\Michal\Moje dokumenty [2010-05-14 21:10:54 | 000,000,000 | -HSD | C] -- C:\Users\Michal\Documents\Moja muzyka [2010-05-14 21:10:54 | 000,000,000 | -HSD | C] -- C:\Users\Michal\Menu Start [2010-05-14 21:10:54 | 000,000,000 | -HSD | C] -- C:\Users\Michal\AppData\Local\Historia [2010-05-14 21:10:54 | 000,000,000 | -HSD | C] -- C:\Users\Michal\Dane aplikacji [2010-05-14 21:10:54 | 000,000,000 | -HSD | C] -- C:\Users\Michal\AppData\Local\Dane aplikacji [2010-05-14 21:10:54 | 000,000,000 | -HSD | C] -- C:\Users\Michal\Cookies [2010-05-14 21:10:53 | 000,000,000 | --SD | C] -- C:\Users\Michal\AppData\Roaming\Microsoft [2010-05-14 21:10:53 | 000,000,000 | R--D | C] -- C:\Users\Michal\Videos [2010-05-14 21:10:53 | 000,000,000 | R--D | C] -- C:\Users\Michal\Saved Games [2010-05-14 21:10:53 | 000,000,000 | R--D | C] -- C:\Users\Michal\Pictures [2010-05-14 21:10:53 | 000,000,000 | R--D | C] -- C:\Users\Michal\Music [2010-05-14 21:10:53 | 000,000,000 | R--D | C] -- C:\Users\Michal\Links [2010-05-14 21:10:53 | 000,000,000 | R--D | C] -- C:\Users\Michal\Favorites [2010-05-14 21:10:53 | 000,000,000 | R--D | C] -- C:\Users\Michal\Downloads [2010-05-14 21:10:53 | 000,000,000 | R--D | C] -- C:\Users\Michal\Documents [2010-05-14 21:10:53 | 000,000,000 | R--D | C] -- C:\Users\Michal\Desktop [2010-05-14 21:10:53 | 000,000,000 | -H-D | C] -- C:\Users\Michal\AppData [2010-05-14 21:10:53 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Local\Temp [2010-05-14 21:10:53 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Local\Microsoft [2010-05-14 21:10:53 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\Media Center Programs [2010-05-14 21:09:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Ulubione [2010-05-14 21:09:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Szablony [2010-05-14 21:09:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Pulpit [2010-05-14 21:09:24 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje wideo [2010-05-14 21:09:24 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje obrazy [2010-05-14 21:09:24 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moja muzyka [2010-05-14 21:09:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Start [2010-05-14 21:09:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty [2010-05-14 21:09:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dane aplikacji [2010-05-14 21:03:33 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2010-05-14 21:02:28 | 000,000,000 | ---D | C] -- C:\Windows\System32\catroot2 [2010-05-14 21:02:19 | 000,000,000 | ---D | C] -- C:\Windows\Debug [2010-05-14 21:01:17 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2010-05-14 21:01:09 | 000,000,000 | -HSD | C] -- C:\System Volume Information [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2010-06-20 10:42:15 | 001,310,720 | -HS- | M] () -- C:\Users\Michal\NTUSER.DAT [2010-06-20 10:38:04 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2383811976-2136801530-783135697-1000UA.job [2010-06-20 10:27:00 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempIV3336.html [2010-06-20 10:27:00 | 000,002,089 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempff3336.html [2010-06-20 10:20:48 | 000,004,048 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010-06-20 10:20:48 | 000,004,048 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010-06-20 10:20:47 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010-06-20 10:20:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010-06-20 10:20:40 | 2145,902,592 | -HS- | M] () -- C:\hiberfil.sys [2010-06-20 10:19:36 | 000,524,288 | -HS- | M] () -- C:\Users\Michal\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms [2010-06-20 10:19:36 | 000,065,536 | -HS- | M] () -- C:\Users\Michal\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf [2010-06-20 10:19:32 | 002,783,271 | -H-- | M] () -- C:\Users\Michal\AppData\Local\IconCache.db [2010-06-20 10:19:18 | 061,256,026 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm [2010-06-19 23:57:01 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempsJ3868.html [2010-06-19 21:38:00 | 000,001,010 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2383811976-2136801530-783135697-1000Core.job [2010-06-19 20:38:10 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempZu4456.html [2010-06-19 16:05:03 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempbh2680.html [2010-06-19 15:49:16 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempXM2948.html [2010-06-19 14:46:41 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TemptZ4976.html [2010-06-19 14:16:41 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempCW1204.html [2010-06-19 14:02:19 | 000,217,297 | ---- | M] () -- C:\Users\Michal\Desktop\eee.rar [2010-06-19 08:54:46 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempxR1240.html [2010-06-18 20:11:30 | 000,000,527 | ---- | M] () -- C:\Users\Public\Desktop\GTA San Andreas.lnk [2010-06-18 19:09:53 | 000,000,553 | ---- | M] () -- C:\Users\Michal\Desktop\Play Need for Speed - Shift.lnk [2010-06-18 17:19:54 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempGs3768.html [2010-06-18 15:22:42 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempLP2404.html [2010-06-18 14:32:40 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempyc3420.html [2010-06-18 11:47:46 | 000,000,650 | ---- | M] () -- C:\Users\Public\Desktop\League of Legends EU.lnk [2010-06-18 10:50:55 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempEW4420.html [2010-06-18 10:38:53 | 002,185,360 | ---- | M] () -- C:\Users\Michal\Desktop\LeagueofLegendsEUDownloader.exe [2010-06-17 20:39:46 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempcA3816.html [2010-06-17 15:49:27 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempRAY880.html [2010-06-17 13:28:38 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempbt2916.html [2010-06-17 08:51:56 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempdi2332.html [2010-06-16 21:06:55 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TemptM5720.html [2010-06-16 16:39:58 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempTh4408.html [2010-06-16 13:01:45 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempAA3808.html [2010-06-16 10:41:14 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempAG1508.html [2010-06-16 09:39:11 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempNB3916.html [2010-06-16 08:33:05 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TemplN3876.html [2010-06-15 21:20:46 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempqX3484.html [2010-06-15 20:53:36 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Temphz4996.html [2010-06-15 18:34:15 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempbT5936.html [2010-06-15 16:27:33 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempJP3348.html [2010-06-15 14:41:33 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempeo4408.html [2010-06-15 13:50:41 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempaU4784.html [2010-06-14 19:23:15 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempmJ1540.html [2010-06-14 19:10:39 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempez2900.html [2010-06-14 14:26:25 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempQn3448.html [2010-06-13 15:53:05 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempXU5876.html [2010-06-13 12:11:00 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempgZd660.html [2010-06-13 10:54:07 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempgC3392.html [2010-06-13 10:10:55 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempIK3756.html [2010-06-13 09:49:13 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempPw3884.html [2010-06-12 22:01:22 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempQc5324.html [2010-06-12 19:33:14 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempWn3376.html [2010-06-12 16:52:36 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempjh5784.html [2010-06-12 13:07:17 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempTO4204.html [2010-06-12 10:47:12 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Temppl2908.html [2010-06-12 09:26:42 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempHV2184.html [2010-06-12 09:26:42 | 000,002,089 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempaV2184.html [2010-06-11 22:00:59 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempAV2224.html [2010-06-11 20:56:22 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempKt5052.html [2010-06-11 18:50:10 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempdJ3408.html [2010-06-11 16:09:16 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempxLj156.html [2010-06-11 14:20:54 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TemptQ1276.html [2010-06-10 17:05:29 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempVt3688.html [2010-06-10 15:38:37 | 000,002,047 | ---- | M] () -- C:\Users\Michal\Desktop\Google Chrome.lnk [2010-06-10 12:24:21 | 000,060,691 | ---- | M] () -- C:\Users\Michal\Desktop\Domek~!.otbm [2010-06-10 12:24:21 | 000,000,764 | ---- | M] () -- C:\Users\Michal\Desktop\ffaasd-spawn.xml [2010-06-10 12:24:21 | 000,000,049 | ---- | M] () -- C:\Users\Michal\Desktop\ffaasd-house.xml [2010-06-10 09:39:40 | 000,385,416 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010-06-10 09:11:30 | 000,102,248 | ---- | M] () -- C:\Users\Michal\AppData\Local\GDIPFONTCACHEV1.DAT [2010-06-09 20:02:41 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempzJ5156.html [2010-06-09 16:53:09 | 000,000,000 | ---- | M] () -- C:\Users\Michal\Desktop\Nowy Dokument programu Microsoft Office Word (2).docx [2010-06-09 16:20:03 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempvFk124.html [2010-06-08 18:01:09 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TemphL3204.html [2010-06-08 17:36:06 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempzIA728.html [2010-06-08 15:14:04 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempnI2264.html [2010-06-08 14:23:33 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempQg3580.html [2010-06-07 20:03:46 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempnV2580.html [2010-06-07 18:21:35 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempXq2904.html [2010-06-07 18:04:35 | 000,068,061 | ---- | M] () -- C:\Users\Michal\Desktop\Desktop.rar [2010-06-07 18:00:58 | 004,812,800 | ---- | M] () -- C:\Users\Michal\Documents\emeroncity.otbm [2010-06-07 17:16:05 | 000,106,153 | ---- | M] () -- C:\Users\Michal\Documents\tabelka.gif [2010-06-07 16:39:30 | 000,000,495 | ---- | M] () -- C:\Users\Public\Desktop\Tibia.lnk [2010-06-07 16:30:23 | 000,240,743 | ---- | M] () -- C:\Users\Michal\Desktop\expy.rar [2010-06-07 15:55:40 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempsm2560.html [2010-06-07 15:22:53 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempMN2328.html [2010-06-07 14:01:25 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TemprS2472.html [2010-06-07 13:32:53 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempPKH992.html [2010-06-06 17:49:05 | 001,468,980 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2010-06-06 17:49:05 | 000,661,818 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2010-06-06 17:49:05 | 000,586,980 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010-06-06 17:49:05 | 000,126,702 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2010-06-06 17:49:05 | 000,101,052 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010-06-06 10:46:39 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TemplV3724.html [2010-06-06 09:06:15 | 000,001,908 | ---- | M] () -- C:\Users\Public\Desktop\Remere's Map Editor.lnk [2010-06-05 21:26:55 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempva1388.html [2010-06-05 19:24:23 | 000,001,356 | ---- | M] () -- C:\Users\Michal\AppData\Local\d3d9caps.dat [2010-06-05 19:21:42 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempC11652.html [2010-06-05 19:21:17 | 000,001,735 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk [2010-06-05 19:21:15 | 000,691,696 | ---- | M] () -- C:\Windows\System32\drivers\sptd.sys [2010-06-05 19:13:53 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Temprf3756.html [2010-06-05 17:22:43 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempMR6780.html [2010-06-05 16:56:01 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempTn4664.html [2010-06-05 16:45:43 | 023,101,099 | ---- | M] () -- C:\Users\Michal\Desktop\Realmap854.rar [2010-06-05 15:54:49 | 000,000,752 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk [2010-06-05 13:14:38 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempfH5656.html [2010-06-05 11:13:17 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TemppT2660.html [2010-06-05 08:34:17 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempoO3080.html [2010-06-04 20:42:21 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempia6808.html [2010-06-04 19:03:49 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempXR6332.html [2010-06-04 17:17:41 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempdD4356.html [2010-06-04 16:23:48 | 000,000,748 | ---- | M] () -- C:\Users\Public\Desktop\ipla.lnk [2010-06-04 15:20:55 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempXO3652.html [2010-06-04 11:10:08 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempqmF876.html [2010-06-04 10:13:51 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempDn4600.html [2010-06-04 10:12:01 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempDm4056.html [2010-06-04 10:09:49 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempjbz468.html [2010-06-03 21:07:28 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempqh4220.html [2010-06-03 20:54:35 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Temphh3824.html [2010-06-03 17:46:08 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempWZ3032.html [2010-06-03 16:37:27 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempvLz460.html [2010-06-03 12:23:19 | 000,004,608 | ---- | M] () -- C:\Users\Michal\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-06-03 12:00:29 | 000,083,067 | ---- | M] () -- C:\Users\Michal\Desktop\taskmanager.jpg [2010-06-03 11:13:29 | 000,242,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys [2010-06-03 11:13:29 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys [2010-06-02 22:43:47 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempEq2980.html [2010-06-02 20:16:41 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempXm4076.html [2010-06-02 19:32:08 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempFU6108.html [2010-06-02 19:08:35 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempyh4256.html [2010-06-02 18:38:44 | 000,001,944 | ---- | M] () -- C:\Users\Michal\Desktop\HiJackThis.lnk [2010-06-02 18:30:59 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempSH2904.html [2010-06-02 18:30:59 | 000,002,089 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempiX2904.html [2010-06-02 17:00:58 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TemptL1904.html [2010-06-02 16:39:05 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempcv3916.html [2010-06-01 22:23:28 | 000,011,827 | ---- | M] () -- C:\Users\Michal\Desktop\Nowy Dokument programu Microsoft Office Word.docx [2010-06-01 21:59:53 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempVD1416.html [2010-06-01 20:12:01 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempXR2844.html [2010-06-01 17:18:08 | 000,001,433 | ---- | M] () -- C:\Users\Public\Desktop\Gimnazjum klasa 2 - Planeta Nowa.lnk [2010-06-01 16:06:55 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TemplS3676.html [2010-05-31 17:58:04 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempFA5888.html [2010-05-31 15:48:30 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempQv2464.html [2010-05-30 12:56:11 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempbA3888.html [2010-05-30 12:56:11 | 000,002,089 | ---- | M] () -- C:\Users\Michal\AppData\Local\TemprP3888.html [2010-05-30 12:48:12 | 000,001,978 | ---- | M] () -- C:\Users\Public\Desktop\Tibia MULTI-IP Changer.lnk [2010-05-30 11:44:15 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TemptD1548.html [2010-05-30 10:21:39 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempjH1360.html [2010-05-30 09:57:32 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempcN3788.html [2010-05-29 21:34:45 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempzS5464.html [2010-05-29 21:34:45 | 000,002,089 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempsb5464.html [2010-05-29 20:22:50 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempzA2376.html [2010-05-29 19:02:08 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempiC3056.html [2010-05-28 18:23:54 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempvb3168.html [2010-05-28 15:52:26 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempPt6080.html [2010-05-28 14:21:18 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempzI5340.html [2010-05-28 12:31:53 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempto5112.html [2010-05-28 12:01:44 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Temppa2988.html [2010-05-28 10:32:17 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempDk1964.html [2010-05-28 09:52:36 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempExB236.html [2010-05-28 09:25:41 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempEb3320.html [2010-05-27 17:24:41 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempGU5588.html [2010-05-27 16:14:04 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempsu2500.html [2010-05-26 21:19:11 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempNn5712.html [2010-05-26 19:27:52 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempbM1352.html [2010-05-26 14:37:49 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempgb1092.html [2010-05-25 21:36:17 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempdT4156.html [2010-05-25 17:55:25 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempyi5456.html [2010-05-25 16:34:46 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempoQ3068.html [2010-05-25 16:28:46 | 000,000,262 | ---- | M] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini [2010-05-25 16:28:45 | 000,000,752 | ---- | M] () -- C:\Users\Public\Desktop\Ventrilo.lnk [2010-05-25 14:39:16 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempwc3496.html [2010-05-25 14:06:43 | 000,000,776 | ---- | M] () -- C:\Users\Public\Desktop\Winamp.lnk [2010-05-24 19:47:24 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempVF2784.html [2010-05-24 12:43:11 | 000,001,736 | ---- | M] () -- C:\Users\Michal\Desktop\WC3Banlist.lnk [2010-05-24 11:53:43 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempYh4564.html [2010-05-24 11:51:26 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempxA4808.html [2010-05-24 11:48:16 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempAp2740.html [2010-05-24 11:01:18 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempuF3416.html [2010-05-24 10:54:55 | 000,011,550 | ---- | M] () -- C:\Users\Michal\Desktop\Odyseusz.docx [2010-05-24 09:44:58 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempVv2612.html [2010-05-23 18:28:29 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempWa1232.html [2010-05-23 11:28:14 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempvz1368.html [2010-05-22 12:41:35 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempet3036.html [2010-05-22 12:34:37 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempej3456.html [2010-05-22 12:34:37 | 000,002,089 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempbc3456.html [2010-05-22 12:22:38 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempGR1260.html [2010-05-22 12:22:38 | 000,002,089 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempeO1260.html [2010-05-22 12:06:41 | 000,191,882 | ---- | M] () -- C:\Users\Michal\Desktop\Super Sayajin Shaco .rar [2010-05-22 11:38:47 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempto5788.html [2010-05-22 11:38:47 | 000,002,089 | ---- | M] () -- C:\Users\Michal\AppData\Local\TemprX5788.html [2010-05-22 11:29:25 | 000,042,732 | ---- | M] () -- C:\Windows\War3Unin.dat [2010-05-22 11:29:25 | 000,000,599 | ---- | M] () -- C:\Users\Michal\Desktop\Frozen Throne.lnk [2010-05-22 11:29:07 | 000,139,264 | ---- | M] (Blizzard Entertainment) -- C:\Windows\War3Unin.exe [2010-05-22 11:29:07 | 000,002,829 | ---- | M] () -- C:\Windows\War3Unin.pif [2010-05-22 11:24:33 | 000,000,594 | ---- | M] () -- C:\Users\Michal\Desktop\Warcraft III.lnk [2010-05-21 19:12:21 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempbh4352.html [2010-05-21 16:45:27 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempOO2052.html [2010-05-20 18:02:40 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempqF4744.html [2010-05-20 18:02:06 | 000,000,566 | ---- | M] () -- C:\Users\Public\Desktop\Gimnazjum klasa 2 - Puls życia.lnk [2010-05-20 15:03:21 | 000,233,927 | ---- | M] () -- C:\Users\Michal\Desktop\Super Sayajin Shaco .jpg [2010-05-19 17:14:35 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempOW2672.html [2010-05-19 16:41:12 | 000,843,776 | ---- | M] () -- C:\Users\Michal\Documents\uczniowie.accdb [2010-05-19 16:40:16 | 000,441,367 | ---- | M] () -- C:\Users\Michal\Documents\Students.accdt [2010-05-19 15:19:26 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempmg5676.html [2010-05-18 18:42:35 | 000,001,887 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2010-05-18 17:55:06 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempXS5136.html [2010-05-18 15:12:14 | 733,962,240 | ---- | M] () -- C:\Users\Michal\Desktop\Adrenalina Lektor PL.avi [2010-05-18 15:05:58 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Temphfm656.html [2010-05-18 14:36:57 | 000,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll [2010-05-18 14:36:57 | 000,001,647 | ---- | M] () -- C:\Users\Public\Desktop\AVG Free 9.0.lnk [2010-05-18 14:36:48 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys [2010-05-18 14:36:46 | 000,113,461 | ---- | M] () -- C:\Windows\System32\drivers\Avg\iavichjw.avm [2010-05-17 18:38:17 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat [2010-05-17 18:36:54 | 000,001,880 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2010-05-17 16:22:30 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempmn3084.html [2010-05-17 14:56:21 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempuF3664.html [2010-05-17 12:58:25 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempZr3928.html [2010-05-16 18:28:35 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempnT2116.html [2010-05-16 18:25:11 | 000,000,219 | ---- | M] () -- C:\Windows\win.ini [2010-05-16 18:23:18 | 000,010,701 | ---- | M] () -- C:\Users\Michal\Desktop\Mary discovered that her uncle was a leader of a band of thieves who lured ships onto the rocks.docx [2010-05-16 10:00:36 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempcq3460.html [2010-05-15 16:03:31 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempVjq472.html [2010-05-15 15:57:56 | 000,814,915 | ---- | M] () -- C:\Users\Michal\Documents\shot(05-15-10)12;39;10.jpg [2010-05-15 15:57:45 | 000,825,255 | ---- | M] () -- C:\Users\Michal\Documents\shot(05-15-10)12;25;05.jpg [2010-05-15 15:57:17 | 000,560,986 | ---- | M] () -- C:\Users\Michal\Documents\shot(05-15-10)12;46;06.jpg [2010-05-15 15:41:17 | 000,000,367 | ---- | M] () -- C:\Users\Public\Desktop\Play League of Legends.lnk [2010-05-15 15:37:29 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat [2010-05-15 15:37:25 | 000,001,724 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2010-05-15 15:03:30 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempgB2492.html [2010-05-15 14:41:59 | 000,000,528 | ---- | M] () -- C:\Users\Michal\Desktop\Start CABAL.lnk [2010-05-15 14:24:13 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf [2010-05-15 14:23:30 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempbG3464.html [2010-05-15 14:23:30 | 000,002,089 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempPR3464.html [2010-05-15 14:08:37 | 000,000,518 | ---- | M] () -- C:\Users\Michal\Desktop\Armies of Exigo.lnk [2010-05-15 12:30:04 | 000,000,559 | ---- | M] () -- C:\Users\Public\Desktop\Ashampoo Burning Studio 2010.lnk [2010-05-15 12:19:06 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf [2010-05-15 12:17:03 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempVR3748.html [2010-05-15 12:17:03 | 000,002,089 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempIv3748.html [2010-05-15 11:37:02 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempnP2484.html [2010-05-15 11:37:02 | 000,002,089 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempVj2484.html [2010-05-15 11:19:02 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempeM3668.html [2010-05-15 11:19:02 | 000,002,089 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempMS3668.html [2010-05-15 10:59:48 | 000,000,749 | RH-- | M] () -- C:\Windows\WindowsShell.Manifest [2010-05-15 10:41:59 | 000,101,888 | ---- | M] (Infineon Technologies AG) -- C:\Windows\System32\ifxcardm.dll [2010-05-15 10:41:57 | 000,082,432 | ---- | M] (Gemalto, Inc.) -- C:\Windows\System32\axaltocm.dll [2010-05-15 10:36:33 | 000,196,608 | ---- | M] () -- C:\Windows\SPInstall.etl [2010-05-15 10:32:25 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempzC1400.html [2010-05-15 10:06:13 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\TempjG3996.html [2010-05-15 00:08:35 | 000,001,820 | ---- | M] () -- C:\Windows\System32\rasctrnm.h [2010-05-15 00:02:36 | 000,232,011 | ---- | M] () -- C:\Users\Michal\Desktop\fail.jpg [2010-05-15 00:00:27 | 002,501,921 | ---- | M] () -- C:\Windows\System32\wlan.tmf [2010-05-15 00:00:24 | 000,015,181 | ---- | M] () -- C:\Windows\System32\gatherWirelessInfo.vbs [2010-05-14 23:46:04 | 000,002,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Tempgz3336.html [2010-05-14 22:49:19 | 027,066,368 | ---- | M] () -- C:\Windows\ocsetup_install_NetFx3.etl [2010-05-14 22:49:19 | 000,196,608 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_NetFx3.perf [2010-05-14 22:49:19 | 000,065,536 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_NetFx3.dpx [2010-05-14 22:00:09 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK [2010-05-14 21:57:31 | 000,000,555 | ---- | M] () -- C:\Users\Public\Desktop\OpenFM.lnk [2010-05-14 21:57:31 | 000,000,536 | ---- | M] () -- C:\Users\Public\Desktop\Gadu-Gadu 10.lnk [2010-05-14 21:26:16 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin [2010-05-14 21:13:48 | 000,524,288 | -HS- | M] () -- C:\Users\Michal\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms [2010-05-14 21:10:54 | 000,000,020 | -HS- | M] () -- C:\Users\Michal\ntuser.ini [2010-05-14 21:06:35 | 000,065,369 | ---- | M] () -- C:\Windows\System32\license.rtf [2010-05-14 21:04:05 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\UMDF\Msft_User_WpdFs_01_00_00.Wdf [2010-05-09 16:04:30 | 001,856,512 | ---- | M] () -- C:\Users\Michal\Desktop\ElfCrack.exe [2010-05-03 19:01:00 | 003,658,096 | ---- | M] (INCA Internet Co., Ltd.) -- C:\Windows\System32\GameMon.des [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-06-20 10:27:00 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempIV3336.html [2010-06-20 10:27:00 | 000,002,089 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempff3336.html [2010-06-19 23:40:31 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempsJ3868.html [2010-06-19 20:21:46 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempZu4456.html [2010-06-19 15:55:26 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempbh2680.html [2010-06-19 15:48:38 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempXM2948.html [2010-06-19 14:27:26 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TemptZ4976.html [2010-06-19 14:02:18 | 000,217,297 | ---- | C] () -- C:\Users\Michal\Desktop\eee.rar [2010-06-19 13:56:20 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempCW1204.html [2010-06-19 08:46:45 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempxR1240.html [2010-06-18 20:11:30 | 000,000,527 | ---- | C] () -- C:\Users\Public\Desktop\GTA San Andreas.lnk [2010-06-18 19:09:53 | 000,000,553 | ---- | C] () -- C:\Users\Michal\Desktop\Play Need for Speed - Shift.lnk [2010-06-18 17:14:22 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempGs3768.html [2010-06-18 15:13:13 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempLP2404.html [2010-06-18 14:06:25 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempyc3420.html [2010-06-18 11:47:46 | 000,000,650 | ---- | C] () -- C:\Users\Public\Desktop\League of Legends EU.lnk [2010-06-18 11:01:20 | 000,604,676 | ---- | C] () -- C:\Users\Michal\Desktop\SASpeedo.exe [2010-06-18 10:49:12 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempEW4420.html [2010-06-18 10:38:44 | 002,185,360 | ---- | C] () -- C:\Users\Michal\Desktop\LeagueofLegendsEUDownloader.exe [2010-06-17 20:31:36 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempcA3816.html [2010-06-17 15:44:04 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempRAY880.html [2010-06-17 10:34:19 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempbt2916.html [2010-06-17 07:27:26 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempdi2332.html [2010-06-16 20:56:50 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TemptM5720.html [2010-06-16 16:38:21 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempTh4408.html [2010-06-16 11:40:50 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempAA3808.html [2010-06-16 10:11:04 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempAG1508.html [2010-06-16 08:42:11 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempNB3916.html [2010-06-16 08:00:40 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TemplN3876.html [2010-06-15 21:06:19 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempqX3484.html [2010-06-15 20:07:33 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Temphz4996.html [2010-06-15 18:02:22 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempbT5936.html [2010-06-15 14:42:23 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempJP3348.html [2010-06-15 14:17:01 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempeo4408.html [2010-06-15 13:46:54 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempaU4784.html [2010-06-14 19:13:44 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempmJ1540.html [2010-06-14 19:09:40 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempez2900.html [2010-06-14 12:48:46 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempQn3448.html [2010-06-13 15:43:37 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempXU5876.html [2010-06-13 11:32:22 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempgZd660.html [2010-06-13 10:48:08 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempgC3392.html [2010-06-13 09:57:22 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempIK3756.html [2010-06-13 09:27:51 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempPw3884.html [2010-06-12 19:59:52 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempQc5324.html [2010-06-12 19:33:03 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempWn3376.html [2010-06-12 15:19:24 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempjh5784.html [2010-06-12 12:42:09 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempTO4204.html [2010-06-12 09:32:52 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Temppl2908.html [2010-06-12 09:16:17 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempHV2184.html [2010-06-12 09:16:17 | 000,002,089 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempaV2184.html [2010-06-11 21:34:36 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempAV2224.html [2010-06-11 20:31:32 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempKt5052.html [2010-06-11 18:00:09 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempdJ3408.html [2010-06-11 14:47:46 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempxLj156.html [2010-06-11 14:10:26 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TemptQ1276.html [2010-06-10 15:43:59 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempVt3688.html [2010-06-09 19:25:41 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempzJ5156.html [2010-06-09 16:53:09 | 000,000,000 | ---- | C] () -- C:\Users\Michal\Desktop\Nowy Dokument programu Microsoft Office Word (2).docx [2010-06-09 14:47:14 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempvFk124.html [2010-06-08 17:52:38 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TemphL3204.html [2010-06-08 17:13:37 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempzIA728.html [2010-06-08 17:09:40 | 340,467,712 | ---- | C] () -- C:\Users\Michal\Desktop\The Sims 3 Nowoczesny Apartament Akcesoria.iso [2010-06-08 15:46:19 | 000,000,764 | ---- | C] () -- C:\Users\Michal\Desktop\ffaasd-spawn.xml [2010-06-08 15:46:19 | 000,000,049 | ---- | C] () -- C:\Users\Michal\Desktop\ffaasd-house.xml [2010-06-08 15:46:18 | 000,060,691 | ---- | C] () -- C:\Users\Michal\Desktop\Domek~!.otbm [2010-06-08 14:35:51 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempnI2264.html [2010-06-08 13:52:43 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempQg3580.html [2010-06-07 19:50:07 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempnV2580.html [2010-06-07 17:56:07 | 004,812,800 | ---- | C] () -- C:\Users\Michal\Documents\emeroncity.otbm [2010-06-07 17:43:44 | 000,068,061 | ---- | C] () -- C:\Users\Michal\Desktop\Desktop.rar [2010-06-07 17:15:59 | 000,106,153 | ---- | C] () -- C:\Users\Michal\Documents\tabelka.gif [2010-06-07 16:30:22 | 000,240,743 | ---- | C] () -- C:\Users\Michal\Desktop\expy.rar [2010-06-07 16:24:47 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempXq2904.html [2010-06-07 15:34:25 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempsm2560.html [2010-06-07 15:11:21 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempMN2328.html [2010-06-07 13:55:24 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TemprS2472.html [2010-06-07 12:58:39 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempPKH992.html [2010-06-06 09:06:15 | 000,001,908 | ---- | C] () -- C:\Users\Public\Desktop\Remere's Map Editor.lnk [2010-06-06 08:59:34 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TemplV3724.html [2010-06-05 20:22:15 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempva1388.html [2010-06-05 19:21:26 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempC11652.html [2010-06-05 19:21:17 | 000,001,735 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk [2010-06-05 19:21:15 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys [2010-06-05 18:59:31 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Temprf3756.html [2010-06-05 17:03:41 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempMR6780.html [2010-06-05 16:41:37 | 023,101,099 | ---- | C] () -- C:\Users\Michal\Desktop\Realmap854.rar [2010-06-05 15:54:49 | 000,000,752 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk [2010-06-05 13:45:12 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempTn4664.html [2010-06-05 12:08:06 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempfH5656.html [2010-06-05 10:16:47 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TemppT2660.html [2010-06-05 07:53:50 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempoO3080.html [2010-06-04 20:18:15 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempia6808.html [2010-06-04 18:19:57 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempXR6332.html [2010-06-04 17:17:10 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempdD4356.html [2010-06-04 16:23:48 | 000,000,748 | ---- | C] () -- C:\Users\Public\Desktop\ipla.lnk [2010-06-04 14:36:34 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempXO3652.html [2010-06-04 11:08:18 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempqmF876.html [2010-06-04 10:13:35 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempDn4600.html [2010-06-04 10:10:54 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempDm4056.html [2010-06-04 09:16:20 | 001,856,512 | ---- | C] () -- C:\Users\Michal\Desktop\ElfCrack.exe [2010-06-04 08:56:20 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempjbz468.html [2010-06-03 21:01:16 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempqh4220.html [2010-06-03 19:38:08 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Temphh3824.html [2010-06-03 16:37:35 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempWZ3032.html [2010-06-03 16:03:47 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempvLz460.html [2010-06-03 12:20:52 | 000,004,608 | ---- | C] () -- C:\Users\Michal\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-06-03 12:00:28 | 000,083,067 | ---- | C] () -- C:\Users\Michal\Desktop\taskmanager.jpg [2010-06-02 21:38:23 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempEq2980.html [2010-06-02 20:01:40 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempXm4076.html [2010-06-02 19:14:06 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempFU6108.html [2010-06-02 18:43:48 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempyh4256.html [2010-06-02 18:38:44 | 000,001,944 | ---- | C] () -- C:\Users\Michal\Desktop\HiJackThis.lnk [2010-06-02 17:51:27 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempSH2904.html [2010-06-02 17:51:27 | 000,002,089 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempiX2904.html [2010-06-02 16:47:27 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TemptL1904.html [2010-06-02 14:45:01 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempcv3916.html [2010-06-01 21:02:56 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempVD1416.html [2010-06-01 20:51:11 | 000,011,827 | ---- | C] () -- C:\Users\Michal\Desktop\Nowy Dokument programu Microsoft Office Word.docx [2010-06-01 19:15:04 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempXR2844.html [2010-06-01 17:23:41 | 000,000,919 | ---- | C] () -- C:\Users\Michal\.fx1666.log [2010-06-01 17:18:08 | 000,001,433 | ---- | C] () -- C:\Users\Public\Desktop\Gimnazjum klasa 2 - Planeta Nowa.lnk [2010-06-01 16:05:06 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TemplS3676.html [2010-05-31 16:17:24 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempFA5888.html [2010-05-31 13:42:07 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempQv2464.html [2010-05-30 12:48:12 | 000,001,978 | ---- | C] () -- C:\Users\Public\Desktop\Tibia MULTI-IP Changer.lnk [2010-05-30 12:46:39 | 000,000,495 | ---- | C] () -- C:\Users\Public\Desktop\Tibia.lnk [2010-05-30 11:53:10 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempbA3888.html [2010-05-30 11:53:10 | 000,002,089 | ---- | C] () -- C:\Users\Michal\AppData\Local\TemprP3888.html [2010-05-30 11:41:32 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TemptD1548.html [2010-05-30 10:15:52 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempjH1360.html [2010-05-30 09:24:40 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempcN3788.html [2010-05-29 21:13:31 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempzS5464.html [2010-05-29 21:13:31 | 000,002,089 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempsb5464.html [2010-05-29 19:50:36 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempzA2376.html [2010-05-29 17:19:25 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempiC3056.html [2010-05-28 18:21:03 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempvb3168.html [2010-05-28 15:42:46 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempPt6080.html [2010-05-28 13:10:41 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempzI5340.html [2010-05-28 12:19:34 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempto5112.html [2010-05-28 11:05:22 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Temppa2988.html [2010-05-28 10:28:26 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempDk1964.html [2010-05-28 09:36:10 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempExB236.html [2010-05-28 09:10:12 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempEb3320.html [2010-05-27 16:53:31 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempGU5588.html [2010-05-27 15:50:52 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempsu2500.html [2010-05-26 20:47:20 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempNn5712.html [2010-05-26 19:08:29 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempbM1352.html [2010-05-26 14:36:33 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempgb1092.html [2010-05-25 21:13:09 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempdT4156.html [2010-05-25 17:39:23 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempyi5456.html [2010-05-25 16:28:45 | 000,000,752 | ---- | C] () -- C:\Users\Public\Desktop\Ventrilo.lnk [2010-05-25 16:28:41 | 000,000,262 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini [2010-05-25 16:27:40 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempoQ3068.html [2010-05-25 14:06:43 | 000,000,776 | ---- | C] () -- C:\Users\Public\Desktop\Winamp.lnk [2010-05-25 13:56:23 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempwc3496.html [2010-05-24 19:38:20 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempVF2784.html [2010-05-24 12:43:11 | 000,001,736 | ---- | C] () -- C:\Users\Michal\Desktop\WC3Banlist.lnk [2010-05-24 11:53:18 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempYh4564.html [2010-05-24 11:49:26 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempxA4808.html [2010-05-24 11:41:59 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempAp2740.html [2010-05-24 10:54:53 | 000,011,550 | ---- | C] () -- C:\Users\Michal\Desktop\Odyseusz.docx [2010-05-24 10:15:10 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempuF3416.html [2010-05-24 09:19:04 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempVv2612.html [2010-05-23 18:21:52 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempWa1232.html [2010-05-23 11:20:39 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempvz1368.html [2010-05-22 12:41:08 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempet3036.html [2010-05-22 12:26:12 | 000,000,049 | ---- | C] () -- C:\Windows\transp.gif [2010-05-22 12:25:33 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempej3456.html [2010-05-22 12:25:33 | 000,002,089 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempbc3456.html [2010-05-22 12:06:41 | 000,191,882 | ---- | C] () -- C:\Users\Michal\Desktop\Super Sayajin Shaco .rar [2010-05-22 11:42:19 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempGR1260.html [2010-05-22 11:42:19 | 000,002,089 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempeO1260.html [2010-05-22 11:29:25 | 000,000,599 | ---- | C] () -- C:\Users\Michal\Desktop\Frozen Throne.lnk [2010-05-22 11:24:33 | 000,000,594 | ---- | C] () -- C:\Users\Michal\Desktop\Warcraft III.lnk [2010-05-22 11:24:13 | 000,042,732 | ---- | C] () -- C:\Windows\War3Unin.dat [2010-05-22 11:24:13 | 000,002,829 | ---- | C] () -- C:\Windows\War3Unin.pif [2010-05-22 10:08:13 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempto5788.html [2010-05-22 10:08:13 | 000,002,089 | ---- | C] () -- C:\Users\Michal\AppData\Local\TemprX5788.html [2010-05-21 18:54:28 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempbh4352.html [2010-05-21 16:42:06 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempOO2052.html [2010-05-20 18:02:54 | 000,000,000 | ---- | C] () -- C:\Users\Michal\.fls1668.log [2010-05-20 18:02:06 | 000,000,566 | ---- | C] () -- C:\Users\Public\Desktop\Gimnazjum klasa 2 - Puls życia.lnk [2010-05-20 17:59:54 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempqF4744.html [2010-05-20 15:03:21 | 000,233,927 | ---- | C] () -- C:\Users\Michal\Desktop\Super Sayajin Shaco .jpg [2010-05-19 16:40:16 | 000,441,367 | ---- | C] () -- C:\Users\Michal\Documents\Students.accdt [2010-05-19 16:40:12 | 000,843,776 | ---- | C] () -- C:\Users\Michal\Documents\uczniowie.accdb [2010-05-19 16:09:23 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempOW2672.html [2010-05-19 15:11:00 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempmg5676.html [2010-05-18 18:38:05 | 000,001,887 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2010-05-18 17:50:40 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempXS5136.html [2010-05-18 14:50:05 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Temphfm656.html [2010-05-18 14:36:57 | 000,001,647 | ---- | C] () -- C:\Users\Public\Desktop\AVG Free 9.0.lnk [2010-05-18 14:36:46 | 000,113,461 | ---- | C] () -- C:\Windows\System32\drivers\Avg\iavichjw.avm [2010-05-18 14:36:45 | 061,256,026 | ---- | C] () -- C:\Windows\System32\drivers\Avg\incavi.avm [2010-05-17 18:38:17 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010-05-17 18:36:54 | 000,001,880 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk [2010-05-17 16:00:02 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempmn3084.html [2010-05-17 14:48:47 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempuF3664.html [2010-05-17 12:40:59 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempZr3928.html [2010-05-16 18:23:17 | 000,010,701 | ---- | C] () -- C:\Users\Michal\Desktop\Mary discovered that her uncle was a leader of a band of thieves who lured ships onto the rocks.docx [2010-05-16 17:05:40 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempnT2116.html [2010-05-16 09:57:12 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempcq3460.html [2010-05-15 15:56:59 | 000,814,915 | ---- | C] () -- C:\Users\Michal\Documents\shot(05-15-10)12;39;10.jpg [2010-05-15 15:56:51 | 000,825,255 | ---- | C] () -- C:\Users\Michal\Documents\shot(05-15-10)12;25;05.jpg [2010-05-15 15:56:46 | 000,560,986 | ---- | C] () -- C:\Users\Michal\Documents\shot(05-15-10)12;46;06.jpg [2010-05-15 15:41:17 | 000,000,367 | ---- | C] () -- C:\Users\Public\Desktop\Play League of Legends.lnk [2010-05-15 15:37:29 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2010-05-15 15:37:25 | 000,001,724 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2010-05-15 15:35:15 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempVjq472.html [2010-05-15 14:43:26 | 000,005,174 | ---- | C] () -- C:\Windows\System32\nppt9x.vxd [2010-05-15 14:41:59 | 000,000,528 | ---- | C] () -- C:\Users\Michal\Desktop\Start CABAL.lnk [2010-05-15 14:31:14 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempgB2492.html [2010-05-15 14:24:13 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf [2010-05-15 14:08:37 | 000,000,518 | ---- | C] () -- C:\Users\Michal\Desktop\Armies of Exigo.lnk [2010-05-15 12:30:39 | 733,962,240 | ---- | C] () -- C:\Users\Michal\Desktop\Adrenalina Lektor PL.avi [2010-05-15 12:30:04 | 000,000,559 | ---- | C] () -- C:\Users\Public\Desktop\Ashampoo Burning Studio 2010.lnk [2010-05-15 12:26:34 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempbG3464.html [2010-05-15 12:26:34 | 000,002,089 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempPR3464.html [2010-05-15 12:19:06 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf [2010-05-15 12:07:19 | 000,130,008 | ---- | C] () -- C:\Windows\System32\systemsf.ebd [2010-05-15 12:07:17 | 000,009,239 | ---- | C] () -- C:\Windows\System32\spcinstrumentation.man [2010-05-15 12:07:12 | 000,442,788 | ---- | C] () -- C:\Windows\System32\dot3.tmf [2010-05-15 12:07:11 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2010-05-15 12:07:10 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2010-05-15 12:07:09 | 003,662,128 | ---- | C] () -- C:\Windows\System32\locale.nls [2010-05-15 12:07:09 | 000,392,170 | ---- | C] () -- C:\Windows\System32\onex.tmf [2010-05-15 12:07:06 | 000,344,698 | ---- | C] () -- C:\Windows\System32\eaphost.tmf [2010-05-15 12:06:57 | 000,208,966 | ---- | C] () -- C:\Windows\System32\WFP.TMF [2010-05-15 12:06:56 | 000,092,918 | ---- | C] () -- C:\Windows\System32\slmgr.vbs [2010-05-15 12:06:32 | 000,009,212 | ---- | C] () -- C:\Windows\System32\RacUR.xml [2010-05-15 12:06:28 | 000,000,153 | ---- | C] () -- C:\Windows\System32\RacUREx.xml [2010-05-15 11:40:10 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempVR3748.html [2010-05-15 11:40:10 | 000,002,089 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempIv3748.html [2010-05-15 11:23:24 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempnP2484.html [2010-05-15 11:23:24 | 000,002,089 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempVj2484.html [2010-05-15 11:15:41 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2010-05-15 11:15:39 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex [2010-05-15 11:14:14 | 000,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf [2010-05-15 11:02:15 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempeM3668.html [2010-05-15 11:02:15 | 000,002,089 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempMS3668.html [2010-05-15 10:17:13 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempzC1400.html [2010-05-15 10:14:23 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01007_Inbox_Critical.Wdf [2010-05-15 10:14:01 | 000,145,455 | ---- | C] () -- C:\Windows\System32\perfmon.msc [2010-05-15 10:13:46 | 000,144,909 | ---- | C] () -- C:\Windows\System32\fsmgmt.msc [2010-05-15 10:13:45 | 000,012,198 | ---- | C] () -- C:\Windows\System32\gatherWiredInfo.vbs [2010-05-15 10:13:40 | 000,195,122 | ---- | C] () -- C:\Windows\System32\winrm.vbs [2010-05-15 10:09:52 | 000,196,608 | ---- | C] () -- C:\Windows\SPInstall.etl [2010-05-15 09:27:18 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\TempjG3996.html [2010-05-15 00:08:35 | 000,001,820 | ---- | C] () -- C:\Windows\System32\rasctrnm.h [2010-05-15 00:02:35 | 000,232,011 | ---- | C] () -- C:\Users\Michal\Desktop\fail.jpg [2010-05-15 00:00:27 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf [2010-05-15 00:00:24 | 000,015,181 | ---- | C] () -- C:\Windows\System32\gatherWirelessInfo.vbs [2010-05-14 22:43:28 | 027,066,368 | ---- | C] () -- C:\Windows\ocsetup_install_NetFx3.etl [2010-05-14 22:43:28 | 000,196,608 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_NetFx3.perf [2010-05-14 22:43:28 | 000,065,536 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_NetFx3.dpx [2010-05-14 22:36:29 | 000,002,432 | ---- | C] () -- C:\Users\Michal\AppData\Local\Tempgz3336.html [2010-05-14 22:00:09 | 000,008,192 | R-S- | C] () -- C:\BOOTSECT.BAK [2010-05-14 22:00:08 | 000,333,257 | RHS- | C] () -- C:\bootmgr [2010-05-14 21:59:54 | 000,584,219 | R--- | C] () -- C:\Windows\System32\Komputronik.scr [2010-05-14 21:57:31 | 000,000,555 | ---- | C] () -- C:\Users\Public\Desktop\OpenFM.lnk [2010-05-14 21:57:31 | 000,000,536 | ---- | C] () -- C:\Users\Public\Desktop\Gadu-Gadu 10.lnk [2010-05-14 21:36:48 | 000,002,047 | ---- | C] () -- C:\Users\Michal\Desktop\Google Chrome.lnk [2010-05-14 21:33:35 | 000,001,062 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2383811976-2136801530-783135697-1000UA.job [2010-05-14 21:33:33 | 000,001,010 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2383811976-2136801530-783135697-1000Core.job [2010-05-14 21:26:16 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2010-05-14 21:26:15 | 2145,902,592 | -HS- | C] () -- C:\hiberfil.sys [2010-05-14 21:19:22 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll [2010-05-14 21:10:55 | 000,001,356 | ---- | C] () -- C:\Users\Michal\AppData\Local\d3d9caps.dat [2010-05-14 21:10:54 | 000,524,288 | -HS- | C] () -- C:\Users\Michal\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms [2010-05-14 21:10:54 | 000,524,288 | -HS- | C] () -- C:\Users\Michal\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms [2010-05-14 21:10:54 | 000,262,144 | -H-- | C] () -- C:\Users\Michal\ntuser.dat.LOG1 [2010-05-14 21:10:54 | 000,065,536 | -HS- | C] () -- C:\Users\Michal\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf [2010-05-14 21:10:54 | 000,000,020 | -HS- | C] () -- C:\Users\Michal\ntuser.ini [2010-05-14 21:10:54 | 000,000,000 | -H-- | C] () -- C:\Users\Michal\ntuser.dat.LOG2 [2010-05-14 21:10:53 | 001,310,720 | -HS- | C] () -- C:\Users\Michal\NTUSER.DAT [2009-05-16 05:22:50 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2006-11-02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006-11-02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2005-08-02 23:24:01 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll [color=#E56717]========== LOP Check ==========[/color] [2010-05-15 12:35:55 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Ashampoo [2010-05-22 12:22:38 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\CheckPoint [2010-06-05 19:25:33 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\DAEMON Tools Lite [2010-05-14 23:46:05 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Gadu-Gadu 10 [2010-06-05 19:23:58 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\ipla [2010-05-16 09:55:33 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\LolClient [2010-05-15 10:29:26 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\OpenFM [2010-06-06 09:05:17 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Remere's Map Editor [2010-05-30 12:48:49 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Tibia [2010-06-19 20:25:47 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\uTorrent [2010-06-20 10:19:39 | 000,032,590 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2009-04-11 08:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr [2010-05-14 22:00:09 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK [2006-09-18 23:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys [2010-06-20 10:20:40 | 2145,902,592 | -HS- | M] () -- C:\hiberfil.sys [2010-06-20 10:20:39 | 2459,713,536 | -HS- | M] () -- C:\pagefile.sys [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2008-01-18 23:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys [2008-01-18 23:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys [2008-01-18 23:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys [2008-01-18 23:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys [2006-11-02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys [2006-11-02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009-04-11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys [2009-04-11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys [2009-04-11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys [2008-01-18 23:41:32 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys [2008-01-18 23:41:32 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys [2006-11-02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys [2010-05-14 23:25:29 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys [2010-05-14 23:25:29 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys [2010-05-14 23:25:29 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2008-01-18 21:49:12 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\System32\drivers\beep.sys [2008-01-18 21:49:12 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6001.18000_none_c420a153079d485b\beep.sys [2006-11-02 10:51:03 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=AC3DD1708B22761EBD7CBE14DCC3B5D7 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6000.16386_none_c1e9df570ab23787\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2008-01-18 21:49:52 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys [2008-01-18 21:49:52 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys [2009-04-11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys [2009-04-11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys [2009-04-11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys [2006-11-02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2009-04-11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys [2009-04-11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys [2006-11-02 11:51:42 | 000,500,840 | ---- | M] (Microsoft Corporation) MD5=227C11E1E7CF6EF8AFB2A238D209760C -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.16386_none_a59069cb1f23fc44\ndis.sys [2008-01-18 23:43:32 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2009-04-11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe [2009-04-11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [2006-11-02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe [2008-01-18 23:33:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 64 bytes -> C:\Users\Michal\Desktop\Adrenalina Lektor PL.avi:TOC.WMV @Alternate Data Stream - 255 bytes -> C:\ProgramData\TEMP:6BE50C2B @Alternate Data Stream - 225 bytes -> C:\ProgramData\TEMP:4EE74317 < End of report > [/log] OTL EXTRAS[log]OTL Extras logfile created on: 2010-06-20 10:42:22 - Run 3 OTL by OldTimer - Version 3.2.6.0 Folder = C:\Users\Michal\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18928) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 46,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 72,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 68,82 Gb Total Space | 27,86 Gb Free Space | 40,49% Space Free | Partition Type: NTFS Drive D: | 164,06 Gb Total Space | 127,76 Gb Free Space | 77,88% Space Free | Partition Type: NTFS Drive E: | 237,41 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: MICHAL-PC Current User Name: Michal Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 60 Days Output = Standard [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-2383811976-2136801530-783135697-1000\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{24987701-290F-40F2-9287-105EA911E0CA}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | "{777C2D10-52BD-4B50-8B41-28D9D9FAD451}" = lport=8394 | protocol=17 | dir=in | name=league of legends launcher | "{90E336A0-0F50-4854-A231-B50245783DC7}" = lport=8394 | protocol=6 | dir=in | name=league of legends launcher | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{05B16FD4-58D0-429F-BBE1-25EC70D5B8F6}" = protocol=6 | dir=in | app=d:\age of empires iii\age3y.exe | "{0748945E-92CD-4876-9EEC-10B2B4E22F99}" = protocol=6 | dir=in | app=d:\league of legends eu\air\lolclient.exe | "{2E50B807-7FD7-4C5D-AD3F-9721206EDDDC}" = protocol=17 | dir=in | app=d:\league of legends eu\air\lolclient.exe | "{50FFD961-F2E7-433A-8BC9-CF626B980435}" = dir=in | app=c:\program files\avg\avg9\avgnsx.exe | "{66F7C7B1-30F6-4158-9320-1807A50294B0}" = protocol=17 | dir=in | app=d:\age of empires iii\age3x.exe | "{6B12735D-DA16-4852-97AF-71580D26968C}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe | "{81CA2789-0849-4EFA-AAF0-09379C587656}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | "{86185823-A72C-46BF-82E8-163648E7AB34}" = dir=in | app=c:\program files\avg\avg9\avgupd.exe | "{8D5D968E-4710-4461-862C-B7DB6E8810D4}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | "{9666536A-3D15-4572-8490-F422057CE6CD}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{9C927C92-88F2-47D2-8E1F-24E18E24B014}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{AB8362CA-5A3D-4BDC-99B2-7976F6246A6C}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{AE1F1B64-A26E-47E3-93CB-60D53F801620}" = protocol=6 | dir=in | app=d:\age of empires iii\age3x.exe | "{B6170EC0-09E3-4BC5-A34A-2BE084330A92}" = protocol=17 | dir=in | app=d:\age of empires iii\age3y.exe | "{DF445C8E-3767-4023-AFB5-1C7C9A399C26}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{E4619600-1954-423C-B09F-7B9FE55B4C24}" = protocol=17 | dir=in | app=d:\league of legends eu\game\league of legends.exe | "{F2CFAD65-7DB4-4876-AB56-89785DFC06B5}" = protocol=6 | dir=in | app=d:\league of legends eu\game\league of legends.exe | "{F99169A7-169B-42C7-A7C9-2E7720E59117}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{FF078E38-179C-43C0-AAB3-9CB246B0A647}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe | "TCP Query User{17DF4257-15A9-4CCC-ADA7-A4B7254845E8}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe | "TCP Query User{6EEE9D3A-B50F-440B-856D-4C3160EF0FCA}D:\lol\lol.launcher.exe" = protocol=6 | dir=in | app=d:\lol\lol.launcher.exe | "TCP Query User{84B9FCC7-EF46-4420-9A48-BDD39E6B0EA9}D:\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=d:\gadu-gadu 10\gg.exe | "TCP Query User{F455962C-91DB-4CAE-82FB-69C8B06DD5CA}D:\warcraft iii\war3.exe" = protocol=6 | dir=in | app=d:\warcraft iii\war3.exe | "TCP Query User{FA80FC64-D1C6-48D7-98D7-BAFDAC52FDC6}C:\users\michal\desktop\do usuniecia\low war by piorunek. udst. przez areal\loozikots\loozikots\loozikots.exe" = protocol=6 | dir=in | app=c:\users\michal\desktop\do usuniecia\low war by piorunek. udst. przez areal\loozikots\loozikots\loozikots.exe | "UDP Query User{117EEB81-523C-45B1-8E6A-0C7AE068A81B}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe | "UDP Query User{142A2772-C381-44BB-ADA2-184EDE754F10}C:\users\michal\desktop\do usuniecia\low war by piorunek. udst. przez areal\loozikots\loozikots\loozikots.exe" = protocol=17 | dir=in | app=c:\users\michal\desktop\do usuniecia\low war by piorunek. udst. przez areal\loozikots\loozikots\loozikots.exe | "UDP Query User{90DF1ED1-97B9-4F8B-A7DD-0D859018D354}D:\warcraft iii\war3.exe" = protocol=17 | dir=in | app=d:\warcraft iii\war3.exe | "UDP Query User{C1BD984C-2148-4D1E-AF41-A095AEFF5063}D:\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=d:\gadu-gadu 10\gg.exe | "UDP Query User{E414E93C-FC5A-4DEF-805D-0553F66DE16A}D:\lol\lol.launcher.exe" = protocol=17 | dir=in | app=d:\lol\lol.launcher.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{14F62C36-8B2B-E36F-0A97-8C1D77D9A1E9}" = Catalyst Control Center Graphics Light "{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{21B46459-07FF-78CE-8105-CE25A0EA0904}" = CCC Help Finnish "{240333EF-BF74-F15F-C29F-3F98D2986FA8}" = CCC Help Spanish "{25405473-BE48-0710-569C-3032E2F94930}" = CCC Help Turkish "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20 "{399FD6A2-2F49-9C5F-62FE-5D3384B7EBA4}" = CCC Help Korean "{3AC1563D-00FB-99D6-2521-1821E2065C6E}" = CCC Help Thai "{4264266B-F749-AAD8-B5DF-614CAB51D179}" = ccc-core-static "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4E02E9E3-F0C8-0DED-A2BA-139213554230}" = Catalyst Control Center Core Implementation "{518AA3D6-5B7D-A795-6368-9BE490CA95E9}" = CCC Help Hungarian "{55335D80-E1DF-2F9C-640F-44C1C1977EA5}" = CCC Help Russian "{5ABF0366-64EE-3426-1471-38701AC57820}" = CCC Help Czech "{626731A9-D679-8C85-AF98-D3318E82CA91}" = CCC Help Japanese "{630A00D6-85BF-F895-205C-1300E521D493}" = ccc-utility "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{76AA1261-AB5F-491F-F040-A59F512E0DD2}" = CCC Help Dutch "{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client "{7B44E2CC-C4DB-3E07-ADD5-9D23C0C7A0D3}" = CCC Help Polish "{7BBAEC14-DB03-E6C9-B739-8ECBFBFD3E07}" = CCC Help Swedish "{81841A8B-5677-50B7-EF9D-28F75F85A159}" = Catalyst Control Center Graphics Full Existing "{82F23CC2-37B5-8E55-5705-C08AD57DD7DA}" = CCC Help Greek "{83729FE3-6785-476A-91F1-312D427B4522}" = League of Legends "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later "{89B16D09-3C64-AD20-2AF7-FCB4088C69C4}" = Catalyst Control Center InstallProxy "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-001F-0415-0000-0000000FF1CE}_ENTERPRISE_{E9EA2604-8AC9-47D2-8F4B-6BF60787A357}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007 "{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007 "{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{9067EE66-E412-48D1-FB63-60DB9B4BC510}" = CCC Help Chinese Traditional "{919363FE-2701-BFBB-5E78-20BC8B739B95}" = CCC Help French "{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars "{988588CE-4059-CC92-8509-C4A1F682F0F7}" = CCC Help Danish "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk "{A45F3795-1527-47FA-BE1A-2DD242B439E5}_is1" = Need for Speed - Shift "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{A56F087B-547C-C8FD-7885-513934D086B5}" = HydraVision "{A854B16A-152F-4A7D-C541-8E2DAFE3933F}" = CCC Help English "{A8B0DAB9-C8BF-4316-9F99-1A57CF3495F7}" = CCC Help Portuguese "{AC03EB07-8C01-7128-487B-A853C656F2FE}" = CCC Help Chinese Standard "{AC76BA86-7AD7-1045-7B44-A93000000001}" = Adobe Reader 9.3.2 - Polish "{B0B9863F-FEE6-489A-3B43-7A56FC3F43BD}" = Catalyst Control Center Graphics Previews Vista "{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR "{B8FC3A3D-B433-8235-C5DE-E94F51EF3A41}" = CCC Help Norwegian "{BD74ABDF-0BAC-1653-DBD1-8014D2C8683A}" = Catalyst Control Center Localization All "{BFE351D8-49F9-9EC9-3CC0-26A241A4156F}" = Catalyst Control Center HydraVision Full "{C0C4B69C-D09A-EE09-A8B1-772D8113A4C0}" = Catalyst Control Center Graphics Previews Common "{C3367470-9944-FD20-0DC4-BA705ED1EF59}" = ATI Catalyst Install Manager "{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties "{C7BEF25F-260C-492A-96FB-5E9BD3360D22}" = Remere's Map Editor "{CD26604A-5F8A-953B-C070-25480C546756}" = Catalyst Control Center Graphics Full New "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2 "{D3B1C799-CB73-42DE-BA0F-2344793A095C}" = Catalyst Control Center - Branding "{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas "{DD51B0FE-180D-C805-12EE-53713D15C8AE}" = ATI AVIVO Codecs "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime "{EC94BCD5-E64E-30EA-8CF0-C0604064C2E4}" = CCC Help Italian "{EDB32FFB-FC1C-414B-BF8E-4645217E9AF2}" = League of Legends "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F1CBC6F7-D82D-4DC5-B81C-9A14F418593A}_is1" = WC3Banlist "{F2EB9938-0155-6DDC-FD82-DB8090B209DA}" = CCC Help German "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Agnitum Outpost Firewall_is1" = Outpost Firewall 2009 "Armies of Exigo_is1" = Armies of Exigo "Ashampoo Burning Studio 2010_is1" = Ashampoo Burning Studio 2010 "AVG9Uninstall" = AVG Free 9.0 "BDESetup.exe_is1" = Borland Database Engine Ver. 5.2.0.2 "ENTERPRISE" = Microsoft Office Enterprise 2007 "EPSON Printer and Utilities" = EPSON Printer Software "Gadu-Gadu 10" = Gadu-Gadu 10 "Gimnazjum klasa 2 - Planeta Nowa" = Gimnazjum klasa 2 - Planeta Nowa "Gimnazjum klasa 2 - Puls życia" = Gimnazjum klasa 2 - Puls życia "InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs "InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties "ipla" = ipla 2.1.4 "League of Legends_is1" = League of Legends "Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3) "Tibia_is1" = Tibia 7.6 "TMIPC" = Tibia MULTI-ip changer "uTorrent" = µTorrent "Warcraft III" = Warcraft III "Winamp" = Winamp "WinPcapInst" = WinPcap 3.1 "WinRAR archiver" = Archiwizator WinRAR [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-2383811976-2136801530-783135697-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome "Warcraft III" = Warcraft III: wszystkie elementy "Winamp Detect" = Detektor Winampa [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2010-06-19 02:56:37 | Computer Name = Michal-PC | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd gta_sa.exe, wersja 0.0.0.0, sygnatura czasowa 0x427101ca, moduł powodujący błąd gta_sa.exe, wersja 0.0.0.0, sygnatura czasowa 0x427101ca, kod wyjątku 0xc0000005, przesunięcie błędu 0x000dd5a3, identyfikator procesu 0xf98, godzina rozpoczęcia aplikacji 0x01cb0f7c84467be8. Error - 2010-06-19 03:33:26 | Computer Name = Michal-PC | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd javaw.exe, wersja 6.0.200.2, sygnatura czasowa 0x4bc398b3, moduł powodujący błąd java.dll, wersja 6.0.200.2, sygnatura czasowa 0x4bc3c8dc, kod wyjątku 0xc0000005, przesunięcie błędu 0x00005875, identyfikator procesu 0x934, godzina rozpoczęcia aplikacji 0x01cb0f81b4093118. Error - 2010-06-19 03:35:55 | Computer Name = Michal-PC | Source = Application Hang | ID = 1002 Description = Program gta_sa.exe w wersji 0.0.0.0 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania raportami i rozwiązaniami problemów. Identyfikator procesu: b54 Godzina rozpoczęcia: 01cb0f7cf7978a88 Godzina zakończenia: 33 Error - 2010-06-19 03:36:52 | Computer Name = Michal-PC | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd gta_sa.exe, wersja 0.0.0.0, sygnatura czasowa 0x427101ca, moduł powodujący błąd gta_sa.exe, wersja 0.0.0.0, sygnatura czasowa 0x427101ca, kod wyjątku 0xc0000005, przesunięcie błędu 0x00086ddf, identyfikator procesu 0xa5c, godzina rozpoczęcia aplikacji 0x01cb0f820f6c1ea8. Error - 2010-06-19 14:29:12 | Computer Name = Michal-PC | Source = System Restore | ID = 8193 Description = Error - 2010-06-19 14:38:02 | Computer Name = Michal-PC | Source = VSS | ID = 8194 Description = Error - 2010-06-19 17:43:30 | Computer Name = Michal-PC | Source = Application Hang | ID = 1002 Description = Program iexplore.exe w wersji 8.0.6001.18928 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania raportami i rozwiązaniami problemów. Identyfikator procesu: 61c Godzina rozpoczęcia: 01cb0ff86326a5ca Godzina zakończenia: 5 Error - 2010-06-20 04:33:53 | Computer Name = Michal-PC | Source = VSS | ID = 8194 Description = Error - 2010-06-20 04:37:14 | Computer Name = Michal-PC | Source = VSS | ID = 8194 Description = Error - 2010-06-20 04:47:51 | Computer Name = Michal-PC | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd gg.exe, wersja 10.1.1.11119, sygnatura czasowa 0x4be02811, moduł powodujący błąd kernel32.dll, wersja 6.0.6002.18005, sygnatura czasowa 0x49e037dd, kod wyjątku 0xe06d7363, przesunięcie błędu 0x0003fbae, identyfikator procesu 0xd08, godzina rozpoczęcia aplikacji 0x01cb1052544127dd. [ System Events ] Error - 2010-05-15 03:24:05 | Computer Name = Michal-PC | Source = Microsoft-Windows-Servicing | ID = 4375 Description = Error - 2010-05-15 03:24:05 | Computer Name = Michal-PC | Source = Microsoft-Windows-Servicing | ID = 4375 Description = Error - 2010-05-15 03:24:05 | Computer Name = Michal-PC | Source = Microsoft-Windows-Servicing | ID = 4375 Description = Error - 2010-05-15 03:24:05 | Computer Name = Michal-PC | Source = Microsoft-Windows-Servicing | ID = 4375 Description = Error - 2010-05-15 03:24:05 | Computer Name = Michal-PC | Source = Microsoft-Windows-Servicing | ID = 4375 Description = Error - 2010-05-15 03:24:05 | Computer Name = Michal-PC | Source = Microsoft-Windows-Servicing | ID = 4375 Description = Error - 2010-05-15 04:11:32 | Computer Name = Michal-PC | Source = DCOM | ID = 10010 Description = Error - 2010-05-15 04:42:51 | Computer Name = Michal-PC | Source = DCOM | ID = 10010 Description = Error - 2010-05-15 04:57:16 | Computer Name = Michal-PC | Source = HTTP | ID = 15016 Description = Error - 2010-05-15 04:59:55 | Computer Name = Michal-PC | Source = Microsoft-Windows-Eventlog | ID = 30 Description = < End of report > [/log] RSIT[log]Logfile of random's system information tool 1.07 (written by random/random) Run by Michal at 2010-06-20 10:50:50 Microsoft® Windows Vista™ Home Premium Service Pack 2 System drive C: has 28 GB (40%) free of 70 GB Total RAM: 2046 MB (37% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:50:55, on 2010-06-20 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18928) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\AVG\AVG9\avgtray.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\DAEMON Tools Lite\DTLite.exe C:\Windows\System32\mobsync.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\conime.exe C:\Users\Michal\Downloads\OTL.exe D:\Gadu-Gadu 10\gg.exe C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\notepad.exe C:\Windows\notepad.exe C:\Users\Michal\Downloads\RSIT.exe C:\Program Files\trend micro\Michal.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\ProgramData\Gadu-Gadu 10\_userdata\ggbho.2.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [ISW] "C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden" O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /F "C:\Windows\TEMP\E_SE38B.tmp" /EF "HKLM" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [OutpostMonitor] C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe /tray /noservice O4 - HKLM\..\Run: [OutpostFeedBack] "C:\Program Files\Agnitum\Outpost Firewall\feedback.exe" /dump:os_startup O4 - HKCU\..\Run: [Google Update] "C:\Users\Michal\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'USŁUGA SIECIOWA') O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: c:\progra~1\agnitum\outpos~1\wl_hook.dll avgrsstx.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe -- End of file - 6921 bytes ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2383811976-2136801530-783135697-1000Core.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2383811976-2136801530-783135697-1000UA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-06-03 1615200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-22 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}] IEPluginBHO Class - C:\ProgramData\Gadu-Gadu 10\_userdata\ggbho.2.dll [2010-05-04 42080] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-18 1008184] "RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2010-03-26 8546848] "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-05-20 98304] "GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072] "ISW"=C:\Program Files\CheckPoint\ZAForceField\ForceField.exe /icon=hidden [] "AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-06-03 2065248] "EPSON Stylus DX3800 Series"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE [2005-02-08 98304] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040] "OutpostMonitor"=C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe [2009-04-28 2374464] "OutpostFeedBack"=C:\Program Files\Agnitum\Outpost Firewall\feedback.exe [2009-04-28 428032] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Google Update"=C:\Users\Michal\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-14 136176] "DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696] "EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe -silent [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^diPhoto Home diUpdate.lnk] C:\PROGRA~1\River\DIPHOT~1\diupdate.exe [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="c:\progra~1\agnitum\outpos~1\wl_hook.dll avgrsstx.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "BindDirectlyToPropertySetStorage"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0c730f3c-5f8b-11df-9f9d-806e6f6e6963}] shell\AutoRun\command - E:\autorun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fca3d9ed-70c6-11df-b081-001d7d77753b}] shell\AutoRun\command - J:\setup.exe shell\dinstall\command - J:\DirectX9\DXSETUP.exe ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 months====== 2010-06-20 10:36:18 ----SHD---- C:\Config.Msi 2010-06-18 11:50:02 ----A---- C:\Windows\system32\XAudio2_7.dll 2010-06-18 11:50:02 ----A---- C:\Windows\system32\XAPOFX1_5.dll 2010-06-18 11:50:02 ----A---- C:\Windows\system32\xactengine3_7.dll 2010-06-18 11:50:01 ----A---- C:\Windows\system32\d3dx11_43.dll 2010-06-18 11:50:01 ----A---- C:\Windows\system32\d3dcsx_43.dll 2010-06-18 11:50:01 ----A---- C:\Windows\system32\D3DCompiler_43.dll 2010-06-18 11:49:48 ----A---- C:\Windows\system32\d3dx10_43.dll 2010-06-18 11:49:22 ----A---- C:\Windows\system32\D3DX9_43.dll 2010-06-18 11:47:58 ----D---- C:\Windows\system32\directx 2010-06-18 10:39:24 ----D---- C:\Program Files\Pando Networks 2010-06-11 13:53:38 ----D---- C:\Program Files\trend micro 2010-06-11 13:53:37 ----D---- C:\rsit 2010-06-09 07:50:05 ----A---- C:\Windows\system32\asycfilt.dll 2010-06-09 07:50:02 ----A---- C:\Windows\system32\atmlib.dll 2010-06-09 07:50:02 ----A---- C:\Windows\system32\atmfd.dll 2010-06-09 07:49:56 ----A---- C:\Windows\system32\mshtml.dll 2010-06-09 07:49:55 ----A---- C:\Windows\system32\ieframe.dll 2010-06-09 07:49:54 ----A---- C:\Windows\system32\wininet.dll 2010-06-09 07:49:54 ----A---- C:\Windows\system32\urlmon.dll 2010-06-09 07:49:54 ----A---- C:\Windows\system32\occache.dll 2010-06-09 07:49:54 ----A---- C:\Windows\system32\mstime.dll 2010-06-09 07:49:54 ----A---- C:\Windows\system32\msfeeds.dll 2010-06-09 07:49:54 ----A---- C:\Windows\system32\iertutil.dll 2010-06-09 07:49:54 ----A---- C:\Windows\system32\iedkcs32.dll 2010-06-09 07:49:53 ----A---- C:\Windows\system32\msfeedssync.exe 2010-06-09 07:49:53 ----A---- C:\Windows\system32\msfeedsbs.dll 2010-06-09 07:49:53 ----A---- C:\Windows\system32\jsproxy.dll 2010-06-09 07:49:53 ----A---- C:\Windows\system32\ieUnatt.exe 2010-06-09 07:49:53 ----A---- C:\Windows\system32\ieui.dll 2010-06-09 07:49:53 ----A---- C:\Windows\system32\iesysprep.dll 2010-06-09 07:49:53 ----A---- C:\Windows\system32\iesetup.dll 2010-06-09 07:49:53 ----A---- C:\Windows\system32\iernonce.dll 2010-06-09 07:49:53 ----A---- C:\Windows\system32\iepeers.dll 2010-06-09 07:49:53 ----A---- C:\Windows\system32\ie4uinit.exe 2010-06-08 15:12:50 ----D---- C:\ProgramData\Electronic Arts 2010-06-08 15:12:45 ----D---- C:\Program Files\Electronic Arts 2010-06-08 07:33:01 ----D---- C:\Program Files\MSXML 4.0 2010-06-06 17:59:02 ----D---- C:\ProgramData\Age of Empires 3 2010-06-06 17:53:33 ----D---- C:\Program Files\Common Files\Microsoft Games 2010-06-06 09:06:15 ----D---- C:\Program Files\Remere's Map Editor 2010-06-05 19:32:34 ----D---- C:\Program Files\Microsoft WSE 2010-06-05 19:21:06 ----D---- C:\Program Files\DAEMON Tools Lite 2010-06-05 19:20:32 ----D---- C:\Users\Michal\AppData\Roaming\DAEMON Tools Lite 2010-06-05 19:20:31 ----D---- C:\ProgramData\DAEMON Tools Lite 2010-06-05 15:57:14 ----A---- C:\Windows\system32\XAudio2_6.dll 2010-06-05 15:57:14 ----A---- C:\Windows\system32\XAudio2_5.dll 2010-06-05 15:57:14 ----A---- C:\Windows\system32\XAPOFX1_4.dll 2010-06-05 15:57:14 ----A---- C:\Windows\system32\xactengine3_6.dll 2010-06-05 15:57:14 ----A---- C:\Windows\system32\xactengine3_5.dll 2010-06-05 15:57:14 ----A---- C:\Windows\system32\X3DAudio1_7.dll 2010-06-05 15:57:13 ----A---- C:\Windows\system32\d3dx11_42.dll 2010-06-05 15:57:13 ----A---- C:\Windows\system32\d3dcsx_42.dll 2010-06-05 15:57:13 ----A---- C:\Windows\system32\D3DCompiler_42.dll 2010-06-05 15:57:12 ----A---- C:\Windows\system32\d3dx10_42.dll 2010-06-05 15:57:11 ----A---- C:\Windows\system32\XAudio2_4.dll 2010-06-05 15:57:11 ----A---- C:\Windows\system32\XAPOFX1_3.dll 2010-06-05 15:57:11 ----A---- C:\Windows\system32\D3DX9_41.dll 2010-06-05 15:57:11 ----A---- C:\Windows\system32\d3dx10_41.dll 2010-06-05 15:57:11 ----A---- C:\Windows\system32\D3DCompiler_41.dll 2010-06-05 15:57:10 ----A---- C:\Windows\system32\XAudio2_3.dll 2010-06-05 15:57:10 ----A---- C:\Windows\system32\XAPOFX1_2.dll 2010-06-05 15:57:10 ----A---- C:\Windows\system32\xactengine3_4.dll 2010-06-05 15:57:10 ----A---- C:\Windows\system32\X3DAudio1_6.dll 2010-06-05 15:57:10 ----A---- C:\Windows\system32\D3DX9_40.dll 2010-06-05 15:57:10 ----A---- C:\Windows\system32\d3dx10_40.dll 2010-06-05 15:57:10 ----A---- C:\Windows\system32\D3DCompiler_40.dll 2010-06-05 15:57:09 ----A---- C:\Windows\system32\xactengine3_3.dll 2010-06-05 15:57:09 ----A---- C:\Windows\system32\xactengine3_2.dll 2010-06-05 15:57:09 ----A---- C:\Windows\system32\X3DAudio1_5.dll 2010-06-05 15:57:07 ----A---- C:\Windows\system32\XAudio2_1.dll 2010-06-05 15:57:07 ----A---- C:\Windows\system32\XAPOFX1_0.dll 2010-06-05 15:57:07 ----A---- C:\Windows\system32\xactengine3_1.dll 2010-06-05 15:57:07 ----A---- C:\Windows\system32\X3DAudio1_4.dll 2010-06-05 15:57:06 ----A---- C:\Windows\system32\d3dx10_38.dll 2010-06-05 15:57:06 ----A---- C:\Windows\system32\D3DCompiler_38.dll 2010-06-05 15:57:05 ----A---- C:\Windows\system32\XAudio2_0.dll 2010-06-05 15:57:05 ----A---- C:\Windows\system32\xactengine3_0.dll 2010-06-05 15:57:05 ----A---- C:\Windows\system32\X3DAudio1_3.dll 2010-06-05 15:57:05 ----A---- C:\Windows\system32\D3DX9_38.dll 2010-06-05 15:57:04 ----A---- C:\Windows\system32\xactengine2_10.dll 2010-06-05 15:57:04 ----A---- C:\Windows\system32\D3DX9_37.dll 2010-06-05 15:57:04 ----A---- C:\Windows\system32\d3dx10_37.dll 2010-06-05 15:57:04 ----A---- C:\Windows\system32\D3DCompiler_37.dll 2010-06-05 15:57:03 ----A---- C:\Windows\system32\xactengine2_9.dll 2010-06-05 15:57:03 ----A---- C:\Windows\system32\d3dx9_36.dll 2010-06-05 15:57:03 ----A---- C:\Windows\system32\d3dx10_36.dll 2010-06-05 15:57:03 ----A---- C:\Windows\system32\d3dx10_35.dll 2010-06-05 15:57:03 ----A---- C:\Windows\system32\D3DCompiler_36.dll 2010-06-05 15:57:02 ----A---- C:\Windows\system32\xactengine2_8.dll 2010-06-05 15:57:02 ----A---- C:\Windows\system32\X3DAudio1_2.dll 2010-06-05 15:57:02 ----A---- C:\Windows\system32\d3dx9_35.dll 2010-06-05 15:57:02 ----A---- C:\Windows\system32\D3DCompiler_35.dll 2010-06-05 15:57:01 ----A---- C:\Windows\system32\xinput1_3.dll 2010-06-05 15:57:01 ----A---- C:\Windows\system32\xactengine2_7.dll 2010-06-05 15:57:01 ----A---- C:\Windows\system32\d3dx9_34.dll 2010-06-05 15:57:01 ----A---- C:\Windows\system32\d3dx9_33.dll 2010-06-05 15:57:01 ----A---- C:\Windows\system32\d3dx10_34.dll 2010-06-05 15:57:01 ----A---- C:\Windows\system32\d3dx10_33.dll 2010-06-05 15:57:01 ----A---- C:\Windows\system32\D3DCompiler_34.dll 2010-06-05 15:57:01 ----A---- C:\Windows\system32\D3DCompiler_33.dll 2010-06-05 15:57:00 ----A---- C:\Windows\system32\xactengine2_6.dll 2010-06-05 15:57:00 ----A---- C:\Windows\system32\xactengine2_5.dll 2010-06-05 15:57:00 ----A---- C:\Windows\system32\xactengine2_4.dll 2010-06-05 15:57:00 ----A---- C:\Windows\system32\x3daudio1_1.dll 2010-06-05 15:57:00 ----A---- C:\Windows\system32\d3dx9_32.dll 2010-06-05 15:57:00 ----A---- C:\Windows\system32\d3dx10.dll 2010-06-05 15:56:59 ----A---- C:\Windows\system32\xinput1_2.dll 2010-06-05 15:56:59 ----A---- C:\Windows\system32\xinput1_1.dll 2010-06-05 15:56:59 ----A---- C:\Windows\system32\xactengine2_3.dll 2010-06-05 15:56:59 ----A---- C:\Windows\system32\xactengine2_2.dll 2010-06-05 15:56:58 ----A---- C:\Windows\system32\xactengine2_1.dll 2010-06-05 15:56:51 ----A---- C:\Windows\system32\xactengine2_0.dll 2010-06-05 15:56:51 ----A---- C:\Windows\system32\x3daudio1_0.dll 2010-06-05 15:56:51 ----A---- C:\Windows\system32\d3dx9_30.dll 2010-06-05 15:56:50 ----A---- C:\Windows\system32\d3dx9_29.dll 2010-06-05 15:56:50 ----A---- C:\Windows\system32\d3dx9_28.dll 2010-06-05 15:56:50 ----A---- C:\Windows\system32\d3dx9_27.dll 2010-06-05 15:56:50 ----A---- C:\Windows\system32\d3dx9_26.dll 2010-06-05 15:56:49 ----A---- C:\Windows\system32\d3dx9_24.dll 2010-06-05 15:54:47 ----D---- C:\Program Files\uTorrent 2010-06-05 15:53:58 ----D---- C:\Users\Michal\AppData\Roaming\uTorrent 2010-06-04 16:23:51 ----D---- C:\Users\Michal\AppData\Roaming\ipla 2010-06-04 16:23:51 ----D---- C:\ProgramData\ipla 2010-06-04 16:23:44 ----D---- C:\Program Files\ipla 2010-06-04 16:23:40 ----A---- C:\Windows\system32\Msvcr71.dll 2010-06-04 16:23:40 ----A---- C:\Windows\system32\mfc71.dll 2010-06-04 16:23:40 ----A---- C:\Windows\system32\gdiplus.dll 2010-06-03 20:30:13 ----D---- C:\Users\Michal\AppData\Roaming\Remere's Map Editor 2010-06-01 17:18:07 ----D---- C:\Program Files\Gimnazjum klasa 2 - Planeta Nowa 2010-06-01 17:18:07 ----D---- C:\Program Files\Common Files\YDP 2010-05-31 13:53:12 ----AD---- C:\ProgramData\TEMP 2010-05-30 18:53:38 ----D---- C:\Windows\pss 2010-05-30 12:48:35 ----D---- C:\Users\Michal\AppData\Roaming\Tibia 2010-05-30 12:48:11 ----D---- C:\Program Files\Asprate 2010-05-30 12:47:34 ----HD---- C:\$AVG 2010-05-30 08:52:44 ----D---- C:\Program Files\River 2010-05-30 08:52:40 ----D---- C:\Program Files\Common Files\Borland Shared 2010-05-30 08:52:35 ----D---- C:\Program Files\Firebird 2010-05-26 07:47:51 ----A---- C:\Windows\system32\tzres.dll 2010-05-25 16:30:36 ----D---- C:\Users\Michal\AppData\Roaming\Ventrilo 2010-05-25 16:28:43 ----D---- C:\Program Files\Ventrilo 2010-05-25 16:28:41 ----A---- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini 2010-05-25 16:27:12 ----D---- C:\Program Files\Common Files\Wise Installation Wizard 2010-05-25 14:06:42 ----A---- C:\Windows\system32\D3DX9_42.dll 2010-05-25 14:06:39 ----A---- C:\Windows\system32\d3dx9_31.dll 2010-05-25 14:05:54 ----D---- C:\Program Files\Winamp Detect 2010-05-25 14:05:49 ----D---- C:\Program Files\Common Files\PX Storage Engine 2010-05-25 14:05:47 ----D---- C:\Users\Michal\AppData\Roaming\Winamp 2010-05-25 14:05:47 ----D---- C:\Program Files\Winamp 2010-05-24 12:43:08 ----D---- C:\Program Files\WC3Banlist 2010-05-22 12:25:49 ----D---- C:\Program Files\Agnitum 2010-05-22 12:25:37 ----D---- C:\ProgramData\Agnitum 2010-05-22 12:24:34 ----D---- C:\Windows\Internet Logs 2010-05-22 11:44:58 ----A---- C:\Windows\system32\D3DX81ab.dll 2010-05-22 11:38:22 ----D---- C:\Program Files\WinPcap 2010-05-22 11:24:13 ----A---- C:\Windows\War3Unin.exe 2010-05-22 10:48:39 ----D---- C:\ProgramData\Sun 2010-05-22 10:48:38 ----D---- C:\Program Files\Common Files\Java 2010-05-22 10:47:54 ----A---- C:\Windows\system32\javaws.exe 2010-05-22 10:47:54 ----A---- C:\Windows\system32\javaw.exe 2010-05-22 10:47:54 ----A---- C:\Windows\system32\java.exe 2010-05-22 10:47:54 ----A---- C:\Windows\system32\deployJava1.dll 2010-05-22 10:47:36 ----D---- C:\Program Files\Java ======List of files/folders modified in the last 1 months====== 2010-06-20 10:50:45 ----D---- C:\Windows\Temp 2010-06-20 10:41:49 ----HD---- C:\Program Files\InstallShield Installation Information 2010-06-20 10:41:40 ----SHD---- C:\Windows\Installer 2010-06-20 10:41:28 ----D---- C:\Windows\winsxs 2010-06-20 10:37:17 ----SHD---- C:\System Volume Information 2010-06-20 10:36:20 ----D---- C:\Windows 2010-06-20 10:36:19 ----RD---- C:\Program Files 2010-06-20 10:36:18 ----D---- C:\Windows\System32 2010-06-20 10:34:48 ----D---- C:\Program Files\Neffy 2010-06-20 10:34:40 ----HD---- C:\ProgramData 2010-06-19 20:28:57 ----RSD---- C:\Windows\assembly 2010-06-19 15:54:52 ----SD---- C:\Users\Michal\AppData\Roaming\Microsoft 2010-06-18 11:50:04 ----D---- C:\Program Files\Adobe 2010-06-18 11:49:57 ----D---- C:\Program Files\Common Files\Adobe AIR 2010-06-17 21:52:47 ----D---- C:\Windows\system32\catroot2 2010-06-17 12:58:01 ----D---- C:\Users\Michal\AppData\Roaming\Skype 2010-06-17 12:48:49 ----D---- C:\Users\Michal\AppData\Roaming\skypePM 2010-06-16 21:48:51 ----D---- C:\ProgramData\OpenFM 2010-06-12 09:26:47 ----D---- C:\Windows\system32\migration 2010-06-12 09:26:47 ----D---- C:\Program Files\Internet Explorer 2010-06-10 09:42:08 ----D---- C:\Windows\Microsoft.NET 2010-06-10 09:40:07 ----D---- C:\Windows\system32\catroot 2010-06-10 09:37:20 ----D---- C:\Windows\system32\wbem 2010-06-10 09:37:20 ----D---- C:\Program Files\Windows Mail 2010-06-10 09:21:47 ----D---- C:\ProgramData\Microsoft Help 2010-06-09 16:20:16 ----RSD---- C:\Windows\Fonts 2010-06-09 12:56:45 ----D---- C:\Windows\system32\Tasks 2010-06-08 14:23:46 ----D---- C:\Windows\Prefetch 2010-06-06 17:53:33 ----D---- C:\Program Files\Common Files 2010-06-06 17:49:05 ----D---- C:\Windows\inf 2010-06-06 17:49:05 ----A---- C:\Windows\system32\PerfStringBackup.INI 2010-06-06 17:43:28 ----D---- C:\Program Files\Common Files\InstallShield 2010-06-05 19:21:15 ----D---- C:\Windows\system32\drivers 2010-06-05 15:56:51 ----D---- C:\Windows\Logs 2010-05-28 21:37:34 ----A---- C:\Windows\system32\mrt.exe 2010-05-27 13:07:43 ----D---- C:\Windows\rescache 2010-05-26 14:37:27 ----D---- C:\Windows\system32\pl-PL 2010-05-22 19:33:29 ----D---- C:\Windows\system32\config 2010-05-22 12:23:41 ----D---- C:\Program Files\CheckPoint 2010-05-22 12:22:38 ----D---- C:\Users\Michal\AppData\Roaming\CheckPoint ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 afw;Agnitum Firewall Driver; C:\Windows\system32\DRIVERS\afw.sys [2009-02-18 29208] R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\Windows\System32\Drivers\avgldx86.sys [2010-05-18 216200] R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\Windows\System32\Drivers\avgmfx86.sys [2010-06-03 29584] R1 AvgTdiX;AVG Free Network Redirector; C:\Windows\System32\Drivers\avgtdix.sys [2010-06-03 242896] R1 SandBox;SandBox; \??\C:\Windows\system32\drivers\SandBox.sys [2009-04-06 704384] R3 afwcore;afwcore; C:\Windows\system32\drivers\afwcore.sys [2009-02-10 307224] R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\Windows\system32\drivers\AtiHdmi.sys [2009-04-24 95544] R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-05-16 4933632] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2010-03-26 3048096] R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2009-09-02 176128] R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328] S3 az5gonny;az5gonny; C:\Windows\system32\drivers\az5gonny.sys [] S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632] S3 HdAudAddService;Sterownik funkcji Microsoft 1.1 UAA dla usługi standardu High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520] S3 MSKSSRV;Serwer proxy usługi Microsoft Streaming; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192] S3 MSPCLOCK;Serwer proxy zegara Microsoft Streaming; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888] S3 MSPQM;Serwer proxy menedżera jakości Microsoft Streaming; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504] S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016] S3 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2005-08-02 32512] S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 acssrv;Agnitum Client Security Service; C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe [2009-04-28 1195008] R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-05-16 176128] R2 avg9wd;AVG Free WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-05-18 308064] S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-18 21504] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888] S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2010-05-03 3658096] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2005-08-02 86016] -----------------EOF----------------- [/log] Z góry dzięki.
Mateusz J. komentarz 21 czerwca 2010 komentarz 21 czerwca 2010 Widać tutaj pozostałość po infekcji z pendrive. Pewnie pojawiły się przez nią problemy z powłoką systemową. A brak ikon na pasku zadań to wina crashu bądź chwilowej zmiany wartości MinWidth w HKEY_CURRENT_USER\Control Panel\Desktop\WindowMetrics. Do notatnika wklej: [code]Windows Registry Editor Version 5.00 [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2] [/code]Plik ==> Zapisz jako ==> Zmień rozszerzenie na Wszystkie pliki ==> Zapisz pod nazwą [b]FIX.REG[/b] Uruchom utworzony plik [b]FIX.REG[/b] i potwierdź dodanie do Rejestru i zresetuj komputer. Ogólnie w porządku.
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.