x-kom hosting

Windows 7

_milan_
utworzono
utworzono

Witam, forum bardzomi pomogło z wyborem komputera, mam nadzieję że i pomożecie mi w sprawie tego problemu :)

sprzet: http://www.morele.net/inventory/info/QOYyZK/

od około tygodnia mam problem z systemem, w pewnym momencie łapie freeza i nie pomaga zadne wicskanie klawiszy ani czekanie ( no, czekałem raz 10 minut), zostaje jedynie reset.
Po resecie bios pyta sie jak uruchomic windows, a sam system nie informuje mnie o zadnym błędzie, poza komentarzem w podglądzie zdarzeń ze został nagle zzamkniety.

Raz mi się stanął jak był wlączony bestplayer, raz jak włączałem bitcometa, pare razy podczas przegladania mozilli, raz podczas skanowania mks skanerem, ogólnie losowo.
Wspomniany mks wykrył jakis plik heur.w32, a pozniej sie zaciął.
Avast nic takiego nie znalazł, podobnie spybot i ad aware, teraz wywalilem avasta i zainstalowalem Microsoft essential. też nic nie wykrył.

zdefragmentowałem dyski, wszystkie sa na 0%, wczenisej jeden był na 3%, wiec nawet nie było potrzeby.

Pozdrawiam i z góry dziekuje za pomoc.

Tomek01
komentarz
komentarz

Wrzuć zestaw logów OTL i RSIT.

_milan_
komentarz
komentarz

całośc logów?
Pierwszy raz cos takiego robie, nie ma tam zadnych informacji które nie powinny byc pokazywane publicznie?

Tomek01
komentarz
komentarz

Jeśli masz coś do ukrycia :)
Logi pokazują wszystkie aplikacje zainstalowane w Twoim systemie. Jeśli masz pirackie oprogramowanie to możesz sobie darować.
Piratom nie pomagamy :)
Nie zobaczę na pewno żadnych haseł czy zaszyfrowanych oraz ukrytych plików i folderów.

To jest jedyny sposób bym wykluczył lub potwierdził infekcję. Bez obaw.

_milan_
komentarz
komentarz (edytowane)

ok, spo juz wrzucam :)

OTL

extras
[log]OTL Extras logfile created on: 2010-09-17 21:43:34 - Run 1
OTL by OldTimer - Version 3.2.12.1 Folder = C:\Users\Robert\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 40,00% Memory free
4,00 Gb Paging File | 2,00 Gb Available in Paging File | 55,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 65,66 Gb Total Space | 21,41 Gb Free Space | 32,60% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive M: | 100,00 Gb Total Space | 55,34 Gb Free Space | 55,34% Space Free | Partition Type: NTFS
Drive N: | 300,00 Gb Total Space | 215,09 Gb Free Space | 71,70% Space Free | Partition Type: NTFS

Computer Name: ROBERT-KOMPUTER
Current User Name: Robert
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.scr[@ = MicroStation Resource] -- Reg Error: Key error. File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.scr [@ = MicroStation Resource] -- Reg Error: Key error. File not found

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717]========== Firewall Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP220_series" = Canon MP220 series
"{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1" = MotioninJoy ds3 driver version 0.5.0002
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{3C2F83D3-3F75-4920-8E23-23A9FBADB35D}" = Microsoft Antimalware Service PL-PL Language Pack
"{4483BEAE-D979-237E-EAA8-43F5E5A69B4A}" = ATI AVIVO64 Codecs
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0415-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Polish) 2007
"{95C9C76F-ECF3-40FA-94F8-5DDFB6BAF40D}" = Microsoft Security Essentials
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D483C640-09C0-CA54-007D-20BE9FA99C72}" = ccc-utility64
"{E62A1F01-07B7-4541-A835-EE5B0BF064C2}" = Microsoft Antimalware
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F4EAF98E-197C-E203-FB2C-9FCAB5337473}" = ATI Catalyst Install Manager
"CanonMyPrinter" = Canon My Printer
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.55
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Microsoft Security Essentials" = Microsoft Security Essentials
"WinRAR archiver" = Archiwizator WinRAR

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07B96515-9EF9-12B5-8A9A-B409E967BDBB}" = Catalyst Control Center Graphics Previews Vista
"{1170D24F-42B7-40CF-AA1B-6395CE562354}" = Gears of War
"{19FCAF1A-AD28-C086-B5A6-8E7A6DAB9B7B}" = ccc-core-static
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FF713E1-FE5E-4AD0-9C8C-B2E877846B45}" = Catalyst Control Center - Branding
"{205ACCD7-5342-4694-91F3-3A99E4FD5AA6}" = Mathcad 14 Help
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{257C7A78-535E-1450-C720-AE353876C816}" = Catalyst Control Center InstallProxy
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{31DBA23B-55DA-48F5-B5B4-A031B722F648}" = MagicRotation
"{34610DE0-3C13-42CA-8E32-01FFA38AB6E8}" = PC Connectivity Solution
"{45CAC750-E555-6DE3-078F-C9A4C2DF8A3E}" = Catalyst Control Center Graphics Light
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA
"{55D9E026-DCB0-46FF-B60A-68B972228CF6}" = Autodesk Design Review 2010
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5783F2D7-8000-0415-0002-0060B0CE6BBA}" = AutoCAD Civil 3D 2010 - Polski
"{5783F2D7-8000-0415-1002-0060B0CE6BBA}" = Pakiet językowy AutoCAD Civil 3D 2010 – język polski
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{72736F5F-520D-472A-88CC-7B02872FD34E}" = ATI Catalyst Registration
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74DEA59C-41C7-1B77-291F-43108DFBAB14}" = Catalyst Control Center Core Implementation
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79E9C7C5-4FCC-4DFF-B79E-17319E9522F3}" = MagicTunePremium
"{7B4D193B-D76D-308B-8B12-5D9BB1CBCE6C}" = Microsoft Visual Basic Power Packs 3.0
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{88E4B682-219A-2656-44E1-18DF1F57EAE1}" = Catalyst Control Center Graphics Full Existing
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C5C2D4E-5027-AC93-0531-B72C5625A0DD}" = CCC Help English
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-001F-0415-0000-0000000FF1CE}_ENTERPRISE_{E9EA2604-8AC9-47D2-8F4B-6BF60787A357}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002A-0415-1000-0000000FF1CE}_ENTERPRISE_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007
"{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007
"{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90F50409-6000-11D3-8CFE-0150048383C9}" = Visual Basic for Applications (R) Core
"{90F60409-6000-11D3-8CFE-0150048383C9}" = Visual Basic for Applications (R) Core - English
"{95B4269C-7ED9-2E32-0E3D-3F446B495540}" = Catalyst Control Center Graphics Full New
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A1463F00-4E89-402E-7DD3-3CF0CE98F1FA}" = Catalyst Control Center Graphics Previews Common
"{A785BBA7-3FB9-4D81-BC35-4A2028915ACB}" = Prey
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C6B29F03-4D97-3B4E-D906-70958E6B1448}" = HydraVision
"{CF097717-F174-4144-954A-FBC4BF301045}" = Nero 7 Premium
"{D4D9965A-A5F8-6CF6-33E7-A1EECC2E585B}" = Catalyst Control Center HydraVision Full
"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility
"{D6CD26FD-CD7F-4C86-96A3-EEBFABE5FE47}" = Kies
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E666A69B-A76D-43D5-AF28-4B2150A6EDE2}" = Mathcad 14
"{EA18DE8E-B3E6-4D82-A086-9BE2316FA5A5}" = AMD OverDrive
"{EBD38AE9-D52D-448D-9DB4-4D5F66E1DAFC}" = Mathcad 14 Resource Center
"{EE01A751-1DB9-43F1-8747-F81E7477BFDA}" = Bentley MicroStation PowerDraft XM Edition 08.09.04.51
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{FC2C7405-BC58-4E11-8F51-29671BEAC06B}" = Natural Color Pro
"Ad-Aware" = Ad-Aware
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ALLConventer 1.1 + skin s5620" = ALLConventer 1.1 + skin s5620
"AutoCAD Civil 3D 2010 - Polski" = AutoCAD Civil 3D 2010 - Polski
"Autodesk Design Review 2010" = Autodesk Design Review 2010
"BitComet" = BitComet 1.22
"CANONIJPLM100" = PIXMA Extended Survey Program
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CDisplay_is1" = CDisplay 1.8
"Easy CD-DA Extractor 12" = Easy CD-DA Extractor 12
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"ENTERPRISE" = Microsoft Office Enterprise 2007
"foobar2000" = foobar2000 v1.1
"Foxit Reader" = Foxit Reader
"InstallShield_{1170D24F-42B7-40CF-AA1B-6395CE562354}" = Gears of War
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platforma Menedżera urządzeń
"InstallShield_{D6CD26FD-CD7F-4C86-96A3-EEBFABE5FE47}" = Kies
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.0.4 (Basic)
"Mozilla Firefox (3.6.9)" = Mozilla Firefox (3.6.9)
"MP Navigator EX 1.0" = Canon MP Navigator EX 1.0
"NapiProjekt_is1" = NapiProjekt 1.0.6.9
"OverclockingCenter_is1" = OverclockingCenter
"Rejestracja użytkownika drukarki Canon MP220 series" = Rejestracja użytkownika drukarki Canon MP220 series
"Revo Uninstaller" = Revo Uninstaller 1.89
"SkanerOnline" = Skaner on-line mks_vir
"Tlen.pl" = Tlen.pl

[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2010-09-04 06:39:56 | Computer Name = Robert-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: draft.exe, wersja: 8.9.4.51, sygnatura
czasowa: 0x468a8747 Nazwa modułu powodującego błąd: ntdll.dll, wersja: 6.1.7600.16559,
sygnatura czasowa: 0x4ba9b29c Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0002e1fe
Identyfikator
procesu powodującego błąd: 0xf34 Godzina uruchomienia aplikacji powodującej błąd:
0x01cb4c08d868dd94 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Bentley\PowerDraft\draft.exe
Ścieżka
modułu powodującego błąd: C:\Windows\SysWOW64\ntdll.dll Identyfikator raportu: c1f992b0-b810-11df-8b88-4061868ec124

Error - 2010-09-04 08:38:57 | Computer Name = Robert-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: Dolphin.exe, wersja: 0.0.0.0, sygnatura
czasowa: 0x4bc3beff Nazwa modułu powodującego błąd: ntdll.dll, wersja: 6.1.7600.16559,
sygnatura czasowa: 0x4ba9b802 Kod wyjątku: 0xc000041d Przesunięcie błędu: 0x0000000000051c30
Identyfikator
procesu powodującego błąd: 0x714 Godzina uruchomienia aplikacji powodującej błąd:
0x01cb4c2d1a301516 Ścieżka aplikacji powodującej błąd: N:\Gry\GAMECUBE\dolphin-2.0.win64\Dolphin.exe
Ścieżka
modułu powodującego błąd: C:\Windows\SYSTEM32\ntdll.dll Identyfikator raportu: 623d8550-b821-11df-8b88-4061868ec124

Error - 2010-09-04 15:53:52 | Computer Name = Robert-Komputer | Source = Application Hang | ID = 1002
Description = Program acad.exe w wersji 24.0.55.0 zatrzymał interakcję z systemem
Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji
dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum
akcji. Identyfikator procesu: dd4 Godzina rozpoczęcia: 01cb4c6ab74d41d0 Godzina zakończenia:
11 Ścieżka aplikacji: C:\Program Files (x86)\AutoCAD Civil 3D 2010\acad.exe Identyfikator
raportu: 0b70ec10-b85e-11df-a88f-4061868ec124

Error - 2010-09-05 13:00:04 | Computer Name = Robert-Komputer | Source = Windows Backup | ID = 4103
Description =

Error - 2010-09-10 12:01:20 | Computer Name = Robert-Komputer | Source = Windows Search Service | ID = 3007
Description =

Error - 2010-09-12 05:37:14 | Computer Name = Robert-Komputer | Source = Application Hang | ID = 1002
Description = Program nero.exe w wersji 7.10.1.0 zatrzymał interakcję z systemem
Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji
dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum
akcji. Identyfikator procesu: 844 Godzina rozpoczęcia: 01cb525ddac4e6b7 Godzina zakończenia:
9 Ścieżka aplikacji: C:\Program Files (x86)\Nero\Nero 7\Core\nero.exe Identyfikator
raportu: 280f623b-be51-11df-98b0-4061868ec124

Error - 2010-09-15 15:44:59 | Computer Name = Robert-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: hl2.exe, wersja: 0.0.0.0, sygnatura
czasowa: 0x4145efeb Nazwa modułu powodującego błąd: engine.dll_unloaded, wersja:
0.0.0.0, sygnatura czasowa: 0x4187fc99 Kod wyjątku: 0xc0000005 Przesunięcie błędu:
0x20162170 Identyfikator procesu powodującego błąd: 0xf70 Godzina uruchomienia aplikacji
powodującej błąd: 0x01cb5507ea7fd08c Ścieżka aplikacji powodującej błąd: C:\Half-Life
2\Half-Life 2\hl2.exe Ścieżka modułu powodującego błąd: engine.dll Identyfikator
raportu: b8be0016-c101-11df-bb98-4061868ec124

Error - 2010-09-16 18:52:04 | Computer Name = Robert-Komputer | Source = Lavasoft Ad-Aware Service | ID = 0
Description =

Error - 2010-09-17 13:11:12 | Computer Name = Robert-Komputer | Source = Lavasoft Ad-Aware Service | ID = 0
Description =

Error - 2010-09-17 14:45:34 | Computer Name = Robert-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: Explorer.EXE, wersja: 6.1.7600.16450,
sygnatura czasowa: 0x4aebab8d Nazwa modułu powodującego błąd: DUI70.dll, wersja:
6.1.7600.16385, sygnatura czasowa: 0x4a5bdf25 Kod wyjątku: 0xc0000005 Przesunięcie
błędu: 0x0000000000030064 Identyfikator procesu powodującego błąd: 0x580 Godzina
uruchomienia aplikacji powodującej błąd: 0x01cb569826769c41 Ścieżka aplikacji powodującej
błąd: C:\Windows\Explorer.EXE Ścieżka modułu powodującego błąd: C:\Windows\system32\DUI70.dll
Identyfikator
raportu: c0df95f5-c28b-11df-8aeb-4061868ec124

[ System Events ]
Error - 2010-09-11 14:32:50 | Computer Name = Robert-Komputer | Source = Microsoft-Windows-WHEA-Logger | ID = 20
Description = Wystąpił krytyczny błąd sprzętowy. Składnik: mostek północny firmy
AMD Źródło błędu: 3 Typ błędu: 11 Identyfikator procesora: 0 Widok szczegółów tego wpisu
zawiera dodatkowe informacje.

Error - 2010-09-13 10:23:53 | Computer Name = Robert-Komputer | Source = EventLog | ID = 6008
Description = Poprzednie zamknięcie systemu przy 16:15:20 na ?2010-?09-?13 było
nieoczekiwane.

Error - 2010-09-16 13:42:22 | Computer Name = Robert-Komputer | Source = EventLog | ID = 6008
Description = Poprzednie zamknięcie systemu przy 19:40:24 na ?2010-?09-?16 było
nieoczekiwane.

Error - 2010-09-16 14:54:03 | Computer Name = Robert-Komputer | Source = EventLog | ID = 6008
Description = Poprzednie zamknięcie systemu przy 20:51:18 na ?2010-?09-?16 było
nieoczekiwane.

Error - 2010-09-16 16:48:35 | Computer Name = Robert-Komputer | Source = EventLog | ID = 6008
Description = Poprzednie zamknięcie systemu przy 22:46:56 na ?2010-?09-?16 było
nieoczekiwane.

Error - 2010-09-16 17:23:11 | Computer Name = Robert-Komputer | Source = EventLog | ID = 6008
Description = Poprzednie zamknięcie systemu przy 23:21:30 na ?2010-?09-?16 było
nieoczekiwane.

Error - 2010-09-16 18:34:11 | Computer Name = Robert-Komputer | Source = EventLog | ID = 6008
Description = Poprzednie zamknięcie systemu przy 00:32:06 na ?2010-?09-?17 było
nieoczekiwane.

Error - 2010-09-16 18:52:04 | Computer Name = Robert-Komputer | Source = Service Control Manager | ID = 7030
Description = Usługa Lavasoft Ad-Aware Service jest oznaczona jako usługa interakcyjna.
System jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne,
dlatego ta usługa może nie działać właściwie.

Error - 2010-09-17 13:11:12 | Computer Name = Robert-Komputer | Source = Service Control Manager | ID = 7031
Description = Usługa Lavasoft Ad-Aware Service niespodziewanie zakończyła pracę.
Wystąpiło to razy: 1. W przeciągu 5000 milisekund zostanie podjęta następująca
czynność korekcyjna: Uruchom usługę ponownie.

Error - 2010-09-17 14:20:56 | Computer Name = Robert-Komputer | Source = EventLog | ID = 6008
Description = Poprzednie zamknięcie systemu przy 20:19:16 na ?2010-?09-?17 było
nieoczekiwane.


< End of report >
[/log]

otl
[log]OTL logfile created on: 2010-09-17 21:43:34 - Run 1
OTL by OldTimer - Version 3.2.12.1 Folder = C:\Users\Robert\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 40,00% Memory free
4,00 Gb Paging File | 2,00 Gb Available in Paging File | 55,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 65,66 Gb Total Space | 21,41 Gb Free Space | 32,60% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive M: | 100,00 Gb Total Space | 55,34 Gb Free Space | 55,34% Space Free | Partition Type: NTFS
Drive N: | 300,00 Gb Total Space | 215,09 Gb Free Space | 71,70% Space Free | Partition Type: NTFS

Computer Name: ROBERT-KOMPUTER
Current User Name: Robert
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2010-09-17 21:29:14 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Robert\Desktop\OTL.exe
PRC - [2010-09-17 00:54:43 | 000,864,624 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2010-09-17 00:54:42 | 001,355,928 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2010-09-09 04:00:26 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2010-09-09 04:00:25 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2009-10-22 03:49:18 | 000,136,544 | ---- | M] () -- C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
PRC - [2009-01-17 16:48:08 | 005,853,672 | ---- | M] (o2.pl Sp. z o.o.) -- C:\Program Files (x86)\Tlen.pl\tlen.exe
PRC - [2007-04-13 08:49:00 | 000,101,528 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2010-09-17 21:29:14 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Robert\Desktop\OTL.exe
MOD - [2009-07-14 03:16:20 | 002,311,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wpdshext.dll
MOD - [2009-07-14 03:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll
MOD - [2009-07-14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009-07-14 03:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll
MOD - [2009-07-14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
MOD - [2009-07-14 03:03:50 | 001,624,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\GdiPlus.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2010-03-25 23:48:42 | 000,017,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV:[b]64bit:[/b] - [2009-12-22 04:31:04 | 000,117,584 | ---- | M] (Devguru Co., Ltd.) [Auto | Running] -- C:\Windows\SysNative\dgdersvc.exe -- (dgdersvc)
SRV:[b]64bit:[/b] - [2009-11-04 17:45:14 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010-09-17 00:54:42 | 001,355,928 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010-08-29 02:32:13 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010-08-25 18:38:06 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009-12-23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Stopped] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009-12-22 04:31:02 | 000,095,568 | ---- | M] (Devguru Co., Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\dgdersvc.exe -- (dgdersvc)
SRV - [2009-10-22 03:49:18 | 000,136,544 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe -- (AODService)
SRV - [2008-11-11 09:38:06 | 000,620,544 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008-10-25 11:44:08 | 000,065,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2007-04-13 08:49:00 | 000,101,528 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE -- (IJPLMSVC)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2010-08-25 18:10:24 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:[b]64bit:[/b] - [2010-08-12 14:15:20 | 000,069,152 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Lbd.sys -- (Lbd)
DRV:[b]64bit:[/b] - [2010-07-09 13:19:02 | 000,021,480 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz134_x64.sys -- (cpuz134)
DRV:[b]64bit:[/b] - [2010-06-30 21:23:16 | 000,061,952 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MijXfilt.sys -- (MotioninJoyXFilter)
DRV:[b]64bit:[/b] - [2009-12-22 04:31:26 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk)
DRV:[b]64bit:[/b] - [2009-12-22 04:31:04 | 000,020,568 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dgderdrv.sys -- (dgderdrv)
DRV:[b]64bit:[/b] - [2009-11-24 15:29:16 | 000,074,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:[b]64bit:[/b] - [2009-11-04 18:17:30 | 006,088,192 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:[b]64bit:[/b] - [2009-09-30 04:34:32 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:[b]64bit:[/b] - [2009-09-19 07:30:14 | 000,161,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV:[b]64bit:[/b] - [2009-09-19 07:30:14 | 000,128,000 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bserd.sys -- (ss_bserd)
DRV:[b]64bit:[/b] - [2009-09-19 07:30:14 | 000,127,488 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV:[b]64bit:[/b] - [2009-09-19 07:30:14 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV:[b]64bit:[/b] - [2009-09-17 13:04:18 | 001,250,816 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:[b]64bit:[/b] - [2009-07-27 09:04:38 | 000,058,880 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-06-10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009-05-05 04:00:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:[b]64bit:[/b] - [2008-11-04 13:12:08 | 000,023,096 | ---- | M] (Samsung Electronics, Inc. ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MTiCtwl.sys -- (MagicTune)
DRV:[b]64bit:[/b] - [2008-08-28 11:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV - [2010-08-12 14:15:22 | 000,016,928 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys -- (Lavasoft Kernexplorer)
DRV - [2009-12-22 04:31:26 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk)
DRV - [2009-12-22 04:31:02 | 000,018,136 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2009-10-22 03:49:14 | 000,021,048 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver.sys -- (AODDriver)
DRV - [2009-03-05 06:55:20 | 000,033,080 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\OverclockingCenter\RushJ64.sys -- (RushTopDevice_J)
DRV - [2008-12-27 04:21:10 | 000,044,344 | ---- | M] (MICRO-STAR INT'L CO., LTD.) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\OverclockingCenter\NTGLM7X64.sys -- (DualCoreCenter)
DRV - [2008-12-19 04:17:36 | 000,075,576 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\OverclockingCenter\RushTop64.sys -- (RushTopDevice2)
DRV - [2006-08-28 17:12:04 | 000,013,312 | ---- | M] () [Kernel | System | Running] -- C:\Windows\system32\drivers\MTictwl.sys -- (NCPro)
DRV - [2006-08-28 17:12:04 | 000,013,312 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\MTictwl.sys -- (MagicTune)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010-09-09 04:00:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010-09-09 04:00:26 | 000,000,000 | ---D | M]

[2010-08-25 00:34:19 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\mozilla\Extensions
[2010-09-17 21:09:58 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\mozilla\Firefox\Profiles\7pcj8uok.default\extensions
[2010-08-25 00:34:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2010-07-23 02:41:44 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2010-07-23 02:41:44 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2010-07-23 02:41:44 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2010-07-23 02:41:44 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2010-07-23 02:41:44 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2010-07-23 02:41:44 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2010-08-25 19:39:54 | 000,000,988 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 serial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 www.alcohol-soft.com
O1 - Hosts: 127.0.0.1 images.alcohol-soft.com
O1 - Hosts: 127.0.0.1 trial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 alcohol-soft.com
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Foxit Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Foxit Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (Foxit Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:[b]64bit:[/b] - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:[b]64bit:[/b] - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:[b]64bit:[/b] - HKLM..\Run: [MagicTuneEngine] C:\Program Files (x86)\MagicTune Premium\MagicTuneLauncher.exe ()
O4:[b]64bit:[/b] - HKLM..\Run: [MSSE] C:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [DelReg] C:\Program Files (x86)\MSI\OverclockingCenter\DelReg.exe ()
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [MagicRotation] C:\Program Files (x86)\MagicRotation\MagicPvt.exe (Samsung Electronics, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)
O4 - HKCU..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\/\KiesTrayAgent.exe ()
O4 - HKCU..\Run: [Komunikator] C:\Program Files (x86)\Tlen.pl\tlen.exe (o2.pl Sp. z o.o.)
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\SysWow64\StikyNot.exe File not found
O4 - Startup: C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StikyNot.exe — skrót.lnk = C:\Windows\SysWow64\StikyNot.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: mks.com.pl ([www] https in Zaufane witryny)
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.21.99.95 192.168.1.1
O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - File not found
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 90 Days ==========[/color]

[2010-09-17 21:29:11 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Robert\Desktop\OTL.exe
[2010-09-17 20:14:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Antimalware
[2010-09-17 20:14:33 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Essentials
[2010-09-17 00:54:47 | 000,069,152 | ---- | C] (Lavasoft AB) -- C:\Windows\SysNative\drivers\Lbd.sys
[2010-09-17 00:52:11 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\Sunbelt Software
[2010-09-17 00:51:50 | 000,000,000 | -H-D | C] -- C:\ProgramData\{ECC164E0-3133-4C70-A831-F08DB2940F70}
[2010-09-17 00:51:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2010-09-17 00:51:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavasoft
[2010-09-17 00:49:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010-09-17 00:49:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2010-09-16 23:32:17 | 000,000,000 | ---D | C] -- C:\Program Files\SkanerOnline
[2010-09-14 06:08:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\K-Lite Codec Pack
[2010-09-12 03:19:46 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2010-09-12 03:17:23 | 000,000,000 | ---D | C] -- C:\Users\Robert\Desktop\MotioninJoy_050002_amd64
[2010-09-12 02:00:10 | 000,000,000 | ---D | C] -- C:\Users\Robert\Desktop\magisterka10.09.10 praca
[2010-09-11 22:00:07 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\BESTplayer
[2010-09-11 21:59:34 | 001,093,632 | ---- | C] (Karol Winnicki) -- C:\Users\Robert\Desktop\BESTplayer.exe
[2010-09-10 18:04:27 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2010-09-10 18:04:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2010-09-10 18:03:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
[2010-09-09 19:16:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2010-09-06 18:10:27 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010-09-05 20:30:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group
[2010-09-05 20:11:53 | 000,000,000 | ---D | C] -- C:\Users\Robert\Desktop\God Mode.{ED7BA470-8E54-465E-825C-99712043E01C}
[2010-09-05 19:13:08 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\ClipboardManager
[2010-09-05 14:38:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ALLConventer Samsung Monte
[2010-09-04 12:15:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDFCreator
[2010-09-03 20:08:49 | 000,000,000 | ---D | C] -- C:\Users\Robert\Documents\My Videos
[2010-09-03 20:07:41 | 000,000,000 | ---D | C] -- C:\Users\Robert\Documents\SelfMV
[2010-09-03 19:58:59 | 000,000,000 | ---D | C] -- C:\Users\Robert\Documents\Samsung
[2010-09-03 19:58:58 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Suite
[2010-09-03 19:58:57 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\PC Suite
[2010-09-03 19:56:10 | 000,161,280 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\ss_bmdm.sys
[2010-09-03 19:56:10 | 000,128,000 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\ss_bserd.sys
[2010-09-03 19:56:10 | 000,127,488 | ---- | C] (MCCI) -- C:\Windows\SysNative\drivers\ss_bbus.sys
[2010-09-03 19:56:10 | 000,018,944 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\ss_bmdfl.sys
[2010-09-03 19:56:10 | 000,015,872 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\ss_bwhnt.sys
[2010-09-03 19:56:10 | 000,015,872 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\ss_bwh.sys
[2010-09-03 19:56:10 | 000,015,360 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\ss_bcmnt.sys
[2010-09-03 19:56:10 | 000,015,360 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\ss_bcm.sys
[2010-09-03 19:55:53 | 000,000,000 | ---D | C] -- C:\Program Files\SAMSUNG
[2010-09-03 19:55:45 | 000,025,600 | ---- | C] (Nokia) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys
[2010-09-03 19:55:45 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2010-09-03 19:55:42 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2010-09-03 19:55:20 | 000,020,480 | ---- | C] (Teruten Inc) -- C:\Windows\SysWow64\FsExService64.Exe
[2010-09-03 19:55:20 | 000,016,448 | ---- | C] (Teruten Inc) -- C:\Windows\SysWow64\drivers\TFsExDisk.Sys
[2010-09-03 19:55:20 | 000,016,448 | ---- | C] (Teruten Inc) -- C:\Windows\SysNative\drivers\TFsExDisk.sys
[2010-09-03 19:53:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Connectivity Solution
[2010-09-03 19:51:20 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Samsung
[2010-09-03 19:50:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MarkAny
[2010-09-03 19:50:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung
[2010-09-03 19:50:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Samsung
[2010-09-03 19:50:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Samsung
[2010-09-01 00:28:42 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Microsoft Games
[2010-09-01 00:09:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Microsoft Games
[2010-08-31 23:47:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games
[2010-08-31 19:42:07 | 000,000,000 | ---D | C] -- C:\Users\Robert\Documents\Alcohol 120%
[2010-08-31 16:56:42 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\Easy CD-DA Extractor
[2010-08-31 16:56:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Easy CD-DA Extractor
[2010-08-31 16:56:37 | 000,000,000 | ---D | C] -- C:\Windows\Easy CD-DA Extractor 12
[2010-08-31 16:56:37 | 000,000,000 | ---D | C] -- C:\Program Files\Easy CD-DA Extractor 12
[2010-08-29 12:09:57 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\ElevatedDiagnostics
[2010-08-29 02:31:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2010-08-29 02:31:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2010-08-29 02:24:50 | 000,000,000 | ---D | C] -- C:\Half-Life 2
[2010-08-29 02:12:26 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2010-08-28 23:22:39 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\Last.fm
[2010-08-28 10:41:15 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Canon
[2010-08-28 10:39:58 | 000,000,000 | ---D | C] -- C:\Users\Robert\Desktop\magisterka
[2010-08-28 09:33:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CDisplay
[2010-08-28 02:36:31 | 000,061,952 | ---- | C] (MotioninJoy) -- C:\Windows\SysNative\drivers\MijXfilt.sys
[2010-08-28 02:36:31 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\MotioninJoy
[2010-08-28 02:36:31 | 000,000,000 | ---D | C] -- C:\Program Files\MotioninJoy
[2010-08-28 02:16:05 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\Apps
[2010-08-27 22:08:03 | 000,000,000 | ---D | C] -- C:\Users\Robert\Documents\My Games
[2010-08-27 22:03:55 | 000,098,304 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt.dll
[2010-08-27 22:02:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Prey
[2010-08-26 01:48:06 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Bentley
[2010-08-26 01:48:06 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\Bentley
[2010-08-26 01:47:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Bentley Shared
[2010-08-26 01:47:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Bentley
[2010-08-26 01:47:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bentley
[2010-08-26 00:57:25 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2010-08-26 00:15:25 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\Mathsoft
[2010-08-26 00:09:59 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Ahead
[2010-08-26 00:09:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2010-08-26 00:09:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nero
[2010-08-26 00:09:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Ahead
[2010-08-25 21:40:55 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJPLM
[2010-08-25 21:37:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CANON
[2010-08-25 21:36:53 | 000,000,000 | ---D | C] -- C:\Program Files\Canon
[2010-08-25 21:35:28 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2010-08-25 21:35:25 | 000,000,000 | -H-D | C] -- C:\Windows\SysNative\CanonIJ Uninstaller Information
[2010-08-25 21:34:59 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
[2010-08-25 21:34:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Canon
[2010-08-25 20:41:43 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Media Player Classic
[2010-08-25 20:40:07 | 000,000,000 | ---D | C] -- C:\Users\Robert\Desktop\robert 2
[2010-08-25 20:38:26 | 000,000,000 | ---D | C] -- C:\Users\Robert\Desktop\Robert PRACA MGR
[2010-08-25 20:24:15 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2010-08-25 20:20:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI
[2010-08-25 20:17:35 | 000,000,000 | ---D | C] -- C:\ATI
[2010-08-25 19:46:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2010-08-25 19:46:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
[2010-08-25 19:46:04 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010-08-25 19:46:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2010-08-25 19:37:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Alcohol Soft
[2010-08-25 18:43:49 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet
[2010-08-25 18:42:45 | 000,000,000 | ---D | C] -- C:\Users\Robert\Documents\Autodesk
[2010-08-25 18:38:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Macrovision Shared
[2010-08-25 18:31:27 | 000,000,000 | ---D | C] -- C:\Civil 3D Projects
[2010-08-25 18:31:27 | 000,000,000 | ---D | C] -- C:\Civil 3D Project Templates
[2010-08-25 18:31:27 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Autodesk
[2010-08-25 18:31:27 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\Autodesk
[2010-08-25 18:30:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AutoCAD Civil 3D 2010
[2010-08-25 18:30:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Autodesk
[2010-08-25 18:29:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2010-08-25 18:29:13 | 000,000,000 | ---D | C] -- C:\Users\Robert\Documents\Microsoft Visual Basic 2005 Power Packs
[2010-08-25 18:29:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Basic 2005 Power Packs
[2010-08-25 18:29:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SDKs
[2010-08-25 18:28:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Designer
[2010-08-25 18:27:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Autodesk Shared
[2010-08-25 18:27:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Autodesk
[2010-08-25 17:23:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD
[2010-08-25 17:22:54 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\Downloaded Installations
[2010-08-25 17:22:21 | 000,421,888 | ---- | C] (NVIDIA) -- C:\Windows\nvsulib.dll
[2010-08-25 17:22:21 | 000,018,216 | ---- | C] (NVidia Corp.) -- C:\Windows\nvoclk64.sys
[2010-08-25 17:22:21 | 000,006,912 | ---- | C] (NVidia Corp.) -- C:\Windows\nvoclock.sys
[2010-08-25 17:22:20 | 001,622,016 | ---- | C] (NVIDIA) -- C:\Windows\NVBenchMarks.dll
[2010-08-25 17:22:20 | 000,380,928 | ---- | C] (NVIDIA) -- C:\Windows\ntuneoem.dll
[2010-08-25 17:22:20 | 000,045,056 | ---- | C] (NVIDIA) -- C:\Windows\NTuneGpu.dll
[2010-08-25 17:22:20 | 000,028,672 | ---- | C] (NVIDIA) -- C:\Windows\AutoTuneScript.dll
[2010-08-25 17:22:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSI
[2010-08-25 17:10:35 | 000,242,176 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\Dts2APO.dll
[2010-08-25 17:10:35 | 000,193,024 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\ViaMicArrayAPO.dll
[2010-08-25 17:10:35 | 000,086,016 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\SysNative\nQPropPageExt.dll
[2010-08-25 17:10:35 | 000,082,432 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\SysNative\nQAPO.dll
[2010-08-25 17:10:35 | 000,076,288 | ---- | C] (VIA Technologies,Inc.) -- C:\Windows\SysNative\ViaMicArrayPropPageExt.dll
[2010-08-25 17:10:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VIA
[2010-08-25 17:09:41 | 000,058,880 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\L1C62x64.sys
[2010-08-25 17:09:23 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Atheros_L1e
[2010-08-25 17:04:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2010-08-25 17:04:36 | 000,121,872 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\drivers\AtiHdmi.sys
[2010-08-25 16:41:51 | 000,000,000 | ---D | C] -- C:\Users\Robert\Desktop\skróty
[2010-08-25 16:28:55 | 000,021,480 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\cpuz134_x64.sys
[2010-08-25 16:28:55 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID
[2010-08-25 06:55:11 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2010-08-25 06:55:11 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2010-08-25 04:02:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2010-08-25 03:41:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2010-08-25 03:41:19 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010-08-25 01:46:46 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Sony Corporation
[2010-08-25 01:27:38 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Mathsoft
[2010-08-25 01:26:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mathcad
[2010-08-25 01:21:04 | 000,827,392 | R--- | C] (Macromedia, Inc.) -- C:\Windows\SysWow64\Flash.ocx
[2010-08-25 01:21:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SEC
[2010-08-25 01:19:33 | 000,143,872 | ---- | C] (Samsung Electronics, Inc.) -- C:\Windows\SysNative\mpvthook.dll
[2010-08-25 01:19:33 | 000,143,872 | ---- | C] (Samsung Electronics, Inc.) -- C:\Windows\mpvthook.dll
[2010-08-25 01:19:33 | 000,014,848 | ---- | C] (Samsung Electronics, Inc.) -- C:\Windows\SysNative\drivers\magicpvt.sys
[2010-08-25 01:19:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MagicRotation
[2010-08-25 01:19:14 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield
[2010-08-25 01:18:11 | 000,023,096 | ---- | C] (Samsung Electronics, Inc. ) -- C:\Windows\SysNative\drivers\MTiCtwl.sys
[2010-08-25 01:17:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MagicTune Premium
[2010-08-25 01:17:41 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\InstallShield
[2010-08-25 00:40:27 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Macromedia
[2010-08-25 00:40:26 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Adobe
[2010-08-25 00:38:56 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2010-08-25 00:34:14 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Mozilla
[2010-08-25 00:34:14 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\Mozilla
[2010-08-25 00:34:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2010-08-25 00:31:41 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\AskToolbar
[2010-08-25 00:31:26 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\BitComet
[2010-08-25 00:31:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BitComet
[2010-08-25 00:29:17 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\WinRAR
[2010-08-25 00:28:54 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010-08-25 00:27:24 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Tlen.pl
[2010-08-25 00:27:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Tlen.pl
[2010-08-25 00:27:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tlen.pl
[2010-08-25 00:26:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NAPI-PROJEKT
[2010-08-25 00:26:02 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\IrfanView
[2010-08-25 00:26:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IrfanView
[2010-08-25 00:25:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com
[2010-08-25 00:25:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Software
[2010-08-25 00:24:35 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\foobar2000
[2010-08-25 00:24:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\foobar2000
[2010-08-25 00:14:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2010-08-25 00:14:25 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010-08-24 23:21:01 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010-08-24 23:20:39 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\Microsoft Help
[2010-08-24 23:20:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2010-08-24 23:07:37 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2010-08-24 23:07:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony
[2010-08-24 23:05:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2010-08-24 22:59:51 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\Ahead
[2010-08-24 22:58:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Ahead
[2010-08-24 19:12:49 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\Diagnostics
[2010-08-24 19:01:55 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\Microsoft Games
[2010-08-24 18:58:09 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\ATI
[2010-08-24 18:58:09 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\ATI
[2010-08-24 18:56:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2010-08-24 18:56:39 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010-08-24 18:56:19 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2010-08-24 18:56:16 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2010-08-24 17:39:39 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Foxit Software
[2010-08-24 01:37:37 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010-08-24 01:37:24 | 000,000,000 | -HSD | C] -- C:\Boot
[2010-08-24 00:46:07 | 000,000,000 | R--D | C] -- C:\Users\Robert\Searches
[2010-08-24 00:45:56 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Identities
[2010-08-24 00:45:54 | 000,000,000 | R--D | C] -- C:\Users\Robert\Contacts
[2010-08-24 00:45:53 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\VirtualStore
[2010-08-24 00:45:45 | 000,000,000 | --SD | C] -- C:\Users\Robert\AppData\Roaming\Microsoft
[2010-08-24 00:45:45 | 000,000,000 | R--D | C] -- C:\Users\Robert\Videos
[2010-08-24 00:45:45 | 000,000,000 | R--D | C] -- C:\Users\Robert\Saved Games
[2010-08-24 00:45:45 | 000,000,000 | R--D | C] -- C:\Users\Robert\Pictures
[2010-08-24 00:45:45 | 000,000,000 | R--D | C] -- C:\Users\Robert\Music
[2010-08-24 00:45:45 | 000,000,000 | R--D | C] -- C:\Users\Robert\Links
[2010-08-24 00:45:45 | 000,000,000 | R--D | C] -- C:\Users\Robert\Favorites
[2010-08-24 00:45:45 | 000,000,000 | R--D | C] -- C:\Users\Robert\Downloads
[2010-08-24 00:45:45 | 000,000,000 | R--D | C] -- C:\Users\Robert\Documents
[2010-08-24 00:45:45 | 000,000,000 | R--D | C] -- C:\Users\Robert\Desktop
[2010-08-24 00:45:45 | 000,000,000 | -HSD | C] -- C:\Users\Robert\Ustawienia lokalne
[2010-08-24 00:45:45 | 000,000,000 | -HSD | C] -- C:\Users\Robert\AppData\Local\Temporary Internet Files
[2010-08-24 00:45:45 | 000,000,000 | -HSD | C] -- C:\Users\Robert\Szablony
[2010-08-24 00:45:45 | 000,000,000 | -HSD | C] -- C:\Users\Robert\SendTo
[2010-08-24 00:45:45 | 000,000,000 | -HSD | C] -- C:\Users\Robert\Recent
[2010-08-24 00:45:45 | 000,000,000 | -HSD | C] -- C:\Users\Robert\PrintHood
[2010-08-24 00:45:45 | 000,000,000 | -HSD | C] -- C:\Users\Robert\NetHood
[2010-08-24 00:45:45 | 000,000,000 | -HSD | C] -- C:\Users\Robert\Documents\Moje wideo
[2010-08-24 00:45:45 | 000,000,000 | -HSD | C] -- C:\Users\Robert\Documents\Moje obrazy
[2010-08-24 00:45:45 | 000,000,000 | -HSD | C] -- C:\Users\Robert\Moje dokumenty
[2010-08-24 00:45:45 | 000,000,000 | -HSD | C] -- C:\Users\Robert\Documents\Moja muzyka
[2010-08-24 00:45:45 | 000,000,000 | -HSD | C] -- C:\Users\Robert\Menu Start
[2010-08-24 00:45:45 | 000,000,000 | -HSD | C] -- C:\Users\Robert\AppData\Local\Historia
[2010-08-24 00:45:45 | 000,000,000 | -HSD | C] -- C:\Users\Robert\Dane aplikacji
[2010-08-24 00:45:45 | 000,000,000 | -HSD | C] -- C:\Users\Robert\AppData\Local\Dane aplikacji
[2010-08-24 00:45:45 | 000,000,000 | -HSD | C] -- C:\Users\Robert\Cookies
[2010-08-24 00:45:45 | 000,000,000 | -H-D | C] -- C:\Users\Robert\AppData
[2010-08-24 00:45:45 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\Temp
[2010-08-24 00:45:45 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\Microsoft
[2010-08-24 00:45:45 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Media Center Programs
[2010-08-24 00:45:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\Ulubione
[2010-08-24 00:45:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\Szablony
[2010-08-24 00:45:33 | 000,000,000 | -HSD | C] -- C:\Recovery
[2010-08-24 00:45:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\Pulpit
[2010-08-24 00:45:33 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje wideo
[2010-08-24 00:45:33 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje obrazy
[2010-08-24 00:45:33 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moja muzyka
[2010-08-24 00:45:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Start
[2010-08-24 00:45:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty
[2010-08-24 00:45:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dane aplikacji
[2010-08-24 00:40:54 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010-08-24 00:38:26 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2010-08-24 00:38:08 | 000,000,000 | -HSD | C] -- C:\System Volume Information

[color=#E56717]========== Files - Modified Within 90 Days ==========[/color]

[2010-09-17 21:43:52 | 002,621,440 | -HS- | M] () -- C:\Users\Robert\NTUSER.DAT
[2010-09-17 21:29:14 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Robert\Desktop\OTL.exe
[2010-09-17 21:18:55 | 082,168,735 | ---- | M] () -- C:\Users\Robert\Desktop\tgs_gt5_2.wmv
[2010-09-17 20:49:22 | 000,015,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010-09-17 20:49:22 | 000,015,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010-09-17 20:42:59 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010-09-17 20:42:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010-09-17 20:42:52 | 1609,965,568 | -HS- | M] () -- C:\hiberfil.sys
[2010-09-17 20:42:14 | 004,809,982 | -H-- | M] () -- C:\Users\Robert\AppData\Local\IconCache.db
[2010-09-17 20:14:33 | 000,001,047 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2010-09-17 00:51:48 | 000,001,148 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2010-09-17 00:49:08 | 000,001,268 | ---- | M] () -- C:\Users\Robert\Desktop\Spybot - Search & Destroy.lnk
[2010-09-16 20:30:58 | 036,217,292 | ---- | M] () -- C:\Users\Robert\Desktop\t_thelastguardian_tgs10_trailer_hd.wmv
[2010-09-16 18:33:37 | 000,001,266 | ---- | M] () -- C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StikyNot.exe — skrót.lnk
[2010-09-15 17:56:39 | 001,523,412 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010-09-15 17:56:39 | 000,687,590 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2010-09-15 17:56:39 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010-09-15 17:56:39 | 000,131,176 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2010-09-15 17:56:39 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010-09-14 06:05:17 | 000,006,144 | ---- | M] () -- C:\Users\Robert\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-09-11 21:59:35 | 001,093,632 | ---- | M] (Karol Winnicki) -- C:\Users\Robert\Desktop\BESTplayer.exe
[2010-09-08 16:13:52 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2010-09-07 00:06:33 | 000,000,595 | ---- | M] () -- C:\Users\Robert\Documents\ax_files.xml
[2010-09-05 02:42:11 | 000,007,605 | ---- | M] () -- C:\Users\Robert\AppData\Local\Resmon.ResmonCfg
[2010-09-03 19:50:28 | 000,002,006 | ---- | M] () -- C:\aqua_bitmap.cpp
[2010-09-01 00:12:22 | 000,001,888 | ---- | M] () -- C:\Users\Robert\Desktop\Gears of War.lnk
[2010-08-31 16:56:39 | 000,001,810 | ---- | M] () -- C:\Users\Public\Desktop\Easy CD-DA Extractor.lnk
[2010-08-30 18:46:27 | 000,000,764 | ---- | M] () -- C:\Users\Robert\Desktop\Prey.lnk
[2010-08-30 18:45:50 | 000,000,570 | ---- | M] () -- C:\Users\Robert\Desktop\DeSmuME.lnk
[2010-08-30 18:45:33 | 000,000,749 | ---- | M] () -- C:\Users\Robert\Desktop\Dolphin.lnk
[2010-08-30 18:45:08 | 000,001,321 | ---- | M] () -- C:\Users\Robert\Desktop\Portal.lnk
[2010-08-30 18:44:36 | 000,000,941 | ---- | M] () -- C:\Users\Robert\Desktop\Steam.lnk
[2010-08-30 18:03:12 | 000,000,021 | ---- | M] () -- C:\Users\Robert\AppData\Roaming\.dolphinx64wd
[2010-08-28 23:35:18 | 000,000,703 | ---- | M] () -- C:\Users\Robert\Desktop\Downoloads.lnk
[2010-08-28 02:38:12 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf
[2010-08-28 02:38:12 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_MijXfilt_01009.Wdf
[2010-08-28 01:50:25 | 000,001,484 | ---- | M] () -- C:\Users\Robert\Desktop\foobar2000.lnk
[2010-08-28 01:45:55 | 000,000,652 | ---- | M] () -- C:\Users\Robert\Desktop\Filmy.lnk
[2010-08-27 22:03:55 | 000,098,304 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt.dll
[2010-08-27 20:14:03 | 000,001,468 | ---- | M] () -- C:\Users\Robert\Desktop\napisy.lnk
[2010-08-26 15:59:57 | 000,501,424 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010-08-26 01:57:14 | 000,001,233 | ---- | M] () -- C:\Users\Robert\Desktop\Pobrane.lnk
[2010-08-26 01:47:28 | 000,001,234 | ---- | M] () -- C:\Users\Robert\Desktop\MicroStation.lnk
[2010-08-26 00:14:10 | 000,140,464 | ---- | M] () -- C:\Users\Robert\AppData\Local\GDIPFONTCACHEV1.DAT
[2010-08-25 22:06:16 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010-08-25 20:31:52 | 000,001,554 | ---- | M] () -- C:\Users\Robert\Desktop\MILANINA.lnk
[2010-08-25 19:53:45 | 000,000,387 | ---- | M] () -- C:\Windows\win.ini
[2010-08-25 18:38:15 | 000,002,245 | ---- | M] () -- C:\Users\Public\Desktop\AutoCAD Civil 3D 2010.lnk
[2010-08-25 18:37:01 | 000,002,649 | ---- | M] () -- C:\Users\Robert\Desktop\AutoCAD 2010.lnk
[2010-08-25 18:10:24 | 000,834,544 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys
[2010-08-25 17:31:54 | 000,000,673 | ---- | M] () -- C:\Users\Robert\Desktop\Muzyka.lnk
[2010-08-25 16:16:15 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010-08-25 01:45:46 | 000,002,404 | ---- | M] () -- C:\Users\Robert\Documents\SEC Natural color pro. August 25 2010 - 01 45 AM.icm
[2010-08-25 01:19:33 | 000,000,108 | ---- | M] () -- C:\Windows\SysNative\driver.dat
[2010-08-25 00:34:12 | 000,001,943 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010-08-24 23:07:38 | 000,001,000 | ---- | M] () -- C:\Users\Robert\Desktop\Cyber-shot Viewer.lnk
[2010-08-24 19:06:59 | 000,524,288 | -HS- | M] () -- C:\Users\Robert\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010-08-24 19:06:59 | 000,524,288 | -HS- | M] () -- C:\Users\Robert\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010-08-24 19:06:59 | 000,065,536 | -HS- | M] () -- C:\Users\Robert\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010-08-24 01:37:25 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2010-08-24 00:45:45 | 000,000,020 | -HS- | M] () -- C:\Users\Robert\ntuser.ini
[2010-08-24 00:40:57 | 000,064,519 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2010-08-24 00:40:57 | 000,064,519 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2010-08-24 00:39:51 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2010-08-12 14:15:20 | 000,069,152 | ---- | M] (Lavasoft AB) -- C:\Windows\SysNative\drivers\Lbd.sys
[2010-08-12 14:15:20 | 000,015,880 | ---- | M] () -- C:\Windows\SysNative\lsdelete.exe
[2010-07-09 13:19:02 | 000,021,480 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\cpuz134_x64.sys
[2010-06-30 21:23:16 | 000,061,952 | ---- | M] (MotioninJoy) -- C:\Windows\SysNative\drivers\MijXfilt.sys

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-09-17 21:17:06 | 082,168,735 | ---- | C] () -- C:\Users\Robert\Desktop\tgs_gt5_2.wmv
[2010-09-17 20:14:33 | 000,001,047 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2010-09-17 17:53:11 | 000,015,880 | ---- | C] () -- C:\Windows\SysNative\lsdelete.exe
[2010-09-17 00:51:48 | 000,001,148 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2010-09-17 00:49:08 | 000,001,268 | ---- | C] () -- C:\Users\Robert\Desktop\Spybot - Search & Destroy.lnk
[2010-09-16 20:28:48 | 036,217,292 | ---- | C] () -- C:\Users\Robert\Desktop\t_thelastguardian_tgs10_trailer_hd.wmv
[2010-09-16 18:33:37 | 000,001,266 | ---- | C] () -- C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StikyNot.exe — skrót.lnk
[2010-09-14 06:08:51 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010-09-05 02:42:11 | 000,007,605 | ---- | C] () -- C:\Users\Robert\AppData\Local\Resmon.ResmonCfg
[2010-09-04 12:15:59 | 000,087,040 | ---- | C] () -- C:\Windows\SysNative\pdfcmnnt.dll
[2010-09-03 20:07:42 | 000,006,144 | ---- | C] () -- C:\Users\Robert\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-09-03 19:50:28 | 000,002,006 | ---- | C] () -- C:\aqua_bitmap.cpp
[2010-09-01 00:12:22 | 000,001,888 | ---- | C] () -- C:\Users\Robert\Desktop\Gears of War.lnk
[2010-08-31 16:56:39 | 000,001,810 | ---- | C] () -- C:\Users\Public\Desktop\Easy CD-DA Extractor.lnk
[2010-08-30 18:46:27 | 000,000,764 | ---- | C] () -- C:\Users\Robert\Desktop\Prey.lnk
[2010-08-30 18:45:50 | 000,000,570 | ---- | C] () -- C:\Users\Robert\Desktop\DeSmuME.lnk
[2010-08-30 18:45:33 | 000,000,749 | ---- | C] () -- C:\Users\Robert\Desktop\Dolphin.lnk
[2010-08-30 18:45:08 | 000,001,321 | ---- | C] () -- C:\Users\Robert\Desktop\Portal.lnk
[2010-08-30 18:44:36 | 000,000,941 | ---- | C] () -- C:\Users\Robert\Desktop\Steam.lnk
[2010-08-30 18:03:12 | 000,000,021 | ---- | C] () -- C:\Users\Robert\AppData\Roaming\.dolphinx64wd
[2010-08-28 23:35:06 | 000,000,703 | ---- | C] () -- C:\Users\Robert\Desktop\Downoloads.lnk
[2010-08-28 10:41:39 | 000,000,000 | ---- | C] () -- C:\Users\Robert\Sti_Trace.log
[2010-08-28 02:38:12 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf
[2010-08-28 02:38:12 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_MijXfilt_01009.Wdf
[2010-08-28 01:50:25 | 000,001,484 | ---- | C] () -- C:\Users\Robert\Desktop\foobar2000.lnk
[2010-08-28 01:46:03 | 000,000,652 | ---- | C] () -- C:\Users\Robert\Desktop\Filmy.lnk
[2010-08-27 20:13:45 | 000,001,468 | ---- | C] () -- C:\Users\Robert\Desktop\napisy.lnk
[2010-08-26 01:57:14 | 000,001,233 | ---- | C] () -- C:\Users\Robert\Desktop\Pobrane.lnk
[2010-08-26 01:47:28 | 000,001,234 | ---- | C] () -- C:\Users\Robert\Desktop\MicroStation.lnk
[2010-08-25 22:06:16 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010-08-25 20:31:52 | 000,001,554 | ---- | C] () -- C:\Users\Robert\Desktop\MILANINA.lnk
[2010-08-25 19:39:58 | 000,000,595 | ---- | C] () -- C:\Users\Robert\Documents\ax_files.xml
[2010-08-25 18:38:15 | 000,002,245 | ---- | C] () -- C:\Users\Public\Desktop\AutoCAD Civil 3D 2010.lnk
[2010-08-25 18:37:01 | 000,002,649 | ---- | C] () -- C:\Users\Robert\Desktop\AutoCAD 2010.lnk
[2010-08-25 18:10:24 | 000,834,544 | ---- | C] () -- C:\Windows\SysNative\drivers\sptd.sys
[2010-08-25 17:31:42 | 000,000,673 | ---- | C] () -- C:\Users\Robert\Desktop\Muzyka.lnk
[2010-08-25 17:22:21 | 000,217,088 | ---- | C] () -- C:\Windows\NVGfxOgl.dll
[2010-08-25 16:16:15 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010-08-25 01:45:46 | 000,002,404 | ---- | C] () -- C:\Users\Robert\Documents\SEC Natural color pro. August 25 2010 - 01 45 AM.icm
[2010-08-25 01:21:05 | 000,013,312 | ---- | C] () -- C:\Windows\SysWow64\drivers\MTictwl.sys
[2010-08-25 01:19:33 | 000,000,108 | ---- | C] () -- C:\Windows\SysNative\driver.dat
[2010-08-25 01:19:33 | 000,000,008 | ---- | C] () -- C:\Windows\SysNative\magicpvt.dat
[2010-08-25 00:34:12 | 000,001,943 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010-08-25 00:14:49 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2010-08-24 23:07:38 | 000,001,000 | ---- | C] () -- C:\Users\Robert\Desktop\Cyber-shot Viewer.lnk
[2010-08-24 01:37:25 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2010-08-24 01:37:24 | 000,383,562 | RHS- | C] () -- C:\bootmgr
[2010-08-24 00:45:45 | 002,621,440 | -HS- | C] () -- C:\Users\Robert\NTUSER.DAT
[2010-08-24 00:45:45 | 000,524,288 | -HS- | C] () -- C:\Users\Robert\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010-08-24 00:45:45 | 000,524,288 | -HS- | C] () -- C:\Users\Robert\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010-08-24 00:45:45 | 000,262,144 | -HS- | C] () -- C:\Users\Robert\ntuser.dat.LOG1
[2010-08-24 00:45:45 | 000,065,536 | -HS- | C] () -- C:\Users\Robert\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010-08-24 00:45:45 | 000,000,020 | -HS- | C] () -- C:\Users\Robert\ntuser.ini
[2010-08-24 00:45:45 | 000,000,000 | -HS- | C] () -- C:\Users\Robert\ntuser.dat.LOG2
[2010-08-24 00:39:51 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010-08-24 00:38:08 | 1609,965,568 | -HS- | C] () -- C:\hiberfil.sys
[2010-04-02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009-11-09 04:08:10 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2009-11-09 04:08:10 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2009-11-09 04:08:10 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2009-11-09 04:08:10 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2009-07-14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009-07-13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[color=#E56717]========== LOP Check ==========[/color]

[2010-08-28 12:08:46 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\Autodesk
[2010-08-26 01:48:06 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\Bentley
[2010-09-11 22:05:47 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\BESTplayer
[2010-09-17 18:15:08 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\BitComet
[2010-08-28 10:41:39 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\Canon
[2010-09-17 20:11:26 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\foobar2000
[2010-08-24 17:39:39 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\Foxit Software
[2010-08-25 00:26:02 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\IrfanView
[2010-08-25 01:27:38 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\Mathsoft
[2010-08-28 02:36:31 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\MotioninJoy
[2010-09-03 19:58:57 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\PC Suite
[2010-09-03 19:51:20 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\Samsung
[2010-08-25 00:27:39 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\Tlen.pl
[2009-07-14 07:08:49 | 000,020,182 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]


< End of report >
[/log]

RSIT

info
[log]info.txt logfile of random's system information tool 1.08 2010-09-17 21:45:19

======Uninstall list======

-->C:\Program Files (x86)\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
-->C:\Windows\UNNeroVision.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{4E7DC12A-3597-4A94-9429-F6C6987361B1}\setup.exe" -l0x9 -removeonly
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{7DADB304-AF20-48C3-A780-4B4133A08817}\setup.exe" -l0x9 -removeonly
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{9C423CF6-2DAA-4A37-94B8-59D7ECC7DB13}\setup.exe" -l0x9 -removeonly
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{FA6CC4B4-7741-4F8D-8E81-15C4BAB9869B}\setup.exe" -l0x9 -removeonly
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0415-0000-0000000FF1CE} /uninstall {E9EA2604-8AC9-47D2-8F4B-6BF60787A357}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {E64BA721-2310-4B55-BE5A-2925F9706192}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0415-1000-0000000FF1CE} /uninstall {D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0044-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0415-0000-0000000FF1CE} /uninstall {D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-00BA-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D}
Ad-Aware-->"C:\ProgramData\{ECC164E0-3133-4C70-A831-F08DB2940F70}\Ad-AwareInstall.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->C:\ProgramData\{ECC164E0-3133-4C70-A831-F08DB2940F70}\Ad-AwareInstall.exe
Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10i_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10i_Plugin.exe -maintain plugin
Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0415-0000-0000000FF1CE} /uninstall {04E205D6-88B1-4652-B162-42DF2C3B1228}
Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0415-0000-0000000FF1CE} /uninstall {442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}
Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0415-0000-0000000FF1CE} /uninstall {128A36ED-21BE-4547-9FFE-5B85AEC735DD}
ALLConventer 1.1 + skin s5620-->C:\Program Files (x86)\ALLConventer Samsung Monte\Uninstal.exe
AMD OverDrive-->MsiExec.exe /X{EA18DE8E-B3E6-4D82-A086-9BE2316FA5A5}
Ask Toolbar-->MsiExec.exe /I{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\SETUP.EXE" -runfromtemp -l0x0015 -removeonly
ATI Catalyst Registration-->MsiExec.exe /X{72736F5F-520D-472A-88CC-7B02872FD34E}
AutoCAD Civil 3D 2010 - Polski-->C:\Program Files (x86)\AutoCAD Civil 3D 2010\Setup\Setup.exe /P {5783F2D7-8000-0415-0002-0060B0CE6BBA} /M ACAD /language pl-PL
AutoCAD Civil 3D 2010 - Polski-->C:\Program Files (x86)\AutoCAD Civil 3D 2010\Setup\Setup.exe /P {5783F2D7-8000-0415-0002-0060B0CE6BBA} /M C3D /language pl-PL
Autodesk Design Review 2010-->C:\Program Files (x86)\Autodesk\Autodesk Design Review\Setup\Setup.exe /P {55D9E026-DCB0-46FF-B60A-68B972228CF6} /M ADR
Bentley MicroStation PowerDraft XM Edition 08.09.04.51-->MsiExec.exe /I{EE01A751-1DB9-43F1-8747-F81E7477BFDA}
BitComet 1.22-->C:\Program Files (x86)\BitComet\uninst.exe
Canon MP Navigator EX 1.0-->"C:\Program Files (x86)\Canon\MP Navigator EX 1.0\Maint.exe" /UninstallRemove C:\Program Files (x86)\Canon\MP Navigator EX 1.0\uninst.ini
Canon Utilities Easy-PhotoPrint EX-->C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\uninst.exe uninst.ini
Canon Utilities Solution Menu-->C:\Program Files (x86)\Canon\SolutionMenu\uninst.exe uninst.ini
Catalyst Control Center - Branding-->MsiExec.exe /I{1FF713E1-FE5E-4AD0-9C8C-B2E877846B45}
CDisplay 1.8-->"C:\Program Files (x86)\CDisplay\unins000.exe"
Easy CD-DA Extractor 12-->"C:\Windows\Easy CD-DA Extractor 12\uninstall.exe" "/U:C:\Program Files\Easy CD-DA Extractor 12\irunin.xml"
foobar2000 v1.1-->"C:\Program Files (x86)\foobar2000\uninstall.exe" _?=C:\Program Files (x86)\foobar2000
Foxit Reader-->C:\Program Files (x86)\Foxit Software\Foxit Reader\Uninstall.exe
Gears of War-->C:\Program Files (x86)\InstallShield Installation Information\{1170D24F-42B7-40CF-AA1B-6395CE562354}\setup.exe -runfromtemp -l0x0409
HydraVision-->MsiExec.exe /X{C6B29F03-4D97-3B4E-D906-70958E6B1448}
IrfanView (remove only)-->C:\Program Files (x86)\IrfanView\iv_uninstall.exe
Kies-->"C:\Program Files (x86)\InstallShield Installation Information\{D6CD26FD-CD7F-4C86-96A3-EEBFABE5FE47}\setup.exe" -runfromtemp -l0x0415 -removeonly
Kies-->MsiExec.exe /X{D6CD26FD-CD7F-4C86-96A3-EEBFABE5FE47}
K-Lite Codec Pack 6.0.4 (Basic)-->"C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe"
MagicRotation-->C:\Program Files (x86)\InstallShield Installation Information\{31DBA23B-55DA-48F5-B5B4-A031B722F648}\setup.exe -runfromtemp -l0x0009 -removeonly
MagicTunePremium-->C:\Program Files (x86)\InstallShield Installation Information\{79E9C7C5-4FCC-4DFF-B79E-17319E9522F3}\setup.exe -runfromtemp -l0x0015 -removeonly
Mathcad 14 Help-->MsiExec.exe /I{205ACCD7-5342-4694-91F3-3A99E4FD5AA6}
Mathcad 14 Resource Center-->MsiExec.exe /I{EBD38AE9-D52D-448D-9DB4-4D5F66E1DAFC}
Mathcad 14-->MsiExec.exe /I{E666A69B-A76D-43D5-AF28-4B2150A6EDE2}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{8FB1B528-E260-451E-9B55-E9152F94B80B}
Microsoft Games for Windows - LIVE-->MsiExec.exe /X{F97E3841-CA9D-4964-9D64-26066241D26F}
Microsoft Office Access MUI (Polish) 2007-->MsiExec.exe /X{90120000-0015-0415-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Polish) 2007-->MsiExec.exe /X{90120000-0016-0415-0000-0000000FF1CE}
Microsoft Office Groove MUI (Polish) 2007-->MsiExec.exe /X{90120000-00BA-0415-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Polish) 2007-->MsiExec.exe /X{90120000-0044-0415-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Polish) 2007-->MsiExec.exe /X{90120000-00A1-0415-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Polish) 2007-->MsiExec.exe /X{90120000-001A-0415-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Polish) 2007-->MsiExec.exe /X{90120000-0018-0415-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Polish) 2007-->MsiExec.exe /X{90120000-001F-0415-0000-0000000FF1CE}
Microsoft Office Proofing (Polish) 2007-->MsiExec.exe /X{90120000-002C-0415-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Polish) 2007-->MsiExec.exe /X{90120000-0019-0415-0000-0000000FF1CE}
Microsoft Office Shared MUI (Polish) 2007-->MsiExec.exe /X{90120000-006E-0415-0000-0000000FF1CE}
Microsoft Office Word MUI (Polish) 2007-->MsiExec.exe /X{90120000-001B-0415-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual Basic Power Packs 3.0-->MsiExec.exe /I{7B4D193B-D76D-308B-8B12-5D9BB1CBCE6C}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Mozilla Firefox (3.6.9)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
NapiProjekt 1.0.6.9-->"C:\Program Files (x86)\NAPI-PROJEKT\unins000.exe"
Natural Color Pro-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{FC2C7405-BC58-4E11-8F51-29671BEAC06B}\setup.exe" -l0x9
Nero 7 Premium-->MsiExec.exe /X{CF097717-F174-4144-954A-FBC4BF301045}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
OverclockingCenter-->"C:\Program Files (x86)\MSI\OverclockingCenter\unins000.exe"
PC Connectivity Solution-->MsiExec.exe /I{34610DE0-3C13-42CA-8E32-01FFA38AB6E8}
PDFCreator-->C:\Program Files (x86)\PDFCreator\unins000.exe
PIXMA Extended Survey Program-->C:\Program Files (x86)\Canon\IJPLM\SETUP.EXE -R
Prey-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{A785BBA7-3FB9-4D81-BC35-4A2028915ACB}\setup.exe" -l0x9 -removeonly
Rejestracja użytkownika drukarki Canon MP220 series-->C:\Program Files (x86)\Canon\IJEREG\MP220 series\UNINST.EXE
Revo Uninstaller 1.89-->C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\uninst.exe
Security Update for 2007 Microsoft Office System (KB2277947)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5857EE21-03D0-482E-9620-5A30B314A2AE}
Security Update for 2007 Microsoft Office System (KB2288621)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5C497F0B-2061-4CC9-A61C-6B45B867354D}
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A}
Security Update for 2007 Microsoft Office System (KB982312)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B0EC5722-241F-4CDA-83B4-AA5846B6F9F4}
Security Update for 2007 Microsoft Office System (KB982331)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E8766951-2B6C-4022-86E8-80D2D1762B76}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5A4E43D5-858F-49BD-BA72-8F30E1793060}
Security Update for Microsoft Office Excel 2007 (KB982308)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C3F9A0DC-A5D1-4BB6-870E-2953E5A2487B}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
Security Update for Microsoft Office Outlook 2007 (KB2288953)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8B772E1C-7C05-42D2-839D-3EC2D39EFF22}
Security Update for Microsoft Office PowerPoint 2007 (KB982158)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F5B70033-E79C-4569-90BF-BC9B4E4F3F46}
Security Update for Microsoft Office Publisher 2007 (KB982124)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {289FA8BC-6A8E-4341-B194-EB26B49E9F5D}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Microsoft Office Word 2007 (KB2251419)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7E9103DA-253F-41FF-9E83-7C83806C77DA}
Skaner on-line mks_vir-->C:\Windows\system32\SkanerOnlineUninstall.exe
Sony Picture Utility-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{D5068583-D569-468B-9755-5FBF5848F46F}\setup.exe" -l0x9 /removeonly uninstall -removeonly
Spybot - Search & Destroy-->"C:\Program Files (x86)\Spybot - Search & Destroy\unins000.exe"
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Tlen.pl-->"C:\Program Files (x86)\Tlen.pl\uninstall.exe"
Update for 2007 Microsoft Office System (KB2284654)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {FB166E7C-8AA6-48C8-B726-1F25BEE7825A}
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft Office OneNote 2007 (KB980729)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {329050A9-EF80-40F9-B633-74508F54C1FF}
Update for Outlook 2007 Junk Email Filter (kb2291599)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {768A5B4B-2FDF-4F3D-981E-33C53724BBC8}
VIA Platforma Menedżera urządzeń-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\Windows\SysWOW64\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""

======Hosts File======

127.0.0.1 serial.alcohol-soft.com
127.0.0.1 www.alcohol-soft.com
127.0.0.1 images.alcohol-soft.com
127.0.0.1 trial.alcohol-soft.com
127.0.0.1 alcohol-soft.com

======System event log======

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Usługa Cryptographic Services weszła w stan stopped.
Record Number: 5
Source Name: Service Control Manager
Time Written: 20090714051424.262212-000
Event Type: Informacje
User:

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Usługa Windows Modules Installer weszła w stan stopped.
Record Number: 4
Source Name: Service Control Manager
Time Written: 20090714051424.168612-000
Event Type: Informacje
User:

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Usługa Software Protection weszła w stan stopped.
Record Number: 3
Source Name: Service Control Manager
Time Written: 20090714051424.059412-000
Event Type: Informacje
User:

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Usługa Windows Event Log weszła w stan stopped.
Record Number: 2
Source Name: Service Control Manager
Time Written: 20090714051424.012612-000
Event Type: Informacje
User:

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Usługa Volume Shadow Copy weszła w stan stopped.
Record Number: 1
Source Name: Service Control Manager
Time Written: 20090714051423.934612-000
Event Type: Informacje
User:

=====Application event log=====

Computer Name: 37L4247E29-32
Event Code: 900
Message: Usługa ochrony oprogramowania jest uruchamiana.

Record Number: 5
Source Name: Microsoft-Windows-Security-SPP
Time Written: 20100823224026.000000-000
Event Type: Informacje
User:

Computer Name: 37L4247E29-32
Event Code: 5617
Message: Windows Management Instrumentation Service subsystems initialized successfully
Record Number: 4
Source Name: Microsoft-Windows-WMI
Time Written: 20100823223851.000000-000
Event Type: Informacje
User:

Computer Name: 37L4247E29-32
Event Code: 5615
Message: Windows Management Instrumentation Service started sucessfully
Record Number: 3
Source Name: Microsoft-Windows-WMI
Time Written: 20100823223847.000000-000
Event Type: Informacje
User:

Computer Name: 37L4247E29-32
Event Code: 1531
Message: Usługa profilów użytkowników została uruchomiona pomyślnie.


Record Number: 2
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20100823223843.288893-000
Event Type: Informacje
User: ZARZĄDZANIE NT\SYSTEM

Computer Name: 37L4247E29-32
Event Code: 4625
Message: System podrzędny EventSystem pomija zduplikowane wpisy dziennika zdarzeń przez okres 86400 sekund. Limit czasu pomijania można kontrolować za pomocą wartości REG_DWORD o nazwie SuppressDuplicateDuration w następującym kluczu rejestru: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 1
Source Name: Microsoft-Windows-EventSystem
Time Written: 20100823223843.000000-000
Event Type: Informacje
User:

=====Security event log=====

Computer Name: 37L4247E29-32
Event Code: 4672
Message: Przypisano specjalne uprawnienia do nowego logowania.

Podmiot:
Identyfikator zabezpieczeń: S-1-5-18
Nazwa konta: SYSTEM
Domena konta: ZARZĄDZANIE NT
Identyfikator logowania: 0x3e7

Uprawnienia: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100823223830.730871-000
Event Type: Sukcesy inspekcji
User:

Computer Name: 37L4247E29-32
Event Code: 4624
Message: Użytkownik pomyślnie zalogował się na koncie.

Podmiot:
Identyfikator zabezpieczeń: S-1-5-18
Nazwa konta: 37L4247E29-32$
Domena konta: WORKGROUP
Identyfikator logowania: 0x3e7

Typ logowania: 5

Nowe logowanie:
Identyfikator zabezpieczeń: S-1-5-18
Nazwa konta: SYSTEM
Domena konta: ZARZĄDZANIE NT
Identyfikator logowania: 0x3e7
Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000}

Informacje o procesie:
Identyfikator procesu: 0x1c0
Nazwa procesu: C:\Windows\System32\services.exe

Informacje o sieci:
Nazwa stacji roboczej:
Adres źródłowy sieci: -
Port źródłowy: -

Szczegółowe informacje o uwierzytelnianiu:
Proces logowania: Advapi
Pakiet uwierzytelniania: Negotiate
Usługi przejściowe: -
Nazwa pakietu (tylko NTLM): -
Długość klucza: 0

To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do którego został uzyskany dostęp.

Pola podmiotu wskazują konto w systemie lokalnym, które zażądało logowania. Najczęściej jest to usługa, na przykład usługa Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe.

Pole typu logowania wskazuje rodzaj zaistniałego logowania. Najczęstsze typy to 2 (interakcyjne) i 3 (sieciowe).

Pola nowego logowania wskazują konto, dla którego zostało utworzone nowe logowanie, czyli konto, które zostało zalogowane.

Pola sieci wskazują lokalizację, z której pochodziło zdalne żądanie logowania. Nazwa stacji roboczej nie zawsze jest dostępna i w niektórych przypadkach może być pusta.

Pola informacji o uwierzytelnianiu zawierają szczegółowe informacje o tym konkretnym żądaniu logowania.
- Identyfikator GUID logowania to unikatowy identyfikator, za pomocą którego można skorelować to zdarzenie ze zdarzeniem centrum dystrybucji kluczy.
- Usługi przejściowe wskazują, które usługi pośrednie uczestniczyły w tym żądaniu logowania.
- Nazwa pakietu wskazuje, który protokół podrzędny spośród protokołów NTLM został użyty.
- Długość klucza wskazuje długość wygenerowanego klucza sesji. Jeśli nie zażądano klucza sesji, jest to wartość 0.
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100823223830.730871-000
Event Type: Sukcesy inspekcji
User:

Computer Name: 37L4247E29-32
Event Code: 4902
Message: Utworzono tabelę zasad inspekcji użytkownika.

Liczba elementów: 0
Identyfikator zasad: 0x3090a
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100823223824.147660-000
Event Type: Sukcesy inspekcji
User:

Computer Name: 37L4247E29-32
Event Code: 4624
Message: Użytkownik pomyślnie zalogował się na koncie.

Podmiot:
Identyfikator zabezpieczeń: S-1-0-0
Nazwa konta: -
Domena konta: -
Identyfikator logowania: 0x0

Typ logowania: 0

Nowe logowanie:
Identyfikator zabezpieczeń: S-1-5-18
Nazwa konta: SYSTEM
Domena konta: ZARZĄDZANIE NT
Identyfikator logowania: 0x3e7
Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000}

Informacje o procesie:
Identyfikator procesu: 0x4
Nazwa procesu:

Informacje o sieci:
Nazwa stacji roboczej: -
Adres źródłowy sieci: -
Port źródłowy: -

Szczegółowe informacje o uwierzytelnianiu:
Proces logowania: -
Pakiet uwierzytelniania: -
Usługi przejściowe: -
Nazwa pakietu (tylko NTLM): -
Długość klucza: 0

To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do którego został uzyskany dostęp.

Pola podmiotu wskazują konto w systemie lokalnym, które zażądało logowania. Najczęściej jest to usługa, na przykład usługa Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe.

Pole typu logowania wskazuje rodzaj zaistniałego logowania. Najczęstsze typy to 2 (interakcyjne) i 3 (sieciowe).

Pola nowego logowania wskazują konto, dla którego zostało utworzone nowe logowanie, czyli konto, które zostało zalogowane.

Pola sieci wskazują lokalizację, z której pochodziło zdalne żądanie logowania. Nazwa stacji roboczej nie zawsze jest dostępna i w niektórych przypadkach może być pusta.

Pola informacji o uwierzytelnianiu zawierają szczegółowe informacje o tym konkretnym żądaniu logowania.
- Identyfikator GUID logowania to unikatowy identyfikator, za pomocą którego można skorelować to zdarzenie ze zdarzeniem centrum dystrybucji kluczy.
- Usługi przejściowe wskazują, które usługi pośrednie uczestniczyły w tym żądaniu logowania.
- Nazwa pakietu wskazuje, który protokół podrzędny spośród protokołów NTLM został użyty.
- Długość klucza wskazuje długość wygenerowanego klucza sesji. Jeśli nie zażądano klucza sesji, jest to wartość 0.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100823223821.558055-000
Event Type: Sukcesy inspekcji
User:

Computer Name: 37L4247E29-32
Event Code: 4608
Message: Trwa uruchamianie systemu Windows.

To zdarzenie jest rejestrowane w momencie uruchamiania programu LSASS.EXE i inicjowania podsystemu inspekcji.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100823223821.402055-000
Event Type: Sukcesy inspekcji
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files (x86)\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=3
"PROCESSOR_LEVEL"=16
"PROCESSOR_IDENTIFIER"=AMD64 Family 16 Model 5 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=0502

-----------------EOF-----------------
[/log]

log
[log] Logfile of random's system information tool 1.08 (written by random/random)
Run by Robert at 2010-09-17 21:45:10
Microsoft Windows 7 Home Premium
System drive C: has 22 GB (33%) free of 67 GB
Total RAM: 2047 MB (37% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:45:17, on 2010-09-17
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Tlen.pl\tlen.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Users\Robert\Desktop\OTL.exe
C:\Users\Robert\Desktop\RSIT.exe
C:\Program Files (x86)\trend micro\Robert.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Foxit Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [DelReg] C:\Program Files (x86)\MSI\OverclockingCenter\DelReg.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [MagicRotation] C:\Program Files (x86)\MagicRotation\MagicPvt.exe
O4 - HKCU\..\Run: [Komunikator] C:\Program Files (x86)\Tlen.pl\tlen.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\/\KiesTrayAgent.exe
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA SIECIOWA')
O4 - Startup: StikyNot.exe — skrót.lnk = C:\Windows\System32\StikyNot.exe
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AODService - Unknown owner - C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
O23 - Service: Device Error Recovery Service (dgdersvc) - Devguru Co., Ltd. - C:\Windows\system32\dgdersvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 7805 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Foxit Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2010-05-26 1385864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Foxit Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2010-05-26 1385864]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-10-09 2762240]
"DelReg"=C:\Program Files (x86)\MSI\OverclockingCenter\DelReg.exe [2008-12-04 196608]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-11-04 98304]
"ATICustomerCare"=C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe [2009-06-14 307200]
"MagicRotation"=C:\Program Files (x86)\MagicRotation\MagicPvt.exe [2009-06-19 1286144]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Komunikator"=C:\Program Files (x86)\Tlen.pl\tlen.exe [2009-01-17 5853672]
"AlcoholAutomount"=C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2009-11-15 33120]
"KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\/\KiesTrayAgent.exe [2010-01-28 3404600]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe []

C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
StikyNot.exe — skrót.lnk - C:\Windows\System32\StikyNot.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\SysWOW64\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2010-09-17 21:45:10 ----D---- C:\rsit
2010-09-17 21:45:10 ----D---- C:\Program Files (x86)\trend micro
2010-09-17 20:14:36 ----D---- C:\Program Files (x86)\Microsoft Antimalware
2010-09-17 00:51:50 ----HDC---- C:\ProgramData\{ECC164E0-3133-4C70-A831-F08DB2940F70}
2010-09-17 00:51:28 ----D---- C:\ProgramData\Lavasoft
2010-09-17 00:51:28 ----D---- C:\Program Files (x86)\Lavasoft
2010-09-17 00:49:03 ----D---- C:\ProgramData\Spybot - Search & Destroy
2010-09-17 00:49:03 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy
2010-09-15 22:58:07 ----A---- C:\Windows\SysWOW64\iertutil.dll
2010-09-14 06:08:51 ----A---- C:\Windows\SysWOW64\unrar.dll
2010-09-14 06:08:50 ----D---- C:\Program Files (x86)\K-Lite Codec Pack
2010-09-11 22:00:07 ----D---- C:\Users\Robert\AppData\Roaming\BESTplayer
2010-09-10 18:04:27 ----D---- C:\Windows\SysWOW64\xlive
2010-09-10 18:04:23 ----D---- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2010-09-10 18:03:50 ----D---- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
2010-09-09 19:16:10 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2010-09-06 18:10:27 ----D---- C:\Windows\Minidump
2010-09-05 20:30:44 ----D---- C:\Program Files (x86)\VS Revo Group
2010-09-05 14:38:12 ----D---- C:\Program Files (x86)\ALLConventer Samsung Monte
2010-09-04 12:15:58 ----D---- C:\Program Files (x86)\PDFCreator
2010-09-04 12:15:58 ----A---- C:\Windows\SysWOW64\MSMPIDE.DLL
2010-09-03 19:58:58 ----D---- C:\ProgramData\PC Suite
2010-09-03 19:58:57 ----D---- C:\Users\Robert\AppData\Roaming\PC Suite
2010-09-03 19:55:20 ----A---- C:\Windows\SysWOW64\FsExService64.Exe
2010-09-03 19:55:20 ----A---- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys
2010-09-03 19:53:03 ----D---- C:\Program Files (x86)\PC Connectivity Solution
2010-09-03 19:51:20 ----D---- C:\Users\Robert\AppData\Roaming\Samsung
2010-09-03 19:50:30 ----D---- C:\Program Files (x86)\MarkAny
2010-09-03 19:50:29 ----D---- C:\ProgramData\Samsung
2010-09-03 19:50:22 ----D---- C:\Program Files (x86)\Samsung
2010-09-03 19:50:11 ----D---- C:\Program Files (x86)\Common Files\Samsung
2010-09-01 00:28:42 ----D---- C:\Users\Robert\AppData\Roaming\Microsoft Games
2010-09-01 00:09:32 ----D---- C:\Program Files (x86)\Common Files\Microsoft Games
2010-08-31 23:47:48 ----D---- C:\Program Files (x86)\Microsoft Games
2010-08-31 16:56:38 ----D---- C:\ProgramData\Easy CD-DA Extractor
2010-08-31 16:56:37 ----D---- C:\Windows\Easy CD-DA Extractor 12
2010-08-29 02:31:03 ----D---- C:\Program Files (x86)\Steam
2010-08-29 02:31:03 ----D---- C:\Program Files (x86)\Common Files\Steam
2010-08-29 02:24:50 ----D---- C:\Half-Life 2
2010-08-29 02:12:26 ----D---- C:\ProgramData\TEMP
2010-08-28 10:41:15 ----D---- C:\Users\Robert\AppData\Roaming\Canon
2010-08-28 09:33:10 ----D---- C:\Program Files (x86)\CDisplay
2010-08-28 02:36:31 ----D---- C:\Users\Robert\AppData\Roaming\MotioninJoy
2010-08-27 22:03:55 ----A---- C:\Windows\SysWOW64\CmdLineExt.dll
2010-08-27 22:02:11 ----D---- C:\Program Files (x86)\Prey
2010-08-26 01:48:06 ----D---- C:\Users\Robert\AppData\Roaming\Bentley
2010-08-26 01:47:00 ----D---- C:\ProgramData\Bentley
2010-08-26 01:47:00 ----D---- C:\Program Files (x86)\Common Files\Bentley Shared
2010-08-26 01:47:00 ----D---- C:\Program Files (x86)\Bentley
2010-08-26 01:00:46 ----A---- C:\Windows\SysWOW64\XAudio2_7.dll
2010-08-26 01:00:46 ----A---- C:\Windows\SysWOW64\XAPOFX1_5.dll
2010-08-26 01:00:45 ----A---- C:\Windows\SysWOW64\xactengine3_7.dll
2010-08-26 01:00:45 ----A---- C:\Windows\SysWOW64\D3DCompiler_43.dll
2010-08-26 01:00:44 ----A---- C:\Windows\SysWOW64\D3DX9_43.dll
2010-08-26 01:00:44 ----A---- C:\Windows\SysWOW64\d3dx11_43.dll
2010-08-26 01:00:44 ----A---- C:\Windows\SysWOW64\d3dx10_43.dll
2010-08-26 01:00:44 ----A---- C:\Windows\SysWOW64\d3dcsx_43.dll
2010-08-26 01:00:43 ----A---- C:\Windows\SysWOW64\XAudio2_6.dll
2010-08-26 01:00:43 ----A---- C:\Windows\SysWOW64\XAPOFX1_4.dll
2010-08-26 01:00:43 ----A---- C:\Windows\SysWOW64\xactengine3_6.dll
2010-08-26 01:00:43 ----A---- C:\Windows\SysWOW64\X3DAudio1_7.dll
2010-08-26 01:00:41 ----A---- C:\Windows\SysWOW64\XAudio2_5.dll
2010-08-26 01:00:41 ----A---- C:\Windows\SysWOW64\xactengine3_5.dll
2010-08-26 01:00:41 ----A---- C:\Windows\SysWOW64\D3DCompiler_42.dll
2010-08-26 01:00:39 ----A---- C:\Windows\SysWOW64\d3dcsx_42.dll
2010-08-26 01:00:38 ----A---- C:\Windows\SysWOW64\d3dx11_42.dll
2010-08-26 01:00:38 ----A---- C:\Windows\SysWOW64\d3dx10_42.dll
2010-08-26 01:00:37 ----A---- C:\Windows\SysWOW64\D3DX9_42.dll
2010-08-26 01:00:36 ----A---- C:\Windows\SysWOW64\XAudio2_4.dll
2010-08-26 01:00:36 ----A---- C:\Windows\SysWOW64\XAPOFX1_3.dll
2010-08-26 01:00:36 ----A---- C:\Windows\SysWOW64\D3DX9_41.dll
2010-08-26 01:00:36 ----A---- C:\Windows\SysWOW64\d3dx10_41.dll
2010-08-26 01:00:36 ----A---- C:\Windows\SysWOW64\D3DCompiler_41.dll
2010-08-26 01:00:35 ----A---- C:\Windows\SysWOW64\xactengine3_4.dll
2010-08-26 01:00:35 ----A---- C:\Windows\SysWOW64\X3DAudio1_6.dll
2010-08-26 01:00:35 ----A---- C:\Windows\SysWOW64\d3dx10_40.dll
2010-08-26 01:00:35 ----A---- C:\Windows\SysWOW64\D3DCompiler_40.dll
2010-08-26 01:00:34 ----A---- C:\Windows\SysWOW64\XAudio2_3.dll
2010-08-26 01:00:34 ----A---- C:\Windows\SysWOW64\XAPOFX1_2.dll
2010-08-26 01:00:34 ----A---- C:\Windows\SysWOW64\D3DX9_40.dll
2010-08-26 01:00:33 ----A---- C:\Windows\SysWOW64\xactengine3_3.dll
2010-08-26 01:00:33 ----A---- C:\Windows\SysWOW64\X3DAudio1_5.dll
2010-08-26 01:00:32 ----A---- C:\Windows\SysWOW64\XAudio2_2.dll
2010-08-26 01:00:32 ----A---- C:\Windows\SysWOW64\XAPOFX1_1.dll
2010-08-26 01:00:32 ----A---- C:\Windows\SysWOW64\xactengine3_2.dll
2010-08-26 01:00:31 ----A---- C:\Windows\SysWOW64\D3DX9_39.dll
2010-08-26 01:00:31 ----A---- C:\Windows\SysWOW64\d3dx10_39.dll
2010-08-26 01:00:31 ----A---- C:\Windows\SysWOW64\D3DCompiler_39.dll
2010-08-26 01:00:30 ----A---- C:\Windows\SysWOW64\XAudio2_1.dll
2010-08-26 01:00:30 ----A---- C:\Windows\SysWOW64\XAPOFX1_0.dll
2010-08-26 01:00:30 ----A---- C:\Windows\SysWOW64\xactengine3_1.dll
2010-08-26 01:00:30 ----A---- C:\Windows\SysWOW64\X3DAudio1_4.dll
2010-08-26 01:00:29 ----A---- C:\Windows\SysWOW64\D3DX9_38.dll
2010-08-26 01:00:29 ----A---- C:\Windows\SysWOW64\d3dx10_38.dll
2010-08-26 01:00:29 ----A---- C:\Windows\SysWOW64\D3DCompiler_38.dll
2010-08-26 01:00:28 ----A---- C:\Windows\SysWOW64\XAudio2_0.dll
2010-08-26 01:00:27 ----A---- C:\Windows\SysWOW64\xactengine3_0.dll
2010-08-26 01:00:27 ----A---- C:\Windows\SysWOW64\X3DAudio1_3.dll
2010-08-26 01:00:26 ----A---- C:\Windows\SysWOW64\xactengine2_10.dll
2010-08-26 01:00:24 ----A---- C:\Windows\SysWOW64\d3dx10_36.dll
2010-08-26 01:00:24 ----A---- C:\Windows\SysWOW64\D3DCompiler_36.dll
2010-08-26 01:00:23 ----A---- C:\Windows\SysWOW64\xactengine2_9.dll
2010-08-26 01:00:23 ----A---- C:\Windows\SysWOW64\d3dx9_36.dll
2010-08-26 01:00:22 ----A---- C:\Windows\SysWOW64\d3dx9_35.dll
2010-08-26 01:00:22 ----A---- C:\Windows\SysWOW64\d3dx10_35.dll
2010-08-26 01:00:22 ----A---- C:\Windows\SysWOW64\D3DCompiler_35.dll
2010-08-26 01:00:21 ----A---- C:\Windows\SysWOW64\xactengine2_8.dll
2010-08-26 01:00:21 ----A---- C:\Windows\SysWOW64\X3DAudio1_2.dll
2010-08-26 01:00:21 ----A---- C:\Windows\SysWOW64\d3dx10_34.dll
2010-08-26 01:00:21 ----A---- C:\Windows\SysWOW64\D3DCompiler_34.dll
2010-08-26 01:00:20 ----A---- C:\Windows\SysWOW64\xinput1_3.dll
2010-08-26 01:00:20 ----A---- C:\Windows\SysWOW64\xactengine2_7.dll
2010-08-26 01:00:20 ----A---- C:\Windows\SysWOW64\d3dx9_34.dll
2010-08-26 01:00:19 ----A---- C:\Windows\SysWOW64\d3dx9_33.dll
2010-08-26 01:00:19 ----A---- C:\Windows\SysWOW64\d3dx10_33.dll
2010-08-26 01:00:19 ----A---- C:\Windows\SysWOW64\D3DCompiler_33.dll
2010-08-26 01:00:18 ----A---- C:\Windows\SysWOW64\xactengine2_6.dll
2010-08-26 01:00:17 ----A---- C:\Windows\SysWOW64\xactengine2_5.dll
2010-08-26 01:00:17 ----A---- C:\Windows\SysWOW64\d3dx10.dll
2010-08-26 01:00:16 ----A---- C:\Windows\SysWOW64\xactengine2_4.dll
2010-08-26 01:00:16 ----A---- C:\Windows\SysWOW64\x3daudio1_1.dll
2010-08-26 01:00:16 ----A---- C:\Windows\SysWOW64\d3dx9_32.dll
2010-08-26 01:00:16 ----A---- C:\Windows\SysWOW64\d3dx9_31.dll
2010-08-26 01:00:15 ----A---- C:\Windows\SysWOW64\xinput1_2.dll
2010-08-26 01:00:15 ----A---- C:\Windows\SysWOW64\xactengine2_3.dll
2010-08-26 01:00:14 ----A---- C:\Windows\SysWOW64\xinput1_1.dll
2010-08-26 01:00:14 ----A---- C:\Windows\SysWOW64\xactengine2_2.dll
2010-08-26 01:00:14 ----A---- C:\Windows\SysWOW64\xactengine2_1.dll
2010-08-26 01:00:12 ----A---- C:\Windows\SysWOW64\xactengine2_0.dll
2010-08-26 01:00:12 ----A---- C:\Windows\SysWOW64\x3daudio1_0.dll
2010-08-26 01:00:12 ----A---- C:\Windows\SysWOW64\d3dx9_29.dll
2010-08-26 01:00:11 ----A---- C:\Windows\SysWOW64\d3dx9_27.dll
2010-08-26 01:00:10 ----A---- C:\Windows\SysWOW64\d3dx9_26.dll
2010-08-26 01:00:10 ----A---- C:\Windows\SysWOW64\d3dx9_25.dll
2010-08-26 01:00:10 ----A---- C:\Windows\SysWOW64\d3dx9_24.dll
2010-08-26 00:57:25 ----D---- C:\Windows\SysWOW64\directx
2010-08-26 00:09:59 ----D---- C:\Users\Robert\AppData\Roaming\Ahead
2010-08-26 00:09:08 ----D---- C:\ProgramData\Nero
2010-08-26 00:09:08 ----D---- C:\Program Files (x86)\Nero
2010-08-26 00:09:08 ----D---- C:\Program Files (x86)\Common Files\Ahead
2010-08-25 21:40:55 ----D---- C:\ProgramData\CanonIJPLM
2010-08-25 21:35:28 ----HD---- C:\ProgramData\CanonBJ
2010-08-25 21:34:28 ----D---- C:\Program Files (x86)\Canon
2010-08-25 20:41:43 ----D---- C:\Users\Robert\AppData\Roaming\Media Player Classic
2010-08-25 20:24:15 ----D---- C:\ProgramData\ATI
2010-08-25 20:20:58 ----D---- C:\Program Files (x86)\ATI
2010-08-25 20:17:35 ----D---- C:\ATI
2010-08-25 19:46:41 ----D---- C:\Program Files (x86)\Microsoft Works
2010-08-25 19:46:23 ----D---- C:\Program Files (x86)\Microsoft Visual Studio
2010-08-25 19:46:04 ----D---- C:\Windows\PCHEALTH
2010-08-25 19:46:04 ----D---- C:\Program Files (x86)\Microsoft.NET
2010-08-25 19:37:04 ----D---- C:\Program Files (x86)\Alcohol Soft
2010-08-25 18:43:49 ----D---- C:\ProgramData\FLEXnet
2010-08-25 18:38:06 ----D---- C:\Program Files (x86)\Common Files\Macrovision Shared
2010-08-25 18:31:27 ----D---- C:\Users\Robert\AppData\Roaming\Autodesk
2010-08-25 18:31:27 ----D---- C:\Civil 3D Projects
2010-08-25 18:31:27 ----D---- C:\Civil 3D Project Templates
2010-08-25 18:30:59 ----D---- C:\Program Files (x86)\AutoCAD Civil 3D 2010
2010-08-25 18:30:52 ----D---- C:\ProgramData\Autodesk
2010-08-25 18:29:13 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2010-08-25 18:29:13 ----D---- C:\Program Files (x86)\Microsoft Visual Basic 2005 Power Packs
2010-08-25 18:29:13 ----D---- C:\Program Files (x86)\Microsoft SDKs
2010-08-25 18:29:08 ----A---- C:\Windows\SysWOW64\d3dx10_37.dll
2010-08-25 18:29:08 ----A---- C:\Windows\SysWOW64\D3DCompiler_37.dll
2010-08-25 18:29:07 ----A---- C:\Windows\SysWOW64\D3DX9_37.dll
2010-08-25 18:28:36 ----D---- C:\Program Files (x86)\Common Files\Designer
2010-08-25 18:27:51 ----D---- C:\Program Files (x86)\Common Files\Autodesk Shared
2010-08-25 18:27:51 ----D---- C:\Program Files (x86)\Autodesk
2010-08-25 17:56:01 ----A---- C:\Windows\SysWOW64\oleaut32.dll
2010-08-25 17:23:28 ----D---- C:\Program Files (x86)\AMD
2010-08-25 17:22:21 ----A---- C:\Windows\ver5.5.14.0.txt
2010-08-25 17:22:21 ----A---- C:\Windows\nvsulib.dll
2010-08-25 17:22:21 ----A---- C:\Windows\nvoclock.sys
2010-08-25 17:22:21 ----A---- C:\Windows\nvoclk64.sys
2010-08-25 17:22:21 ----A---- C:\Windows\Nvgpio.dll
2010-08-25 17:22:21 ----A---- C:\Windows\NVGfxOgl.dll
2010-08-25 17:22:20 ----A---- C:\Windows\NVBenchMarks.dll
2010-08-25 17:22:20 ----A---- C:\Windows\ntuneoem.dll
2010-08-25 17:22:20 ----A---- C:\Windows\NTuneGpu.dll
2010-08-25 17:22:20 ----A---- C:\Windows\msvcr71.dll
2010-08-25 17:22:20 ----A---- C:\Windows\msvcp71.dll
2010-08-25 17:22:20 ----A---- C:\Windows\MFC71.dll
2010-08-25 17:22:20 ----A---- C:\Windows\AutoTuneScript.dll
2010-08-25 17:22:19 ----D---- C:\Program Files (x86)\MSI
2010-08-25 17:10:20 ----N---- C:\Windows\difxapi.dll
2010-08-25 17:10:19 ----D---- C:\Program Files (x86)\VIA
2010-08-25 17:09:23 ----D---- C:\Windows\SysWOW64\Atheros_L1e
2010-08-25 06:55:11 ----D---- C:\Windows\SysWOW64\Wat
2010-08-25 04:04:38 ----A---- C:\Windows\SysWOW64\msv1_0.dll
2010-08-25 04:02:02 ----D---- C:\Program Files (x86)\MSXML 4.0
2010-08-25 04:01:10 ----A---- C:\Windows\SysWOW64\PresentationHostProxy.dll
2010-08-25 04:01:10 ----A---- C:\Windows\SysWOW64\PresentationHost.exe
2010-08-25 04:01:10 ----A---- C:\Windows\SysWOW64\netfxperf.dll
2010-08-25 04:01:10 ----A---- C:\Windows\SysWOW64\mscoree.dll
2010-08-25 04:01:10 ----A---- C:\Windows\SysWOW64\dfshim.dll
2010-08-25 03:41:41 ----D---- C:\Program Files (x86)\Microsoft Office
2010-08-25 03:41:19 ----RHD---- C:\MSOCache
2010-08-25 03:05:39 ----A---- C:\Windows\SysWOW64\asycfilt.dll
2010-08-25 03:05:37 ----A---- C:\Windows\SysWOW64\vbscript.dll
2010-08-25 03:05:37 ----A---- C:\Windows\SysWOW64\ntdll.dll
2010-08-25 03:05:36 ----A---- C:\Windows\SysWOW64\schannel.dll
2010-08-25 03:05:31 ----A---- C:\Windows\SysWOW64\wmp.dll
2010-08-25 03:05:30 ----A---- C:\Windows\SysWOW64\CertEnroll.dll
2010-08-25 03:05:28 ----A---- C:\Windows\SysWOW64\wmploc.DLL
2010-08-25 03:05:26 ----A---- C:\Windows\SysWOW64\secproc_isv.dll
2010-08-25 03:05:26 ----A---- C:\Windows\SysWOW64\secproc.dll
2010-08-25 03:05:25 ----A---- C:\Windows\SysWOW64\secproc_ssp_isv.dll
2010-08-25 03:05:25 ----A---- C:\Windows\SysWOW64\RMActivate_isv.exe
2010-08-25 03:05:25 ----A---- C:\Windows\SysWOW64\RMActivate.exe
2010-08-25 03:05:24 ----A---- C:\Windows\SysWOW64\secproc_ssp.dll
2010-08-25 03:05:24 ----A---- C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2010-08-25 03:05:24 ----A---- C:\Windows\SysWOW64\RMActivate_ssp.exe
2010-08-25 03:05:16 ----A---- C:\Windows\SysWOW64\shell32.dll
2010-08-25 03:05:15 ----A---- C:\Windows\SysWOW64\inetcomm.dll
2010-08-25 03:05:13 ----A---- C:\Windows\SysWOW64\t2embed.dll
2010-08-25 03:05:04 ----A---- C:\Windows\SysWOW64\ntoskrnl.exe
2010-08-25 03:05:04 ----A---- C:\Windows\SysWOW64\ntkrnlpa.exe
2010-08-25 03:04:57 ----A---- C:\Windows\SysWOW64\mshtml.dll
2010-08-25 03:04:56 ----A---- C:\Windows\SysWOW64\ieframe.dll
2010-08-25 03:04:55 ----A---- C:\Windows\SysWOW64\urlmon.dll
2010-08-25 03:04:55 ----A---- C:\Windows\SysWOW64\mstime.dll
2010-08-25 03:04:55 ----A---- C:\Windows\SysWOW64\iedkcs32.dll
2010-08-25 03:04:54 ----A---- C:\Windows\SysWOW64\wininet.dll
2010-08-25 03:04:54 ----A---- C:\Windows\SysWOW64\msfeedsbs.dll
2010-08-25 03:04:54 ----A---- C:\Windows\SysWOW64\jsproxy.dll
2010-08-25 03:04:54 ----A---- C:\Windows\SysWOW64\ieui.dll
2010-08-25 03:04:54 ----A---- C:\Windows\SysWOW64\iepeers.dll
2010-08-25 03:04:53 ----A---- C:\Windows\SysWOW64\msfeedssync.exe
2010-08-25 03:04:51 ----A---- C:\Windows\SysWOW64\explorer.exe
2010-08-25 03:04:51 ----A---- C:\Windows\explorer.exe
2010-08-25 03:04:50 ----A---- C:\Windows\SysWOW64\wow32.dll
2010-08-25 03:04:50 ----A---- C:\Windows\SysWOW64\user.exe
2010-08-25 03:04:50 ----A---- C:\Windows\SysWOW64\setup16.exe
2010-08-25 03:04:50 ----A---- C:\Windows\SysWOW64\ntvdm64.dll
2010-08-25 03:04:50 ----A---- C:\Windows\SysWOW64\instnm.exe
2010-08-25 03:04:49 ----A---- C:\Windows\SysWOW64\rtutils.dll
2010-08-25 03:04:41 ----A---- C:\Windows\SysWOW64\iccvid.dll
2010-08-25 03:04:38 ----A---- C:\Windows\SysWOW64\CPFilters.dll
2010-08-25 03:04:37 ----A---- C:\Windows\SysWOW64\psisdecd.dll
2010-08-25 03:04:36 ----A---- C:\Windows\SysWOW64\tsbyuv.dll
2010-08-25 03:04:36 ----A---- C:\Windows\SysWOW64\quartz.dll
2010-08-25 03:04:36 ----A---- C:\Windows\SysWOW64\msyuv.dll
2010-08-25 03:04:36 ----A---- C:\Windows\SysWOW64\msvidc32.dll
2010-08-25 03:04:36 ----A---- C:\Windows\SysWOW64\msrle32.dll
2010-08-25 03:04:36 ----A---- C:\Windows\SysWOW64\mciavi32.dll
2010-08-25 03:04:36 ----A---- C:\Windows\SysWOW64\iyuv_32.dll
2010-08-25 03:04:36 ----A---- C:\Windows\SysWOW64\avifil32.dll
2010-08-25 03:04:33 ----A---- C:\Windows\SysWOW64\msxml3.dll
2010-08-25 03:04:33 ----A---- C:\Windows\SysWOW64\jscript.dll
2010-08-25 03:04:30 ----A---- C:\Windows\SysWOW64\sspicli.dll
2010-08-25 03:04:30 ----A---- C:\Windows\SysWOW64\secur32.dll
2010-08-25 03:04:26 ----A---- C:\Windows\SysWOW64\msasn1.dll
2010-08-25 03:04:25 ----A---- C:\Windows\SysWOW64\fontsub.dll
2010-08-25 03:04:25 ----A---- C:\Windows\SysWOW64\atmlib.dll
2010-08-25 03:04:25 ----A---- C:\Windows\SysWOW64\atmfd.dll
2010-08-25 03:04:24 ----A---- C:\Windows\SysWOW64\tzres.dll
2010-08-25 01:46:46 ----D---- C:\Users\Robert\AppData\Roaming\Sony Corporation
2010-08-25 01:27:38 ----D---- C:\Users\Robert\AppData\Roaming\Mathsoft
2010-08-25 01:26:31 ----A---- C:\Windows\MC14_RC_IS_Log.txt
2010-08-25 01:26:07 ----D---- C:\Program Files (x86)\Mathcad
2010-08-25 01:26:04 ----A---- C:\Windows\MC14_Help_IS_Log.txt
2010-08-25 01:25:12 ----A---- C:\Windows\MC14_IS_LOG.txt
2010-08-25 01:21:05 ----A---- C:\Windows\SysWOW64\drivers\MTictwl.sys
2010-08-25 01:21:01 ----D---- C:\Program Files (x86)\SEC
2010-08-25 01:19:33 ----D---- C:\Program Files (x86)\MagicRotation
2010-08-25 01:19:33 ----A---- C:\Windows\mpvthook.dll
2010-08-25 01:19:14 ----D---- C:\ProgramData\InstallShield
2010-08-25 01:17:49 ----D---- C:\Program Files (x86)\MagicTune Premium
2010-08-25 01:17:41 ----D---- C:\Users\Robert\AppData\Roaming\InstallShield
2010-08-25 00:40:27 ----D---- C:\Users\Robert\AppData\Roaming\Macromedia
2010-08-25 00:40:26 ----D---- C:\Users\Robert\AppData\Roaming\Adobe
2010-08-25 00:38:56 ----D---- C:\Windows\SysWOW64\Macromed
2010-08-25 00:34:14 ----D---- C:\Users\Robert\AppData\Roaming\Mozilla
2010-08-25 00:34:10 ----D---- C:\Program Files (x86)\Mozilla Firefox
2010-08-25 00:31:26 ----D---- C:\Users\Robert\AppData\Roaming\BitComet
2010-08-25 00:31:25 ----D---- C:\Program Files (x86)\BitComet
2010-08-25 00:29:17 ----D---- C:\Users\Robert\AppData\Roaming\WinRAR
2010-08-25 00:27:24 ----D---- C:\Users\Robert\AppData\Roaming\Tlen.pl
2010-08-25 00:27:24 ----D---- C:\ProgramData\Tlen.pl
2010-08-25 00:27:19 ----D---- C:\Program Files (x86)\Tlen.pl
2010-08-25 00:26:54 ----D---- C:\Program Files (x86)\NAPI-PROJEKT
2010-08-25 00:26:02 ----D---- C:\Users\Robert\AppData\Roaming\IrfanView
2010-08-25 00:26:02 ----D---- C:\Program Files (x86)\IrfanView
2010-08-25 00:25:13 ----D---- C:\Program Files (x86)\Ask.com
2010-08-25 00:25:09 ----D---- C:\Program Files (x86)\Foxit Software
2010-08-25 00:24:35 ----D---- C:\Users\Robert\AppData\Roaming\foobar2000
2010-08-25 00:24:31 ----D---- C:\Program Files (x86)\foobar2000
2010-08-25 00:14:25 ----D---- C:\ProgramData\Alwil Software
2010-08-25 00:12:01 ----A---- C:\Windows\SysWOW64\wintrust.dll
2010-08-25 00:12:01 ----A---- C:\Windows\SysWOW64\cabview.dll
2010-08-24 23:20:38 ----D---- C:\ProgramData\Microsoft Help
2010-08-24 23:07:37 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2010-08-24 23:07:37 ----D---- C:\Program Files (x86)\Sony
2010-08-24 23:05:52 ----D---- C:\Program Files (x86)\Common Files\InstallShield
2010-08-24 22:58:58 ----D---- C:\ProgramData\Ahead
2010-08-24 22:57:12 ----A---- C:\Windows\SysWOW64\d3dx9_30.dll
2010-08-24 22:57:12 ----A---- C:\Windows\SysWOW64\d3dx9_28.dll
2010-08-24 18:58:09 ----D---- C:\Users\Robert\AppData\Roaming\ATI
2010-08-24 18:56:40 ----D---- C:\Program Files (x86)\ATI Technologies
2010-08-24 18:56:39 ----SHD---- C:\Windows\Installer
2010-08-24 17:39:39 ----D---- C:\Users\Robert\AppData\Roaming\Foxit Software
2010-08-24 01:37:37 ----D---- C:\Windows\Panther
2010-08-24 01:37:25 ----RASH---- C:\BOOTSECT.BAK
2010-08-24 01:37:24 ----SHD---- C:\Boot
2010-08-24 00:45:56 ----D---- C:\Users\Robert\AppData\Roaming\Identities
2010-08-24 00:45:45 ----SD---- C:\Users\Robert\AppData\Roaming\Microsoft
2010-08-24 00:45:45 ----D---- C:\Users\Robert\AppData\Roaming\Media Center Programs
2010-08-24 00:45:33 ----SHD---- C:\Recovery
2010-08-24 00:45:33 ----SHD---- C:\ProgramData\Ulubione
2010-08-24 00:45:33 ----SHD---- C:\ProgramData\Szablony
2010-08-24 00:45:33 ----SHD---- C:\ProgramData\Pulpit
2010-08-24 00:45:33 ----SHD---- C:\ProgramData\Menu Start
2010-08-24 00:45:33 ----SHD---- C:\ProgramData\Dokumenty
2010-08-24 00:45:33 ----SHD---- C:\ProgramData\Dane aplikacji
2010-08-24 00:40:54 ----D---- C:\Windows\SoftwareDistribution
2010-08-24 00:38:26 ----D---- C:\Windows\Prefetch
2010-08-24 00:38:09 ----ASH---- C:\pagefile.sys
2010-08-24 00:38:08 ----SHD---- C:\System Volume Information
2010-08-24 00:38:08 ----ASH---- C:\hiberfil.sys

======List of files/folders modified in the last 1 months======

2010-09-17 21:45:10 ----RD---- C:\Program Files (x86)
2010-09-17 21:44:53 ----D---- C:\Windows\Temp
2010-09-17 20:43:17 ----HD---- C:\ProgramData
2010-09-17 20:21:55 ----D---- C:\Windows\Tasks
2010-09-17 20:14:36 ----SD---- C:\ProgramData\Microsoft
2010-09-17 20:14:33 ----RD---- C:\Program Files
2010-09-17 20:10:57 ----D---- C:\Windows\SysWOW64
2010-09-17 20:10:57 ----D---- C:\Windows
2010-09-17 17:57:31 ----D---- C:\Windows\System32
2010-09-17 00:51:19 ----D---- C:\Windows\winsxs
2010-09-16 23:32:17 ----D---- C:\Windows\Downloaded Program Files
2010-09-15 17:56:38 ----D---- C:\Windows\inf
2010-09-10 18:02:56 ----RSD---- C:\Windows\assembly
2010-09-09 22:25:52 ----D---- C:\PerfLogs
2010-09-06 20:58:48 ----D---- C:\Windows\Registration
2010-09-03 19:55:20 ----D---- C:\Windows\SysWOW64\drivers
2010-09-03 19:50:11 ----D---- C:\Program Files (x86)\Common Files
2010-08-30 20:00:04 ----D---- C:\Windows\Logs
2010-08-30 18:01:13 ----D---- C:\Windows\LiveKernelReports
2010-08-26 17:33:25 ----D---- C:\Windows\rescache
2010-08-26 00:13:30 ----RSD---- C:\Windows\Fonts
2010-08-26 00:13:28 ----D---- C:\Windows\ShellNew
2010-08-26 00:09:32 ----D---- C:\Windows\ehome
2010-08-25 21:40:15 ----RSD---- C:\Windows\Media
2010-08-25 21:35:25 ----D---- C:\Windows\twain_32
2010-08-25 20:02:02 ----D---- C:\Windows\debug
2010-08-25 19:54:30 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
2010-08-25 19:54:29 ----D---- C:\Program Files (x86)\MSBuild
2010-08-25 19:53:47 ----D---- C:\Program Files (x86)\Common Files\System
2010-08-25 19:53:45 ----A---- C:\Windows\win.ini
2010-08-25 19:08:35 ----D---- C:\Windows\AppPatch
2010-08-25 18:39:51 ----D---- C:\Windows\Help
2010-08-25 18:38:59 ----D---- C:\Windows\Microsoft.NET
2010-08-25 06:55:17 ----D---- C:\Program Files (x86)\Windows Media Player
2010-08-25 06:55:16 ----D---- C:\Program Files (x86)\Windows Mail
2010-08-25 06:55:15 ----D---- C:\Windows\SysWOW64\migration
2010-08-25 06:55:15 ----D---- C:\Program Files (x86)\Internet Explorer
2010-08-25 03:59:30 ----D---- C:\Windows\SysWOW64\pl-PL
2010-08-24 00:45:54 ----SHD---- C:\$Recycle.Bin
2010-08-24 00:45:42 ----RD---- C:\Users

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys []
R0 Lbd;Lbd; C:\Windows\system32\DRIVERS\Lbd.sys []
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys []
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys []
R1 NCPro;NCPro; C:\Windows\system32\drivers\MTictwl.sys [2006-08-28 13312]
R2 cpuz134;cpuz134; \??\C:\Windows\system32\drivers\cpuz134_x64.sys []
R3 AODDriver;AODDriver; \??\C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver.sys [2009-10-22 21048]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys []
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
R3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [2009-12-22 18136]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x64.sys []
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys []
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys []
S3 amlfssmm;amlfssmm; C:\Windows\SysWOW64\drivers\amlfssmm.sys []
S3 DualCoreCenter;DualCoreCenter; \??\C:\Program Files (x86)\MSI\OverclockingCenter\NTGLM7X64.sys [2008-12-27 44344]
S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [2010-08-12 16928]
S3 MagicTune;MagicTune; C:\Windows\system32\drivers\MTiCtwl.sys [2006-08-28 13312]
S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver; C:\Windows\system32\DRIVERS\MijXfilt.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys []
S3 RushTopDevice_J;RushTopDevice_J; \??\C:\Program Files (x86)\MSI\OverclockingCenter\RushJ64.sys [2009-03-05 33080]
S3 RushTopDevice2;RushTopDevice2; \??\C:\Program Files (x86)\MSI\OverclockingCenter\RushTop64.sys [2008-12-19 75576]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys []
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys []
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys []
S3 ss_bserd;SAMSUNG USB Mobile Logging Driver; C:\Windows\system32\DRIVERS\ss_bserd.sys []
S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [2009-12-22 16448]
S3 usbscan;Sterownik skanera USB; C:\Windows\system32\DRIVERS\usbscan.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys []
S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe []
R2 AODService;AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [2009-10-22 136544]
R2 dgdersvc;Device Error Recovery Service; C:\Windows\system32\dgdersvc.exe [2009-12-22 95568]
R2 IJPLMSVC;PIXMA Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2007-04-13 101528]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2010-09-17 1355928]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2010-03-25 17424]
S2 StarWindServiceAE;StarWind AE Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-08-25 651720]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2008-11-11 620544]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2010-08-29 407336]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []

-----------------EOF-----------------
[/log]

momencik, własnie przeczytałem instrukcje co ustawic w otl, zaraz wstawie poprawne logi

OTL V.2

OTL
[log]OTL logfile created on: 2010-09-17 22:10:41 - Run 2
OTL by OldTimer - Version 3.2.12.1 Folder = C:\Users\Robert\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 44,00% Memory free
4,00 Gb Paging File | 2,00 Gb Available in Paging File | 55,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 65,66 Gb Total Space | 21,40 Gb Free Space | 32,60% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive M: | 100,00 Gb Total Space | 55,34 Gb Free Space | 55,34% Space Free | Partition Type: NTFS
Drive N: | 300,00 Gb Total Space | 215,09 Gb Free Space | 71,70% Space Free | Partition Type: NTFS

Computer Name: ROBERT-KOMPUTER
Current User Name: Robert
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-09-17 21:29:14 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Robert\Desktop\OTL.exe
PRC - [2010-09-17 00:54:43 | 000,864,624 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2010-09-17 00:54:42 | 001,355,928 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2010-09-09 04:00:26 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2010-09-09 04:00:25 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2009-10-22 03:49:18 | 000,136,544 | ---- | M] () -- C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
PRC - [2009-01-17 16:48:08 | 005,853,672 | ---- | M] (o2.pl Sp. z o.o.) -- C:\Program Files (x86)\Tlen.pl\tlen.exe
PRC - [2007-04-13 08:49:00 | 000,101,528 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-09-17 21:29:14 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Robert\Desktop\OTL.exe
MOD - [2010-07-27 16:03:24 | 012,867,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
MOD - [2010-04-07 09:10:36 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll
MOD - [2010-03-24 08:37:04 | 001,289,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
MOD - [2009-12-11 09:39:06 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
MOD - [2009-12-11 09:36:33 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll
MOD - [2009-07-14 03:16:19 | 000,268,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll
MOD - [2009-07-14 03:16:17 | 001,123,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2009-07-14 03:16:17 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll
MOD - [2009-07-14 03:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2009-07-14 03:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll
MOD - [2009-07-14 03:16:15 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2009-07-14 03:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2009-07-14 03:16:14 | 001,668,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll
MOD - [2009-07-14 03:16:14 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll
MOD - [2009-07-14 03:16:14 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll
MOD - [2009-07-14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll
MOD - [2009-07-14 03:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll
MOD - [2009-07-14 03:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll
MOD - [2009-07-14 03:16:12 | 001,412,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll
MOD - [2009-07-14 03:16:12 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll
MOD - [2009-07-14 03:16:12 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll
MOD - [2009-07-14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll
MOD - [2009-07-14 03:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll
MOD - [2009-07-14 03:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll
MOD - [2009-07-14 03:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll
MOD - [2009-07-14 03:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
MOD - [2009-07-14 03:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll
MOD - [2009-07-14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll
MOD - [2009-07-14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll
MOD - [2009-07-14 03:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2009-07-14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll
MOD - [2009-07-14 03:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll
MOD - [2009-07-14 03:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll
MOD - [2009-07-14 03:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2009-07-14 03:14:53 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll
MOD - [2009-07-14 03:14:53 | 000,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll
MOD - [2009-07-14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009-07-14 03:14:08 | 000,319,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv
MOD - [2009-07-14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll
MOD - [2009-07-14 03:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll
MOD - [2009-07-14 03:11:23 | 000,836,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
MOD - [2009-07-14 03:11:23 | 000,662,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
MOD - [2009-07-14 03:11:23 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll
MOD - [2009-07-14 03:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll
MOD - [2009-07-14 03:11:21 | 000,310,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll
MOD - [2009-07-14 03:11:21 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll
MOD - [2009-07-14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2010-03-25 23:48:42 | 000,017,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV:[b]64bit:[/b] - [2009-12-22 04:31:04 | 000,117,584 | ---- | M] (Devguru Co., Ltd.) [Auto | Running] -- C:\Windows\SysNative\dgdersvc.exe -- (dgdersvc)
SRV:[b]64bit:[/b] - [2009-11-04 17:45:14 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010-09-17 00:54:42 | 001,355,928 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010-08-29 02:32:13 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010-08-25 18:38:06 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009-12-23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Stopped] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009-12-22 04:31:02 | 000,095,568 | ---- | M] (Devguru Co., Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\dgdersvc.exe -- (dgdersvc)
SRV - [2009-10-22 03:49:18 | 000,136,544 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe -- (AODService)
SRV - [2008-11-11 09:38:06 | 000,620,544 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008-10-25 11:44:08 | 000,065,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2007-04-13 08:49:00 | 000,101,528 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE -- (IJPLMSVC)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2010-08-25 18:10:24 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:[b]64bit:[/b] - [2010-08-12 14:15:20 | 000,069,152 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Lbd.sys -- (Lbd)
DRV:[b]64bit:[/b] - [2010-07-09 13:19:02 | 000,021,480 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz134_x64.sys -- (cpuz134)
DRV:[b]64bit:[/b] - [2010-06-30 21:23:16 | 000,061,952 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MijXfilt.sys -- (MotioninJoyXFilter)
DRV:[b]64bit:[/b] - [2009-12-22 04:31:26 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk)
DRV:[b]64bit:[/b] - [2009-12-22 04:31:04 | 000,020,568 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dgderdrv.sys -- (dgderdrv)
DRV:[b]64bit:[/b] - [2009-11-24 15:29:16 | 000,074,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:[b]64bit:[/b] - [2009-11-04 18:17:30 | 006,088,192 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:[b]64bit:[/b] - [2009-09-30 04:34:32 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:[b]64bit:[/b] - [2009-09-19 07:30:14 | 000,161,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV:[b]64bit:[/b] - [2009-09-19 07:30:14 | 000,128,000 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bserd.sys -- (ss_bserd)
DRV:[b]64bit:[/b] - [2009-09-19 07:30:14 | 000,127,488 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV:[b]64bit:[/b] - [2009-09-19 07:30:14 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV:[b]64bit:[/b] - [2009-09-17 13:04:18 | 001,250,816 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:[b]64bit:[/b] - [2009-07-27 09:04:38 | 000,058,880 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-06-10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009-05-05 04:00:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:[b]64bit:[/b] - [2008-11-04 13:12:08 | 000,023,096 | ---- | M] (Samsung Electronics, Inc. ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MTiCtwl.sys -- (MagicTune)
DRV:[b]64bit:[/b] - [2008-08-28 11:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV - [2010-08-12 14:15:22 | 000,016,928 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys -- (Lavasoft Kernexplorer)
DRV - [2009-12-22 04:31:26 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk)
DRV - [2009-12-22 04:31:02 | 000,018,136 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2009-10-22 03:49:14 | 000,021,048 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver.sys -- (AODDriver)
DRV - [2009-03-05 06:55:20 | 000,033,080 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\OverclockingCenter\RushJ64.sys -- (RushTopDevice_J)
DRV - [2008-12-27 04:21:10 | 000,044,344 | ---- | M] (MICRO-STAR INT'L CO., LTD.) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\OverclockingCenter\NTGLM7X64.sys -- (DualCoreCenter)
DRV - [2008-12-19 04:17:36 | 000,075,576 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\OverclockingCenter\RushTop64.sys -- (RushTopDevice2)
DRV - [2006-08-28 17:12:04 | 000,013,312 | ---- | M] () [Kernel | System | Running] -- C:\Windows\system32\drivers\MTictwl.sys -- (NCPro)
DRV - [2006-08-28 17:12:04 | 000,013,312 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\MTictwl.sys -- (MagicTune)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010-09-09 04:00:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010-09-09 04:00:26 | 000,000,000 | ---D | M]

[2010-08-25 00:34:19 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\mozilla\Extensions
[2010-09-17 21:09:58 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\mozilla\Firefox\Profiles\7pcj8uok.default\extensions
[2010-08-25 00:34:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2010-07-23 02:41:44 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2010-07-23 02:41:44 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2010-07-23 02:41:44 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2010-07-23 02:41:44 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2010-07-23 02:41:44 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2010-07-23 02:41:44 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2010-08-25 19:39:54 | 000,000,988 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 serial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 www.alcohol-soft.com
O1 - Hosts: 127.0.0.1 images.alcohol-soft.com
O1 - Hosts: 127.0.0.1 trial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 alcohol-soft.com
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Foxit Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Foxit Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (Foxit Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:[b]64bit:[/b] - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:[b]64bit:[/b] - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:[b]64bit:[/b] - HKLM..\Run: [MagicTuneEngine] C:\Program Files (x86)\MagicTune Premium\MagicTuneLauncher.exe ()
O4:[b]64bit:[/b] - HKLM..\Run: [MSSE] C:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [DelReg] C:\Program Files (x86)\MSI\OverclockingCenter\DelReg.exe ()
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [MagicRotation] C:\Program Files (x86)\MagicRotation\MagicPvt.exe (Samsung Electronics, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)
O4 - HKCU..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\/\KiesTrayAgent.exe ()
O4 - HKCU..\Run: [Komunikator] C:\Program Files (x86)\Tlen.pl\tlen.exe (o2.pl Sp. z o.o.)
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\SysWow64\StikyNot.exe File not found
O4 - Startup: C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StikyNot.exe — skrót.lnk = C:\Windows\SysWow64\StikyNot.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: mks.com.pl ([www] https in Zaufane witryny)
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.21.99.95 192.168.1.1
O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - File not found
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*


MsConfig:64bit - State: "startup" - Reg Error: Key error.

SafeBootMin:[b]64bit:[/b] AppMgmt - Service
SafeBootMin:[b]64bit:[/b] Base - Driver Group
SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group
SafeBootMin:[b]64bit:[/b] File system - Driver Group
SafeBootMin:[b]64bit:[/b] Filter - Driver Group
SafeBootMin:[b]64bit:[/b] HelpSvc - Service
SafeBootMin:[b]64bit:[/b] MsMpSvc - C:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group
SafeBootMin:[b]64bit:[/b] sacsvr - Service
SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] vmms - Service
SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: Lavasoft Ad-Aware Service - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:[b]64bit:[/b] AppMgmt - Service
SafeBootNet:[b]64bit:[/b] Base - Driver Group
SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group
SafeBootNet:[b]64bit:[/b] File system - Driver Group
SafeBootNet:[b]64bit:[/b] Filter - Driver Group
SafeBootNet:[b]64bit:[/b] HelpSvc - Service
SafeBootNet:[b]64bit:[/b] Messenger - Service
SafeBootNet:[b]64bit:[/b] MsMpSvc - C:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group
SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group
SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group
SafeBootNet:[b]64bit:[/b] Network - Driver Group
SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group
SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group
SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group
SafeBootNet:[b]64bit:[/b] rdsessmgr - Service
SafeBootNet:[b]64bit:[/b] sacsvr - Service
SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group
SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] TDI - Driver Group
SafeBootNet:[b]64bit:[/b] vmms - Service
SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver
SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Lavasoft Ad-Aware Service - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-09-17 21:45:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro
[2010-09-17 21:45:10 | 000,000,000 | ---D | C] -- C:\rsit
[2010-09-17 21:29:11 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Robert\Desktop\OTL.exe
[2010-09-17 20:14:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Antimalware
[2010-09-17 20:14:33 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Essentials
[2010-09-17 00:54:47 | 000,069,152 | ---- | C] (Lavasoft AB) -- C:\Windows\SysNative\drivers\Lbd.sys
[2010-09-17 00:52:11 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\Sunbelt Software
[2010-09-17 00:51:50 | 000,000,000 | -H-D | C] -- C:\ProgramData\{ECC164E0-3133-4C70-A831-F08DB2940F70}
[2010-09-17 00:51:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2010-09-17 00:51:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavasoft
[2010-09-17 00:49:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010-09-17 00:49:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2010-09-16 23:32:17 | 000,000,000 | ---D | C] -- C:\Program Files\SkanerOnline
[2010-09-14 06:08:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\K-Lite Codec Pack
[2010-09-12 03:19:46 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2010-09-12 03:17:23 | 000,000,000 | ---D | C] -- C:\Users\Robert\Desktop\MotioninJoy_050002_amd64
[2010-09-12 02:00:10 | 000,000,000 | ---D | C] -- C:\Users\Robert\Desktop\magisterka10.09.10 praca
[2010-09-11 22:00:07 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\BESTplayer
[2010-09-11 21:59:34 | 001,093,632 | ---- | C] (Karol Winnicki) -- C:\Users\Robert\Desktop\BESTplayer.exe
[2010-09-10 18:04:27 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2010-09-10 18:04:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2010-09-10 18:03:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
[2010-09-09 19:16:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2010-09-06 18:10:27 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010-09-05 20:30:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group
[2010-09-05 20:11:53 | 000,000,000 | ---D | C] -- C:\Users\Robert\Desktop\God Mode.{ED7BA470-8E54-465E-825C-99712043E01C}
[2010-09-05 19:13:08 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\ClipboardManager
[2010-09-05 14:38:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ALLConventer Samsung Monte
[2010-09-04 12:15:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDFCreator
[2010-09-03 20:08:49 | 000,000,000 | ---D | C] -- C:\Users\Robert\Documents\My Videos
[2010-09-03 20:07:41 | 000,000,000 | ---D | C] -- C:\Users\Robert\Documents\SelfMV
[2010-09-03 19:58:59 | 000,000,000 | ---D | C] -- C:\Users\Robert\Documents\Samsung
[2010-09-03 19:58:58 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Suite
[2010-09-03 19:58:57 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\PC Suite
[2010-09-03 19:56:10 | 000,161,280 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\ss_bmdm.sys
[2010-09-03 19:56:10 | 000,128,000 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\ss_bserd.sys
[2010-09-03 19:56:10 | 000,127,488 | ---- | C] (MCCI) -- C:\Windows\SysNative\drivers\ss_bbus.sys
[2010-09-03 19:56:10 | 000,018,944 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\ss_bmdfl.sys
[2010-09-03 19:56:10 | 000,015,872 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\ss_bwhnt.sys
[2010-09-03 19:56:10 | 000,015,872 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\ss_bwh.sys
[2010-09-03 19:56:10 | 000,015,360 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\ss_bcmnt.sys
[2010-09-03 19:56:10 | 000,015,360 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\ss_bcm.sys
[2010-09-03 19:55:53 | 000,000,000 | ---D | C] -- C:\Program Files\SAMSUNG
[2010-09-03 19:55:45 | 000,025,600 | ---- | C] (Nokia) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys
[2010-09-03 19:55:45 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2010-09-03 19:55:42 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2010-09-03 19:55:20 | 000,020,480 | ---- | C] (Teruten Inc) -- C:\Windows\SysWow64\FsExService64.Exe
[2010-09-03 19:55:20 | 000,016,448 | ---- | C] (Teruten Inc) -- C:\Windows\SysWow64\drivers\TFsExDisk.Sys
[2010-09-03 19:55:20 | 000,016,448 | ---- | C] (Teruten Inc) -- C:\Windows\SysNative\drivers\TFsExDisk.sys
[2010-09-03 19:53:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Connectivity Solution
[2010-09-03 19:51:20 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Samsung
[2010-09-03 19:50:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MarkAny
[2010-09-03 19:50:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung
[2010-09-03 19:50:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Samsung
[2010-09-03 19:50:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Samsung
[2010-09-01 00:28:42 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Microsoft Games
[2010-09-01 00:09:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Microsoft Games
[2010-08-31 23:47:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games
[2010-08-31 19:42:07 | 000,000,000 | ---D | C] -- C:\Users\Robert\Documents\Alcohol 120%
[2010-08-31 16:56:42 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\Easy CD-DA Extractor
[2010-08-31 16:56:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Easy CD-DA Extractor
[2010-08-31 16:56:37 | 000,000,000 | ---D | C] -- C:\Windows\Easy CD-DA Extractor 12
[2010-08-31 16:56:37 | 000,000,000 | ---D | C] -- C:\Program Files\Easy CD-DA Extractor 12
[2010-08-29 12:09:57 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\ElevatedDiagnostics
[2010-08-29 02:31:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2010-08-29 02:31:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2010-08-29 02:24:50 | 000,000,000 | ---D | C] -- C:\Half-Life 2
[2010-08-29 02:12:26 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2010-08-28 23:22:39 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\Last.fm
[2010-08-28 10:41:15 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Canon
[2010-08-28 10:39:58 | 000,000,000 | ---D | C] -- C:\Users\Robert\Desktop\magisterka
[2010-08-28 09:33:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CDisplay
[2010-08-28 02:36:31 | 000,061,952 | ---- | C] (MotioninJoy) -- C:\Windows\SysNative\drivers\MijXfilt.sys
[2010-08-28 02:36:31 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\MotioninJoy
[2010-08-28 02:36:31 | 000,000,000 | ---D | C] -- C:\Program Files\MotioninJoy
[2010-08-28 02:16:05 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\Apps
[2010-08-27 22:08:03 | 000,000,000 | ---D | C] -- C:\Users\Robert\Documents\My Games
[2010-08-27 22:03:55 | 000,098,304 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt.dll
[2010-08-27 22:02:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Prey
[2010-08-26 01:48:06 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Bentley
[2010-08-26 01:48:06 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\Bentley
[2010-08-26 01:47:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Bentley Shared
[2010-08-26 01:47:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Bentley
[2010-08-26 01:47:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bentley
[2010-08-26 00:57:25 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2010-08-26 00:15:25 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\Mathsoft
[2010-08-26 00:09:59 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Ahead
[2010-08-26 00:09:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2010-08-26 00:09:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nero
[2010-08-26 00:09:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Ahead
[2010-08-25 21:40:55 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJPLM
[2010-08-25 21:37:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CANON
[2010-08-25 21:36:53 | 000,000,000 | ---D | C] -- C:\Program Files\Canon
[2010-08-25 21:35:28 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2010-08-25 21:35:25 | 000,000,000 | -H-D | C] -- C:\Windows\SysNative\CanonIJ Uninstaller Information
[2010-08-25 21:34:59 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
[2010-08-25 21:34:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Canon
[2010-08-25 20:41:43 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Media Player Classic
[2010-08-25 20:40:07 | 000,000,000 | ---D | C] -- C:\Users\Robert\Desktop\robert 2
[2010-08-25 20:38:26 | 000,000,000 | ---D | C] -- C:\Users\Robert\Desktop\Robert PRACA MGR
[2010-08-25 20:24:15 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2010-08-25 20:20:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI
[2010-08-25 20:17:35 | 000,000,000 | ---D | C] -- C:\ATI
[2010-08-25 19:46:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2010-08-25 19:46:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
[2010-08-25 19:46:04 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010-08-25 19:46:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2010-08-25 19:37:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Alcohol Soft
[2010-08-25 18:43:49 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet
[2010-08-25 18:42:45 | 000,000,000 | ---D | C] -- C:\Users\Robert\Documents\Autodesk
[2010-08-25 18:38:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Macrovision Shared
[2010-08-25 18:31:27 | 000,000,000 | ---D | C] -- C:\Civil 3D Projects
[2010-08-25 18:31:27 | 000,000,000 | ---D | C] -- C:\Civil 3D Project Templates
[2010-08-25 18:31:27 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Autodesk
[2010-08-25 18:31:27 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\Autodesk
[2010-08-25 18:30:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AutoCAD Civil 3D 2010
[2010-08-25 18:30:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Autodesk
[2010-08-25 18:29:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2010-08-25 18:29:13 | 000,000,000 | ---D | C] -- C:\Users\Robert\Documents\Microsoft Visual Basic 2005 Power Packs
[2010-08-25 18:29:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Basic 2005 Power Packs
[2010-08-25 18:29:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SDKs
[2010-08-25 18:28:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Designer
[2010-08-25 18:27:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Autodesk Shared
[2010-08-25 18:27:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Autodesk
[2010-08-25 17:23:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD
[2010-08-25 17:22:54 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\Downloaded Installations
[2010-08-25 17:22:21 | 000,421,888 | ---- | C] (NVIDIA) -- C:\Windows\nvsulib.dll
[2010-08-25 17:22:21 | 000,018,216 | ---- | C] (NVidia Corp.) -- C:\Windows\nvoclk64.sys
[2010-08-25 17:22:21 | 000,006,912 | ---- | C] (NVidia Corp.) -- C:\Windows\nvoclock.sys
[2010-08-25 17:22:20 | 001,622,016 | ---- | C] (NVIDIA) -- C:\Windows\NVBenchMarks.dll
[2010-08-25 17:22:20 | 000,380,928 | ---- | C] (NVIDIA) -- C:\Windows\ntuneoem.dll
[2010-08-25 17:22:20 | 000,045,056 | ---- | C] (NVIDIA) -- C:\Windows\NTuneGpu.dll
[2010-08-25 17:22:20 | 000,028,672 | ---- | C] (NVIDIA) -- C:\Windows\AutoTuneScript.dll
[2010-08-25 17:22:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSI
[2010-08-25 17:10:35 | 000,242,176 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\Dts2APO.dll
[2010-08-25 17:10:35 | 000,193,024 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\ViaMicArrayAPO.dll
[2010-08-25 17:10:35 | 000,086,016 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\SysNative\nQPropPageExt.dll
[2010-08-25 17:10:35 | 000,082,432 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\SysNative\nQAPO.dll
[2010-08-25 17:10:35 | 000,076,288 | ---- | C] (VIA Technologies,Inc.) -- C:\Windows\SysNative\ViaMicArrayPropPageExt.dll
[2010-08-25 17:10:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VIA
[2010-08-25 17:09:41 | 000,058,880 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\L1C62x64.sys
[2010-08-25 17:09:23 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Atheros_L1e
[2010-08-25 17:04:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2010-08-25 17:04:36 | 000,121,872 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\drivers\AtiHdmi.sys
[2010-08-25 16:41:51 | 000,000,000 | ---D | C] -- C:\Users\Robert\Desktop\skróty
[2010-08-25 16:28:55 | 000,021,480 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\cpuz134_x64.sys
[2010-08-25 16:28:55 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID
[2010-08-25 06:55:11 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2010-08-25 06:55:11 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2010-08-25 04:02:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2010-08-25 03:41:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2010-08-25 03:41:19 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010-08-25 01:46:46 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Sony Corporation
[2010-08-25 01:27:38 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Mathsoft
[2010-08-25 01:26:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mathcad
[2010-08-25 01:21:04 | 000,827,392 | R--- | C] (Macromedia, Inc.) -- C:\Windows\SysWow64\Flash.ocx
[2010-08-25 01:21:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SEC
[2010-08-25 01:19:33 | 000,143,872 | ---- | C] (Samsung Electronics, Inc.) -- C:\Windows\SysNative\mpvthook.dll
[2010-08-25 01:19:33 | 000,143,872 | ---- | C] (Samsung Electronics, Inc.) -- C:\Windows\mpvthook.dll
[2010-08-25 01:19:33 | 000,014,848 | ---- | C] (Samsung Electronics, Inc.) -- C:\Windows\SysNative\drivers\magicpvt.sys
[2010-08-25 01:19:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MagicRotation
[2010-08-25 01:19:14 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield
[2010-08-25 01:18:11 | 000,023,096 | ---- | C] (Samsung Electronics, Inc. ) -- C:\Windows\SysNative\drivers\MTiCtwl.sys
[2010-08-25 01:17:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MagicTune Premium
[2010-08-25 01:17:41 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\InstallShield
[2010-08-25 00:40:27 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Macromedia
[2010-08-25 00:40:26 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Adobe
[2010-08-25 00:38:56 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2010-08-25 00:34:14 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Mozilla
[2010-08-25 00:34:14 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\Mozilla
[2010-08-25 00:34:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2010-08-25 00:31:41 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\AskToolbar
[2010-08-25 00:31:26 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\BitComet
[2010-08-25 00:31:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BitComet
[2010-08-25 00:29:17 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\WinRAR
[2010-08-25 00:28:54 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010-08-25 00:27:24 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Tlen.pl
[2010-08-25 00:27:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Tlen.pl
[2010-08-25 00:27:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tlen.pl
[2010-08-25 00:26:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NAPI-PROJEKT
[2010-08-25 00:26:02 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\IrfanView
[2010-08-25 00:26:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IrfanView
[2010-08-25 00:25:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com
[2010-08-25 00:25:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Software
[2010-08-25 00:24:35 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\foobar2000
[2010-08-25 00:24:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\foobar2000
[2010-08-25 00:14:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2010-08-25 00:14:25 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010-08-24 23:21:01 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010-08-24 23:20:39 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\Microsoft Help
[2010-08-24 23:20:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2010-08-24 23:07:37 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2010-08-24 23:07:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony
[2010-08-24 23:05:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2010-08-24 22:59:51 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\Ahead
[2010-08-24 22:58:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Ahead
[2010-08-24 19:12:49 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\Diagnostics
[2010-08-24 19:01:55 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\Microsoft Games
[2010-08-24 18:58:09 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\ATI
[2010-08-24 18:58:09 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\ATI
[2010-08-24 18:56:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2010-08-24 18:56:39 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010-08-24 18:56:19 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2010-08-24 18:56:16 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2010-08-24 17:39:39 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Foxit Software
[2010-08-24 01:37:37 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010-08-24 01:37:24 | 000,000,000 | -HSD | C] -- C:\Boot
[2010-08-24 00:46:07 | 000,000,000 | R--D | C] -- C:\Users\Robert\Searches
[2010-08-24 00:45:56 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Identities
[2010-08-24 00:45:54 | 000,000,000 | R--D | C] -- C:\Users\Robert\Contacts
[2010-08-24 00:45:53 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\VirtualStore
[2010-08-24 00:45:45 | 000,000,000 | --SD | C] -- C:\Users\Robert\AppData\Roaming\Microsoft
[2010-08-24 00:45:45 | 000,000,000 | R--D | C] -- C:\Users\Robert\Videos
[2010-08-24 00:45:45 | 000,000,000 | R--D | C] -- C:\Users\Robert\Saved Games
[2010-08-24 00:45:45 | 000,000,000 | R--D | C] -- C:\Users\Robert\Pictures
[2010-08-24 00:45:45 | 000,000,000 | R--D | C] -- C:\Users\Robert\Music
[2010-08-24 00:45:45 | 000,000,000 | R--D | C] -- C:\Users\Robert\Links
[2010-08-24 00:45:45 | 000,000,000 | R--D | C] -- C:\Users\Robert\Favorites
[2010-08-24 00:45:45 | 000,000,000 | R--D | C] -- C:\Users\Robert\Downloads
[2010-08-24 00:45:45 | 000,000,000 | R--D | C] -- C:\Users\Robert\Documents
[2010-08-24 00:45:45 | 000,000,000 | R--D | C] -- C:\Users\Robert\Desktop
[2010-08-24 00:45:45 | 000,000,000 | -HSD | C] -- C:\Users\Robert\Ustawienia lokalne
[2010-08-24 00:45:45 | 000,000,000 | -HSD | C] -- C:\Users\Robert\AppData\Local\Temporary Internet Files
[2010-08-24 00:45:45 | 000,000,000 | -HSD | C] -- C:\Users\Robert\Szablony
[2010-08-24 00:45:45 | 000,000,000 | -HSD | C] -- C:\Users\Robert\SendTo
[2010-08-24 00:45:45 | 000,000,000 | -HSD | C] -- C:\Users\Robert\Recent
[2010-08-24 00:45:45 | 000,000,000 | -HSD | C] -- C:\Users\Robert\PrintHood
[2010-08-24 00:45:45 | 000,000,000 | -HSD | C] -- C:\Users\Robert\NetHood
[2010-08-24 00:45:45 | 000,000,000 | -HSD | C] -- C:\Users\Robert\Documents\Moje wideo
[2010-08-24 00:45:45 | 000,000,000 | -HSD | C] -- C:\Users\Robert\Documents\Moje obrazy
[2010-08-24 00:45:45 | 000,000,000 | -HSD | C] -- C:\Users\Robert\Moje dokumenty
[2010-08-24 00:45:45 | 000,000,000 | -HSD | C] -- C:\Users\Robert\Documents\Moja muzyka
[2010-08-24 00:45:45 | 000,000,000 | -HSD | C] -- C:\Users\Robert\Menu Start
[2010-08-24 00:45:45 | 000,000,000 | -HSD | C] -- C:\Users\Robert\AppData\Local\Historia
[2010-08-24 00:45:45 | 000,000,000 | -HSD | C] -- C:\Users\Robert\Dane aplikacji
[2010-08-24 00:45:45 | 000,000,000 | -HSD | C] -- C:\Users\Robert\AppData\Local\Dane aplikacji
[2010-08-24 00:45:45 | 000,000,000 | -HSD | C] -- C:\Users\Robert\Cookies
[2010-08-24 00:45:45 | 000,000,000 | -H-D | C] -- C:\Users\Robert\AppData
[2010-08-24 00:45:45 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\Temp
[2010-08-24 00:45:45 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\Microsoft
[2010-08-24 00:45:45 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Media Center Programs
[2010-08-24 00:45:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\Ulubione
[2010-08-24 00:45:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\Szablony
[2010-08-24 00:45:33 | 000,000,000 | -HSD | C] -- C:\Recovery
[2010-08-24 00:45:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\Pulpit
[2010-08-24 00:45:33 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje wideo
[2010-08-24 00:45:33 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje obrazy
[2010-08-24 00:45:33 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moja muzyka
[2010-08-24 00:45:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Start
[2010-08-24 00:45:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty
[2010-08-24 00:45:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dane aplikacji
[2010-08-24 00:40:54 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010-08-24 00:38:26 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2010-08-24 00:38:08 | 000,000,000 | -HSD | C] -- C:\System Volume Information

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-09-17 22:10:58 | 002,621,440 | -HS- | M] () -- C:\Users\Robert\NTUSER.DAT
[2010-09-17 21:44:53 | 000,339,991 | ---- | M] () -- C:\Users\Robert\Desktop\RSIT.exe
[2010-09-17 21:29:14 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Robert\Desktop\OTL.exe
[2010-09-17 21:18:55 | 082,168,735 | ---- | M] () -- C:\Users\Robert\Desktop\tgs_gt5_2.wmv
[2010-09-17 20:49:22 | 000,015,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010-09-17 20:49:22 | 000,015,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010-09-17 20:42:59 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010-09-17 20:42:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010-09-17 20:42:52 | 1609,965,568 | -HS- | M] () -- C:\hiberfil.sys
[2010-09-17 20:42:14 | 004,809,982 | -H-- | M] () -- C:\Users\Robert\AppData\Local\IconCache.db
[2010-09-17 20:14:33 | 000,001,047 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2010-09-17 00:51:48 | 000,001,148 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2010-09-17 00:49:08 | 000,001,268 | ---- | M] () -- C:\Users\Robert\Desktop\Spybot - Search & Destroy.lnk
[2010-09-16 20:30:58 | 036,217,292 | ---- | M] () -- C:\Users\Robert\Desktop\t_thelastguardian_tgs10_trailer_hd.wmv
[2010-09-16 18:33:37 | 000,001,266 | ---- | M] () -- C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StikyNot.exe — skrót.lnk
[2010-09-15 17:56:39 | 001,523,412 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010-09-15 17:56:39 | 000,687,590 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2010-09-15 17:56:39 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010-09-15 17:56:39 | 000,131,176 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2010-09-15 17:56:39 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010-09-14 06:05:17 | 000,006,144 | ---- | M] () -- C:\Users\Robert\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-09-11 21:59:35 | 001,093,632 | ---- | M] (Karol Winnicki) -- C:\Users\Robert\Desktop\BESTplayer.exe
[2010-09-08 16:13:52 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2010-09-07 00:06:33 | 000,000,595 | ---- | M] () -- C:\Users\Robert\Documents\ax_files.xml
[2010-09-05 02:42:11 | 000,007,605 | ---- | M] () -- C:\Users\Robert\AppData\Local\Resmon.ResmonCfg
[2010-09-03 19:50:28 | 000,002,006 | ---- | M] () -- C:\aqua_bitmap.cpp
[2010-09-01 00:12:22 | 000,001,888 | ---- | M] () -- C:\Users\Robert\Desktop\Gears of War.lnk
[2010-08-31 16:56:39 | 000,001,810 | ---- | M] () -- C:\Users\Public\Desktop\Easy CD-DA Extractor.lnk
[2010-08-30 18:46:27 | 000,000,764 | ---- | M] () -- C:\Users\Robert\Desktop\Prey.lnk
[2010-08-30 18:45:50 | 000,000,570 | ---- | M] () -- C:\Users\Robert\Desktop\DeSmuME.lnk
[2010-08-30 18:45:33 | 000,000,749 | ---- | M] () -- C:\Users\Robert\Desktop\Dolphin.lnk
[2010-08-30 18:45:08 | 000,001,321 | ---- | M] () -- C:\Users\Robert\Desktop\Portal.lnk
[2010-08-30 18:44:36 | 000,000,941 | ---- | M] () -- C:\Users\Robert\Desktop\Steam.lnk
[2010-08-30 18:03:12 | 000,000,021 | ---- | M] () -- C:\Users\Robert\AppData\Roaming\.dolphinx64wd
[2010-08-28 23:35:18 | 000,000,703 | ---- | M] () -- C:\Users\Robert\Desktop\Downoloads.lnk
[2010-08-28 02:38:12 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf
[2010-08-28 02:38:12 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_MijXfilt_01009.Wdf
[2010-08-28 01:50:25 | 000,001,484 | ---- | M] () -- C:\Users\Robert\Desktop\foobar2000.lnk
[2010-08-28 01:45:55 | 000,000,652 | ---- | M] () -- C:\Users\Robert\Desktop\Filmy.lnk
[2010-08-27 22:03:55 | 000,098,304 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt.dll
[2010-08-27 20:14:03 | 000,001,468 | ---- | M] () -- C:\Users\Robert\Desktop\napisy.lnk
[2010-08-26 15:59:57 | 000,501,424 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010-08-26 01:57:14 | 000,001,233 | ---- | M] () -- C:\Users\Robert\Desktop\Pobrane.lnk
[2010-08-26 01:47:28 | 000,001,234 | ---- | M] () -- C:\Users\Robert\Desktop\MicroStation.lnk
[2010-08-26 00:14:10 | 000,140,464 | ---- | M] () -- C:\Users\Robert\AppData\Local\GDIPFONTCACHEV1.DAT
[2010-08-25 22:06:16 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010-08-25 20:31:52 | 000,001,554 | ---- | M] () -- C:\Users\Robert\Desktop\MILANINA.lnk
[2010-08-25 19:53:45 | 000,000,387 | ---- | M] () -- C:\Windows\win.ini
[2010-08-25 18:38:15 | 000,002,245 | ---- | M] () -- C:\Users\Public\Desktop\AutoCAD Civil 3D 2010.lnk
[2010-08-25 18:37:01 | 000,002,649 | ---- | M] () -- C:\Users\Robert\Desktop\AutoCAD 2010.lnk
[2010-08-25 18:10:24 | 000,834,544 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys
[2010-08-25 17:31:54 | 000,000,673 | ---- | M] () -- C:\Users\Robert\Desktop\Muzyka.lnk
[2010-08-25 16:16:15 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010-08-25 01:45:46 | 000,002,404 | ---- | M] () -- C:\Users\Robert\Documents\SEC Natural color pro. August 25 2010 - 01 45 AM.icm
[2010-08-25 01:19:33 | 000,000,108 | ---- | M] () -- C:\Windows\SysNative\driver.dat
[2010-08-25 00:34:12 | 000,001,943 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010-08-24 23:07:38 | 000,001,000 | ---- | M] () -- C:\Users\Robert\Desktop\Cyber-shot Viewer.lnk
[2010-08-24 19:06:59 | 000,524,288 | -HS- | M] () -- C:\Users\Robert\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010-08-24 19:06:59 | 000,524,288 | -HS- | M] () -- C:\Users\Robert\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010-08-24 19:06:59 | 000,065,536 | -HS- | M] () -- C:\Users\Robert\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010-08-24 01:37:25 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2010-08-24 00:45:45 | 000,000,020 | -HS- | M] () -- C:\Users\Robert\ntuser.ini
[2010-08-24 00:40:57 | 000,064,519 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2010-08-24 00:40:57 | 000,064,519 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2010-08-24 00:39:51 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2010-08-12 14:15:20 | 000,069,152 | ---- | M] (Lavasoft AB) -- C:\Windows\SysNative\drivers\Lbd.sys
[2010-08-12 14:15:20 | 000,015,880 | ---- | M] () -- C:\Windows\SysNative\lsdelete.exe

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-09-17 21:44:51 | 000,339,991 | ---- | C] () -- C:\Users\Robert\Desktop\RSIT.exe
[2010-09-17 21:17:06 | 082,168,735 | ---- | C] () -- C:\Users\Robert\Desktop\tgs_gt5_2.wmv
[2010-09-17 20:14:33 | 000,001,047 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2010-09-17 17:53:11 | 000,015,880 | ---- | C] () -- C:\Windows\SysNative\lsdelete.exe
[2010-09-17 00:51:48 | 000,001,148 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2010-09-17 00:49:08 | 000,001,268 | ---- | C] () -- C:\Users\Robert\Desktop\Spybot - Search & Destroy.lnk
[2010-09-16 20:28:48 | 036,217,292 | ---- | C] () -- C:\Users\Robert\Desktop\t_thelastguardian_tgs10_trailer_hd.wmv
[2010-09-16 18:33:37 | 000,001,266 | ---- | C] () -- C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StikyNot.exe — skrót.lnk
[2010-09-14 06:08:51 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010-09-05 02:42:11 | 000,007,605 | ---- | C] () -- C:\Users\Robert\AppData\Local\Resmon.ResmonCfg
[2010-09-04 12:15:59 | 000,087,040 | ---- | C] () -- C:\Windows\SysNative\pdfcmnnt.dll
[2010-09-03 20:07:42 | 000,006,144 | ---- | C] () -- C:\Users\Robert\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-09-03 19:50:28 | 000,002,006 | ---- | C] () -- C:\aqua_bitmap.cpp
[2010-09-01 00:12:22 | 000,001,888 | ---- | C] () -- C:\Users\Robert\Desktop\Gears of War.lnk
[2010-08-31 16:56:39 | 000,001,810 | ---- | C] () -- C:\Users\Public\Desktop\Easy CD-DA Extractor.lnk
[2010-08-30 18:46:27 | 000,000,764 | ---- | C] () -- C:\Users\Robert\Desktop\Prey.lnk
[2010-08-30 18:45:50 | 000,000,570 | ---- | C] () -- C:\Users\Robert\Desktop\DeSmuME.lnk
[2010-08-30 18:45:33 | 000,000,749 | ---- | C] () -- C:\Users\Robert\Desktop\Dolphin.lnk
[2010-08-30 18:45:08 | 000,001,321 | ---- | C] () -- C:\Users\Robert\Desktop\Portal.lnk
[2010-08-30 18:44:36 | 000,000,941 | ---- | C] () -- C:\Users\Robert\Desktop\Steam.lnk
[2010-08-30 18:03:12 | 000,000,021 | ---- | C] () -- C:\Users\Robert\AppData\Roaming\.dolphinx64wd
[2010-08-28 23:35:06 | 000,000,703 | ---- | C] () -- C:\Users\Robert\Desktop\Downoloads.lnk
[2010-08-28 10:41:39 | 000,000,000 | ---- | C] () -- C:\Users\Robert\Sti_Trace.log
[2010-08-28 02:38:12 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf
[2010-08-28 02:38:12 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_MijXfilt_01009.Wdf
[2010-08-28 01:50:25 | 000,001,484 | ---- | C] () -- C:\Users\Robert\Desktop\foobar2000.lnk
[2010-08-28 01:46:03 | 000,000,652 | ---- | C] () -- C:\Users\Robert\Desktop\Filmy.lnk
[2010-08-27 20:13:45 | 000,001,468 | ---- | C] () -- C:\Users\Robert\Desktop\napisy.lnk
[2010-08-26 01:57:14 | 000,001,233 | ---- | C] () -- C:\Users\Robert\Desktop\Pobrane.lnk
[2010-08-26 01:47:28 | 000,001,234 | ---- | C] () -- C:\Users\Robert\Desktop\MicroStation.lnk
[2010-08-25 22:06:16 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010-08-25 20:31:52 | 000,001,554 | ---- | C] () -- C:\Users\Robert\Desktop\MILANINA.lnk
[2010-08-25 19:39:58 | 000,000,595 | ---- | C] () -- C:\Users\Robert\Documents\ax_files.xml
[2010-08-25 18:38:15 | 000,002,245 | ---- | C] () -- C:\Users\Public\Desktop\AutoCAD Civil 3D 2010.lnk
[2010-08-25 18:37:01 | 000,002,649 | ---- | C] () -- C:\Users\Robert\Desktop\AutoCAD 2010.lnk
[2010-08-25 18:10:24 | 000,834,544 | ---- | C] () -- C:\Windows\SysNative\drivers\sptd.sys
[2010-08-25 17:31:42 | 000,000,673 | ---- | C] () -- C:\Users\Robert\Desktop\Muzyka.lnk
[2010-08-25 17:22:21 | 000,217,088 | ---- | C] () -- C:\Windows\NVGfxOgl.dll
[2010-08-25 16:16:15 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010-08-25 01:45:46 | 000,002,404 | ---- | C] () -- C:\Users\Robert\Documents\SEC Natural color pro. August 25 2010 - 01 45 AM.icm
[2010-08-25 01:21:05 | 000,013,312 | ---- | C] () -- C:\Windows\SysWow64\drivers\MTictwl.sys
[2010-08-25 01:19:33 | 000,000,108 | ---- | C] () -- C:\Windows\SysNative\driver.dat
[2010-08-25 01:19:33 | 000,000,008 | ---- | C] () -- C:\Windows\SysNative\magicpvt.dat
[2010-08-25 00:34:12 | 000,001,943 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010-08-25 00:14:49 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2010-08-24 23:07:38 | 000,001,000 | ---- | C] () -- C:\Users\Robert\Desktop\Cyber-shot Viewer.lnk
[2010-08-24 01:37:25 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2010-08-24 01:37:24 | 000,383,562 | RHS- | C] () -- C:\bootmgr
[2010-08-24 00:45:45 | 002,621,440 | -HS- | C] () -- C:\Users\Robert\NTUSER.DAT
[2010-08-24 00:45:45 | 000,524,288 | -HS- | C] () -- C:\Users\Robert\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010-08-24 00:45:45 | 000,524,288 | -HS- | C] () -- C:\Users\Robert\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010-08-24 00:45:45 | 000,262,144 | -HS- | C] () -- C:\Users\Robert\ntuser.dat.LOG1
[2010-08-24 00:45:45 | 000,065,536 | -HS- | C] () -- C:\Users\Robert\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010-08-24 00:45:45 | 000,000,020 | -HS- | C] () -- C:\Users\Robert\ntuser.ini
[2010-08-24 00:45:45 | 000,000,000 | -HS- | C] () -- C:\Users\Robert\ntuser.dat.LOG2
[2010-08-24 00:39:51 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010-08-24 00:38:08 | 1609,965,568 | -HS- | C] () -- C:\hiberfil.sys
[2010-04-02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009-11-09 04:08:10 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2009-11-09 04:08:10 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2009-11-09 04:08:10 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2009-11-09 04:08:10 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2009-07-14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009-07-13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[color=#E56717]========== LOP Check ==========[/color]

[2010-08-28 12:08:46 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\Autodesk
[2010-08-26 01:48:06 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\Bentley
[2010-09-11 22:05:47 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\BESTplayer
[2010-09-17 18:15:08 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\BitComet
[2010-08-28 10:41:39 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\Canon
[2010-09-17 20:11:26 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\foobar2000
[2010-08-24 17:39:39 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\Foxit Software
[2010-08-25 00:26:02 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\IrfanView
[2010-08-25 01:27:38 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\Mathsoft
[2010-08-28 02:36:31 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\MotioninJoy
[2010-09-03 19:58:57 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\PC Suite
[2010-09-03 19:51:20 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\Samsung
[2010-08-25 00:27:39 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\Tlen.pl
[2009-07-14 07:08:49 | 000,020,182 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2010-09-17 20:42:51 | 000,000,668 | ---- | M] () -- C:\aaw7boot.log
[2010-09-03 19:50:28 | 000,002,006 | ---- | M] () -- C:\aqua_bitmap.cpp
[2009-07-14 03:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr
[2010-08-24 01:37:25 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2010-09-17 20:42:52 | 1609,965,568 | -HS- | M] () -- C:\hiberfil.sys
[2010-09-16 23:39:03 | 000,007,530 | ---- | M] () -- C:\mksbasel.cpp.log
[2006-12-01 23:37:14 | 000,904,704 | ---- | M] (Microsoft Corporation) -- C:\msdia80.dll
[2010-09-17 20:42:52 | 2146,623,488 | -HS- | M] () -- C:\pagefile.sys


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2009-07-14 02:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2009-07-14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysWow64\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009-07-14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2009-07-14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2009-07-14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009-10-28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009-10-28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< End of report >
[/log]

log
[log]Logfile of random's system information tool 1.08 (written by random/random)
Run by Robert at 2010-09-17 21:45:10
Microsoft Windows 7 Home Premium
System drive C: has 22 GB (33%) free of 67 GB
Total RAM: 2047 MB (37% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:45:17, on 2010-09-17
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Tlen.pl\tlen.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Users\Robert\Desktop\OTL.exe
C:\Users\Robert\Desktop\RSIT.exe
C:\Program Files (x86)\trend micro\Robert.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Foxit Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [DelReg] C:\Program Files (x86)\MSI\OverclockingCenter\DelReg.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [MagicRotation] C:\Program Files (x86)\MagicRotation\MagicPvt.exe
O4 - HKCU\..\Run: [Komunikator] C:\Program Files (x86)\Tlen.pl\tlen.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\/\KiesTrayAgent.exe
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA SIECIOWA')
O4 - Startup: StikyNot.exe — skrót.lnk = C:\Windows\System32\StikyNot.exe
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AODService - Unknown owner - C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
O23 - Service: Device Error Recovery Service (dgdersvc) - Devguru Co., Ltd. - C:\Windows\system32\dgdersvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 7805 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Foxit Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2010-05-26 1385864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Foxit Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2010-05-26 1385864]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-10-09 2762240]
"DelReg"=C:\Program Files (x86)\MSI\OverclockingCenter\DelReg.exe [2008-12-04 196608]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-11-04 98304]
"ATICustomerCare"=C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe [2009-06-14 307200]
"MagicRotation"=C:\Program Files (x86)\MagicRotation\MagicPvt.exe [2009-06-19 1286144]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Komunikator"=C:\Program Files (x86)\Tlen.pl\tlen.exe [2009-01-17 5853672]
"AlcoholAutomount"=C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2009-11-15 33120]
"KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\/\KiesTrayAgent.exe [2010-01-28 3404600]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe []

C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
StikyNot.exe — skrót.lnk - C:\Windows\System32\StikyNot.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\SysWOW64\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2010-09-17 21:45:10 ----D---- C:\rsit
2010-09-17 21:45:10 ----D---- C:\Program Files (x86)\trend micro
2010-09-17 20:14:36 ----D---- C:\Program Files (x86)\Microsoft Antimalware
2010-09-17 00:51:50 ----HDC---- C:\ProgramData\{ECC164E0-3133-4C70-A831-F08DB2940F70}
2010-09-17 00:51:28 ----D---- C:\ProgramData\Lavasoft
2010-09-17 00:51:28 ----D---- C:\Program Files (x86)\Lavasoft
2010-09-17 00:49:03 ----D---- C:\ProgramData\Spybot - Search & Destroy
2010-09-17 00:49:03 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy
2010-09-15 22:58:07 ----A---- C:\Windows\SysWOW64\iertutil.dll
2010-09-14 06:08:51 ----A---- C:\Windows\SysWOW64\unrar.dll
2010-09-14 06:08:50 ----D---- C:\Program Files (x86)\K-Lite Codec Pack
2010-09-11 22:00:07 ----D---- C:\Users\Robert\AppData\Roaming\BESTplayer
2010-09-10 18:04:27 ----D---- C:\Windows\SysWOW64\xlive
2010-09-10 18:04:23 ----D---- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2010-09-10 18:03:50 ----D---- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
2010-09-09 19:16:10 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2010-09-06 18:10:27 ----D---- C:\Windows\Minidump
2010-09-05 20:30:44 ----D---- C:\Program Files (x86)\VS Revo Group
2010-09-05 14:38:12 ----D---- C:\Program Files (x86)\ALLConventer Samsung Monte
2010-09-04 12:15:58 ----D---- C:\Program Files (x86)\PDFCreator
2010-09-04 12:15:58 ----A---- C:\Windows\SysWOW64\MSMPIDE.DLL
2010-09-03 19:58:58 ----D---- C:\ProgramData\PC Suite
2010-09-03 19:58:57 ----D---- C:\Users\Robert\AppData\Roaming\PC Suite
2010-09-03 19:55:20 ----A---- C:\Windows\SysWOW64\FsExService64.Exe
2010-09-03 19:55:20 ----A---- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys
2010-09-03 19:53:03 ----D---- C:\Program Files (x86)\PC Connectivity Solution
2010-09-03 19:51:20 ----D---- C:\Users\Robert\AppData\Roaming\Samsung
2010-09-03 19:50:30 ----D---- C:\Program Files (x86)\MarkAny
2010-09-03 19:50:29 ----D---- C:\ProgramData\Samsung
2010-09-03 19:50:22 ----D---- C:\Program Files (x86)\Samsung
2010-09-03 19:50:11 ----D---- C:\Program Files (x86)\Common Files\Samsung
2010-09-01 00:28:42 ----D---- C:\Users\Robert\AppData\Roaming\Microsoft Games
2010-09-01 00:09:32 ----D---- C:\Program Files (x86)\Common Files\Microsoft Games
2010-08-31 23:47:48 ----D---- C:\Program Files (x86)\Microsoft Games
2010-08-31 16:56:38 ----D---- C:\ProgramData\Easy CD-DA Extractor
2010-08-31 16:56:37 ----D---- C:\Windows\Easy CD-DA Extractor 12
2010-08-29 02:31:03 ----D---- C:\Program Files (x86)\Steam
2010-08-29 02:31:03 ----D---- C:\Program Files (x86)\Common Files\Steam
2010-08-29 02:24:50 ----D---- C:\Half-Life 2
2010-08-29 02:12:26 ----D---- C:\ProgramData\TEMP
2010-08-28 10:41:15 ----D---- C:\Users\Robert\AppData\Roaming\Canon
2010-08-28 09:33:10 ----D---- C:\Program Files (x86)\CDisplay
2010-08-28 02:36:31 ----D---- C:\Users\Robert\AppData\Roaming\MotioninJoy
2010-08-27 22:03:55 ----A---- C:\Windows\SysWOW64\CmdLineExt.dll
2010-08-27 22:02:11 ----D---- C:\Program Files (x86)\Prey
2010-08-26 01:48:06 ----D---- C:\Users\Robert\AppData\Roaming\Bentley
2010-08-26 01:47:00 ----D---- C:\ProgramData\Bentley
2010-08-26 01:47:00 ----D---- C:\Program Files (x86)\Common Files\Bentley Shared
2010-08-26 01:47:00 ----D---- C:\Program Files (x86)\Bentley
2010-08-26 01:00:46 ----A---- C:\Windows\SysWOW64\XAudio2_7.dll
2010-08-26 01:00:46 ----A---- C:\Windows\SysWOW64\XAPOFX1_5.dll
2010-08-26 01:00:45 ----A---- C:\Windows\SysWOW64\xactengine3_7.dll
2010-08-26 01:00:45 ----A---- C:\Windows\SysWOW64\D3DCompiler_43.dll
2010-08-26 01:00:44 ----A---- C:\Windows\SysWOW64\D3DX9_43.dll
2010-08-26 01:00:44 ----A---- C:\Windows\SysWOW64\d3dx11_43.dll
2010-08-26 01:00:44 ----A---- C:\Windows\SysWOW64\d3dx10_43.dll
2010-08-26 01:00:44 ----A---- C:\Windows\SysWOW64\d3dcsx_43.dll
2010-08-26 01:00:43 ----A---- C:\Windows\SysWOW64\XAudio2_6.dll
2010-08-26 01:00:43 ----A---- C:\Windows\SysWOW64\XAPOFX1_4.dll
2010-08-26 01:00:43 ----A---- C:\Windows\SysWOW64\xactengine3_6.dll
2010-08-26 01:00:43 ----A---- C:\Windows\SysWOW64\X3DAudio1_7.dll
2010-08-26 01:00:41 ----A---- C:\Windows\SysWOW64\XAudio2_5.dll
2010-08-26 01:00:41 ----A---- C:\Windows\SysWOW64\xactengine3_5.dll
2010-08-26 01:00:41 ----A---- C:\Windows\SysWOW64\D3DCompiler_42.dll
2010-08-26 01:00:39 ----A---- C:\Windows\SysWOW64\d3dcsx_42.dll
2010-08-26 01:00:38 ----A---- C:\Windows\SysWOW64\d3dx11_42.dll
2010-08-26 01:00:38 ----A---- C:\Windows\SysWOW64\d3dx10_42.dll
2010-08-26 01:00:37 ----A---- C:\Windows\SysWOW64\D3DX9_42.dll
2010-08-26 01:00:36 ----A---- C:\Windows\SysWOW64\XAudio2_4.dll
2010-08-26 01:00:36 ----A---- C:\Windows\SysWOW64\XAPOFX1_3.dll
2010-08-26 01:00:36 ----A---- C:\Windows\SysWOW64\D3DX9_41.dll
2010-08-26 01:00:36 ----A---- C:\Windows\SysWOW64\d3dx10_41.dll
2010-08-26 01:00:36 ----A---- C:\Windows\SysWOW64\D3DCompiler_41.dll
2010-08-26 01:00:35 ----A---- C:\Windows\SysWOW64\xactengine3_4.dll
2010-08-26 01:00:35 ----A---- C:\Windows\SysWOW64\X3DAudio1_6.dll
2010-08-26 01:00:35 ----A---- C:\Windows\SysWOW64\d3dx10_40.dll
2010-08-26 01:00:35 ----A---- C:\Windows\SysWOW64\D3DCompiler_40.dll
2010-08-26 01:00:34 ----A---- C:\Windows\SysWOW64\XAudio2_3.dll
2010-08-26 01:00:34 ----A---- C:\Windows\SysWOW64\XAPOFX1_2.dll
2010-08-26 01:00:34 ----A---- C:\Windows\SysWOW64\D3DX9_40.dll
2010-08-26 01:00:33 ----A---- C:\Windows\SysWOW64\xactengine3_3.dll
2010-08-26 01:00:33 ----A---- C:\Windows\SysWOW64\X3DAudio1_5.dll
2010-08-26 01:00:32 ----A---- C:\Windows\SysWOW64\XAudio2_2.dll
2010-08-26 01:00:32 ----A---- C:\Windows\SysWOW64\XAPOFX1_1.dll
2010-08-26 01:00:32 ----A---- C:\Windows\SysWOW64\xactengine3_2.dll
2010-08-26 01:00:31 ----A---- C:\Windows\SysWOW64\D3DX9_39.dll
2010-08-26 01:00:31 ----A---- C:\Windows\SysWOW64\d3dx10_39.dll
2010-08-26 01:00:31 ----A---- C:\Windows\SysWOW64\D3DCompiler_39.dll
2010-08-26 01:00:30 ----A---- C:\Windows\SysWOW64\XAudio2_1.dll
2010-08-26 01:00:30 ----A---- C:\Windows\SysWOW64\XAPOFX1_0.dll
2010-08-26 01:00:30 ----A---- C:\Windows\SysWOW64\xactengine3_1.dll
2010-08-26 01:00:30 ----A---- C:\Windows\SysWOW64\X3DAudio1_4.dll
2010-08-26 01:00:29 ----A---- C:\Windows\SysWOW64\D3DX9_38.dll
2010-08-26 01:00:29 ----A---- C:\Windows\SysWOW64\d3dx10_38.dll
2010-08-26 01:00:29 ----A---- C:\Windows\SysWOW64\D3DCompiler_38.dll
2010-08-26 01:00:28 ----A---- C:\Windows\SysWOW64\XAudio2_0.dll
2010-08-26 01:00:27 ----A---- C:\Windows\SysWOW64\xactengine3_0.dll
2010-08-26 01:00:27 ----A---- C:\Windows\SysWOW64\X3DAudio1_3.dll
2010-08-26 01:00:26 ----A---- C:\Windows\SysWOW64\xactengine2_10.dll
2010-08-26 01:00:24 ----A---- C:\Windows\SysWOW64\d3dx10_36.dll
2010-08-26 01:00:24 ----A---- C:\Windows\SysWOW64\D3DCompiler_36.dll
2010-08-26 01:00:23 ----A---- C:\Windows\SysWOW64\xactengine2_9.dll
2010-08-26 01:00:23 ----A---- C:\Windows\SysWOW64\d3dx9_36.dll
2010-08-26 01:00:22 ----A---- C:\Windows\SysWOW64\d3dx9_35.dll
2010-08-26 01:00:22 ----A---- C:\Windows\SysWOW64\d3dx10_35.dll
2010-08-26 01:00:22 ----A---- C:\Windows\SysWOW64\D3DCompiler_35.dll
2010-08-26 01:00:21 ----A---- C:\Windows\SysWOW64\xactengine2_8.dll
2010-08-26 01:00:21 ----A---- C:\Windows\SysWOW64\X3DAudio1_2.dll
2010-08-26 01:00:21 ----A---- C:\Windows\SysWOW64\d3dx10_34.dll
2010-08-26 01:00:21 ----A---- C:\Windows\SysWOW64\D3DCompiler_34.dll
2010-08-26 01:00:20 ----A---- C:\Windows\SysWOW64\xinput1_3.dll
2010-08-26 01:00:20 ----A---- C:\Windows\SysWOW64\xactengine2_7.dll
2010-08-26 01:00:20 ----A---- C:\Windows\SysWOW64\d3dx9_34.dll
2010-08-26 01:00:19 ----A---- C:\Windows\SysWOW64\d3dx9_33.dll
2010-08-26 01:00:19 ----A---- C:\Windows\SysWOW64\d3dx10_33.dll
2010-08-26 01:00:19 ----A---- C:\Windows\SysWOW64\D3DCompiler_33.dll
2010-08-26 01:00:18 ----A---- C:\Windows\SysWOW64\xactengine2_6.dll
2010-08-26 01:00:17 ----A---- C:\Windows\SysWOW64\xactengine2_5.dll
2010-08-26 01:00:17 ----A---- C:\Windows\SysWOW64\d3dx10.dll
2010-08-26 01:00:16 ----A---- C:\Windows\SysWOW64\xactengine2_4.dll
2010-08-26 01:00:16 ----A---- C:\Windows\SysWOW64\x3daudio1_1.dll
2010-08-26 01:00:16 ----A---- C:\Windows\SysWOW64\d3dx9_32.dll
2010-08-26 01:00:16 ----A---- C:\Windows\SysWOW64\d3dx9_31.dll
2010-08-26 01:00:15 ----A---- C:\Windows\SysWOW64\xinput1_2.dll
2010-08-26 01:00:15 ----A---- C:\Windows\SysWOW64\xactengine2_3.dll
2010-08-26 01:00:14 ----A---- C:\Windows\SysWOW64\xinput1_1.dll
2010-08-26 01:00:14 ----A---- C:\Windows\SysWOW64\xactengine2_2.dll
2010-08-26 01:00:14 ----A---- C:\Windows\SysWOW64\xactengine2_1.dll
2010-08-26 01:00:12 ----A---- C:\Windows\SysWOW64\xactengine2_0.dll
2010-08-26 01:00:12 ----A---- C:\Windows\SysWOW64\x3daudio1_0.dll
2010-08-26 01:00:12 ----A---- C:\Windows\SysWOW64\d3dx9_29.dll
2010-08-26 01:00:11 ----A---- C:\Windows\SysWOW64\d3dx9_27.dll
2010-08-26 01:00:10 ----A---- C:\Windows\SysWOW64\d3dx9_26.dll
2010-08-26 01:00:10 ----A---- C:\Windows\SysWOW64\d3dx9_25.dll
2010-08-26 01:00:10 ----A---- C:\Windows\SysWOW64\d3dx9_24.dll
2010-08-26 00:57:25 ----D---- C:\Windows\SysWOW64\directx
2010-08-26 00:09:59 ----D---- C:\Users\Robert\AppData\Roaming\Ahead
2010-08-26 00:09:08 ----D---- C:\ProgramData\Nero
2010-08-26 00:09:08 ----D---- C:\Program Files (x86)\Nero
2010-08-26 00:09:08 ----D---- C:\Program Files (x86)\Common Files\Ahead
2010-08-25 21:40:55 ----D---- C:\ProgramData\CanonIJPLM
2010-08-25 21:35:28 ----HD---- C:\ProgramData\CanonBJ
2010-08-25 21:34:28 ----D---- C:\Program Files (x86)\Canon
2010-08-25 20:41:43 ----D---- C:\Users\Robert\AppData\Roaming\Media Player Classic
2010-08-25 20:24:15 ----D---- C:\ProgramData\ATI
2010-08-25 20:20:58 ----D---- C:\Program Files (x86)\ATI
2010-08-25 20:17:35 ----D---- C:\ATI
2010-08-25 19:46:41 ----D---- C:\Program Files (x86)\Microsoft Works
2010-08-25 19:46:23 ----D---- C:\Program Files (x86)\Microsoft Visual Studio
2010-08-25 19:46:04 ----D---- C:\Windows\PCHEALTH
2010-08-25 19:46:04 ----D---- C:\Program Files (x86)\Microsoft.NET
2010-08-25 19:37:04 ----D---- C:\Program Files (x86)\Alcohol Soft
2010-08-25 18:43:49 ----D---- C:\ProgramData\FLEXnet
2010-08-25 18:38:06 ----D---- C:\Program Files (x86)\Common Files\Macrovision Shared
2010-08-25 18:31:27 ----D---- C:\Users\Robert\AppData\Roaming\Autodesk
2010-08-25 18:31:27 ----D---- C:\Civil 3D Projects
2010-08-25 18:31:27 ----D---- C:\Civil 3D Project Templates
2010-08-25 18:30:59 ----D---- C:\Program Files (x86)\AutoCAD Civil 3D 2010
2010-08-25 18:30:52 ----D---- C:\ProgramData\Autodesk
2010-08-25 18:29:13 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2010-08-25 18:29:13 ----D---- C:\Program Files (x86)\Microsoft Visual Basic 2005 Power Packs
2010-08-25 18:29:13 ----D---- C:\Program Files (x86)\Microsoft SDKs
2010-08-25 18:29:08 ----A---- C:\Windows\SysWOW64\d3dx10_37.dll
2010-08-25 18:29:08 ----A---- C:\Windows\SysWOW64\D3DCompiler_37.dll
2010-08-25 18:29:07 ----A---- C:\Windows\SysWOW64\D3DX9_37.dll
2010-08-25 18:28:36 ----D---- C:\Program Files (x86)\Common Files\Designer
2010-08-25 18:27:51 ----D---- C:\Program Files (x86)\Common Files\Autodesk Shared
2010-08-25 18:27:51 ----D---- C:\Program Files (x86)\Autodesk
2010-08-25 17:56:01 ----A---- C:\Windows\SysWOW64\oleaut32.dll
2010-08-25 17:23:28 ----D---- C:\Program Files (x86)\AMD
2010-08-25 17:22:21 ----A---- C:\Windows\ver5.5.14.0.txt
2010-08-25 17:22:21 ----A---- C:\Windows\nvsulib.dll
2010-08-25 17:22:21 ----A---- C:\Windows\nvoclock.sys
2010-08-25 17:22:21 ----A---- C:\Windows\nvoclk64.sys
2010-08-25 17:22:21 ----A---- C:\Windows\Nvgpio.dll
2010-08-25 17:22:21 ----A---- C:\Windows\NVGfxOgl.dll
2010-08-25 17:22:20 ----A---- C:\Windows\NVBenchMarks.dll
2010-08-25 17:22:20 ----A---- C:\Windows\ntuneoem.dll
2010-08-25 17:22:20 ----A---- C:\Windows\NTuneGpu.dll
2010-08-25 17:22:20 ----A---- C:\Windows\msvcr71.dll
2010-08-25 17:22:20 ----A---- C:\Windows\msvcp71.dll
2010-08-25 17:22:20 ----A---- C:\Windows\MFC71.dll
2010-08-25 17:22:20 ----A---- C:\Windows\AutoTuneScript.dll
2010-08-25 17:22:19 ----D---- C:\Program Files (x86)\MSI
2010-08-25 17:10:20 ----N---- C:\Windows\difxapi.dll
2010-08-25 17:10:19 ----D---- C:\Program Files (x86)\VIA
2010-08-25 17:09:23 ----D---- C:\Windows\SysWOW64\Atheros_L1e
2010-08-25 06:55:11 ----D---- C:\Windows\SysWOW64\Wat
2010-08-25 04:04:38 ----A---- C:\Windows\SysWOW64\msv1_0.dll
2010-08-25 04:02:02 ----D---- C:\Program Files (x86)\MSXML 4.0
2010-08-25 04:01:10 ----A---- C:\Windows\SysWOW64\PresentationHostProxy.dll
2010-08-25 04:01:10 ----A---- C:\Windows\SysWOW64\PresentationHost.exe
2010-08-25 04:01:10 ----A---- C:\Windows\SysWOW64\netfxperf.dll
2010-08-25 04:01:10 ----A---- C:\Windows\SysWOW64\mscoree.dll
2010-08-25 04:01:10 ----A---- C:\Windows\SysWOW64\dfshim.dll
2010-08-25 03:41:41 ----D---- C:\Program Files (x86)\Microsoft Office
2010-08-25 03:41:19 ----RHD---- C:\MSOCache
2010-08-25 03:05:39 ----A---- C:\Windows\SysWOW64\asycfilt.dll
2010-08-25 03:05:37 ----A---- C:\Windows\SysWOW64\vbscript.dll
2010-08-25 03:05:37 ----A---- C:\Windows\SysWOW64\ntdll.dll
2010-08-25 03:05:36 ----A---- C:\Windows\SysWOW64\schannel.dll
2010-08-25 03:05:31 ----A---- C:\Windows\SysWOW64\wmp.dll
2010-08-25 03:05:30 ----A---- C:\Windows\SysWOW64\CertEnroll.dll
2010-08-25 03:05:28 ----A---- C:\Windows\SysWOW64\wmploc.DLL
2010-08-25 03:05:26 ----A---- C:\Windows\SysWOW64\secproc_isv.dll
2010-08-25 03:05:26 ----A---- C:\Windows\SysWOW64\secproc.dll
2010-08-25 03:05:25 ----A---- C:\Windows\SysWOW64\secproc_ssp_isv.dll
2010-08-25 03:05:25 ----A---- C:\Windows\SysWOW64\RMActivate_isv.exe
2010-08-25 03:05:25 ----A---- C:\Windows\SysWOW64\RMActivate.exe
2010-08-25 03:05:24 ----A---- C:\Windows\SysWOW64\secproc_ssp.dll
2010-08-25 03:05:24 ----A---- C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2010-08-25 03:05:24 ----A---- C:\Windows\SysWOW64\RMActivate_ssp.exe
2010-08-25 03:05:16 ----A---- C:\Windows\SysWOW64\shell32.dll
2010-08-25 03:05:15 ----A---- C:\Windows\SysWOW64\inetcomm.dll
2010-08-25 03:05:13 ----A---- C:\Windows\SysWOW64\t2embed.dll
2010-08-25 03:05:04 ----A---- C:\Windows\SysWOW64\ntoskrnl.exe
2010-08-25 03:05:04 ----A---- C:\Windows\SysWOW64\ntkrnlpa.exe
2010-08-25 03:04:57 ----A---- C:\Windows\SysWOW64\mshtml.dll
2010-08-25 03:04:56 ----A---- C:\Windows\SysWOW64\ieframe.dll
2010-08-25 03:04:55 ----A---- C:\Windows\SysWOW64\urlmon.dll
2010-08-25 03:04:55 ----A---- C:\Windows\SysWOW64\mstime.dll
2010-08-25 03:04:55 ----A---- C:\Windows\SysWOW64\iedkcs32.dll
2010-08-25 03:04:54 ----A---- C:\Windows\SysWOW64\wininet.dll
2010-08-25 03:04:54 ----A---- C:\Windows\SysWOW64\msfeedsbs.dll
2010-08-25 03:04:54 ----A---- C:\Windows\SysWOW64\jsproxy.dll
2010-08-25 03:04:54 ----A---- C:\Windows\SysWOW64\ieui.dll
2010-08-25 03:04:54 ----A---- C:\Windows\SysWOW64\iepeers.dll
2010-08-25 03:04:53 ----A---- C:\Windows\SysWOW64\msfeedssync.exe
2010-08-25 03:04:51 ----A---- C:\Windows\SysWOW64\explorer.exe
2010-08-25 03:04:51 ----A---- C:\Windows\explorer.exe
2010-08-25 03:04:50 ----A---- C:\Windows\SysWOW64\wow32.dll
2010-08-25 03:04:50 ----A---- C:\Windows\SysWOW64\user.exe
2010-08-25 03:04:50 ----A---- C:\Windows\SysWOW64\setup16.exe
2010-08-25 03:04:50 ----A---- C:\Windows\SysWOW64\ntvdm64.dll
2010-08-25 03:04:50 ----A---- C:\Windows\SysWOW64\instnm.exe
2010-08-25 03:04:49 ----A---- C:\Windows\SysWOW64\rtutils.dll
2010-08-25 03:04:41 ----A---- C:\Windows\SysWOW64\iccvid.dll
2010-08-25 03:04:38 ----A---- C:\Windows\SysWOW64\CPFilters.dll
2010-08-25 03:04:37 ----A---- C:\Windows\SysWOW64\psisdecd.dll
2010-08-25 03:04:36 ----A---- C:\Windows\SysWOW64\tsbyuv.dll
2010-08-25 03:04:36 ----A---- C:\Windows\SysWOW64\quartz.dll
2010-08-25 03:04:36 ----A---- C:\Windows\SysWOW64\msyuv.dll
2010-08-25 03:04:36 ----A---- C:\Windows\SysWOW64\msvidc32.dll
2010-08-25 03:04:36 ----A---- C:\Windows\SysWOW64\msrle32.dll
2010-08-25 03:04:36 ----A---- C:\Windows\SysWOW64\mciavi32.dll
2010-08-25 03:04:36 ----A---- C:\Windows\SysWOW64\iyuv_32.dll
2010-08-25 03:04:36 ----A---- C:\Windows\SysWOW64\avifil32.dll
2010-08-25 03:04:33 ----A---- C:\Windows\SysWOW64\msxml3.dll
2010-08-25 03:04:33 ----A---- C:\Windows\SysWOW64\jscript.dll
2010-08-25 03:04:30 ----A---- C:\Windows\SysWOW64\sspicli.dll
2010-08-25 03:04:30 ----A---- C:\Windows\SysWOW64\secur32.dll
2010-08-25 03:04:26 ----A---- C:\Windows\SysWOW64\msasn1.dll
2010-08-25 03:04:25 ----A---- C:\Windows\SysWOW64\fontsub.dll
2010-08-25 03:04:25 ----A---- C:\Windows\SysWOW64\atmlib.dll
2010-08-25 03:04:25 ----A---- C:\Windows\SysWOW64\atmfd.dll
2010-08-25 03:04:24 ----A---- C:\Windows\SysWOW64\tzres.dll
2010-08-25 01:46:46 ----D---- C:\Users\Robert\AppData\Roaming\Sony Corporation
2010-08-25 01:27:38 ----D---- C:\Users\Robert\AppData\Roaming\Mathsoft
2010-08-25 01:26:31 ----A---- C:\Windows\MC14_RC_IS_Log.txt
2010-08-25 01:26:07 ----D---- C:\Program Files (x86)\Mathcad
2010-08-25 01:26:04 ----A---- C:\Windows\MC14_Help_IS_Log.txt
2010-08-25 01:25:12 ----A---- C:\Windows\MC14_IS_LOG.txt
2010-08-25 01:21:05 ----A---- C:\Windows\SysWOW64\drivers\MTictwl.sys
2010-08-25 01:21:01 ----D---- C:\Program Files (x86)\SEC
2010-08-25 01:19:33 ----D---- C:\Program Files (x86)\MagicRotation
2010-08-25 01:19:33 ----A---- C:\Windows\mpvthook.dll
2010-08-25 01:19:14 ----D---- C:\ProgramData\InstallShield
2010-08-25 01:17:49 ----D---- C:\Program Files (x86)\MagicTune Premium
2010-08-25 01:17:41 ----D---- C:\Users\Robert\AppData\Roaming\InstallShield
2010-08-25 00:40:27 ----D---- C:\Users\Robert\AppData\Roaming\Macromedia
2010-08-25 00:40:26 ----D---- C:\Users\Robert\AppData\Roaming\Adobe
2010-08-25 00:38:56 ----D---- C:\Windows\SysWOW64\Macromed
2010-08-25 00:34:14 ----D---- C:\Users\Robert\AppData\Roaming\Mozilla
2010-08-25 00:34:10 ----D---- C:\Program Files (x86)\Mozilla Firefox
2010-08-25 00:31:26 ----D---- C:\Users\Robert\AppData\Roaming\BitComet
2010-08-25 00:31:25 ----D---- C:\Program Files (x86)\BitComet
2010-08-25 00:29:17 ----D---- C:\Users\Robert\AppData\Roaming\WinRAR
2010-08-25 00:27:24 ----D---- C:\Users\Robert\AppData\Roaming\Tlen.pl
2010-08-25 00:27:24 ----D---- C:\ProgramData\Tlen.pl
2010-08-25 00:27:19 ----D---- C:\Program Files (x86)\Tlen.pl
2010-08-25 00:26:54 ----D---- C:\Program Files (x86)\NAPI-PROJEKT
2010-08-25 00:26:02 ----D---- C:\Users\Robert\AppData\Roaming\IrfanView
2010-08-25 00:26:02 ----D---- C:\Program Files (x86)\IrfanView
2010-08-25 00:25:13 ----D---- C:\Program Files (x86)\Ask.com
2010-08-25 00:25:09 ----D---- C:\Program Files (x86)\Foxit Software
2010-08-25 00:24:35 ----D---- C:\Users\Robert\AppData\Roaming\foobar2000
2010-08-25 00:24:31 ----D---- C:\Program Files (x86)\foobar2000
2010-08-25 00:14:25 ----D---- C:\ProgramData\Alwil Software
2010-08-25 00:12:01 ----A---- C:\Windows\SysWOW64\wintrust.dll
2010-08-25 00:12:01 ----A---- C:\Windows\SysWOW64\cabview.dll
2010-08-24 23:20:38 ----D---- C:\ProgramData\Microsoft Help
2010-08-24 23:07:37 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2010-08-24 23:07:37 ----D---- C:\Program Files (x86)\Sony
2010-08-24 23:05:52 ----D---- C:\Program Files (x86)\Common Files\InstallShield
2010-08-24 22:58:58 ----D---- C:\ProgramData\Ahead
2010-08-24 22:57:12 ----A---- C:\Windows\SysWOW64\d3dx9_30.dll
2010-08-24 22:57:12 ----A---- C:\Windows\SysWOW64\d3dx9_28.dll
2010-08-24 18:58:09 ----D---- C:\Users\Robert\AppData\Roaming\ATI
2010-08-24 18:56:40 ----D---- C:\Program Files (x86)\ATI Technologies
2010-08-24 18:56:39 ----SHD---- C:\Windows\Installer
2010-08-24 17:39:39 ----D---- C:\Users\Robert\AppData\Roaming\Foxit Software
2010-08-24 01:37:37 ----D---- C:\Windows\Panther
2010-08-24 01:37:25 ----RASH---- C:\BOOTSECT.BAK
2010-08-24 01:37:24 ----SHD---- C:\Boot
2010-08-24 00:45:56 ----D---- C:\Users\Robert\AppData\Roaming\Identities
2010-08-24 00:45:45 ----SD---- C:\Users\Robert\AppData\Roaming\Microsoft
2010-08-24 00:45:45 ----D---- C:\Users\Robert\AppData\Roaming\Media Center Programs
2010-08-24 00:45:33 ----SHD---- C:\Recovery
2010-08-24 00:45:33 ----SHD---- C:\ProgramData\Ulubione
2010-08-24 00:45:33 ----SHD---- C:\ProgramData\Szablony
2010-08-24 00:45:33 ----SHD---- C:\ProgramData\Pulpit
2010-08-24 00:45:33 ----SHD---- C:\ProgramData\Menu Start
2010-08-24 00:45:33 ----SHD---- C:\ProgramData\Dokumenty
2010-08-24 00:45:33 ----SHD---- C:\ProgramData\Dane aplikacji
2010-08-24 00:40:54 ----D---- C:\Windows\SoftwareDistribution
2010-08-24 00:38:26 ----D---- C:\Windows\Prefetch
2010-08-24 00:38:09 ----ASH---- C:\pagefile.sys
2010-08-24 00:38:08 ----SHD---- C:\System Volume Information
2010-08-24 00:38:08 ----ASH---- C:\hiberfil.sys

======List of files/folders modified in the last 1 months======

2010-09-17 21:45:10 ----RD---- C:\Program Files (x86)
2010-09-17 21:44:53 ----D---- C:\Windows\Temp
2010-09-17 20:43:17 ----HD---- C:\ProgramData
2010-09-17 20:21:55 ----D---- C:\Windows\Tasks
2010-09-17 20:14:36 ----SD---- C:\ProgramData\Microsoft
2010-09-17 20:14:33 ----RD---- C:\Program Files
2010-09-17 20:10:57 ----D---- C:\Windows\SysWOW64
2010-09-17 20:10:57 ----D---- C:\Windows
2010-09-17 17:57:31 ----D---- C:\Windows\System32
2010-09-17 00:51:19 ----D---- C:\Windows\winsxs
2010-09-16 23:32:17 ----D---- C:\Windows\Downloaded Program Files
2010-09-15 17:56:38 ----D---- C:\Windows\inf
2010-09-10 18:02:56 ----RSD---- C:\Windows\assembly
2010-09-09 22:25:52 ----D---- C:\PerfLogs
2010-09-06 20:58:48 ----D---- C:\Windows\Registration
2010-09-03 19:55:20 ----D---- C:\Windows\SysWOW64\drivers
2010-09-03 19:50:11 ----D---- C:\Program Files (x86)\Common Files
2010-08-30 20:00:04 ----D---- C:\Windows\Logs
2010-08-30 18:01:13 ----D---- C:\Windows\LiveKernelReports
2010-08-26 17:33:25 ----D---- C:\Windows\rescache
2010-08-26 00:13:30 ----RSD---- C:\Windows\Fonts
2010-08-26 00:13:28 ----D---- C:\Windows\ShellNew
2010-08-26 00:09:32 ----D---- C:\Windows\ehome
2010-08-25 21:40:15 ----RSD---- C:\Windows\Media
2010-08-25 21:35:25 ----D---- C:\Windows\twain_32
2010-08-25 20:02:02 ----D---- C:\Windows\debug
2010-08-25 19:54:30 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
2010-08-25 19:54:29 ----D---- C:\Program Files (x86)\MSBuild
2010-08-25 19:53:47 ----D---- C:\Program Files (x86)\Common Files\System
2010-08-25 19:53:45 ----A---- C:\Windows\win.ini
2010-08-25 19:08:35 ----D---- C:\Windows\AppPatch
2010-08-25 18:39:51 ----D---- C:\Windows\Help
2010-08-25 18:38:59 ----D---- C:\Windows\Microsoft.NET
2010-08-25 06:55:17 ----D---- C:\Program Files (x86)\Windows Media Player
2010-08-25 06:55:16 ----D---- C:\Program Files (x86)\Windows Mail
2010-08-25 06:55:15 ----D---- C:\Windows\SysWOW64\migration
2010-08-25 06:55:15 ----D---- C:\Program Files (x86)\Internet Explorer
2010-08-25 03:59:30 ----D---- C:\Windows\SysWOW64\pl-PL
2010-08-24 00:45:54 ----SHD---- C:\$Recycle.Bin
2010-08-24 00:45:42 ----RD---- C:\Users

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys []
R0 Lbd;Lbd; C:\Windows\system32\DRIVERS\Lbd.sys []
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys []
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys []
R1 NCPro;NCPro; C:\Windows\system32\drivers\MTictwl.sys [2006-08-28 13312]
R2 cpuz134;cpuz134; \??\C:\Windows\system32\drivers\cpuz134_x64.sys []
R3 AODDriver;AODDriver; \??\C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver.sys [2009-10-22 21048]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys []
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
R3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [2009-12-22 18136]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x64.sys []
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys []
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys []
S3 amlfssmm;amlfssmm; C:\Windows\SysWOW64\drivers\amlfssmm.sys []
S3 DualCoreCenter;DualCoreCenter; \??\C:\Program Files (x86)\MSI\OverclockingCenter\NTGLM7X64.sys [2008-12-27 44344]
S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [2010-08-12 16928]
S3 MagicTune;MagicTune; C:\Windows\system32\drivers\MTiCtwl.sys [2006-08-28 13312]
S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver; C:\Windows\system32\DRIVERS\MijXfilt.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys []
S3 RushTopDevice_J;RushTopDevice_J; \??\C:\Program Files (x86)\MSI\OverclockingCenter\RushJ64.sys [2009-03-05 33080]
S3 RushTopDevice2;RushTopDevice2; \??\C:\Program Files (x86)\MSI\OverclockingCenter\RushTop64.sys [2008-12-19 75576]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys []
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys []
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys []
S3 ss_bserd;SAMSUNG USB Mobile Logging Driver; C:\Windows\system32\DRIVERS\ss_bserd.sys []
S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [2009-12-22 16448]
S3 usbscan;Sterownik skanera USB; C:\Windows\system32\DRIVERS\usbscan.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys []
S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe []
R2 AODService;AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [2009-10-22 136544]
R2 dgdersvc;Device Error Recovery Service; C:\Windows\system32\dgdersvc.exe [2009-12-22 95568]
R2 IJPLMSVC;PIXMA Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2007-04-13 101528]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2010-09-17 1355928]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2010-03-25 17424]
S2 StarWindServiceAE;StarWind AE Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-08-25 651720]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2008-11-11 620544]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2010-08-29 407336]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []

-----------------EOF-----------------
[/log]

Tomek01
komentarz
komentarz

Odinstaluj Foxit toolbar, ew jeśli jest też Ask Toolbar.

Widać też taki zapis:
F2 - REG:system.ini: UserInit=userinit.exe
Nie powinien się pojawiać w logu.
Wejdź w Start/Uruchom/Regedit i odnajdź klucz:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

Zapis powinien wyglądać tak: [b]C:\Windows\system32\userinit.exe,[/b]
Ten przecinek na końcu jest niezbędny !




W OTL, w oknie Custom scan/fixes wklej:
[code]:Processes
Explorer.exe

:OTL
O2 - BHO: (Foxit Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Foxit Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (Foxit Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\SysWow64\StikyNot.exe File not found
O4 - Startup: C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StikyNot.exe — skrót.lnk = C:\Windows\SysWow64\StikyNot.exe File not found

:Files
C:\Windows\SysWow64\FsExService64.Exe
C:\Windows\SysWow64\drivers\TFsExDisk.Sys
C:\Windows\SysNative\drivers\TFsExDisk.sys
C:\Windows\SysNative\drivers\MijXfilt.sys
C:\Users\Robert\AppData\Roaming\MotioninJoy
C:\Program Files\MotioninJoy
C:\Users\Robert\AppData\Local\AskToolbar
C:\Program Files (x86)\Ask.com

:Reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440}=-

:Commands
[emptytemp]
[start explorer]
[Reboot][/code]

Klikasz run fix, komputer uruchamia się ponownie.


Wrzuć log z usuwania oraz nowy log OTL i RSIT.



Na wirustotal przeskanuj poniższy plik:
C:\Windows\SysWOW64\drivers\amlfssmm.sys

_milan_
komentarz
komentarz (edytowane)

usuwanie

[log]All processes killed
========== PROCESSES ==========
No active process named Explorer.exe was found!
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\RESTART_STICKY_NOTES deleted successfully.
C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StikyNot.exe — skrót.lnk moved successfully.
========== FILES ==========
C:\Windows\SysWow64\FsExService64.Exe moved successfully.
C:\Windows\SysWow64\drivers\TFsExDisk.Sys moved successfully.
C:\Windows\SysNative\drivers\TFsExDisk.sys moved successfully.
C:\Windows\SysNative\drivers\MijXfilt.sys moved successfully.
C:\Users\Robert\AppData\Roaming\MotioninJoy\DS3tool\update\local\skins\default\images folder moved successfully.
C:\Users\Robert\AppData\Roaming\MotioninJoy\DS3tool\update\local\skins\default folder moved successfully.
C:\Users\Robert\AppData\Roaming\MotioninJoy\DS3tool\update\local\skins folder moved successfully.
C:\Users\Robert\AppData\Roaming\MotioninJoy\DS3tool\update\local\javascript folder moved successfully.
C:\Users\Robert\AppData\Roaming\MotioninJoy\DS3tool\update\local\html\english folder moved successfully.
C:\Users\Robert\AppData\Roaming\MotioninJoy\DS3tool\update\local\html folder moved successfully.
C:\Users\Robert\AppData\Roaming\MotioninJoy\DS3tool\update\local folder moved successfully.
C:\Users\Robert\AppData\Roaming\MotioninJoy\DS3tool\update\drivers folder moved successfully.
C:\Users\Robert\AppData\Roaming\MotioninJoy\DS3tool\update folder moved successfully.
C:\Users\Robert\AppData\Roaming\MotioninJoy\DS3tool folder moved successfully.
C:\Users\Robert\AppData\Roaming\MotioninJoy folder moved successfully.
C:\Program Files\MotioninJoy\ds3\local\skins\default\images folder moved successfully.
C:\Program Files\MotioninJoy\ds3\local\skins\default folder moved successfully.
C:\Program Files\MotioninJoy\ds3\local\skins folder moved successfully.
C:\Program Files\MotioninJoy\ds3\local\javascript folder moved successfully.
C:\Program Files\MotioninJoy\ds3\local\html\english folder moved successfully.
C:\Program Files\MotioninJoy\ds3\local\html folder moved successfully.
C:\Program Files\MotioninJoy\ds3\local folder moved successfully.
C:\Program Files\MotioninJoy\ds3\drivers\x64 folder moved successfully.
C:\Program Files\MotioninJoy\ds3\drivers folder moved successfully.
C:\Program Files\MotioninJoy\ds3 folder moved successfully.
C:\Program Files\MotioninJoy folder moved successfully.
File\Folder C:\Users\Robert\AppData\Local\AskToolbar not found.
File\Folder C:\Program Files (x86)\Ask.com not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: Robert
->Temp folder emptied: 5687069 bytes
->Temporary Internet Files folder emptied: 56610621 bytes
->FireFox cache emptied: 93103194 bytes
->Flash cache emptied: 26994 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1227306 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50668 bytes
RecycleBin emptied: 483560946 bytes

Total Files Cleaned = 611,00 mb


OTL by OldTimer - Version 3.2.12.1 log created on 09172010_223114

Files\Folders moved on Reboot...
C:\Users\Robert\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...
[/log]

zaraz logi

otl
[log]OTL logfile created on: 2010-09-17 22:42:28 - Run 3
OTL by OldTimer - Version 3.2.12.1 Folder = C:\Users\Robert\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 42,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 64,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 65,66 Gb Total Space | 23,75 Gb Free Space | 36,17% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive M: | 100,00 Gb Total Space | 55,34 Gb Free Space | 55,34% Space Free | Partition Type: NTFS
Drive N: | 300,00 Gb Total Space | 215,09 Gb Free Space | 71,70% Space Free | Partition Type: NTFS

Computer Name: ROBERT-KOMPUTER
Current User Name: Robert
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2010-09-17 21:29:14 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Robert\Desktop\OTL.exe
PRC - [2010-09-17 00:54:43 | 000,864,624 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2010-09-17 00:54:42 | 001,355,928 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2010-09-09 04:00:25 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2009-10-22 03:49:18 | 000,136,544 | ---- | M] () -- C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
PRC - [2009-01-17 16:48:08 | 005,853,672 | ---- | M] (o2.pl Sp. z o.o.) -- C:\Program Files (x86)\Tlen.pl\tlen.exe
PRC - [2007-04-13 08:49:00 | 000,101,528 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2010-09-17 21:29:14 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Robert\Desktop\OTL.exe
MOD - [2009-07-14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009-07-14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll


[color=#E56717]========== Win32 Services (All) ==========[/color]

SRV:[b]64bit:[/b] - [2010-08-25 04:00:33 | 001,255,736 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV:[b]64bit:[/b] - [2010-08-21 08:29:47 | 000,558,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:[b]64bit:[/b] - [2010-03-25 23:48:42 | 000,017,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV:[b]64bit:[/b] - [2009-12-22 04:31:04 | 000,117,584 | ---- | M] (Devguru Co., Ltd.) [Auto | Running] -- C:\Windows\SysNative\dgdersvc.exe -- (dgdersvc)
SRV:[b]64bit:[/b] - [2009-11-04 17:45:14 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:59 | 000,229,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wwansvc.dll -- (WwanSvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:59 | 000,075,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\WUDFSvc.dll -- (wudfsvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:58 | 002,418,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:58 | 002,018,816 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WsmSvc.dll -- (WinRM)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:57 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wpdbusenum.dll -- (WPDBusEnum)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:57 | 000,012,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wpcsvc.dll -- (WPCSvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:56 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:56 | 000,578,560 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:56 | 000,438,784 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\winhttp.dll -- (WinHttpAutoProxySvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:56 | 000,381,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\w32time.dll -- (W32Time)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:56 | 000,366,592 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wcncsvc.dll -- (wcncsvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:56 | 000,353,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\upnphost.dll -- (upnphost)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:56 | 000,254,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WebClnt.dll -- (WebClient)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:56 | 000,237,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wecsvc.dll -- (Wecsvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:56 | 000,202,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbiosrvc.dll -- (WbioSrvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:56 | 000,163,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpo.dll -- (Power)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:56 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:56 | 000,090,624 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\SysNative\wdi.dll -- (WdiSystemHost)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:56 | 000,090,624 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\SysNative\wdi.dll -- (WdiServiceHost)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:56 | 000,084,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wercplsupport.dll -- (wercplsupport)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:56 | 000,076,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wersvc.dll -- (WerSvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:56 | 000,040,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WcsPlugInService.dll -- (WcsPlugInService)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:56 | 000,038,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\uxsms.dll -- (UxSms)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:55 | 000,706,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\termsrv.dll -- (TermService)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:55 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:55 | 000,316,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:55 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\trkwks.dll -- (TrkWks)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:55 | 000,093,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\TabSvc.dll -- (TabletInputService)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:55 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tbssvc.dll -- (TBS)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:54 | 001,780,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\sysmain.dll -- (SysMain)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:54 | 000,369,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:54 | 000,235,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:54 | 000,193,024 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ssdpsrv.dll -- (SSDPSRV)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:54 | 000,104,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SessEnv.dll -- (SessionEnv)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:54 | 000,075,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sstpsvc.dll -- (SstpSvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:54 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sppuinotify.dll -- (sppuinotify)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:54 | 000,029,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sensrsvc.dll -- (SensrSvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:53 | 001,390,080 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pla.dll -- (pla)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:53 | 001,104,384 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:53 | 000,848,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:53 | 000,509,440 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:53 | 000,509,440 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:53 | 000,475,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\QAGENTRT.DLL -- (napagent)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:53 | 000,438,784 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\p2psvc.dll -- (p2psvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:53 | 000,343,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\pnrpsvc.dll -- (PNRPsvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\pnrpsvc.dll -- (p2pimsvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:53 | 000,242,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\qwave.dll -- (QWAVE)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:53 | 000,208,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:53 | 000,190,976 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\SCardSvr.dll -- (SCardSvr)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:53 | 000,187,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\provsvc.dll -- (HomeGroupProvider)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:53 | 000,186,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\pcasvc.dll -- (PcaSvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:53 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:53 | 000,159,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\regsvc.dll -- (RemoteRegistry)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:53 | 000,067,072 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\SysNative\RpcEpMap.dll -- (RpcEptMapper)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:53 | 000,064,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\Sens.dll -- (SENS)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:53 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:53 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pnrpauto.dll -- (PNRPAutoReg)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:52 | 000,302,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:28 | 000,368,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msdtckrm.dll -- (KtmRm)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 000,824,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 000,097,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\mprdim.dll -- (RemoteAccess)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\mmcss.dll -- (THREADORDER)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:21 | 000,084,480 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\Mcx2Svc.dll -- (Mcx2Svc)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:18 | 000,300,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lltdsvc.dll -- (lltdsvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:18 | 000,231,936 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ListSvc.dll -- (HomeGroupListener)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:18 | 000,023,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lmhsvc.dll -- (lmhosts)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:13 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\KMSVC.DLL -- (hkmsvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:11 | 000,156,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\iscsiexe.dll -- (MSiSCSI)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:10 | 000,565,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\iphlpsvc.dll -- (iphlpsvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:10 | 000,500,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:09 | 000,101,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IPBusEnum.dll -- (IPBusEnum)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:08 | 000,845,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\IKEEXT.DLL -- (IKEEXT)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:59 | 000,776,192 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\SysNative\gpsvc.dll -- (gpsvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:54 | 001,127,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FntCache.dll -- (FontCache)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:52 | 000,034,816 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\FDResPub.dll -- (FDResPub)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:52 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\fdPHost.dll -- (fdPHost)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:32 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:32 | 000,182,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:32 | 000,162,816 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\SysNative\dps.dll -- (DPS)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:28 | 000,314,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:28 | 000,291,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\defragsvc.dll -- (defragsvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:15 | 000,080,384 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\certprop.dll -- (SCPolicySvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:15 | 000,080,384 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\certprop.dll -- (CertPropSvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:13 | 000,136,192 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:13 | 000,083,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\bthserv.dll -- (bthserv)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:10 | 000,703,488 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:10 | 000,100,864 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\bdesvc.dll -- (BDESVC)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:05 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AxInstSv.dll -- (AxInstSV)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:04 | 000,676,864 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:04 | 000,676,864 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:01 | 000,070,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:01 | 000,032,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appidsvc.dll -- (AppIDSvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:39:56 | 001,525,248 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:39:55 | 000,203,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbem\WmiApSrv.exe -- (wmiApSrv)
SRV:[b]64bit:[/b] - [2009-07-14 03:39:51 | 001,503,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbengine.exe -- (wbengine)
SRV:[b]64bit:[/b] - [2009-07-14 03:39:50 | 001,598,976 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:[b]64bit:[/b] - [2009-07-14 03:39:49 | 000,532,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vds.exe -- (vds)
SRV:[b]64bit:[/b] - [2009-07-14 03:39:48 | 000,040,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\UI0Detect.exe -- (UI0Detect)
SRV:[b]64bit:[/b] - [2009-07-14 03:39:41 | 000,014,336 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\snmptrap.exe -- (SNMPTRAP)
SRV:[b]64bit:[/b] - [2009-07-14 03:39:37 | 000,593,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SearchIndexer.exe -- (WSearch)
SRV:[b]64bit:[/b] - [2009-07-14 03:39:28 | 003,524,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\sppsvc.exe -- (sppsvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:39:21 | 000,141,824 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\msdtc.exe -- (MSDTC)
SRV:[b]64bit:[/b] - [2009-07-14 03:39:21 | 000,127,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV:[b]64bit:[/b] - [2009-07-14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (VaultSvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:[b]64bit:[/b] - [2009-07-14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
SRV:[b]64bit:[/b] - [2009-07-14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (Netlogon)
SRV:[b]64bit:[/b] - [2009-07-14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:[b]64bit:[/b] - [2009-07-14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\lsass.exe -- (EFS)
SRV:[b]64bit:[/b] - [2009-07-14 03:39:15 | 000,010,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Locator.exe -- (RpcLocator)
SRV:[b]64bit:[/b] - [2009-07-14 03:39:11 | 000,689,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FXSSVC.exe -- (Fax)
SRV:[b]64bit:[/b] - [2009-07-14 03:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dllhost.exe -- (COMSysApp)
SRV:[b]64bit:[/b] - [2009-07-14 03:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV - [2010-09-17 00:54:42 | 001,355,928 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010-08-29 02:32:13 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010-08-25 18:38:06 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010-05-09 11:44:41 | 000,696,320 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\ehome\ehrecvr.exe -- (ehRecvr)
SRV - [2009-12-23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Stopped] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009-12-22 04:31:02 | 000,095,568 | ---- | M] (Devguru Co., Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\dgdersvc.exe -- (dgdersvc)
SRV - [2009-10-22 03:49:18 | 000,136,544 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe -- (AODService)
SRV - [2009-07-14 03:39:48 | 000,194,048 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\servicing\TrustedInstaller.exe -- (TrustedInstaller)
SRV - [2009-07-14 03:39:09 | 000,127,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\ehome\ehsched.exe -- (ehSched)
SRV - [2009-07-14 03:16:20 | 001,175,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\WsmSvc.dll -- (WinRM) Zdalne zarządzanie systemem Windows (WS-Management)
SRV - [2009-07-14 03:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\wpcsvc.dll -- (WPCSvc)
SRV - [2009-07-14 03:16:19 | 000,348,672 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWow64\winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2009-07-14 03:16:18 | 000,276,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\wcncsvc.dll -- (wcncsvc)
SRV - [2009-07-14 03:16:18 | 000,202,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\WebClnt.dll -- (WebClient)
SRV - [2009-07-14 03:16:18 | 000,076,288 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\SysWOW64\wdi.dll -- (WdiSystemHost)
SRV - [2009-07-14 03:16:18 | 000,076,288 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\SysWOW64\wdi.dll -- (WdiServiceHost)
SRV - [2009-07-14 03:16:18 | 000,032,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\WcsPlugInService.dll -- (WcsPlugInService)
SRV - [2009-07-14 03:16:17 | 000,266,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\upnphost.dll -- (upnphost)
SRV - [2009-07-14 03:16:15 | 000,241,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV - [2009-07-14 03:16:14 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
SRV - [2009-07-14 03:16:13 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\SessEnv.dll -- (SessionEnv)
SRV - [2009-07-14 03:16:13 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\Sens.dll -- (SENS)
SRV - [2009-07-14 03:16:12 | 001,508,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\pla.dll -- (pla)
SRV - [2009-07-14 03:16:12 | 000,210,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\qwave.dll -- (QWAVE)
SRV - [2009-07-14 03:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\provsvc.dll -- (HomeGroupProvider)
SRV - [2009-07-14 03:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV - [2009-07-14 03:15:41 | 000,075,264 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\mprdim.dll -- (RemoteAccess)
SRV - [2009-07-14 03:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV - [2009-07-14 03:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV - [2009-07-14 03:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV - [2009-07-14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV - [2009-07-14 03:14:35 | 000,428,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWow64\SearchIndexer.exe -- (WSearch)
SRV - [2009-07-14 03:14:28 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\perfhost.exe -- (PerfHost)
SRV - [2009-07-14 03:14:25 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV - [2009-07-14 03:14:18 | 000,007,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\dllhost.exe -- (COMSysApp)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009-06-10 22:39:58 | 000,089,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2009-06-10 22:30:59 | 000,042,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2009-06-10 22:30:45 | 000,856,384 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2008-11-11 09:38:06 | 000,620,544 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008-11-04 01:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008-10-25 11:44:08 | 000,065,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2007-06-29 19:16:56 | 000,800,040 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService)
SRV - [2007-06-27 19:04:00 | 000,279,848 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - [2007-04-13 08:49:00 | 000,101,528 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE -- (IJPLMSVC)
SRV - [2006-10-26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)


[color=#E56717]========== Driver Services (All) ==========[/color]

DRV:[b]64bit:[/b] - File not found [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TFsExDisk.sys -- (TFsExDisk)
DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\MijXfilt.sys -- (MotioninJoyXFilter)
DRV:[b]64bit:[/b] - [2010-08-25 18:10:24 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:[b]64bit:[/b] - [2010-08-12 14:15:20 | 000,069,152 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Lbd.sys -- (Lbd)
DRV:[b]64bit:[/b] - [2010-07-09 13:19:02 | 000,021,480 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz134_x64.sys -- (cpuz134)
DRV:[b]64bit:[/b] - [2010-06-22 05:21:15 | 000,463,360 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\srv.sys -- (srv)
DRV:[b]64bit:[/b] - [2010-06-22 05:20:50 | 000,404,992 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\srv2.sys -- (srv2)
DRV:[b]64bit:[/b] - [2010-06-22 05:20:34 | 000,162,304 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\srvnet.sys -- (srvnet)
DRV:[b]64bit:[/b] - [2010-06-14 08:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tcpip.sys -- (TCPIP6)
DRV:[b]64bit:[/b] - [2010-06-14 08:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tcpip.sys -- (Tcpip)
DRV:[b]64bit:[/b] - [2010-03-25 21:30:22 | 000,173,984 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\MpFilter.sys -- (MpFilter)
DRV:[b]64bit:[/b] - [2010-03-25 21:30:22 | 000,040,832 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\MpNWMon.sys -- (MpNWMon)
DRV:[b]64bit:[/b] - [2010-02-27 09:52:29 | 000,286,720 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mrxsmb10.sys -- (mrxsmb10)
DRV:[b]64bit:[/b] - [2010-02-27 09:52:28 | 000,125,952 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mrxsmb20.sys -- (mrxsmb20)
DRV:[b]64bit:[/b] - [2010-02-27 09:52:22 | 000,157,696 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mrxsmb.sys -- (mrxsmb)
DRV:[b]64bit:[/b] - [2009-12-22 04:31:04 | 000,020,568 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dgderdrv.sys -- (dgderdrv)
DRV:[b]64bit:[/b] - [2009-12-11 12:29:27 | 000,153,160 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ksecpkg.sys -- (KSecPkg)
DRV:[b]64bit:[/b] - [2009-11-24 15:29:16 | 000,074,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:[b]64bit:[/b] - [2009-11-04 18:17:30 | 006,088,192 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:[b]64bit:[/b] - [2009-10-02 06:32:07 | 000,982,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dxgkrnl.sys -- (DXGKrnl)
DRV:[b]64bit:[/b] - [2009-09-30 04:34:32 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:[b]64bit:[/b] - [2009-09-26 08:20:38 | 000,223,448 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fvevol.sys -- (fvevol)
DRV:[b]64bit:[/b] - [2009-09-19 07:30:14 | 000,161,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV:[b]64bit:[/b] - [2009-09-19 07:30:14 | 000,128,000 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bserd.sys -- (ss_bserd)
DRV:[b]64bit:[/b] - [2009-09-19 07:30:14 | 000,127,488 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV:[b]64bit:[/b] - [2009-09-19 07:30:14 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV:[b]64bit:[/b] - [2009-09-17 13:04:18 | 001,250,816 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:[b]64bit:[/b] - [2009-07-27 09:04:38 | 000,058,880 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:31 | 000,367,696 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Running] -- C:\Windows\SysNative\clfs.sys -- (CLFS) System Common Log (CLFS)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:31 | 000,021,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\compbatt.sys -- (Compbatt)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:31 | 000,017,488 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cmdide.sys -- (cmdide)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,491,088 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\adp94xx.sys -- (adp94xx)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,339,536 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\adpahci.sys -- (adpahci)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,334,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpi.sys -- (ACPI)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,182,864 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\adpu320.sys -- (adpu320)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,097,856 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\arcsas.sys -- (arcsas)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,087,632 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\arc.sys -- (arc)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AGP440.sys -- (agp440)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\atapi.sys -- (atapi)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,015,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdide.sys -- (amdide)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,015,440 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aliide.sys -- (aliide)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ndis.sys -- (NDIS)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:27 | 000,224,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msiscsi.sys -- (iScsiPrt)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:27 | 000,155,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mpio.sys -- (mpio)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvraid.sys -- (nvraid)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:27 | 000,140,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msdsm.sys -- (msdsm)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:27 | 000,094,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mountmgr.sys -- (mountmgr)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:27 | 000,060,496 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\mup.sys -- (Mup)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:27 | 000,049,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mouclass.sys -- (mouclass)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:27 | 000,032,320 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mssmbios.sys -- (mssmbios)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:27 | 000,030,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msahci.sys -- (msahci)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:27 | 000,015,424 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\msisadrv.sys -- (msisadrv)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:26 | 000,122,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NV_AGP.SYS -- (nv_agp)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:26 | 000,051,264 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nfrd960.sys -- (nfrd960)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaStorV.sys -- (iaStorV)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,284,736 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MegaSR.sys -- (MegaSR)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,115,776 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,114,752 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_fc.sys -- (LSI_FC)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,106,560 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas.sys -- (LSI_SAS)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,095,312 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ksecdd.sys -- (KSecDD)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,050,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbdclass.sys -- (kbdclass)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,044,112 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iirsp.sys -- (iirsp)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,035,392 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\megasas.sys -- (megasas)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\isapnp.sys -- (isapnp)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,016,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelide.sys -- (intelide)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,014,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hwpolicy.sys -- (hwpolicy)
DRV:[b]64bit:[/b] - [2009-07-14 03:47:49 | 000,055,376 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fsdepends.sys -- (FsDepends)
DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,530,496 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\elxstor.sys -- (elxstor)
DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\disk.sys -- (Disk)
DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,070,224 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\fileinfo.sys -- (FileInfo)
DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,065,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GAGP30KX.SYS -- (gagp30kx)
DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,024,144 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\crcdisk.sys -- (crcdisk)
DRV:[b]64bit:[/b] - [2009-07-14 03:47:47 | 000,290,368 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\fltMgr.sys -- (FltMgr)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:56 | 000,022,096 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wimmount.sys -- (WIMMount)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,654,928 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Wdf01000.sys -- (Wdf01000)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,363,584 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volmgrx.sys -- (volmgrx)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,294,992 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volsnap.sys -- (volsnap)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,217,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhdmp.sys -- (vhdmp)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,161,872 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vsmraid.sys -- (vsmraid)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,071,760 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volmgr.sys -- (volmgr)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,064,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ULIAGPKX.SYS -- (uliagpkx)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,064,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UAGP35.SYS -- (uagp35)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,062,544 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\termdd.sys -- (TermDD)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,036,432 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vdrvroot.sys -- (vdrvroot)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,021,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wd.sys -- (Wd)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,017,488 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\viaide.sys -- (viaide)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,012,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\swenum.sys -- (swenum)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:46 | 001,524,816 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ql2300.sys -- (ql2300)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:46 | 000,214,096 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\rdyboost.sys -- (rdyboost)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:46 | 000,080,464 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sisraid4.sys -- (SiSRaid4)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:46 | 000,075,840 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\partmgr.sys -- (partmgr)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:45 | 000,220,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pcmcia.sys -- (pcmcia)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:45 | 000,183,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pci.sys -- (pci)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvstor.sys -- (nvstor)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:45 | 000,128,592 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ql40xx.sys -- (ql40xx)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:45 | 000,104,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sbp2port.sys -- (sbp2port)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:45 | 000,050,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pcw.sys -- (pcw)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:45 | 000,043,584 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sisraid2.sys -- (SiSRaid2)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:45 | 000,012,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pciide.sys -- (pciide)
DRV:[b]64bit:[/b] - [2009-07-14 03:43:14 | 000,460,504 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\cng.sys -- (CNG)
DRV:[b]64bit:[/b] - [2009-07-14 03:19:07 | 000,286,720 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrSerId.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV:[b]64bit:[/b] - [2009-07-14 03:01:19 | 000,651,264 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\PEAuth.sys -- (PEAUTH)
DRV:[b]64bit:[/b] - [2009-07-14 02:38:18 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbprint.sys -- (usbprint)
DRV:[b]64bit:[/b] - [2009-07-14 02:35:32 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbscan.sys -- (usbscan)
DRV:[b]64bit:[/b] - [2009-07-14 02:17:46 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpbus.sys -- (rdpbus)
DRV:[b]64bit:[/b] - [2009-07-14 02:16:41 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tssecsrv.sys -- (tssecsrv)
DRV:[b]64bit:[/b] - [2009-07-14 02:16:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV:[b]64bit:[/b] - [2009-07-14 02:16:34 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\RDPENCDD.sys -- (RDPENCDD)
DRV:[b]64bit:[/b] - [2009-07-14 02:16:34 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\RDPCDD.sys -- (RDPCDD)
DRV:[b]64bit:[/b] - [2009-07-14 02:16:32 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tdtcp.sys -- (TDTCP)
DRV:[b]64bit:[/b] - [2009-07-14 02:16:32 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tdpipe.sys -- (TDPIPE)
DRV:[b]64bit:[/b] - [2009-07-14 02:10:48 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\modem.sys -- (Modem)
DRV:[b]64bit:[/b] - [2009-07-14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\ws2ifsl.sys -- (ws2ifsl)
DRV:[b]64bit:[/b] - [2009-07-14 02:10:25 | 000,083,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rassstp.sys -- (RasSstp) WAN Miniport (SSTP)
DRV:[b]64bit:[/b] - [2009-07-14 02:10:24 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV:[b]64bit:[/b] - [2009-07-14 02:10:22 | 000,088,576 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\wanarp.sys -- (Wanarpv6)
DRV:[b]64bit:[/b] - [2009-07-14 02:10:22 | 000,088,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wanarp.sys -- (WANARP)
DRV:[b]64bit:[/b] - [2009-07-14 02:10:18 | 000,111,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\raspptp.sys -- (PptpMiniport) Miniport WAN (PPTP)
DRV:[b]64bit:[/b] - [2009-07-14 02:10:17 | 000,092,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\raspppoe.sys -- (RasPppoe)
DRV:[b]64bit:[/b] - [2009-07-14 02:10:13 | 000,164,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ndiswan.sys -- (NdisWan)
DRV:[b]64bit:[/b] - [2009-07-14 02:10:13 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asyncmac.sys -- (AsyncMac)
DRV:[b]64bit:[/b] - [2009-07-14 02:10:12 | 000,130,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rasl2tp.sys -- (Rasl2tp) Miniport WAN (L2TP)
DRV:[b]64bit:[/b] - [2009-07-14 02:10:09 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rasacd.sys -- (RasAcd)
DRV:[b]64bit:[/b] - [2009-07-14 02:10:04 | 000,082,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV:[b]64bit:[/b] - [2009-07-14 02:10:03 | 000,116,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ipnat.sys -- (IPNAT)
DRV:[b]64bit:[/b] - [2009-07-14 02:10:00 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ndistapi.sys -- (NdisTapi)
DRV:[b]64bit:[/b] - [2009-07-14 02:09:49 | 000,044,544 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tcpipreg.sys -- (tcpipreg)
DRV:[b]64bit:[/b] - [2009-07-14 02:09:48 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qwavedrv.sys -- (QWAVEdrv)
DRV:[b]64bit:[/b] - [2009-07-14 02:09:42 | 000,131,584 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\pacer.sys -- (Psched)
DRV:[b]64bit:[/b] - [2009-07-14 02:09:38 | 000,125,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tunnel.sys -- (tunnel)
DRV:[b]64bit:[/b] - [2009-07-14 02:09:26 | 000,044,544 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\netbios.sys -- (NetBIOS)
DRV:[b]64bit:[/b] - [2009-07-14 02:09:26 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\wfplwf.sys -- (WfpLwf)
DRV:[b]64bit:[/b] - [2009-07-14 02:09:25 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndisuio.sys -- (Ndisuio)
DRV:[b]64bit:[/b] - [2009-07-14 02:09:09 | 000,093,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\smb.sys -- (Smb) Protokół TCP/IP i TCP/IPv6 zorientowany na wiadomości (sesja SMB)
DRV:[b]64bit:[/b] - [2009-07-14 02:08:59 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\irenum.sys -- (IRENUM)
DRV:[b]64bit:[/b] - [2009-07-14 02:08:51 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rspndr.sys -- (rspndr)
DRV:[b]64bit:[/b] - [2009-07-14 02:08:51 | 000,060,928 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lltdio.sys -- (lltdio)
DRV:[b]64bit:[/b] - [2009-07-14 02:08:25 | 000,077,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mpsdrv.sys -- (mpsdrv)
DRV:[b]64bit:[/b] - [2009-07-14 02:08:13 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndiscap.sys -- (NdisCap)
DRV:[b]64bit:[/b] - [2009-07-14 02:07:23 | 000,318,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nwifi.sys -- (NativeWifiP)
DRV:[b]64bit:[/b] - [2009-07-14 02:07:21 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vwifibus.sys -- (vwifibus)
DRV:[b]64bit:[/b] - [2009-07-14 02:07:13 | 000,227,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\1394ohci.sys -- (1394ohci)
DRV:[b]64bit:[/b] - [2009-07-14 02:07:09 | 000,343,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbhub.sys -- (usbhub)
DRV:[b]64bit:[/b] - [2009-07-14 02:07:00 | 000,350,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService)
DRV:[b]64bit:[/b] - [2009-07-14 02:06:56 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\umbus.sys -- (umbus)
DRV:[b]64bit:[/b] - [2009-07-14 02:06:52 | 000,100,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidbth.sys -- (HidBth)
DRV:[b]64bit:[/b] - [2009-07-14 02:06:52 | 000,072,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthmodem.sys -- (BTHMODEM)
DRV:[b]64bit:[/b] - [2009-07-14 02:06:52 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\umpass.sys -- (UmPass)
DRV:[b]64bit:[/b] - [2009-07-14 02:06:45 | 000,098,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbccgp.sys -- (usbccgp)
DRV:[b]64bit:[/b] - [2009-07-14 02:06:45 | 000,072,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ohci1394.sys -- (ohci1394) 1394 OHCI Compliant Host Controller (Legacy)
DRV:[b]64bit:[/b] - [2009-07-14 02:06:37 | 000,100,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbcir.sys -- (usbcir) eHome Infrared Receiver (USBCIR)
DRV:[b]64bit:[/b] - [2009-07-14 02:06:34 | 000,089,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBSTOR.SYS -- (USBSTOR)
DRV:[b]64bit:[/b] - [2009-07-14 02:06:34 | 000,045,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\circlass.sys -- (circlass)
DRV:[b]64bit:[/b] - [2009-07-14 02:06:30 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbehci.sys -- (usbehci)
DRV:[b]64bit:[/b] - [2009-07-14 02:06:30 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbohci.sys -- (usbohci)
DRV:[b]64bit:[/b] - [2009-07-14 02:06:28 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winusb.sys -- (WinUsb)
DRV:[b]64bit:[/b] - [2009-07-14 02:06:27 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbuhci.sys -- (usbuhci)
DRV:[b]64bit:[/b] - [2009-07-14 02:06:24 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV:[b]64bit:[/b] - [2009-07-14 02:06:23 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidir.sys -- (HidIr)
DRV:[b]64bit:[/b] - [2009-07-14 02:06:22 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidusb.sys -- (HidUsb)
DRV:[b]64bit:[/b] - [2009-07-14 02:06:16 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\drmkaud.sys -- (drmkaud)
DRV:[b]64bit:[/b] - [2009-07-14 02:06:13 | 000,122,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hdaudbus.sys -- (HDAudBus)
DRV:[b]64bit:[/b] - [2009-07-14 02:06:06 | 000,172,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WUDFRd.sys -- (WUDFRd)
DRV:[b]64bit:[/b] - [2009-07-14 02:05:37 | 000,112,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WUDFPf.sys -- (WudfPf)
DRV:[b]64bit:[/b] - [2009-07-14 02:02:08 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MTConfig.sys -- (MTConfig)
DRV:[b]64bit:[/b] - [2009-07-14 02:02:07 | 000,027,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacompen.sys -- (WacomPen)
DRV:[b]64bit:[/b] - [2009-07-14 02:01:03 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sffp_mmc.sys -- (sffp_mmc)
DRV:[b]64bit:[/b] - [2009-07-14 02:01:02 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sfloppy.sys -- (sfloppy)
DRV:[b]64bit:[/b] - [2009-07-14 02:01:02 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sffp_sd.sys -- (sffp_sd)
DRV:[b]64bit:[/b] - [2009-07-14 02:01:01 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sffdisk.sys -- (sffdisk)
DRV:[b]64bit:[/b] - [2009-07-14 02:00:54 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fdc.sys -- (fdc)
DRV:[b]64bit:[/b] - [2009-07-14 02:00:54 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\flpydisk.sys -- (flpydisk)
DRV:[b]64bit:[/b] - [2009-07-14 02:00:41 | 000,097,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\parport.sys -- (Parport)
DRV:[b]64bit:[/b] - [2009-07-14 02:00:40 | 000,094,208 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\serial.sys -- (Serial)
DRV:[b]64bit:[/b] - [2009-07-14 02:00:34 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CompositeBus.sys -- (CompositeBus)
DRV:[b]64bit:[/b] - [2009-07-14 02:00:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serenum.sys -- (Serenum)
DRV:[b]64bit:[/b] - [2009-07-14 02:00:20 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\kbdhid.sys -- (kbdhid)
DRV:[b]64bit:[/b] - [2009-07-14 02:00:20 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mouhid.sys -- (mouhid)
DRV:[b]64bit:[/b] - [2009-07-14 02:00:20 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sermouse.sys -- (sermouse)
DRV:[b]64bit:[/b] - [2009-07-14 02:00:19 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ksthunk.sys -- (ksthunk)
DRV:[b]64bit:[/b] - [2009-07-14 02:00:18 | 000,011,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mskssrv.sys -- (MSKSSRV)
DRV:[b]64bit:[/b] - [2009-07-14 02:00:17 | 000,008,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mstee.sys -- (MSTEE)
DRV:[b]64bit:[/b] - [2009-07-14 02:00:17 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mspclock.sys -- (MSPCLOCK)
DRV:[b]64bit:[/b] - [2009-07-14 02:00:17 | 000,006,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mspqm.sys -- (MSPQM)
DRV:[b]64bit:[/b] - [2009-07-14 01:52:39 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\appid.sys -- (AppID)
DRV:[b]64bit:[/b] - [2009-07-14 01:50:17 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\SysNative\drivers\scfilter.sys -- (scfilter)
DRV:[b]64bit:[/b] - [2009-07-14 01:47:45 | 000,078,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IPMIDrv.sys -- (IPMIDRV)
DRV:[b]64bit:[/b] - [2009-07-14 01:38:52 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\monitor.sys -- (monitor)
DRV:[b]64bit:[/b] - [2009-07-14 01:38:47 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vga.sys -- (VgaSave)
DRV:[b]64bit:[/b] - [2009-07-14 01:38:47 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vgapnp.sys -- (vga)
DRV:[b]64bit:[/b] - [2009-07-14 01:37:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\discache.sys -- (discache)
DRV:[b]64bit:[/b] - [2009-07-14 01:35:59 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\blbdrive.sys -- (blbdrive)
DRV:[b]64bit:[/b] - [2009-07-14 01:31:06 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidbatt.sys -- (HidBatt)
DRV:[b]64bit:[/b] - [2009-07-14 01:31:04 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\errdev.sys -- (ErrDev)
DRV:[b]64bit:[/b] - [2009-07-14 01:31:03 | 000,017,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CmBatt.sys -- (CmBatt)
DRV:[b]64bit:[/b] - [2009-07-14 01:31:02 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wmiacpi.sys -- (WmiAcpi)
DRV:[b]64bit:[/b] - [2009-07-14 01:27:17 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipmi.sys -- (AcpiPmi)
DRV:[b]64bit:[/b] - [2009-07-14 01:26:13 | 000,113,152 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\luafv.sys -- (luafv)
DRV:[b]64bit:[/b] - [2009-07-14 01:25:40 | 000,034,304 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\filetrace.sys -- (Filetrace)
DRV:[b]64bit:[/b] - [2009-07-14 01:24:10 | 000,309,248 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\rdbss.sys -- (rdbss)
DRV:[b]64bit:[/b] - [2009-07-14 01:23:57 | 000,140,800 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mrxdav.sys -- (MRxDAV)
DRV:[b]64bit:[/b] - [2009-07-14 01:23:50 | 000,090,624 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\bowser.sys -- (bowser)
DRV:[b]64bit:[/b] - [2009-07-14 01:23:44 | 000,102,400 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\dfsc.sys -- (DfsC)
DRV:[b]64bit:[/b] - [2009-07-14 01:23:37 | 000,327,168 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\udfs.sys -- (udfs)
DRV:[b]64bit:[/b] - [2009-07-14 01:22:20 | 000,751,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\http.sys -- (HTTP)
DRV:[b]64bit:[/b] - [2009-07-14 01:21:42 | 000,500,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\afd.sys -- (AFD)
DRV:[b]64bit:[/b] - [2009-07-14 01:21:29 | 000,259,072 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\netbt.sys -- (NetBT)
DRV:[b]64bit:[/b] - [2009-07-14 01:21:15 | 000,099,840 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tdx.sys -- (tdx)
DRV:[b]64bit:[/b] - [2009-07-14 01:21:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\nsiproxy.sys -- (nsiproxy)
DRV:[b]64bit:[/b] - [2009-07-14 01:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\i8042prt.sys -- (i8042prt)
DRV:[b]64bit:[/b] - [2009-07-14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\cdrom.sys -- (cdrom)
DRV:[b]64bit:[/b] - [2009-07-14 01:19:47 | 000,092,160 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cdfs.sys -- (cdfs)
DRV:[b]64bit:[/b] - [2009-07-14 01:19:25 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdk8.sys -- (AmdK8)
DRV:[b]64bit:[/b] - [2009-07-14 01:19:25 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelppm.sys -- (intelppm)
DRV:[b]64bit:[/b] - [2009-07-14 01:19:25 | 000,060,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdppm.sys -- (AmdPPM)
DRV:[b]64bit:[/b] - [2009-07-14 01:19:25 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\processr.sys -- (Processor)
DRV:[b]64bit:[/b] - [2009-06-10 22:41:10 | 000,047,104 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrSerWdm.sys -- (BrSerWdm)
DRV:[b]64bit:[/b] - [2009-06-10 22:41:10 | 000,014,976 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV:[b]64bit:[/b] - [2009-06-10 22:41:10 | 000,014,720 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrUsbSer.sys -- (BrUsbSer)
DRV:[b]64bit:[/b] - [2009-06-10 22:41:06 | 000,018,432 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrFiltLo.sys -- (BrFiltLo)
DRV:[b]64bit:[/b] - [2009-06-10 22:41:06 | 000,008,704 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrFiltUp.sys -- (BrFiltUp)
DRV:[b]64bit:[/b] - [2009-06-10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009-05-05 04:00:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:[b]64bit:[/b] - [2008-11-04 13:12:08 | 000,023,096 | ---- | M] (Samsung Electronics, Inc. ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MTiCtwl.sys -- (MagicTune)
DRV:[b]64bit:[/b] - [2008-08-28 11:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV - [2010-08-12 14:15:22 | 000,016,928 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys -- (Lavasoft Kernexplorer)
DRV - [2009-12-22 04:31:02 | 000,018,136 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2009-10-22 03:49:14 | 000,021,048 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver.sys -- (AODDriver)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009-03-05 06:55:20 | 000,033,080 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\OverclockingCenter\RushJ64.sys -- (RushTopDevice_J)
DRV - [2008-12-27 04:21:10 | 000,044,344 | ---- | M] (MICRO-STAR INT'L CO., LTD.) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\OverclockingCenter\NTGLM7X64.sys -- (DualCoreCenter)
DRV - [2008-12-19 04:17:36 | 000,075,576 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\OverclockingCenter\RushTop64.sys -- (RushTopDevice2)
DRV - [2006-08-28 17:12:04 | 000,013,312 | ---- | M] () [Kernel | System | Running] -- C:\Windows\system32\drivers\MTictwl.sys -- (NCPro)
DRV - [2006-08-28 17:12:04 | 000,013,312 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\MTictwl.sys -- (MagicTune)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3611173932-2121784299-3744245936-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010-09-09 04:00:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010-09-09 04:00:26 | 000,000,000 | ---D | M]

[2010-08-25 00:34:19 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\mozilla\Extensions
[2010-09-17 21:09:58 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\mozilla\Firefox\Profiles\7pcj8uok.default\extensions
[2010-08-25 00:34:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2010-07-23 02:41:44 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2010-07-23 02:41:44 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2010-07-23 02:41:44 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2010-07-23 02:41:44 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2010-07-23 02:41:44 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2010-07-23 02:41:44 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2010-08-25 19:39:54 | 000,000,988 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 serial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 www.alcohol-soft.com
O1 - Hosts: 127.0.0.1 images.alcohol-soft.com
O1 - Hosts: 127.0.0.1 trial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 alcohol-soft.com
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:[b]64bit:[/b] - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:[b]64bit:[/b] - HKLM..\Run: [MagicTuneEngine] C:\Program Files (x86)\MagicTune Premium\MagicTuneLauncher.exe ()
O4:[b]64bit:[/b] - HKLM..\Run: [MSSE] C:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [DelReg] C:\Program Files (x86)\MSI\OverclockingCenter\DelReg.exe ()
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [MagicRotation] C:\Program Files (x86)\MagicRotation\MagicPvt.exe (Samsung Electronics, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3611173932-2121784299-3744245936-1001..\Run: [AlcoholAutomount] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)
O4 - HKU\S-1-5-21-3611173932-2121784299-3744245936-1001..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\/\KiesTrayAgent.exe ()
O4 - HKU\S-1-5-21-3611173932-2121784299-3744245936-1001..\Run: [Komunikator] C:\Program Files (x86)\Tlen.pl\tlen.exe (o2.pl Sp. z o.o.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-3611173932-2121784299-3744245936-1001\..Trusted Domains: mks.com.pl ([www] https in Zaufane witryny)
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.21.99.95 192.168.1.1
O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - File not found
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*


MsConfig:64bit - State: "startup" - Reg Error: Key error.

SafeBootMin:[b]64bit:[/b] AppMgmt - Service
SafeBootMin:[b]64bit:[/b] Base - Driver Group
SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group
SafeBootMin:[b]64bit:[/b] File system - Driver Group
SafeBootMin:[b]64bit:[/b] Filter - Driver Group
SafeBootMin:[b]64bit:[/b] HelpSvc - Service
SafeBootMin:[b]64bit:[/b] MsMpSvc - C:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group
SafeBootMin:[b]64bit:[/b] sacsvr - Service
SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] vmms - Service
SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: Lavasoft Ad-Aware Service - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:[b]64bit:[/b] AppMgmt - Service
SafeBootNet:[b]64bit:[/b] Base - Driver Group
SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group
SafeBootNet:[b]64bit:[/b] File system - Driver Group
SafeBootNet:[b]64bit:[/b] Filter - Driver Group
SafeBootNet:[b]64bit:[/b] HelpSvc - Service
SafeBootNet:[b]64bit:[/b] Messenger - Service
SafeBootNet:[b]64bit:[/b] MsMpSvc - C:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group
SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group
SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group
SafeBootNet:[b]64bit:[/b] Network - Driver Group
SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group
SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group
SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group
SafeBootNet:[b]64bit:[/b] rdsessmgr - Service
SafeBootNet:[b]64bit:[/b] sacsvr - Service
SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group
SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] TDI - Driver Group
SafeBootNet:[b]64bit:[/b] vmms - Service
SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver
SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Lavasoft Ad-Aware Service - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-09-17 22:38:41 | 000,000,000 | ---D | C] -- C:\Users\Robert\Desktop\stare logi
[2010-09-17 22:31:14 | 000,000,000 | ---D | C] -- C:\_OTL
[2010-09-17 21:45:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro
[2010-09-17 21:45:10 | 000,000,000 | ---D | C] -- C:\rsit
[2010-09-17 21:29:11 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Robert\Desktop\OTL.exe
[2010-09-17 20:14:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Antimalware
[2010-09-17 20:14:33 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Essentials
[2010-09-17 00:54:47 | 000,069,152 | ---- | C] (Lavasoft AB) -- C:\Windows\SysNative\drivers\Lbd.sys
[2010-09-17 00:52:11 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\Sunbelt Software
[2010-09-17 00:51:50 | 000,000,000 | -H-D | C] -- C:\ProgramData\{ECC164E0-3133-4C70-A831-F08DB2940F70}
[2010-09-17 00:51:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2010-09-17 00:51:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavasoft
[2010-09-17 00:49:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010-09-17 00:49:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2010-09-16 23:32:17 | 000,000,000 | ---D | C] -- C:\Program Files\SkanerOnline
[2010-09-14 06:08:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\K-Lite Codec Pack
[2010-09-12 03:19:46 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2010-09-12 03:17:23 | 000,000,000 | ---D | C] -- C:\Users\Robert\Desktop\MotioninJoy_050002_amd64
[2010-09-12 02:00:10 | 000,000,000 | ---D | C] -- C:\Users\Robert\Desktop\magisterka10.09.10 praca
[2010-09-11 22:00:07 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\BESTplayer
[2010-09-11 21:59:34 | 001,093,632 | ---- | C] (Karol Winnicki) -- C:\Users\Robert\Desktop\BESTplayer.exe
[2010-09-10 18:04:27 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2010-09-10 18:04:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2010-09-10 18:03:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
[2010-09-09 19:16:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2010-09-06 18:10:27 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010-09-05 20:30:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group
[2010-09-05 20:11:53 | 000,000,000 | ---D | C] -- C:\Users\Robert\Desktop\God Mode.{ED7BA470-8E54-465E-825C-99712043E01C}
[2010-09-05 19:13:08 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\ClipboardManager
[2010-09-05 14:38:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ALLConventer Samsung Monte
[2010-09-04 12:15:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDFCreator
[2010-09-03 20:08:49 | 000,000,000 | ---D | C] -- C:\Users\Robert\Documents\My Videos
[2010-09-03 20:07:41 | 000,000,000 | ---D | C] -- C:\Users\Robert\Documents\SelfMV
[2010-09-03 19:58:59 | 000,000,000 | ---D | C] -- C:\Users\Robert\Documents\Samsung
[2010-09-03 19:58:58 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Suite
[2010-09-03 19:58:57 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\PC Suite
[2010-09-03 19:56:10 | 000,161,280 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\ss_bmdm.sys
[2010-09-03 19:56:10 | 000,128,000 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\ss_bserd.sys
[2010-09-03 19:56:10 | 000,127,488 | ---- | C] (MCCI) -- C:\Windows\SysNative\drivers\ss_bbus.sys
[2010-09-03 19:56:10 | 000,018,944 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\ss_bmdfl.sys
[2010-09-03 19:56:10 | 000,015,872 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\ss_bwhnt.sys
[2010-09-03 19:56:10 | 000,015,872 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\ss_bwh.sys
[2010-09-03 19:56:10 | 000,015,360 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\ss_bcmnt.sys
[2010-09-03 19:56:10 | 000,015,360 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\ss_bcm.sys
[2010-09-03 19:55:53 | 000,000,000 | ---D | C] -- C:\Program Files\SAMSUNG
[2010-09-03 19:55:45 | 000,025,600 | ---- | C] (Nokia) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys
[2010-09-03 19:55:45 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2010-09-03 19:55:42 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2010-09-03 19:53:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Connectivity Solution
[2010-09-03 19:51:20 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Samsung
[2010-09-03 19:50:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MarkAny
[2010-09-03 19:50:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung
[2010-09-03 19:50:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Samsung
[2010-09-03 19:50:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Samsung
[2010-09-01 00:28:42 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Microsoft Games
[2010-09-01 00:09:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Microsoft Games
[2010-08-31 23:47:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games
[2010-08-31 19:42:07 | 000,000,000 | ---D | C] -- C:\Users\Robert\Documents\Alcohol 120%
[2010-08-31 16:56:42 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\Easy CD-DA Extractor
[2010-08-31 16:56:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Easy CD-DA Extractor
[2010-08-31 16:56:37 | 000,000,000 | ---D | C] -- C:\Windows\Easy CD-DA Extractor 12
[2010-08-31 16:56:37 | 000,000,000 | ---D | C] -- C:\Program Files\Easy CD-DA Extractor 12
[2010-08-29 12:09:57 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\ElevatedDiagnostics
[2010-08-29 02:31:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2010-08-29 02:31:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2010-08-29 02:24:50 | 000,000,000 | ---D | C] -- C:\Half-Life 2
[2010-08-29 02:12:26 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2010-08-28 23:22:39 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\Last.fm
[2010-08-28 10:41:15 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Canon
[2010-08-28 10:39:58 | 000,000,000 | ---D | C] -- C:\Users\Robert\Desktop\magisterka
[2010-08-28 09:33:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CDisplay
[2010-08-28 02:16:05 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\Apps
[2010-08-27 22:08:03 | 000,000,000 | ---D | C] -- C:\Users\Robert\Documents\My Games
[2010-08-27 22:03:55 | 000,098,304 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt.dll
[2010-08-27 22:02:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Prey
[2010-08-26 01:48:06 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Bentley
[2010-08-26 01:48:06 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\Bentley
[2010-08-26 01:47:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Bentley Shared
[2010-08-26 01:47:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Bentley
[2010-08-26 01:47:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bentley
[2010-08-26 00:57:25 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2010-08-26 00:15:25 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\Mathsoft
[2010-08-26 00:09:59 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Ahead
[2010-08-26 00:09:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2010-08-26 00:09:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nero
[2010-08-26 00:09:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Ahead
[2010-08-25 21:40:55 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJPLM
[2010-08-25 21:37:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CANON
[2010-08-25 21:36:53 | 000,000,000 | ---D | C] -- C:\Program Files\Canon
[2010-08-25 21:35:28 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2010-08-25 21:35:25 | 000,000,000 | -H-D | C] -- C:\Windows\SysNative\CanonIJ Uninstaller Information
[2010-08-25 21:34:59 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
[2010-08-25 21:34:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Canon
[2010-08-25 20:41:43 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Media Player Classic
[2010-08-25 20:40:07 | 000,000,000 | ---D | C] -- C:\Users\Robert\Desktop\robert 2
[2010-08-25 20:38:26 | 000,000,000 | ---D | C] -- C:\Users\Robert\Desktop\Robert PRACA MGR
[2010-08-25 20:24:15 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2010-08-25 20:20:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI
[2010-08-25 20:17:35 | 000,000,000 | ---D | C] -- C:\ATI
[2010-08-25 19:46:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2010-08-25 19:46:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
[2010-08-25 19:46:04 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010-08-25 19:46:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2010-08-25 19:37:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Alcohol Soft
[2010-08-25 18:43:49 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet
[2010-08-25 18:42:45 | 000,000,000 | ---D | C] -- C:\Users\Robert\Documents\Autodesk
[2010-08-25 18:38:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Macrovision Shared
[2010-08-25 18:31:27 | 000,000,000 | ---D | C] -- C:\Civil 3D Projects
[2010-08-25 18:31:27 | 000,000,000 | ---D | C] -- C:\Civil 3D Project Templates
[2010-08-25 18:31:27 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Autodesk
[2010-08-25 18:31:27 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\Autodesk
[2010-08-25 18:30:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AutoCAD Civil 3D 2010
[2010-08-25 18:30:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Autodesk
[2010-08-25 18:29:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2010-08-25 18:29:13 | 000,000,000 | ---D | C] -- C:\Users\Robert\Documents\Microsoft Visual Basic 2005 Power Packs
[2010-08-25 18:29:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Basic 2005 Power Packs
[2010-08-25 18:29:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SDKs
[2010-08-25 18:28:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Designer
[2010-08-25 18:27:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Autodesk Shared
[2010-08-25 18:27:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Autodesk
[2010-08-25 17:23:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD
[2010-08-25 17:22:54 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\Downloaded Installations
[2010-08-25 17:22:21 | 000,421,888 | ---- | C] (NVIDIA) -- C:\Windows\nvsulib.dll
[2010-08-25 17:22:21 | 000,018,216 | ---- | C] (NVidia Corp.) -- C:\Windows\nvoclk64.sys
[2010-08-25 17:22:21 | 000,006,912 | ---- | C] (NVidia Corp.) -- C:\Windows\nvoclock.sys
[2010-08-25 17:22:20 | 001,622,016 | ---- | C] (NVIDIA) -- C:\Windows\NVBenchMarks.dll
[2010-08-25 17:22:20 | 000,380,928 | ---- | C] (NVIDIA) -- C:\Windows\ntuneoem.dll
[2010-08-25 17:22:20 | 000,045,056 | ---- | C] (NVIDIA) -- C:\Windows\NTuneGpu.dll
[2010-08-25 17:22:20 | 000,028,672 | ---- | C] (NVIDIA) -- C:\Windows\AutoTuneScript.dll
[2010-08-25 17:22:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSI
[2010-08-25 17:10:35 | 000,242,176 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\Dts2APO.dll
[2010-08-25 17:10:35 | 000,193,024 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\ViaMicArrayAPO.dll
[2010-08-25 17:10:35 | 000,086,016 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\SysNative\nQPropPageExt.dll
[2010-08-25 17:10:35 | 000,082,432 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\SysNative\nQAPO.dll
[2010-08-25 17:10:35 | 000,076,288 | ---- | C] (VIA Technologies,Inc.) -- C:\Windows\SysNative\ViaMicArrayPropPageExt.dll
[2010-08-25 17:10:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VIA
[2010-08-25 17:09:41 | 000,058,880 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\L1C62x64.sys
[2010-08-25 17:09:23 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Atheros_L1e
[2010-08-25 17:04:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2010-08-25 17:04:36 | 000,121,872 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\drivers\AtiHdmi.sys
[2010-08-25 16:41:51 | 000,000,000 | ---D | C] -- C:\Users\Robert\Desktop\skróty
[2010-08-25 16:28:55 | 000,021,480 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\cpuz134_x64.sys
[2010-08-25 16:28:55 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID
[2010-08-25 06:55:11 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2010-08-25 06:55:11 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2010-08-25 04:02:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2010-08-25 03:41:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2010-08-25 03:41:19 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010-08-25 01:46:46 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Sony Corporation
[2010-08-25 01:27:38 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Mathsoft
[2010-08-25 01:26:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mathcad
[2010-08-25 01:21:04 | 000,827,392 | R--- | C] (Macromedia, Inc.) -- C:\Windows\SysWow64\Flash.ocx
[2010-08-25 01:21:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SEC
[2010-08-25 01:19:33 | 000,143,872 | ---- | C] (Samsung Electronics, Inc.) -- C:\Windows\SysNative\mpvthook.dll
[2010-08-25 01:19:33 | 000,143,872 | ---- | C] (Samsung Electronics, Inc.) -- C:\Windows\mpvthook.dll
[2010-08-25 01:19:33 | 000,014,848 | ---- | C] (Samsung Electronics, Inc.) -- C:\Windows\SysNative\drivers\magicpvt.sys
[2010-08-25 01:19:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MagicRotation
[2010-08-25 01:19:14 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield
[2010-08-25 01:18:11 | 000,023,096 | ---- | C] (Samsung Electronics, Inc. ) -- C:\Windows\SysNative\drivers\MTiCtwl.sys
[2010-08-25 01:17:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MagicTune Premium
[2010-08-25 01:17:41 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\InstallShield
[2010-08-25 00:40:27 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Macromedia
[2010-08-25 00:40:26 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Adobe
[2010-08-25 00:38:56 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2010-08-25 00:34:14 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Mozilla
[2010-08-25 00:34:14 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\Mozilla
[2010-08-25 00:34:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2010-08-25 00:31:26 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\BitComet
[2010-08-25 00:31:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BitComet
[2010-08-25 00:29:17 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\WinRAR
[2010-08-25 00:28:54 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010-08-25 00:27:24 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Tlen.pl
[2010-08-25 00:27:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Tlen.pl
[2010-08-25 00:27:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tlen.pl
[2010-08-25 00:26:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NAPI-PROJEKT
[2010-08-25 00:26:02 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\IrfanView
[2010-08-25 00:26:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IrfanView
[2010-08-25 00:25:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Software
[2010-08-25 00:24:35 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\foobar2000
[2010-08-25 00:24:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\foobar2000
[2010-08-25 00:14:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2010-08-25 00:14:25 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010-08-24 23:21:01 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010-08-24 23:20:39 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\Microsoft Help
[2010-08-24 23:20:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2010-08-24 23:07:37 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2010-08-24 23:07:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony
[2010-08-24 23:05:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2010-08-24 22:59:51 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\Ahead
[2010-08-24 22:58:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Ahead
[2010-08-24 19:12:49 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\Diagnostics
[2010-08-24 19:01:55 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\Microsoft Games
[2010-08-24 18:58:09 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\ATI
[2010-08-24 18:58:09 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\ATI
[2010-08-24 18:56:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2010-08-24 18:56:39 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010-08-24 18:56:19 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2010-08-24 18:56:16 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2010-08-24 17:39:39 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Foxit Software
[2010-08-24 01:37:37 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010-08-24 01:37:24 | 000,000,000 | -HSD | C] -- C:\Boot
[2010-08-24 00:46:07 | 000,000,000 | R--D | C] -- C:\Users\Robert\Searches
[2010-08-24 00:45:56 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Identities
[2010-08-24 00:45:54 | 000,000,000 | R--D | C] -- C:\Users\Robert\Contacts
[2010-08-24 00:45:53 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\VirtualStore
[2010-08-24 00:45:45 | 000,000,000 | --SD | C] -- C:\Users\Robert\AppData\Roaming\Microsoft
[2010-08-24 00:45:45 | 000,000,000 | R--D | C] -- C:\Users\Robert\Videos
[2010-08-24 00:45:45 | 000,000,000 | R--D | C] -- C:\Users\Robert\Saved Games
[2010-08-24 00:45:45 | 000,000,000 | R--D | C] -- C:\Users\Robert\Pictures
[2010-08-24 00:45:45 | 000,000,000 | R--D | C] -- C:\Users\Robert\Music
[2010-08-24 00:45:45 | 000,000,000 | R--D | C] -- C:\Users\Robert\Links
[2010-08-24 00:45:45 | 000,000,000 | R--D | C] -- C:\Users\Robert\Favorites
[2010-08-24 00:45:45 | 000,000,000 | R--D | C] -- C:\Users\Robert\Downloads
[2010-08-24 00:45:45 | 000,000,000 | R--D | C] -- C:\Users\Robert\Documents
[2010-08-24 00:45:45 | 000,000,000 | R--D | C] -- C:\Users\Robert\Desktop
[2010-08-24 00:45:45 | 000,000,000 | -HSD | C] -- C:\Users\Robert\Ustawienia lokalne
[2010-08-24 00:45:45 | 000,000,000 | -HSD | C] -- C:\Users\Robert\AppData\Local\Temporary Internet Files
[2010-08-24 00:45:45 | 000,000,000 | -HSD | C] -- C:\Users\Robert\Szablony
[2010-08-24 00:45:45 | 000,000,000 | -HSD | C] -- C:\Users\Robert\SendTo
[2010-08-24 00:45:45 | 000,000,000 | -HSD | C] -- C:\Users\Robert\Recent
[2010-08-24 00:45:45 | 000,000,000 | -HSD | C] -- C:\Users\Robert\PrintHood
[2010-08-24 00:45:45 | 000,000,000 | -HSD | C] -- C:\Users\Robert\NetHood
[2010-08-24 00:45:45 | 000,000,000 | -HSD | C] -- C:\Users\Robert\Documents\Moje wideo
[2010-08-24 00:45:45 | 000,000,000 | -HSD | C] -- C:\Users\Robert\Documents\Moje obrazy
[2010-08-24 00:45:45 | 000,000,000 | -HSD | C] -- C:\Users\Robert\Moje dokumenty
[2010-08-24 00:45:45 | 000,000,000 | -HSD | C] -- C:\Users\Robert\Documents\Moja muzyka
[2010-08-24 00:45:45 | 000,000,000 | -HSD | C] -- C:\Users\Robert\Menu Start
[2010-08-24 00:45:45 | 000,000,000 | -HSD | C] -- C:\Users\Robert\AppData\Local\Historia
[2010-08-24 00:45:45 | 000,000,000 | -HSD | C] -- C:\Users\Robert\Dane aplikacji
[2010-08-24 00:45:45 | 000,000,000 | -HSD | C] -- C:\Users\Robert\AppData\Local\Dane aplikacji
[2010-08-24 00:45:45 | 000,000,000 | -HSD | C] -- C:\Users\Robert\Cookies
[2010-08-24 00:45:45 | 000,000,000 | -H-D | C] -- C:\Users\Robert\AppData
[2010-08-24 00:45:45 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\Temp
[2010-08-24 00:45:45 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\Microsoft
[2010-08-24 00:45:45 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Media Center Programs
[2010-08-24 00:45:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\Ulubione
[2010-08-24 00:45:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\Szablony
[2010-08-24 00:45:33 | 000,000,000 | -HSD | C] -- C:\Recovery
[2010-08-24 00:45:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\Pulpit
[2010-08-24 00:45:33 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje wideo
[2010-08-24 00:45:33 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje obrazy
[2010-08-24 00:45:33 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moja muzyka
[2010-08-24 00:45:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Start
[2010-08-24 00:45:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty
[2010-08-24 00:45:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dane aplikacji
[2010-08-24 00:40:54 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010-08-24 00:38:26 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2010-08-24 00:38:08 | 000,000,000 | -HSD | C] -- C:\System Volume Information

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-09-17 22:41:17 | 000,000,394 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2010-09-17 22:40:10 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010-09-17 22:40:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010-09-17 22:40:04 | 1609,965,568 | -HS- | M] () -- C:\hiberfil.sys
[2010-09-17 22:32:21 | 002,621,440 | -HS- | M] () -- C:\Users\Robert\NTUSER.DAT
[2010-09-17 22:32:18 | 004,845,466 | -H-- | M] () -- C:\Users\Robert\AppData\Local\IconCache.db
[2010-09-17 22:30:30 | 003,672,054 | ---- | M] () -- C:\Users\Robert\Desktop\rejestr.bmp
[2010-09-17 21:44:53 | 000,339,991 | ---- | M] () -- C:\Users\Robert\Desktop\RSIT.exe
[2010-09-17 21:29:14 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Robert\Desktop\OTL.exe
[2010-09-17 21:18:55 | 082,168,735 | ---- | M] () -- C:\Users\Robert\Desktop\tgs_gt5_2.wmv
[2010-09-17 20:49:22 | 000,015,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010-09-17 20:49:22 | 000,015,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010-09-17 20:14:33 | 000,001,047 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2010-09-17 00:51:48 | 000,001,148 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2010-09-17 00:49:08 | 000,001,268 | ---- | M] () -- C:\Users\Robert\Desktop\Spybot - Search & Destroy.lnk
[2010-09-16 20:30:58 | 036,217,292 | ---- | M] () -- C:\Users\Robert\Desktop\t_thelastguardian_tgs10_trailer_hd.wmv
[2010-09-15 17:56:39 | 001,523,412 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010-09-15 17:56:39 | 000,687,590 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2010-09-15 17:56:39 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010-09-15 17:56:39 | 000,131,176 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2010-09-15 17:56:39 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010-09-14 06:05:17 | 000,006,144 | ---- | M] () -- C:\Users\Robert\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-09-11 21:59:35 | 001,093,632 | ---- | M] (Karol Winnicki) -- C:\Users\Robert\Desktop\BESTplayer.exe
[2010-09-08 16:13:52 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2010-09-07 00:06:33 | 000,000,595 | ---- | M] () -- C:\Users\Robert\Documents\ax_files.xml
[2010-09-05 02:42:11 | 000,007,605 | ---- | M] () -- C:\Users\Robert\AppData\Local\Resmon.ResmonCfg
[2010-09-03 19:50:28 | 000,002,006 | ---- | M] () -- C:\aqua_bitmap.cpp
[2010-09-01 00:12:22 | 000,001,888 | ---- | M] () -- C:\Users\Robert\Desktop\Gears of War.lnk
[2010-08-31 16:56:39 | 000,001,810 | ---- | M] () -- C:\Users\Public\Desktop\Easy CD-DA Extractor.lnk
[2010-08-30 18:46:27 | 000,000,764 | ---- | M] () -- C:\Users\Robert\Desktop\Prey.lnk
[2010-08-30 18:45:50 | 000,000,570 | ---- | M] () -- C:\Users\Robert\Desktop\DeSmuME.lnk
[2010-08-30 18:45:33 | 000,000,749 | ---- | M] () -- C:\Users\Robert\Desktop\Dolphin.lnk
[2010-08-30 18:45:08 | 000,001,321 | ---- | M] () -- C:\Users\Robert\Desktop\Portal.lnk
[2010-08-30 18:44:36 | 000,000,941 | ---- | M] () -- C:\Users\Robert\Desktop\Steam.lnk
[2010-08-30 18:03:12 | 000,000,021 | ---- | M] () -- C:\Users\Robert\AppData\Roaming\.dolphinx64wd
[2010-08-28 23:35:18 | 000,000,703 | ---- | M] () -- C:\Users\Robert\Desktop\Downoloads.lnk
[2010-08-28 02:38:12 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf
[2010-08-28 02:38:12 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_MijXfilt_01009.Wdf
[2010-08-28 01:50:25 | 000,001,484 | ---- | M] () -- C:\Users\Robert\Desktop\foobar2000.lnk
[2010-08-28 01:45:55 | 000,000,652 | ---- | M] () -- C:\Users\Robert\Desktop\Filmy.lnk
[2010-08-27 22:03:55 | 000,098,304 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt.dll
[2010-08-27 20:14:03 | 000,001,468 | ---- | M] () -- C:\Users\Robert\Desktop\napisy.lnk
[2010-08-26 15:59:57 | 000,501,424 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010-08-26 01:57:14 | 000,001,233 | ---- | M] () -- C:\Users\Robert\Desktop\Pobrane.lnk
[2010-08-26 01:47:28 | 000,001,234 | ---- | M] () -- C:\Users\Robert\Desktop\MicroStation.lnk
[2010-08-26 00:14:10 | 000,140,464 | ---- | M] () -- C:\Users\Robert\AppData\Local\GDIPFONTCACHEV1.DAT
[2010-08-25 22:06:16 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010-08-25 20:31:52 | 000,001,554 | ---- | M] () -- C:\Users\Robert\Desktop\MILANINA.lnk
[2010-08-25 19:53:45 | 000,000,387 | ---- | M] () -- C:\Windows\win.ini
[2010-08-25 18:38:15 | 000,002,245 | ---- | M] () -- C:\Users\Public\Desktop\AutoCAD Civil 3D 2010.lnk
[2010-08-25 18:37:01 | 000,002,649 | ---- | M] () -- C:\Users\Robert\Desktop\AutoCAD 2010.lnk
[2010-08-25 18:10:24 | 000,834,544 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys
[2010-08-25 17:31:54 | 000,000,673 | ---- | M] () -- C:\Users\Robert\Desktop\Muzyka.lnk
[2010-08-25 16:16:15 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010-08-25 01:45:46 | 000,002,404 | ---- | M] () -- C:\Users\Robert\Documents\SEC Natural color pro. August 25 2010 - 01 45 AM.icm
[2010-08-25 01:19:33 | 000,000,108 | ---- | M] () -- C:\Windows\SysNative\driver.dat
[2010-08-25 00:34:12 | 000,001,943 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010-08-24 23:07:38 | 000,001,000 | ---- | M] () -- C:\Users\Robert\Desktop\Cyber-shot Viewer.lnk
[2010-08-24 19:06:59 | 000,524,288 | -HS- | M] () -- C:\Users\Robert\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010-08-24 19:06:59 | 000,524,288 | -HS- | M] () -- C:\Users\Robert\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010-08-24 19:06:59 | 000,065,536 | -HS- | M] () -- C:\Users\Robert\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010-08-24 01:37:25 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2010-08-24 00:45:45 | 000,000,020 | -HS- | M] () -- C:\Users\Robert\ntuser.ini
[2010-08-24 00:40:57 | 000,064,519 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2010-08-24 00:40:57 | 000,064,519 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2010-08-24 00:39:51 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2010-08-12 14:15:20 | 000,069,152 | ---- | M] (Lavasoft AB) -- C:\Windows\SysNative\drivers\Lbd.sys
[2010-08-12 14:15:20 | 000,015,880 | ---- | M] () -- C:\Windows\SysNative\lsdelete.exe

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-09-17 22:33:50 | 000,000,394 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2010-09-17 22:30:30 | 003,672,054 | ---- | C] () -- C:\Users\Robert\Desktop\rejestr.bmp
[2010-09-17 21:44:51 | 000,339,991 | ---- | C] () -- C:\Users\Robert\Desktop\RSIT.exe
[2010-09-17 21:17:06 | 082,168,735 | ---- | C] () -- C:\Users\Robert\Desktop\tgs_gt5_2.wmv
[2010-09-17 20:14:33 | 000,001,047 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2010-09-17 17:53:11 | 000,015,880 | ---- | C] () -- C:\Windows\SysNative\lsdelete.exe
[2010-09-17 00:51:48 | 000,001,148 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2010-09-17 00:49:08 | 000,001,268 | ---- | C] () -- C:\Users\Robert\Desktop\Spybot - Search & Destroy.lnk
[2010-09-16 20:28:48 | 036,217,292 | ---- | C] () -- C:\Users\Robert\Desktop\t_thelastguardian_tgs10_trailer_hd.wmv
[2010-09-14 06:08:51 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010-09-05 02:42:11 | 000,007,605 | ---- | C] () -- C:\Users\Robert\AppData\Local\Resmon.ResmonCfg
[2010-09-04 12:15:59 | 000,087,040 | ---- | C] () -- C:\Windows\SysNative\pdfcmnnt.dll
[2010-09-03 20:07:42 | 000,006,144 | ---- | C] () -- C:\Users\Robert\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-09-03 19:50:28 | 000,002,006 | ---- | C] () -- C:\aqua_bitmap.cpp
[2010-09-01 00:12:22 | 000,001,888 | ---- | C] () -- C:\Users\Robert\Desktop\Gears of War.lnk
[2010-08-31 16:56:39 | 000,001,810 | ---- | C] () -- C:\Users\Public\Desktop\Easy CD-DA Extractor.lnk
[2010-08-30 18:46:27 | 000,000,764 | ---- | C] () -- C:\Users\Robert\Desktop\Prey.lnk
[2010-08-30 18:45:50 | 000,000,570 | ---- | C] () -- C:\Users\Robert\Desktop\DeSmuME.lnk
[2010-08-30 18:45:33 | 000,000,749 | ---- | C] () -- C:\Users\Robert\Desktop\Dolphin.lnk
[2010-08-30 18:45:08 | 000,001,321 | ---- | C] () -- C:\Users\Robert\Desktop\Portal.lnk
[2010-08-30 18:44:36 | 000,000,941 | ---- | C] () -- C:\Users\Robert\Desktop\Steam.lnk
[2010-08-30 18:03:12 | 000,000,021 | ---- | C] () -- C:\Users\Robert\AppData\Roaming\.dolphinx64wd
[2010-08-28 23:35:06 | 000,000,703 | ---- | C] () -- C:\Users\Robert\Desktop\Downoloads.lnk
[2010-08-28 10:41:39 | 000,000,000 | ---- | C] () -- C:\Users\Robert\Sti_Trace.log
[2010-08-28 02:38:12 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf
[2010-08-28 02:38:12 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_MijXfilt_01009.Wdf
[2010-08-28 01:50:25 | 000,001,484 | ---- | C] () -- C:\Users\Robert\Desktop\foobar2000.lnk
[2010-08-28 01:46:03 | 000,000,652 | ---- | C] () -- C:\Users\Robert\Desktop\Filmy.lnk
[2010-08-27 20:13:45 | 000,001,468 | ---- | C] () -- C:\Users\Robert\Desktop\napisy.lnk
[2010-08-26 01:57:14 | 000,001,233 | ---- | C] () -- C:\Users\Robert\Desktop\Pobrane.lnk
[2010-08-26 01:47:28 | 000,001,234 | ---- | C] () -- C:\Users\Robert\Desktop\MicroStation.lnk
[2010-08-25 22:06:16 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010-08-25 20:31:52 | 000,001,554 | ---- | C] () -- C:\Users\Robert\Desktop\MILANINA.lnk
[2010-08-25 19:39:58 | 000,000,595 | ---- | C] () -- C:\Users\Robert\Documents\ax_files.xml
[2010-08-25 18:38:15 | 000,002,245 | ---- | C] () -- C:\Users\Public\Desktop\AutoCAD Civil 3D 2010.lnk
[2010-08-25 18:37:01 | 000,002,649 | ---- | C] () -- C:\Users\Robert\Desktop\AutoCAD 2010.lnk
[2010-08-25 18:10:24 | 000,834,544 | ---- | C] () -- C:\Windows\SysNative\drivers\sptd.sys
[2010-08-25 17:31:42 | 000,000,673 | ---- | C] () -- C:\Users\Robert\Desktop\Muzyka.lnk
[2010-08-25 17:22:21 | 000,217,088 | ---- | C] () -- C:\Windows\NVGfxOgl.dll
[2010-08-25 16:16:15 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010-08-25 01:45:46 | 000,002,404 | ---- | C] () -- C:\Users\Robert\Documents\SEC Natural color pro. August 25 2010 - 01 45 AM.icm
[2010-08-25 01:21:05 | 000,013,312 | ---- | C] () -- C:\Windows\SysWow64\drivers\MTictwl.sys
[2010-08-25 01:19:33 | 000,000,108 | ---- | C] () -- C:\Windows\SysNative\driver.dat
[2010-08-25 01:19:33 | 000,000,008 | ---- | C] () -- C:\Windows\SysNative\magicpvt.dat
[2010-08-25 00:34:12 | 000,001,943 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010-08-25 00:14:49 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2010-08-24 23:07:38 | 000,001,000 | ---- | C] () -- C:\Users\Robert\Desktop\Cyber-shot Viewer.lnk
[2010-08-24 01:37:25 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2010-08-24 01:37:24 | 000,383,562 | RHS- | C] () -- C:\bootmgr
[2010-08-24 00:45:45 | 002,621,440 | -HS- | C] () -- C:\Users\Robert\NTUSER.DAT
[2010-08-24 00:45:45 | 000,524,288 | -HS- | C] () -- C:\Users\Robert\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010-08-24 00:45:45 | 000,524,288 | -HS- | C] () -- C:\Users\Robert\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010-08-24 00:45:45 | 000,262,144 | -HS- | C] () -- C:\Users\Robert\ntuser.dat.LOG1
[2010-08-24 00:45:45 | 000,065,536 | -HS- | C] () -- C:\Users\Robert\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010-08-24 00:45:45 | 000,000,020 | -HS- | C] () -- C:\Users\Robert\ntuser.ini
[2010-08-24 00:45:45 | 000,000,000 | -HS- | C] () -- C:\Users\Robert\ntuser.dat.LOG2
[2010-08-24 00:39:51 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010-08-24 00:38:08 | 1609,965,568 | -HS- | C] () -- C:\hiberfil.sys
[2010-04-02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009-11-09 04:08:10 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2009-11-09 04:08:10 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2009-11-09 04:08:10 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2009-11-09 04:08:10 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2009-07-14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009-07-13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[color=#E56717]========== LOP Check ==========[/color]

[2010-08-28 12:08:46 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\Autodesk
[2010-08-26 01:48:06 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\Bentley
[2010-09-11 22:05:47 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\BESTplayer
[2010-09-17 18:15:08 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\BitComet
[2010-08-28 10:41:39 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\Canon
[2010-09-17 20:11:26 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\foobar2000
[2010-08-24 17:39:39 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\Foxit Software
[2010-08-25 00:26:02 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\IrfanView
[2010-08-25 01:27:38 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\Mathsoft
[2010-09-03 19:58:57 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\PC Suite
[2010-09-03 19:51:20 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\Samsung
[2010-08-25 00:27:39 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\Tlen.pl
[2010-09-17 22:41:17 | 000,000,394 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2009-07-14 07:08:49 | 000,020,710 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2010-09-17 22:40:03 | 000,001,116 | ---- | M] () -- C:\aaw7boot.log
[2010-09-03 19:50:28 | 000,002,006 | ---- | M] () -- C:\aqua_bitmap.cpp
[2009-07-14 03:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr
[2010-08-24 01:37:25 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2010-09-17 22:40:04 | 1609,965,568 | -HS- | M] () -- C:\hiberfil.sys
[2010-09-16 23:39:03 | 000,007,530 | ---- | M] () -- C:\mksbasel.cpp.log
[2006-12-01 23:37:14 | 000,904,704 | ---- | M] (Microsoft Corporation) -- C:\msdia80.dll
[2010-09-17 22:40:03 | 2146,623,488 | -HS- | M] () -- C:\pagefile.sys


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2009-07-14 02:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2009-07-14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysWow64\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009-07-14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2009-07-14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2009-07-14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009-10-28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009-10-28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< End of report >
[/log]

info
[log]info.txt logfile of random's system information tool 1.08 2010-09-17 22:48:21

======Uninstall list======

-->C:\Program Files (x86)\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
-->C:\Windows\UNNeroVision.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{4E7DC12A-3597-4A94-9429-F6C6987361B1}\setup.exe" -l0x9 -removeonly
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{7DADB304-AF20-48C3-A780-4B4133A08817}\setup.exe" -l0x9 -removeonly
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{9C423CF6-2DAA-4A37-94B8-59D7ECC7DB13}\setup.exe" -l0x9 -removeonly
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{FA6CC4B4-7741-4F8D-8E81-15C4BAB9869B}\setup.exe" -l0x9 -removeonly
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0415-0000-0000000FF1CE} /uninstall {E9EA2604-8AC9-47D2-8F4B-6BF60787A357}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {E64BA721-2310-4B55-BE5A-2925F9706192}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0415-1000-0000000FF1CE} /uninstall {D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0044-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0415-0000-0000000FF1CE} /uninstall {D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-00BA-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D}
Ad-Aware-->"C:\ProgramData\{ECC164E0-3133-4C70-A831-F08DB2940F70}\Ad-AwareInstall.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->C:\ProgramData\{ECC164E0-3133-4C70-A831-F08DB2940F70}\Ad-AwareInstall.exe
Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10i_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10i_Plugin.exe -maintain plugin
Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0415-0000-0000000FF1CE} /uninstall {04E205D6-88B1-4652-B162-42DF2C3B1228}
Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0415-0000-0000000FF1CE} /uninstall {442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}
Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0415-0000-0000000FF1CE} /uninstall {128A36ED-21BE-4547-9FFE-5B85AEC735DD}
ALLConventer 1.1 + skin s5620-->C:\Program Files (x86)\ALLConventer Samsung Monte\Uninstal.exe
AMD OverDrive-->MsiExec.exe /X{EA18DE8E-B3E6-4D82-A086-9BE2316FA5A5}
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\SETUP.EXE" -runfromtemp -l0x0015 -removeonly
ATI Catalyst Registration-->MsiExec.exe /X{72736F5F-520D-472A-88CC-7B02872FD34E}
AutoCAD Civil 3D 2010 - Polski-->C:\Program Files (x86)\AutoCAD Civil 3D 2010\Setup\Setup.exe /P {5783F2D7-8000-0415-0002-0060B0CE6BBA} /M ACAD /language pl-PL
AutoCAD Civil 3D 2010 - Polski-->C:\Program Files (x86)\AutoCAD Civil 3D 2010\Setup\Setup.exe /P {5783F2D7-8000-0415-0002-0060B0CE6BBA} /M C3D /language pl-PL
Autodesk Design Review 2010-->C:\Program Files (x86)\Autodesk\Autodesk Design Review\Setup\Setup.exe /P {55D9E026-DCB0-46FF-B60A-68B972228CF6} /M ADR
Bentley MicroStation PowerDraft XM Edition 08.09.04.51-->MsiExec.exe /I{EE01A751-1DB9-43F1-8747-F81E7477BFDA}
BitComet 1.22-->C:\Program Files (x86)\BitComet\uninst.exe
Canon MP Navigator EX 1.0-->"C:\Program Files (x86)\Canon\MP Navigator EX 1.0\Maint.exe" /UninstallRemove C:\Program Files (x86)\Canon\MP Navigator EX 1.0\uninst.ini
Canon Utilities Easy-PhotoPrint EX-->C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\uninst.exe uninst.ini
Canon Utilities Solution Menu-->C:\Program Files (x86)\Canon\SolutionMenu\uninst.exe uninst.ini
Catalyst Control Center - Branding-->MsiExec.exe /I{1FF713E1-FE5E-4AD0-9C8C-B2E877846B45}
CDisplay 1.8-->"C:\Program Files (x86)\CDisplay\unins000.exe"
Easy CD-DA Extractor 12-->"C:\Windows\Easy CD-DA Extractor 12\uninstall.exe" "/U:C:\Program Files\Easy CD-DA Extractor 12\irunin.xml"
foobar2000 v1.1-->"C:\Program Files (x86)\foobar2000\uninstall.exe" _?=C:\Program Files (x86)\foobar2000
Foxit Reader-->C:\Program Files (x86)\Foxit Software\Foxit Reader\Uninstall.exe
Gears of War-->C:\Program Files (x86)\InstallShield Installation Information\{1170D24F-42B7-40CF-AA1B-6395CE562354}\setup.exe -runfromtemp -l0x0409
HydraVision-->MsiExec.exe /X{C6B29F03-4D97-3B4E-D906-70958E6B1448}
IrfanView (remove only)-->C:\Program Files (x86)\IrfanView\iv_uninstall.exe
Kies-->"C:\Program Files (x86)\InstallShield Installation Information\{D6CD26FD-CD7F-4C86-96A3-EEBFABE5FE47}\setup.exe" -runfromtemp -l0x0415 -removeonly
Kies-->MsiExec.exe /X{D6CD26FD-CD7F-4C86-96A3-EEBFABE5FE47}
K-Lite Codec Pack 6.0.4 (Basic)-->"C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe"
MagicRotation-->C:\Program Files (x86)\InstallShield Installation Information\{31DBA23B-55DA-48F5-B5B4-A031B722F648}\setup.exe -runfromtemp -l0x0009 -removeonly
MagicTunePremium-->C:\Program Files (x86)\InstallShield Installation Information\{79E9C7C5-4FCC-4DFF-B79E-17319E9522F3}\setup.exe -runfromtemp -l0x0015 -removeonly
Mathcad 14 Help-->MsiExec.exe /I{205ACCD7-5342-4694-91F3-3A99E4FD5AA6}
Mathcad 14 Resource Center-->MsiExec.exe /I{EBD38AE9-D52D-448D-9DB4-4D5F66E1DAFC}
Mathcad 14-->MsiExec.exe /I{E666A69B-A76D-43D5-AF28-4B2150A6EDE2}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{8FB1B528-E260-451E-9B55-E9152F94B80B}
Microsoft Games for Windows - LIVE-->MsiExec.exe /X{F97E3841-CA9D-4964-9D64-26066241D26F}
Microsoft Office Access MUI (Polish) 2007-->MsiExec.exe /X{90120000-0015-0415-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Polish) 2007-->MsiExec.exe /X{90120000-0016-0415-0000-0000000FF1CE}
Microsoft Office Groove MUI (Polish) 2007-->MsiExec.exe /X{90120000-00BA-0415-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Polish) 2007-->MsiExec.exe /X{90120000-0044-0415-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Polish) 2007-->MsiExec.exe /X{90120000-00A1-0415-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Polish) 2007-->MsiExec.exe /X{90120000-001A-0415-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Polish) 2007-->MsiExec.exe /X{90120000-0018-0415-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Polish) 2007-->MsiExec.exe /X{90120000-001F-0415-0000-0000000FF1CE}
Microsoft Office Proofing (Polish) 2007-->MsiExec.exe /X{90120000-002C-0415-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Polish) 2007-->MsiExec.exe /X{90120000-0019-0415-0000-0000000FF1CE}
Microsoft Office Shared MUI (Polish) 2007-->MsiExec.exe /X{90120000-006E-0415-0000-0000000FF1CE}
Microsoft Office Word MUI (Polish) 2007-->MsiExec.exe /X{90120000-001B-0415-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual Basic Power Packs 3.0-->MsiExec.exe /I{7B4D193B-D76D-308B-8B12-5D9BB1CBCE6C}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Mozilla Firefox (3.6.9)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
NapiProjekt 1.0.6.9-->"C:\Program Files (x86)\NAPI-PROJEKT\unins000.exe"
Natural Color Pro-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{FC2C7405-BC58-4E11-8F51-29671BEAC06B}\setup.exe" -l0x9
Nero 7 Premium-->MsiExec.exe /X{CF097717-F174-4144-954A-FBC4BF301045}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
OverclockingCenter-->"C:\Program Files (x86)\MSI\OverclockingCenter\unins000.exe"
PC Connectivity Solution-->MsiExec.exe /I{34610DE0-3C13-42CA-8E32-01FFA38AB6E8}
PDFCreator-->C:\Program Files (x86)\PDFCreator\unins000.exe
PIXMA Extended Survey Program-->C:\Program Files (x86)\Canon\IJPLM\SETUP.EXE -R
Prey-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{A785BBA7-3FB9-4D81-BC35-4A2028915ACB}\setup.exe" -l0x9 -removeonly
Rejestracja użytkownika drukarki Canon MP220 series-->C:\Program Files (x86)\Canon\IJEREG\MP220 series\UNINST.EXE
Revo Uninstaller 1.89-->C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\uninst.exe
Security Update for 2007 Microsoft Office System (KB2277947)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5857EE21-03D0-482E-9620-5A30B314A2AE}
Security Update for 2007 Microsoft Office System (KB2288621)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5C497F0B-2061-4CC9-A61C-6B45B867354D}
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A}
Security Update for 2007 Microsoft Office System (KB982312)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B0EC5722-241F-4CDA-83B4-AA5846B6F9F4}
Security Update for 2007 Microsoft Office System (KB982331)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E8766951-2B6C-4022-86E8-80D2D1762B76}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5A4E43D5-858F-49BD-BA72-8F30E1793060}
Security Update for Microsoft Office Excel 2007 (KB982308)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C3F9A0DC-A5D1-4BB6-870E-2953E5A2487B}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
Security Update for Microsoft Office Outlook 2007 (KB2288953)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8B772E1C-7C05-42D2-839D-3EC2D39EFF22}
Security Update for Microsoft Office PowerPoint 2007 (KB982158)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F5B70033-E79C-4569-90BF-BC9B4E4F3F46}
Security Update for Microsoft Office Publisher 2007 (KB982124)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {289FA8BC-6A8E-4341-B194-EB26B49E9F5D}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Microsoft Office Word 2007 (KB2251419)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7E9103DA-253F-41FF-9E83-7C83806C77DA}
Skaner on-line mks_vir-->C:\Windows\system32\SkanerOnlineUninstall.exe
Sony Picture Utility-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{D5068583-D569-468B-9755-5FBF5848F46F}\setup.exe" -l0x9 /removeonly uninstall -removeonly
Spybot - Search & Destroy-->"C:\Program Files (x86)\Spybot - Search & Destroy\unins000.exe"
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Tlen.pl-->"C:\Program Files (x86)\Tlen.pl\uninstall.exe"
Update for 2007 Microsoft Office System (KB2284654)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {FB166E7C-8AA6-48C8-B726-1F25BEE7825A}
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft Office OneNote 2007 (KB980729)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {329050A9-EF80-40F9-B633-74508F54C1FF}
Update for Outlook 2007 Junk Email Filter (kb2291599)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {768A5B4B-2FDF-4F3D-981E-33C53724BBC8}
VIA Platforma Menedżera urządzeń-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\Windows\SysWOW64\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""

======Hosts File======

127.0.0.1 serial.alcohol-soft.com
127.0.0.1 www.alcohol-soft.com
127.0.0.1 images.alcohol-soft.com
127.0.0.1 trial.alcohol-soft.com
127.0.0.1 alcohol-soft.com

======System event log======

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Usługa Cryptographic Services weszła w stan stopped.
Record Number: 5
Source Name: Service Control Manager
Time Written: 20090714051424.262212-000
Event Type: Informacje
User:

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Usługa Windows Modules Installer weszła w stan stopped.
Record Number: 4
Source Name: Service Control Manager
Time Written: 20090714051424.168612-000
Event Type: Informacje
User:

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Usługa Software Protection weszła w stan stopped.
Record Number: 3
Source Name: Service Control Manager
Time Written: 20090714051424.059412-000
Event Type: Informacje
User:

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Usługa Windows Event Log weszła w stan stopped.
Record Number: 2
Source Name: Service Control Manager
Time Written: 20090714051424.012612-000
Event Type: Informacje
User:

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Usługa Volume Shadow Copy weszła w stan stopped.
Record Number: 1
Source Name: Service Control Manager
Time Written: 20090714051423.934612-000
Event Type: Informacje
User:

=====Application event log=====

Computer Name: 37L4247E29-32
Event Code: 900
Message: Usługa ochrony oprogramowania jest uruchamiana.

Record Number: 5
Source Name: Microsoft-Windows-Security-SPP
Time Written: 20100823224026.000000-000
Event Type: Informacje
User:

Computer Name: 37L4247E29-32
Event Code: 5617
Message: Windows Management Instrumentation Service subsystems initialized successfully
Record Number: 4
Source Name: Microsoft-Windows-WMI
Time Written: 20100823223851.000000-000
Event Type: Informacje
User:

Computer Name: 37L4247E29-32
Event Code: 5615
Message: Windows Management Instrumentation Service started sucessfully
Record Number: 3
Source Name: Microsoft-Windows-WMI
Time Written: 20100823223847.000000-000
Event Type: Informacje
User:

Computer Name: 37L4247E29-32
Event Code: 1531
Message: Usługa profilów użytkowników została uruchomiona pomyślnie.


Record Number: 2
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20100823223843.288893-000
Event Type: Informacje
User: ZARZĄDZANIE NT\SYSTEM

Computer Name: 37L4247E29-32
Event Code: 4625
Message: System podrzędny EventSystem pomija zduplikowane wpisy dziennika zdarzeń przez okres 86400 sekund. Limit czasu pomijania można kontrolować za pomocą wartości REG_DWORD o nazwie SuppressDuplicateDuration w następującym kluczu rejestru: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 1
Source Name: Microsoft-Windows-EventSystem
Time Written: 20100823223843.000000-000
Event Type: Informacje
User:

=====Security event log=====

Computer Name: 37L4247E29-32
Event Code: 4672
Message: Przypisano specjalne uprawnienia do nowego logowania.

Podmiot:
Identyfikator zabezpieczeń: S-1-5-18
Nazwa konta: SYSTEM
Domena konta: ZARZĄDZANIE NT
Identyfikator logowania: 0x3e7

Uprawnienia: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100823223830.730871-000
Event Type: Sukcesy inspekcji
User:

Computer Name: 37L4247E29-32
Event Code: 4624
Message: Użytkownik pomyślnie zalogował się na koncie.

Podmiot:
Identyfikator zabezpieczeń: S-1-5-18
Nazwa konta: 37L4247E29-32$
Domena konta: WORKGROUP
Identyfikator logowania: 0x3e7

Typ logowania: 5

Nowe logowanie:
Identyfikator zabezpieczeń: S-1-5-18
Nazwa konta: SYSTEM
Domena konta: ZARZĄDZANIE NT
Identyfikator logowania: 0x3e7
Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000}

Informacje o procesie:
Identyfikator procesu: 0x1c0
Nazwa procesu: C:\Windows\System32\services.exe

Informacje o sieci:
Nazwa stacji roboczej:
Adres źródłowy sieci: -
Port źródłowy: -

Szczegółowe informacje o uwierzytelnianiu:
Proces logowania: Advapi
Pakiet uwierzytelniania: Negotiate
Usługi przejściowe: -
Nazwa pakietu (tylko NTLM): -
Długość klucza: 0

To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do którego został uzyskany dostęp.

Pola podmiotu wskazują konto w systemie lokalnym, które zażądało logowania. Najczęściej jest to usługa, na przykład usługa Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe.

Pole typu logowania wskazuje rodzaj zaistniałego logowania. Najczęstsze typy to 2 (interakcyjne) i 3 (sieciowe).

Pola nowego logowania wskazują konto, dla którego zostało utworzone nowe logowanie, czyli konto, które zostało zalogowane.

Pola sieci wskazują lokalizację, z której pochodziło zdalne żądanie logowania. Nazwa stacji roboczej nie zawsze jest dostępna i w niektórych przypadkach może być pusta.

Pola informacji o uwierzytelnianiu zawierają szczegółowe informacje o tym konkretnym żądaniu logowania.
- Identyfikator GUID logowania to unikatowy identyfikator, za pomocą którego można skorelować to zdarzenie ze zdarzeniem centrum dystrybucji kluczy.
- Usługi przejściowe wskazują, które usługi pośrednie uczestniczyły w tym żądaniu logowania.
- Nazwa pakietu wskazuje, który protokół podrzędny spośród protokołów NTLM został użyty.
- Długość klucza wskazuje długość wygenerowanego klucza sesji. Jeśli nie zażądano klucza sesji, jest to wartość 0.
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100823223830.730871-000
Event Type: Sukcesy inspekcji
User:

Computer Name: 37L4247E29-32
Event Code: 4902
Message: Utworzono tabelę zasad inspekcji użytkownika.

Liczba elementów: 0
Identyfikator zasad: 0x3090a
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100823223824.147660-000
Event Type: Sukcesy inspekcji
User:

Computer Name: 37L4247E29-32
Event Code: 4624
Message: Użytkownik pomyślnie zalogował się na koncie.

Podmiot:
Identyfikator zabezpieczeń: S-1-0-0
Nazwa konta: -
Domena konta: -
Identyfikator logowania: 0x0

Typ logowania: 0

Nowe logowanie:
Identyfikator zabezpieczeń: S-1-5-18
Nazwa konta: SYSTEM
Domena konta: ZARZĄDZANIE NT
Identyfikator logowania: 0x3e7
Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000}

Informacje o procesie:
Identyfikator procesu: 0x4
Nazwa procesu:

Informacje o sieci:
Nazwa stacji roboczej: -
Adres źródłowy sieci: -
Port źródłowy: -

Szczegółowe informacje o uwierzytelnianiu:
Proces logowania: -
Pakiet uwierzytelniania: -
Usługi przejściowe: -
Nazwa pakietu (tylko NTLM): -
Długość klucza: 0

To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do którego został uzyskany dostęp.

Pola podmiotu wskazują konto w systemie lokalnym, które zażądało logowania. Najczęściej jest to usługa, na przykład usługa Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe.

Pole typu logowania wskazuje rodzaj zaistniałego logowania. Najczęstsze typy to 2 (interakcyjne) i 3 (sieciowe).

Pola nowego logowania wskazują konto, dla którego zostało utworzone nowe logowanie, czyli konto, które zostało zalogowane.

Pola sieci wskazują lokalizację, z której pochodziło zdalne żądanie logowania. Nazwa stacji roboczej nie zawsze jest dostępna i w niektórych przypadkach może być pusta.

Pola informacji o uwierzytelnianiu zawierają szczegółowe informacje o tym konkretnym żądaniu logowania.
- Identyfikator GUID logowania to unikatowy identyfikator, za pomocą którego można skorelować to zdarzenie ze zdarzeniem centrum dystrybucji kluczy.
- Usługi przejściowe wskazują, które usługi pośrednie uczestniczyły w tym żądaniu logowania.
- Nazwa pakietu wskazuje, który protokół podrzędny spośród protokołów NTLM został użyty.
- Długość klucza wskazuje długość wygenerowanego klucza sesji. Jeśli nie zażądano klucza sesji, jest to wartość 0.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100823223821.558055-000
Event Type: Sukcesy inspekcji
User:

Computer Name: 37L4247E29-32
Event Code: 4608
Message: Trwa uruchamianie systemu Windows.

To zdarzenie jest rejestrowane w momencie uruchamiania programu LSASS.EXE i inicjowania podsystemu inspekcji.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100823223821.402055-000
Event Type: Sukcesy inspekcji
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files (x86)\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=3
"PROCESSOR_LEVEL"=16
"PROCESSOR_IDENTIFIER"=AMD64 Family 16 Model 5 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=0502

-----------------EOF-----------------
[/log]

log
[log]Logfile of random's system information tool 1.08 (written by random/random)
Run by Robert at 2010-09-17 22:48:14
Microsoft Windows 7 Home Premium
System drive C: has 24 GB (36%) free of 67 GB
Total RAM: 2047 MB (44% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:48:19, on 2010-09-17
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Tlen.pl\tlen.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Users\Robert\Desktop\RSIT.exe
C:\Program Files (x86)\trend micro\Robert.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [DelReg] C:\Program Files (x86)\MSI\OverclockingCenter\DelReg.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [MagicRotation] C:\Program Files (x86)\MagicRotation\MagicPvt.exe
O4 - HKCU\..\Run: [Komunikator] C:\Program Files (x86)\Tlen.pl\tlen.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\/\KiesTrayAgent.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA SIECIOWA')
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AODService - Unknown owner - C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
O23 - Service: Device Error Recovery Service (dgdersvc) - Devguru Co., Ltd. - C:\Windows\system32\dgdersvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 7369 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Ad-Aware Update (Weekly).job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-10-09 2762240]
"DelReg"=C:\Program Files (x86)\MSI\OverclockingCenter\DelReg.exe [2008-12-04 196608]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-11-04 98304]
"ATICustomerCare"=C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe [2009-06-14 307200]
"MagicRotation"=C:\Program Files (x86)\MagicRotation\MagicPvt.exe [2009-06-19 1286144]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Komunikator"=C:\Program Files (x86)\Tlen.pl\tlen.exe [2009-01-17 5853672]
"AlcoholAutomount"=C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2009-11-15 33120]
"KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\/\KiesTrayAgent.exe [2010-01-28 3404600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\SysWOW64\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 2 months======

2010-09-17 22:31:14 ----D---- C:\_OTL
2010-09-17 21:45:10 ----D---- C:\rsit
2010-09-17 21:45:10 ----D---- C:\Program Files (x86)\trend micro
2010-09-17 20:14:36 ----D---- C:\Program Files (x86)\Microsoft Antimalware
2010-09-17 00:51:50 ----HDC---- C:\ProgramData\{ECC164E0-3133-4C70-A831-F08DB2940F70}
2010-09-17 00:51:28 ----D---- C:\ProgramData\Lavasoft
2010-09-17 00:51:28 ----D---- C:\Program Files (x86)\Lavasoft
2010-09-17 00:49:03 ----D---- C:\ProgramData\Spybot - Search & Destroy
2010-09-17 00:49:03 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy
2010-09-15 22:58:07 ----A---- C:\Windows\SysWOW64\iertutil.dll
2010-09-14 06:08:51 ----A---- C:\Windows\SysWOW64\unrar.dll
2010-09-14 06:08:50 ----D---- C:\Program Files (x86)\K-Lite Codec Pack
2010-09-11 22:00:07 ----D---- C:\Users\Robert\AppData\Roaming\BESTplayer
2010-09-10 18:04:27 ----D---- C:\Windows\SysWOW64\xlive
2010-09-10 18:04:23 ----D---- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2010-09-10 18:03:50 ----D---- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
2010-09-09 19:16:10 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2010-09-06 18:10:27 ----D---- C:\Windows\Minidump
2010-09-05 20:30:44 ----D---- C:\Program Files (x86)\VS Revo Group
2010-09-05 14:38:12 ----D---- C:\Program Files (x86)\ALLConventer Samsung Monte
2010-09-04 12:15:58 ----D---- C:\Program Files (x86)\PDFCreator
2010-09-04 12:15:58 ----A---- C:\Windows\SysWOW64\MSMPIDE.DLL
2010-09-03 19:58:58 ----D---- C:\ProgramData\PC Suite
2010-09-03 19:58:57 ----D---- C:\Users\Robert\AppData\Roaming\PC Suite
2010-09-03 19:53:03 ----D---- C:\Program Files (x86)\PC Connectivity Solution
2010-09-03 19:51:20 ----D---- C:\Users\Robert\AppData\Roaming\Samsung
2010-09-03 19:50:30 ----D---- C:\Program Files (x86)\MarkAny
2010-09-03 19:50:29 ----D---- C:\ProgramData\Samsung
2010-09-03 19:50:22 ----D---- C:\Program Files (x86)\Samsung
2010-09-03 19:50:11 ----D---- C:\Program Files (x86)\Common Files\Samsung
2010-09-01 00:28:42 ----D---- C:\Users\Robert\AppData\Roaming\Microsoft Games
2010-09-01 00:09:32 ----D---- C:\Program Files (x86)\Common Files\Microsoft Games
2010-08-31 23:47:48 ----D---- C:\Program Files (x86)\Microsoft Games
2010-08-31 16:56:38 ----D---- C:\ProgramData\Easy CD-DA Extractor
2010-08-31 16:56:37 ----D---- C:\Windows\Easy CD-DA Extractor 12
2010-08-29 02:31:03 ----D---- C:\Program Files (x86)\Steam
2010-08-29 02:31:03 ----D---- C:\Program Files (x86)\Common Files\Steam
2010-08-29 02:24:50 ----D---- C:\Half-Life 2
2010-08-29 02:12:26 ----D---- C:\ProgramData\TEMP
2010-08-28 10:41:15 ----D---- C:\Users\Robert\AppData\Roaming\Canon
2010-08-28 09:33:10 ----D---- C:\Program Files (x86)\CDisplay
2010-08-27 22:03:55 ----A---- C:\Windows\SysWOW64\CmdLineExt.dll
2010-08-27 22:02:11 ----D---- C:\Program Files (x86)\Prey
2010-08-26 01:48:06 ----D---- C:\Users\Robert\AppData\Roaming\Bentley
2010-08-26 01:47:00 ----D---- C:\ProgramData\Bentley
2010-08-26 01:47:00 ----D---- C:\Program Files (x86)\Common Files\Bentley Shared
2010-08-26 01:47:00 ----D---- C:\Program Files (x86)\Bentley
2010-08-26 01:00:46 ----A---- C:\Windows\SysWOW64\XAudio2_7.dll
2010-08-26 01:00:46 ----A---- C:\Windows\SysWOW64\XAPOFX1_5.dll
2010-08-26 01:00:45 ----A---- C:\Windows\SysWOW64\xactengine3_7.dll
2010-08-26 01:00:45 ----A---- C:\Windows\SysWOW64\D3DCompiler_43.dll
2010-08-26 01:00:44 ----A---- C:\Windows\SysWOW64\D3DX9_43.dll
2010-08-26 01:00:44 ----A---- C:\Windows\SysWOW64\d3dx11_43.dll
2010-08-26 01:00:44 ----A---- C:\Windows\SysWOW64\d3dx10_43.dll
2010-08-26 01:00:44 ----A---- C:\Windows\SysWOW64\d3dcsx_43.dll
2010-08-26 01:00:43 ----A---- C:\Windows\SysWOW64\XAudio2_6.dll
2010-08-26 01:00:43 ----A---- C:\Windows\SysWOW64\XAPOFX1_4.dll
2010-08-26 01:00:43 ----A---- C:\Windows\SysWOW64\xactengine3_6.dll
2010-08-26 01:00:43 ----A---- C:\Windows\SysWOW64\X3DAudio1_7.dll
2010-08-26 01:00:41 ----A---- C:\Windows\SysWOW64\XAudio2_5.dll
2010-08-26 01:00:41 ----A---- C:\Windows\SysWOW64\xactengine3_5.dll
2010-08-26 01:00:41 ----A---- C:\Windows\SysWOW64\D3DCompiler_42.dll
2010-08-26 01:00:39 ----A---- C:\Windows\SysWOW64\d3dcsx_42.dll
2010-08-26 01:00:38 ----A---- C:\Windows\SysWOW64\d3dx11_42.dll
2010-08-26 01:00:38 ----A---- C:\Windows\SysWOW64\d3dx10_42.dll
2010-08-26 01:00:37 ----A---- C:\Windows\SysWOW64\D3DX9_42.dll
2010-08-26 01:00:36 ----A---- C:\Windows\SysWOW64\XAudio2_4.dll
2010-08-26 01:00:36 ----A---- C:\Windows\SysWOW64\XAPOFX1_3.dll
2010-08-26 01:00:36 ----A---- C:\Windows\SysWOW64\D3DX9_41.dll
2010-08-26 01:00:36 ----A---- C:\Windows\SysWOW64\d3dx10_41.dll
2010-08-26 01:00:36 ----A---- C:\Windows\SysWOW64\D3DCompiler_41.dll
2010-08-26 01:00:35 ----A---- C:\Windows\SysWOW64\xactengine3_4.dll
2010-08-26 01:00:35 ----A---- C:\Windows\SysWOW64\X3DAudio1_6.dll
2010-08-26 01:00:35 ----A---- C:\Windows\SysWOW64\d3dx10_40.dll
2010-08-26 01:00:35 ----A---- C:\Windows\SysWOW64\D3DCompiler_40.dll
2010-08-26 01:00:34 ----A---- C:\Windows\SysWOW64\XAudio2_3.dll
2010-08-26 01:00:34 ----A---- C:\Windows\SysWOW64\XAPOFX1_2.dll
2010-08-26 01:00:34 ----A---- C:\Windows\SysWOW64\D3DX9_40.dll
2010-08-26 01:00:33 ----A---- C:\Windows\SysWOW64\xactengine3_3.dll
2010-08-26 01:00:33 ----A---- C:\Windows\SysWOW64\X3DAudio1_5.dll
2010-08-26 01:00:32 ----A---- C:\Windows\SysWOW64\XAudio2_2.dll
2010-08-26 01:00:32 ----A---- C:\Windows\SysWOW64\XAPOFX1_1.dll
2010-08-26 01:00:32 ----A---- C:\Windows\SysWOW64\xactengine3_2.dll
2010-08-26 01:00:31 ----A---- C:\Windows\SysWOW64\D3DX9_39.dll
2010-08-26 01:00:31 ----A---- C:\Windows\SysWOW64\d3dx10_39.dll
2010-08-26 01:00:31 ----A---- C:\Windows\SysWOW64\D3DCompiler_39.dll
2010-08-26 01:00:30 ----A---- C:\Windows\SysWOW64\XAudio2_1.dll
2010-08-26 01:00:30 ----A---- C:\Windows\SysWOW64\XAPOFX1_0.dll
2010-08-26 01:00:30 ----A---- C:\Windows\SysWOW64\xactengine3_1.dll
2010-08-26 01:00:30 ----A---- C:\Windows\SysWOW64\X3DAudio1_4.dll
2010-08-26 01:00:29 ----A---- C:\Windows\SysWOW64\D3DX9_38.dll
2010-08-26 01:00:29 ----A---- C:\Windows\SysWOW64\d3dx10_38.dll
2010-08-26 01:00:29 ----A---- C:\Windows\SysWOW64\D3DCompiler_38.dll
2010-08-26 01:00:28 ----A---- C:\Windows\SysWOW64\XAudio2_0.dll
2010-08-26 01:00:27 ----A---- C:\Windows\SysWOW64\xactengine3_0.dll
2010-08-26 01:00:27 ----A---- C:\Windows\SysWOW64\X3DAudio1_3.dll
2010-08-26 01:00:26 ----A---- C:\Windows\SysWOW64\xactengine2_10.dll
2010-08-26 01:00:24 ----A---- C:\Windows\SysWOW64\d3dx10_36.dll
2010-08-26 01:00:24 ----A---- C:\Windows\SysWOW64\D3DCompiler_36.dll
2010-08-26 01:00:23 ----A---- C:\Windows\SysWOW64\xactengine2_9.dll
2010-08-26 01:00:23 ----A---- C:\Windows\SysWOW64\d3dx9_36.dll
2010-08-26 01:00:22 ----A---- C:\Windows\SysWOW64\d3dx9_35.dll
2010-08-26 01:00:22 ----A---- C:\Windows\SysWOW64\d3dx10_35.dll
2010-08-26 01:00:22 ----A---- C:\Windows\SysWOW64\D3DCompiler_35.dll
2010-08-26 01:00:21 ----A---- C:\Windows\SysWOW64\xactengine2_8.dll
2010-08-26 01:00:21 ----A---- C:\Windows\SysWOW64\X3DAudio1_2.dll
2010-08-26 01:00:21 ----A---- C:\Windows\SysWOW64\d3dx10_34.dll
2010-08-26 01:00:21 ----A---- C:\Windows\SysWOW64\D3DCompiler_34.dll
2010-08-26 01:00:20 ----A---- C:\Windows\SysWOW64\xinput1_3.dll
2010-08-26 01:00:20 ----A---- C:\Windows\SysWOW64\xactengine2_7.dll
2010-08-26 01:00:20 ----A---- C:\Windows\SysWOW64\d3dx9_34.dll
2010-08-26 01:00:19 ----A---- C:\Windows\SysWOW64\d3dx9_33.dll
2010-08-26 01:00:19 ----A---- C:\Windows\SysWOW64\d3dx10_33.dll
2010-08-26 01:00:19 ----A---- C:\Windows\SysWOW64\D3DCompiler_33.dll
2010-08-26 01:00:18 ----A---- C:\Windows\SysWOW64\xactengine2_6.dll
2010-08-26 01:00:17 ----A---- C:\Windows\SysWOW64\xactengine2_5.dll
2010-08-26 01:00:17 ----A---- C:\Windows\SysWOW64\d3dx10.dll
2010-08-26 01:00:16 ----A---- C:\Windows\SysWOW64\xactengine2_4.dll
2010-08-26 01:00:16 ----A---- C:\Windows\SysWOW64\x3daudio1_1.dll
2010-08-26 01:00:16 ----A---- C:\Windows\SysWOW64\d3dx9_32.dll
2010-08-26 01:00:16 ----A---- C:\Windows\SysWOW64\d3dx9_31.dll
2010-08-26 01:00:15 ----A---- C:\Windows\SysWOW64\xinput1_2.dll
2010-08-26 01:00:15 ----A---- C:\Windows\SysWOW64\xactengine2_3.dll
2010-08-26 01:00:14 ----A---- C:\Windows\SysWOW64\xinput1_1.dll
2010-08-26 01:00:14 ----A---- C:\Windows\SysWOW64\xactengine2_2.dll
2010-08-26 01:00:14 ----A---- C:\Windows\SysWOW64\xactengine2_1.dll
2010-08-26 01:00:12 ----A---- C:\Windows\SysWOW64\xactengine2_0.dll
2010-08-26 01:00:12 ----A---- C:\Windows\SysWOW64\x3daudio1_0.dll
2010-08-26 01:00:12 ----A---- C:\Windows\SysWOW64\d3dx9_29.dll
2010-08-26 01:00:11 ----A---- C:\Windows\SysWOW64\d3dx9_27.dll
2010-08-26 01:00:10 ----A---- C:\Windows\SysWOW64\d3dx9_26.dll
2010-08-26 01:00:10 ----A---- C:\Windows\SysWOW64\d3dx9_25.dll
2010-08-26 01:00:10 ----A---- C:\Windows\SysWOW64\d3dx9_24.dll
2010-08-26 00:57:25 ----D---- C:\Windows\SysWOW64\directx
2010-08-26 00:09:59 ----D---- C:\Users\Robert\AppData\Roaming\Ahead
2010-08-26 00:09:08 ----D---- C:\ProgramData\Nero
2010-08-26 00:09:08 ----D---- C:\Program Files (x86)\Nero
2010-08-26 00:09:08 ----D---- C:\Program Files (x86)\Common Files\Ahead
2010-08-25 21:40:55 ----D---- C:\ProgramData\CanonIJPLM
2010-08-25 21:35:28 ----HD---- C:\ProgramData\CanonBJ
2010-08-25 21:34:28 ----D---- C:\Program Files (x86)\Canon
2010-08-25 20:41:43 ----D---- C:\Users\Robert\AppData\Roaming\Media Player Classic
2010-08-25 20:24:15 ----D---- C:\ProgramData\ATI
2010-08-25 20:20:58 ----D---- C:\Program Files (x86)\ATI
2010-08-25 20:17:35 ----D---- C:\ATI
2010-08-25 19:46:41 ----D---- C:\Program Files (x86)\Microsoft Works
2010-08-25 19:46:23 ----D---- C:\Program Files (x86)\Microsoft Visual Studio
2010-08-25 19:46:04 ----D---- C:\Windows\PCHEALTH
2010-08-25 19:46:04 ----D---- C:\Program Files (x86)\Microsoft.NET
2010-08-25 19:37:04 ----D---- C:\Program Files (x86)\Alcohol Soft
2010-08-25 18:43:49 ----D---- C:\ProgramData\FLEXnet
2010-08-25 18:38:06 ----D---- C:\Program Files (x86)\Common Files\Macrovision Shared
2010-08-25 18:31:27 ----D---- C:\Users\Robert\AppData\Roaming\Autodesk
2010-08-25 18:31:27 ----D---- C:\Civil 3D Projects
2010-08-25 18:31:27 ----D---- C:\Civil 3D Project Templates
2010-08-25 18:30:59 ----D---- C:\Program Files (x86)\AutoCAD Civil 3D 2010
2010-08-25 18:30:52 ----D---- C:\ProgramData\Autodesk
2010-08-25 18:29:13 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2010-08-25 18:29:13 ----D---- C:\Program Files (x86)\Microsoft Visual Basic 2005 Power Packs
2010-08-25 18:29:13 ----D---- C:\Program Files (x86)\Microsoft SDKs
2010-08-25 18:29:08 ----A---- C:\Windows\SysWOW64\d3dx10_37.dll
2010-08-25 18:29:08 ----A---- C:\Windows\SysWOW64\D3DCompiler_37.dll
2010-08-25 18:29:07 ----A---- C:\Windows\SysWOW64\D3DX9_37.dll
2010-08-25 18:28:36 ----D---- C:\Program Files (x86)\Common Files\Designer
2010-08-25 18:27:51 ----D---- C:\Program Files (x86)\Common Files\Autodesk Shared
2010-08-25 18:27:51 ----D---- C:\Program Files (x86)\Autodesk
2010-08-25 17:56:01 ----A---- C:\Windows\SysWOW64\oleaut32.dll
2010-08-25 17:23:28 ----D---- C:\Program Files (x86)\AMD
2010-08-25 17:22:21 ----A---- C:\Windows\ver5.5.14.0.txt
2010-08-25 17:22:21 ----A---- C:\Windows\nvsulib.dll
2010-08-25 17:22:21 ----A---- C:\Windows\nvoclock.sys
2010-08-25 17:22:21 ----A---- C:\Windows\nvoclk64.sys
2010-08-25 17:22:21 ----A---- C:\Windows\Nvgpio.dll
2010-08-25 17:22:21 ----A---- C:\Windows\NVGfxOgl.dll
2010-08-25 17:22:20 ----A---- C:\Windows\NVBenchMarks.dll
2010-08-25 17:22:20 ----A---- C:\Windows\ntuneoem.dll
2010-08-25 17:22:20 ----A---- C:\Windows\NTuneGpu.dll
2010-08-25 17:22:20 ----A---- C:\Windows\msvcr71.dll
2010-08-25 17:22:20 ----A---- C:\Windows\msvcp71.dll
2010-08-25 17:22:20 ----A---- C:\Windows\MFC71.dll
2010-08-25 17:22:20 ----A---- C:\Windows\AutoTuneScript.dll
2010-08-25 17:22:19 ----D---- C:\Program Files (x86)\MSI
2010-08-25 17:10:20 ----N---- C:\Windows\difxapi.dll
2010-08-25 17:10:19 ----D---- C:\Program Files (x86)\VIA
2010-08-25 17:09:23 ----D---- C:\Windows\SysWOW64\Atheros_L1e
2010-08-25 06:55:11 ----D---- C:\Windows\SysWOW64\Wat
2010-08-25 04:04:38 ----A---- C:\Windows\SysWOW64\msv1_0.dll
2010-08-25 04:02:02 ----D---- C:\Program Files (x86)\MSXML 4.0
2010-08-25 04:01:10 ----A---- C:\Windows\SysWOW64\PresentationHostProxy.dll
2010-08-25 04:01:10 ----A---- C:\Windows\SysWOW64\PresentationHost.exe
2010-08-25 04:01:10 ----A---- C:\Windows\SysWOW64\netfxperf.dll
2010-08-25 04:01:10 ----A---- C:\Windows\SysWOW64\mscoree.dll
2010-08-25 04:01:10 ----A---- C:\Windows\SysWOW64\dfshim.dll
2010-08-25 03:41:41 ----D---- C:\Program Files (x86)\Microsoft Office
2010-08-25 03:41:19 ----RHD---- C:\MSOCache
2010-08-25 03:05:39 ----A---- C:\Windows\SysWOW64\asycfilt.dll
2010-08-25 03:05:37 ----A---- C:\Windows\SysWOW64\vbscript.dll
2010-08-25 03:05:37 ----A---- C:\Windows\SysWOW64\ntdll.dll
2010-08-25 03:05:36 ----A---- C:\Windows\SysWOW64\schannel.dll
2010-08-25 03:05:31 ----A---- C:\Windows\SysWOW64\wmp.dll
2010-08-25 03:05:30 ----A---- C:\Windows\SysWOW64\CertEnroll.dll
2010-08-25 03:05:28 ----A---- C:\Windows\SysWOW64\wmploc.DLL
2010-08-25 03:05:26 ----A---- C:\Windows\SysWOW64\secproc_isv.dll
2010-08-25 03:05:26 ----A---- C:\Windows\SysWOW64\secproc.dll
2010-08-25 03:05:25 ----A---- C:\Windows\SysWOW64\secproc_ssp_isv.dll
2010-08-25 03:05:25 ----A---- C:\Windows\SysWOW64\RMActivate_isv.exe
2010-08-25 03:05:25 ----A---- C:\Windows\SysWOW64\RMActivate.exe
2010-08-25 03:05:24 ----A---- C:\Windows\SysWOW64\secproc_ssp.dll
2010-08-25 03:05:24 ----A---- C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2010-08-25 03:05:24 ----A---- C:\Windows\SysWOW64\RMActivate_ssp.exe
2010-08-25 03:05:16 ----A---- C:\Windows\SysWOW64\shell32.dll
2010-08-25 03:05:15 ----A---- C:\Windows\SysWOW64\inetcomm.dll
2010-08-25 03:05:13 ----A---- C:\Windows\SysWOW64\t2embed.dll
2010-08-25 03:05:04 ----A---- C:\Windows\SysWOW64\ntoskrnl.exe
2010-08-25 03:05:04 ----A---- C:\Windows\SysWOW64\ntkrnlpa.exe
2010-08-25 03:04:57 ----A---- C:\Windows\SysWOW64\mshtml.dll
2010-08-25 03:04:56 ----A---- C:\Windows\SysWOW64\ieframe.dll
2010-08-25 03:04:55 ----A---- C:\Windows\SysWOW64\urlmon.dll
2010-08-25 03:04:55 ----A---- C:\Windows\SysWOW64\mstime.dll
2010-08-25 03:04:55 ----A---- C:\Windows\SysWOW64\iedkcs32.dll
2010-08-25 03:04:54 ----A---- C:\Windows\SysWOW64\wininet.dll
2010-08-25 03:04:54 ----A---- C:\Windows\SysWOW64\msfeedsbs.dll
2010-08-25 03:04:54 ----A---- C:\Windows\SysWOW64\jsproxy.dll
2010-08-25 03:04:54 ----A---- C:\Windows\SysWOW64\ieui.dll
2010-08-25 03:04:54 ----A---- C:\Windows\SysWOW64\iepeers.dll
2010-08-25 03:04:53 ----A---- C:\Windows\SysWOW64\msfeedssync.exe
2010-08-25 03:04:51 ----A---- C:\Windows\SysWOW64\explorer.exe
2010-08-25 03:04:51 ----A---- C:\Windows\explorer.exe
2010-08-25 03:04:50 ----A---- C:\Windows\SysWOW64\wow32.dll
2010-08-25 03:04:50 ----A---- C:\Windows\SysWOW64\user.exe
2010-08-25 03:04:50 ----A---- C:\Windows\SysWOW64\setup16.exe
2010-08-25 03:04:50 ----A---- C:\Windows\SysWOW64\ntvdm64.dll
2010-08-25 03:04:50 ----A---- C:\Windows\SysWOW64\instnm.exe
2010-08-25 03:04:49 ----A---- C:\Windows\SysWOW64\rtutils.dll
2010-08-25 03:04:41 ----A---- C:\Windows\SysWOW64\iccvid.dll
2010-08-25 03:04:38 ----A---- C:\Windows\SysWOW64\CPFilters.dll
2010-08-25 03:04:37 ----A---- C:\Windows\SysWOW64\psisdecd.dll
2010-08-25 03:04:36 ----A---- C:\Windows\SysWOW64\tsbyuv.dll
2010-08-25 03:04:36 ----A---- C:\Windows\SysWOW64\quartz.dll
2010-08-25 03:04:36 ----A---- C:\Windows\SysWOW64\msyuv.dll
2010-08-25 03:04:36 ----A---- C:\Windows\SysWOW64\msvidc32.dll
2010-08-25 03:04:36 ----A---- C:\Windows\SysWOW64\msrle32.dll
2010-08-25 03:04:36 ----A---- C:\Windows\SysWOW64\mciavi32.dll
2010-08-25 03:04:36 ----A---- C:\Windows\SysWOW64\iyuv_32.dll
2010-08-25 03:04:36 ----A---- C:\Windows\SysWOW64\avifil32.dll
2010-08-25 03:04:33 ----A---- C:\Windows\SysWOW64\msxml3.dll
2010-08-25 03:04:33 ----A---- C:\Windows\SysWOW64\jscript.dll
2010-08-25 03:04:30 ----A---- C:\Windows\SysWOW64\sspicli.dll
2010-08-25 03:04:30 ----A---- C:\Windows\SysWOW64\secur32.dll
2010-08-25 03:04:26 ----A---- C:\Windows\SysWOW64\msasn1.dll
2010-08-25 03:04:25 ----A---- C:\Windows\SysWOW64\fontsub.dll
2010-08-25 03:04:25 ----A---- C:\Windows\SysWOW64\atmlib.dll
2010-08-25 03:04:25 ----A---- C:\Windows\SysWOW64\atmfd.dll
2010-08-25 03:04:24 ----A---- C:\Windows\SysWOW64\tzres.dll
2010-08-25 01:46:46 ----D---- C:\Users\Robert\AppData\Roaming\Sony Corporation
2010-08-25 01:27:38 ----D---- C:\Users\Robert\AppData\Roaming\Mathsoft
2010-08-25 01:26:31 ----A---- C:\Windows\MC14_RC_IS_Log.txt
2010-08-25 01:26:07 ----D---- C:\Program Files (x86)\Mathcad
2010-08-25 01:26:04 ----A---- C:\Windows\MC14_Help_IS_Log.txt
2010-08-25 01:25:12 ----A---- C:\Windows\MC14_IS_LOG.txt
2010-08-25 01:21:05 ----A---- C:\Windows\SysWOW64\drivers\MTictwl.sys
2010-08-25 01:21:01 ----D---- C:\Program Files (x86)\SEC
2010-08-25 01:19:33 ----D---- C:\Program Files (x86)\MagicRotation
2010-08-25 01:19:33 ----A---- C:\Windows\mpvthook.dll
2010-08-25 01:19:14 ----D---- C:\ProgramData\InstallShield
2010-08-25 01:17:49 ----D---- C:\Program Files (x86)\MagicTune Premium
2010-08-25 01:17:41 ----D---- C:\Users\Robert\AppData\Roaming\InstallShield
2010-08-25 00:40:27 ----D---- C:\Users\Robert\AppData\Roaming\Macromedia
2010-08-25 00:40:26 ----D---- C:\Users\Robert\AppData\Roaming\Adobe
2010-08-25 00:38:56 ----D---- C:\Windows\SysWOW64\Macromed
2010-08-25 00:34:14 ----D---- C:\Users\Robert\AppData\Roaming\Mozilla
2010-08-25 00:34:10 ----D---- C:\Program Files (x86)\Mozilla Firefox
2010-08-25 00:31:26 ----D---- C:\Users\Robert\AppData\Roaming\BitComet
2010-08-25 00:31:25 ----D---- C:\Program Files (x86)\BitComet
2010-08-25 00:29:17 ----D---- C:\Users\Robert\AppData\Roaming\WinRAR
2010-08-25 00:27:24 ----D---- C:\Users\Robert\AppData\Roaming\Tlen.pl
2010-08-25 00:27:24 ----D---- C:\ProgramData\Tlen.pl
2010-08-25 00:27:19 ----D---- C:\Program Files (x86)\Tlen.pl
2010-08-25 00:26:54 ----D---- C:\Program Files (x86)\NAPI-PROJEKT
2010-08-25 00:26:02 ----D---- C:\Users\Robert\AppData\Roaming\IrfanView
2010-08-25 00:26:02 ----D---- C:\Program Files (x86)\IrfanView
2010-08-25 00:25:09 ----D---- C:\Program Files (x86)\Foxit Software
2010-08-25 00:24:35 ----D---- C:\Users\Robert\AppData\Roaming\foobar2000
2010-08-25 00:24:31 ----D---- C:\Program Files (x86)\foobar2000
2010-08-25 00:14:25 ----D---- C:\ProgramData\Alwil Software
2010-08-25 00:12:01 ----A---- C:\Windows\SysWOW64\wintrust.dll
2010-08-25 00:12:01 ----A---- C:\Windows\SysWOW64\cabview.dll
2010-08-24 23:20:38 ----D---- C:\ProgramData\Microsoft Help
2010-08-24 23:07:37 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2010-08-24 23:07:37 ----D---- C:\Program Files (x86)\Sony
2010-08-24 23:05:52 ----D---- C:\Program Files (x86)\Common Files\InstallShield
2010-08-24 22:58:58 ----D---- C:\ProgramData\Ahead
2010-08-24 22:57:12 ----A---- C:\Windows\SysWOW64\d3dx9_30.dll
2010-08-24 22:57:12 ----A---- C:\Windows\SysWOW64\d3dx9_28.dll
2010-08-24 18:58:09 ----D---- C:\Users\Robert\AppData\Roaming\ATI
2010-08-24 18:56:40 ----D---- C:\Program Files (x86)\ATI Technologies
2010-08-24 18:56:39 ----SHD---- C:\Windows\Installer
2010-08-24 17:39:39 ----D---- C:\Users\Robert\AppData\Roaming\Foxit Software
2010-08-24 01:37:37 ----D---- C:\Windows\Panther
2010-08-24 01:37:25 ----RASH---- C:\BOOTSECT.BAK
2010-08-24 01:37:24 ----SHD---- C:\Boot
2010-08-24 00:45:56 ----D---- C:\Users\Robert\AppData\Roaming\Identities
2010-08-24 00:45:45 ----SD---- C:\Users\Robert\AppData\Roaming\Microsoft
2010-08-24 00:45:45 ----D---- C:\Users\Robert\AppData\Roaming\Media Center Programs
2010-08-24 00:45:33 ----SHD---- C:\Recovery
2010-08-24 00:45:33 ----SHD---- C:\ProgramData\Ulubione
2010-08-24 00:45:33 ----SHD---- C:\ProgramData\Szablony
2010-08-24 00:45:33 ----SHD---- C:\ProgramData\Pulpit
2010-08-24 00:45:33 ----SHD---- C:\ProgramData\Menu Start
2010-08-24 00:45:33 ----SHD---- C:\ProgramData\Dokumenty
2010-08-24 00:45:33 ----SHD---- C:\ProgramData\Dane aplikacji
2010-08-24 00:40:54 ----D---- C:\Windows\SoftwareDistribution
2010-08-24 00:38:26 ----D---- C:\Windows\Prefetch
2010-08-24 00:38:09 ----ASH---- C:\pagefile.sys
2010-08-24 00:38:08 ----SHD---- C:\System Volume Information
2010-08-24 00:38:08 ----ASH---- C:\hiberfil.sys

======List of files/folders modified in the last 2 months======

2010-09-17 22:47:36 ----D---- C:\Windows\Temp
2010-09-17 22:41:17 ----D---- C:\Windows\Tasks
2010-09-17 22:31:15 ----RD---- C:\Program Files
2010-09-17 22:31:15 ----D---- C:\Windows\SysWOW64\drivers
2010-09-17 22:31:15 ----D---- C:\Windows\SysWOW64
2010-09-17 22:25:20 ----RD---- C:\Program Files (x86)
2010-09-17 20:43:17 ----HD---- C:\ProgramData
2010-09-17 20:14:36 ----SD---- C:\ProgramData\Microsoft
2010-09-17 20:10:57 ----D---- C:\Windows
2010-09-17 17:57:31 ----D---- C:\Windows\System32
2010-09-17 00:51:19 ----D---- C:\Windows\winsxs
2010-09-16 23:32:17 ----D---- C:\Windows\Downloaded Program Files
2010-09-15 17:56:38 ----D---- C:\Windows\inf
2010-09-10 18:02:56 ----RSD---- C:\Windows\assembly
2010-09-09 22:25:52 ----D---- C:\PerfLogs
2010-09-06 20:58:48 ----D---- C:\Windows\Registration
2010-09-03 19:50:11 ----D---- C:\Program Files (x86)\Common Files
2010-08-30 20:00:04 ----D---- C:\Windows\Logs
2010-08-30 18:01:13 ----D---- C:\Windows\LiveKernelReports
2010-08-26 17:33:25 ----D---- C:\Windows\rescache
2010-08-26 00:13:30 ----RSD---- C:\Windows\Fonts
2010-08-26 00:13:28 ----D---- C:\Windows\ShellNew
2010-08-26 00:09:32 ----D---- C:\Windows\ehome
2010-08-25 21:40:15 ----RSD---- C:\Windows\Media
2010-08-25 21:35:25 ----D---- C:\Windows\twain_32
2010-08-25 20:02:02 ----D---- C:\Windows\debug
2010-08-25 19:54:30 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
2010-08-25 19:54:29 ----D---- C:\Program Files (x86)\MSBuild
2010-08-25 19:53:47 ----D---- C:\Program Files (x86)\Common Files\System
2010-08-25 19:53:45 ----A---- C:\Windows\win.ini
2010-08-25 19:08:35 ----D---- C:\Windows\AppPatch
2010-08-25 18:39:51 ----D---- C:\Windows\Help
2010-08-25 18:38:59 ----D---- C:\Windows\Microsoft.NET
2010-08-25 06:55:17 ----D---- C:\Program Files (x86)\Windows Media Player
2010-08-25 06:55:16 ----D---- C:\Program Files (x86)\Windows Mail
2010-08-25 06:55:15 ----D---- C:\Windows\SysWOW64\migration
2010-08-25 06:55:15 ----D---- C:\Program Files (x86)\Internet Explorer
2010-08-25 03:59:30 ----D---- C:\Windows\SysWOW64\pl-PL
2010-08-24 00:45:54 ----SHD---- C:\$Recycle.Bin
2010-08-24 00:45:42 ----RD---- C:\Users

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys []
R0 Lbd;Lbd; C:\Windows\system32\DRIVERS\Lbd.sys []
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys []
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys []
R1 NCPro;NCPro; C:\Windows\system32\drivers\MTictwl.sys [2006-08-28 13312]
R2 cpuz134;cpuz134; \??\C:\Windows\system32\drivers\cpuz134_x64.sys []
R3 AODDriver;AODDriver; \??\C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver.sys [2009-10-22 21048]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys []
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
R3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [2009-12-22 18136]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x64.sys []
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys []
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys []
S3 aw7t6n6r;aw7t6n6r; C:\Windows\SysWOW64\drivers\aw7t6n6r.sys []
S3 DualCoreCenter;DualCoreCenter; \??\C:\Program Files (x86)\MSI\OverclockingCenter\NTGLM7X64.sys [2008-12-27 44344]
S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [2010-08-12 16928]
S3 MagicTune;MagicTune; C:\Windows\system32\drivers\MTiCtwl.sys [2006-08-28 13312]
S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver; C:\Windows\system32\DRIVERS\MijXfilt.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys []
S3 RushTopDevice_J;RushTopDevice_J; \??\C:\Program Files (x86)\MSI\OverclockingCenter\RushJ64.sys [2009-03-05 33080]
S3 RushTopDevice2;RushTopDevice2; \??\C:\Program Files (x86)\MSI\OverclockingCenter\RushTop64.sys [2008-12-19 75576]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys []
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys []
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys []
S3 ss_bserd;SAMSUNG USB Mobile Logging Driver; C:\Windows\system32\DRIVERS\ss_bserd.sys []
S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys []
S3 usbscan;Sterownik skanera USB; C:\Windows\system32\DRIVERS\usbscan.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys []
S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe []
R2 AODService;AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [2009-10-22 136544]
R2 dgdersvc;Device Error Recovery Service; C:\Windows\system32\dgdersvc.exe [2009-12-22 95568]
R2 IJPLMSVC;PIXMA Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2007-04-13 101528]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2010-09-17 1355928]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2010-03-25 17424]
S2 StarWindServiceAE;StarWind AE Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-08-25 651720]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2008-11-11 620544]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2010-08-29 407336]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []

-----------------EOF-----------------
[/log]

nie znalazłem tego pliku do zeskanowania w wirus total

a wpis w rejestrze miał przecinek gdy go chciałem wyedytować

w czasie skanowania komp mi sie zawiesil ;]
z góry dzieki za pomoc tomek

Tomek01
komentarz
komentarz

Wygląda czysto.

Profilaktycznie wykonaj pełny skan [url=http://www.instalki.pl/programy/download_c/14/155.html][color=#0000CD][b]DrWebCureIt[/b][/color][/url] oraz [url=http://www.instalki.pl/programy/download_c/13/96.html][color=#0000CD][b]Malwarebytes Anti-Malware[/b][/color][/url] i wyniki podaj na forum.

_milan_
komentarz
komentarz

w szybkim skanowaniu dr web nic nie wykrył, zrobie jeszcze pełne, ale to pewnie jutro wrzuce.

panie doktorze, czy jest szansa ze pacjent bedzie zył?
była juz taka przypadłość?

Tomek01
komentarz
komentarz

A czy coś się zmieniło w zachowaniu systemu ?

_milan_
komentarz
komentarz

na razie działa

ale głowy nie dam ze zaraz sie zawiesi

aha, dr web w szybkim znalazł na koncu zmodyfikowane pliki hosts, i zaproponowal zamiane na normlane, podejrzewajac ze moga to byc pliki szkodliwe, nacisnalem tak.
Nie lubie takich pytan, bo nie wiem czy dobrze robie ;]
teraz skanuje tym drugim, pelne, wiec pewnie zostawie na noc.

pełny malwarebytes nic nie znalazł, system na razie chodzi gicior.

Troche sie przestraszyłem , bo pojawily sie różne ukryte katalogi wszedzie, np. documents and settings oznaczone kłódką, i po probie wejscia wyskakiwało odmowa dostepu cos tam cos tam, , na innych partycjach pokazały sie kosze i inne peirdoly, no ale odhaczyłem "nie pokazuj ukrytych plików" i wszystko wyglada jak poprzednio ;]

to normlane z tym folderem ukrytym d&s na dysku c?

jutro jeszcze zeskanuje pelnym doktorkiem, pozdro!

wsyzstko na razie chodzi jak w zegarku, wielkie dzięki Tomek01, jur da men.

Tomek01
komentarz
komentarz

Jakby co to zapraszam ponownie :)

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.