Arczi256 utworzono 18 listopada 2010 utworzono 18 listopada 2010 Już parę ładnych dni borykam się z problemem BOSD-a. Bardzo proszę o sprawdzenie i ewentualną pomoc BSOD wyskakuję podczas włączania gry "S4League". Nigdy wcześniej nie miałem okazji spotkać się z tym błędem. Dlatego jest to dla mnie totalna nowość i nie wiem co robić OTL [log]OTL logfile created on: 2010-11-18 14:08:39 - Run 3 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Artur\Desktop An unknown product (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 57,00% Memory free 6,00 Gb Paging File | 4,00 Gb Available in Paging File | 74,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 123,65 Gb Total Space | 68,36 Gb Free Space | 55,28% Space Free | Partition Type: NTFS Drive D: | 166,43 Gb Total Space | 23,29 Gb Free Space | 13,99% Space Free | Partition Type: NTFS Drive E: | 8,01 Gb Total Space | 7,93 Gb Free Space | 99,04% Space Free | Partition Type: NTFS Drive H: | 18,78 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: ARTUR-KOMPUTER | User Name: Artur | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2010-11-16 14:23:02 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Artur\Desktop\OTL.exe PRC - [2010-11-15 22:08:54 | 000,792,680 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NVXDSYNC.EXE PRC - [2010-11-15 18:34:52 | 003,416,968 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Emsisoft Anti-Malware\a2guard.exe PRC - [2010-11-15 18:34:27 | 002,806,000 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe PRC - [2010-11-03 20:33:59 | 000,114,688 | ---- | M] () -- d:\Program Files\PLAY ONLINE\PLAY ONLINE.exe PRC - [2010-10-28 15:54:42 | 000,311,744 | ---- | M] () -- C:\Program Files\COMODO\COMODO System-Cleaner\Cleaner_Validator.exe PRC - [2010-10-16 12:42:46 | 000,600,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe PRC - [2010-10-08 13:00:10 | 000,836,464 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe PRC - [2010-09-07 16:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2010-09-07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2010-08-30 13:53:06 | 000,075,064 | ---- | M] () -- C:\Windows\System32\PnkBstrA.exe PRC - [2010-08-21 06:32:37 | 000,316,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe PRC - [2010-05-27 21:31:22 | 001,721,640 | ---- | M] (Synaptics Incorporated) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe PRC - [2010-05-27 21:31:22 | 000,103,720 | ---- | M] (Synaptics Incorporated) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe PRC - [2010-05-14 10:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe PRC - [2010-05-08 12:48:36 | 000,229,376 | ---- | M] () -- C:\ProgramData\DatacardService\DCService.exe PRC - [2010-05-08 12:48:26 | 000,241,664 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe PRC - [2010-03-23 13:53:06 | 000,495,708 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe PRC - [2010-03-23 13:53:06 | 000,229,458 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\stacsv.exe PRC - [2009-12-01 13:37:48 | 000,322,624 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe PRC - [2009-12-01 13:37:46 | 000,842,816 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpAgent.exe PRC - [2009-10-31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009-10-28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe PRC - [2009-07-14 02:14:50 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exe PRC - [2009-07-14 02:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe PRC - [2009-07-14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe PRC - [2009-07-14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe PRC - [2009-07-14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe PRC - [2009-07-14 02:14:35 | 000,428,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe PRC - [2009-07-14 02:14:27 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\notepad.exe PRC - [2009-07-14 02:14:23 | 000,261,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe PRC - [2009-07-14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe PRC - [2009-07-14 02:14:19 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe PRC - [2009-07-14 02:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe PRC - [2009-03-02 17:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\AEstSrv.exe PRC - [2008-04-27 21:26:44 | 000,599,344 | ---- | M] (Validity Sensors, Inc.) -- C:\Windows\System32\vfsFPService.exe PRC - [2003-06-19 22:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE [color=#E56717]========== Modules (All) ==========[/color] MOD - [2010-11-16 14:23:02 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Artur\Desktop\OTL.exe MOD - [2010-11-15 18:29:18 | 000,211,432 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Emsisoft Anti-Malware\a2hooks32.dll MOD - [2010-08-21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll MOD - [2010-07-27 15:03:24 | 012,867,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll MOD - [2010-06-29 06:02:02 | 001,413,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll MOD - [2010-03-24 07:37:04 | 001,286,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll MOD - [2009-12-08 12:33:31 | 000,857,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll MOD - [2009-12-08 12:32:02 | 000,292,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll MOD - [2009-12-01 13:37:48 | 000,502,848 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpOFeedb.dll MOD - [2009-12-01 13:37:48 | 000,363,584 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpOSet.dll MOD - [2009-07-14 02:16:19 | 000,268,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll MOD - [2009-07-14 02:16:17 | 001,123,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll MOD - [2009-07-14 02:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll MOD - [2009-07-14 02:16:17 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll MOD - [2009-07-14 02:16:17 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll MOD - [2009-07-14 02:16:17 | 000,079,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll MOD - [2009-07-14 02:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll MOD - [2009-07-14 02:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll MOD - [2009-07-14 02:16:15 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll MOD - [2009-07-14 02:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll MOD - [2009-07-14 02:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll MOD - [2009-07-14 02:16:14 | 001,668,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll MOD - [2009-07-14 02:16:14 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll MOD - [2009-07-14 02:16:14 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll MOD - [2009-07-14 02:16:13 | 000,652,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll MOD - [2009-07-14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll MOD - [2009-07-14 02:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll MOD - [2009-07-14 02:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll MOD - [2009-07-14 02:16:13 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll MOD - [2009-07-14 02:16:12 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll MOD - [2009-07-14 02:16:12 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll MOD - [2009-07-14 02:16:12 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll MOD - [2009-07-14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll MOD - [2009-07-14 02:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll MOD - [2009-07-14 02:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll MOD - [2009-07-14 02:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll MOD - [2009-07-14 02:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll MOD - [2009-07-14 02:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll MOD - [2009-07-14 02:15:36 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll MOD - [2009-07-14 02:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll MOD - [2009-07-14 02:15:32 | 000,118,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll MOD - [2009-07-14 02:15:22 | 000,304,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll MOD - [2009-07-14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll MOD - [2009-07-14 02:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll MOD - [2009-07-14 02:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll MOD - [2009-07-14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll MOD - [2009-07-14 02:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll MOD - [2009-07-14 02:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll MOD - [2009-07-14 02:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll MOD - [2009-07-14 02:14:53 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll MOD - [2009-07-14 02:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx MOD - [2009-07-14 02:14:08 | 000,319,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2010-11-15 18:34:27 | 002,806,000 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware) SRV - [2010-11-14 16:54:41 | 003,019,352 | ---- | M] () [Auto | Running] -- C:/Program Files/Common Files/Akamai/netsession_win_4176eef.dll -- (Akamai) SRV - [2010-10-28 15:54:42 | 000,311,744 | ---- | M] () [Auto | Running] -- C:\Program Files\COMODO\COMODO System-Cleaner\Cleaner_Validator.exe -- (Cleaner_Validator) SRV - [2010-09-07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner) SRV - [2010-09-07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner) SRV - [2010-09-07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2010-08-08 18:21:25 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2010-05-08 12:48:36 | 000,229,376 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\DCService.exe -- (DCService.exe) SRV - [2010-03-23 13:53:06 | 000,229,458 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\stacsv.exe -- (STacSV) SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009-12-01 13:37:48 | 000,322,624 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe -- (DpHost) SRV - [2009-07-14 02:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc) SRV - [2009-07-14 02:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc) SRV - [2009-07-14 02:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power) SRV - [2009-07-14 02:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes) SRV - [2009-07-14 02:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify) SRV - [2009-07-14 02:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc) SRV - [2009-07-14 02:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper) SRV - [2009-07-14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009-07-14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009-07-14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc) SRV - [2009-07-14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc) SRV - [2009-07-14 02:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider) SRV - [2009-07-14 02:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg) SRV - [2009-07-14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2009-07-14 02:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener) SRV - [2009-07-14 02:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2009-07-14 02:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp) SRV - [2009-07-14 02:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc) SRV - [2009-07-14 02:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC) SRV - [2009-07-14 02:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) Instalator formantów ActiveX (AxInstSV) SRV - [2009-07-14 02:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc) SRV - [2009-07-14 02:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc) SRV - [2009-03-02 17:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\AEstSrv.exe -- (AESTFilters) SRV - [2008-04-27 21:26:44 | 000,599,344 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\System32\vfsFPService.exe -- (vfsFPService) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\XDva370.sys -- (XDva370) DRV - File not found [Kernel | Auto | Stopped] -- C:\Windows\System32\Drivers\DgiVecp.sys -- (DgiVecp) DRV - [2010-11-15 18:33:33 | 000,072,808 | ---- | M] (Emsi Software GmbH) [File_System | On_Demand | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2accx86.sys -- (a2acc) DRV - [2010-11-15 18:31:38 | 000,041,928 | ---- | M] (Emsi Software GmbH) [File_System | System | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2dix86.sys -- (a2injectiondriver) DRV - [2010-10-28 15:54:30 | 000,031,696 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | System | Running] -- C:\Windows\System32\drivers\CFRPD.sys -- (CFRPD) DRV - [2010-10-28 15:54:02 | 000,064,096 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | System | Running] -- C:\Windows\System32\drivers\CFRMD.sys -- (CFRMD) DRV - [2010-10-16 19:55:00 | 010,084,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2010-09-07 21:08:56 | 000,123,496 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA) DRV - [2010-09-07 15:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2010-09-07 15:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2010-09-07 15:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2010-09-07 15:47:30 | 000,050,768 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2010-09-07 15:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2010-08-25 21:24:02 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2010-05-27 21:32:58 | 000,245,936 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP) DRV - [2010-05-22 14:48:20 | 000,070,656 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator) DRV - [2010-05-05 09:40:32 | 000,011,776 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2util32.sys -- (a2util) DRV - [2010-04-30 16:52:06 | 000,206,336 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ewusbnet.sys -- (ewusbnet) DRV - [2010-03-25 10:08:38 | 000,105,984 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2010-03-23 13:53:06 | 000,423,424 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA) DRV - [2010-03-20 11:56:04 | 000,101,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev) DRV - [2010-01-13 15:36:40 | 006,755,840 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5s32.sys -- (NETw5s32) Sterownik karty Intel(R) DRV - [2009-12-11 08:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg) DRV - [2009-07-14 02:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide) DRV - [2009-07-14 02:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci) DRV - [2009-07-14 02:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx) DRV - [2009-07-14 02:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs) DRV - [2009-07-14 02:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320) DRV - [2009-07-14 02:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas) DRV - [2009-07-14 02:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata) DRV - [2009-07-14 02:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc) DRV - [2009-07-14 02:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata) DRV - [2009-07-14 02:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide) DRV - [2009-07-14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor) DRV - [2009-07-14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid) DRV - [2009-07-14 02:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960) DRV - [2009-07-14 02:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS) DRV - [2009-07-14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV) DRV - [2009-07-14 02:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR) DRV - [2009-07-14 02:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI) DRV - [2009-07-14 02:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC) DRV - [2009-07-14 02:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2) DRV - [2009-07-14 02:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp) DRV - [2009-07-14 02:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas) DRV - [2009-07-14 02:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy) DRV - [2009-07-14 02:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor) DRV - [2009-07-14 02:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx) DRV - [2009-07-14 02:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD) DRV - [2009-07-14 02:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends) DRV - [2009-07-14 02:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid) DRV - [2009-07-14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus) DRV - [2009-07-14 02:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp) DRV - [2009-07-14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt) DRV - [2009-07-14 02:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot) DRV - [2009-07-14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc) DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount) DRV - [2009-07-14 02:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide) DRV - [2009-07-14 02:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300) DRV - [2009-07-14 02:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost) DRV - [2009-07-14 02:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx) DRV - [2009-07-14 02:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4) DRV - [2009-07-14 02:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw) DRV - [2009-07-14 02:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2) DRV - [2009-07-14 02:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor) DRV - [2009-07-14 02:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG) DRV - [2009-07-14 01:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2009-07-14 01:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rdpbus.sys -- (rdpbus) DRV - [2009-07-14 01:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP) DRV - [2009-07-14 00:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2) DRV - [2009-07-14 00:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf) DRV - [2009-07-14 00:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap) DRV - [2009-07-14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp) DRV - [2009-07-14 00:52:04 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vwififlt.sys -- (vwififlt) DRV - [2009-07-14 00:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus) DRV - [2009-07-14 00:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\1394ohci.sys -- (1394ohci) DRV - [2009-07-14 00:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass) DRV - [2009-07-14 00:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf) DRV - [2009-07-14 00:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig) DRV - [2009-07-14 00:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus) DRV - [2009-07-14 00:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID) DRV - [2009-07-14 00:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter) DRV - [2009-07-14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap) DRV - [2009-07-14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID) DRV - [2009-07-14 00:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache) DRV - [2009-07-14 00:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi) DRV - [2009-07-14 00:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM) DRV - [2009-07-13 23:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2009-07-13 23:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm) DRV - [2009-07-13 23:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer) DRV - [2009-07-13 23:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm) DRV - [2009-07-13 23:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo) DRV - [2009-07-13 23:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp) DRV - [2009-07-13 23:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Sterownik karty Intel(R) DRV - [2009-07-13 23:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x) DRV - [2009-07-13 23:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv) DRV - [2009-07-13 23:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv) DRV - [2009-03-23 07:58:36 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dc3d.sys -- (dc3d) DRV - [2009-03-01 22:05:32 | 000,139,776 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rt86win7.sys -- (RTL8167) DRV - [2008-07-20 18:53:02 | 000,100,184 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR) DRV - [2008-04-28 09:54:58 | 000,054,784 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\enecir.sys -- (enecir) DRV - [2008-04-27 21:27:10 | 000,040,752 | ---- | M] (Validity Sensors, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vfs101x.sys -- (vfs101x) DRV - [2008-01-03 21:50:22 | 000,005,120 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SSPORT.SYS -- (SSPORT) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files\DigitalPersona\Bin\FirefoxExt\ [2010-11-17 14:35:41 | 000,000,000 | ---D | M] O1 HOSTS File: ([2009-06-10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (DigitalPersona Personal Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.) O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SKYPEIEPLUGIN.DLL (Skype Technologies S.A.) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O4 - HKLM..\Run: [a-squared] C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2guard.exe (Emsi Software GmbH) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\DpAgent.exe (DigitalPersona, Inc.) O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.) O4 - HKCU..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SKYPEIEPLUGIN.DLL (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SKYPEIEPLUGIN.DLL (Skype Technologies S.A.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SKYPEIEPLUGIN.DLL (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-06-10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2010-05-10 12:48:36 | 000,126,976 | R--- | M] () - H:\AutoRun.exe -- [ CDFS ] O32 - AutoRun File - [2008-03-07 01:34:52 | 000,000,047 | R--- | M] () - H:\AUTORUN.INF -- [ CDFS ] O33 - MountPoints2\{30ce7deb-b087-11df-972b-002186b24436}\Shell - "" = AutoRun O33 - MountPoints2\{30ce7deb-b087-11df-972b-002186b24436}\Shell\AutoRun\command - "" = G:\setup.exe -- File not found O33 - MountPoints2\{6cda2e14-e7a0-11df-93b6-001eeceb08c3}\Shell - "" = AutoRun O33 - MountPoints2\{6cda2e14-e7a0-11df-93b6-001eeceb08c3}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2010-05-10 12:48:36 | 000,126,976 | R--- | M] () O33 - MountPoints2\{6e73b50e-a9d6-11df-acf7-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{6e73b50e-a9d6-11df-acf7-806e6f6e6963}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found O33 - MountPoints2\{6e73b520-a9d6-11df-acf7-001eeceb08c3}\Shell - "" = AutoRun O33 - MountPoints2\{6e73b520-a9d6-11df-acf7-001eeceb08c3}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2010-05-10 12:48:36 | 000,126,976 | R--- | M] () O33 - MountPoints2\{90abe8f6-a456-11df-9a77-001eeceb08c3}\Shell - "" = AutoRun O33 - MountPoints2\{90abe8f6-a456-11df-9a77-001eeceb08c3}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2010-05-10 12:48:36 | 000,126,976 | R--- | M] () O33 - MountPoints2\{943570f2-c939-11df-b9cd-001eeceb08c3}\Shell - "" = AutoRun O33 - MountPoints2\{943570f2-c939-11df-b9cd-001eeceb08c3}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2010-05-10 12:48:36 | 000,126,976 | R--- | M] () O33 - MountPoints2\{94357141-c939-11df-b9cd-001eeceb08c3}\Shell - "" = AutoRun O33 - MountPoints2\{94357141-c939-11df-b9cd-001eeceb08c3}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2010-05-10 12:48:36 | 000,126,976 | R--- | M] () O33 - MountPoints2\{94357145-c939-11df-b9cd-001eeceb08c3}\Shell - "" = AutoRun O33 - MountPoints2\{94357145-c939-11df-b9cd-001eeceb08c3}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2010-05-10 12:48:36 | 000,126,976 | R--- | M] () O33 - MountPoints2\{a083fa6e-a8a2-11df-bb6d-001eeceb08c3}\Shell - "" = AutoRun O33 - MountPoints2\{a083fa6e-a8a2-11df-bb6d-001eeceb08c3}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2010-05-10 12:48:36 | 000,126,976 | R--- | M] () O33 - MountPoints2\{cb848071-d88f-11df-86b8-001eeceb08c3}\Shell - "" = AutoRun O33 - MountPoints2\{cb848071-d88f-11df-86b8-001eeceb08c3}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2010-05-10 12:48:36 | 000,126,976 | R--- | M] () O33 - MountPoints2\{ce81afb7-e811-11df-a2d5-001e101f7f74}\Shell - "" = AutoRun O33 - MountPoints2\{ce81afb7-e811-11df-a2d5-001e101f7f74}\Shell\AutoRun\command - "" = I:\AutoRun.exe -- File not found O33 - MountPoints2\{cfb92d32-e780-11df-bf92-001eeceb08c3}\Shell - "" = AutoRun O33 - MountPoints2\{cfb92d32-e780-11df-bf92-001eeceb08c3}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2010-05-10 12:48:36 | 000,126,976 | R--- | M] () O33 - MountPoints2\{cfb92d43-e780-11df-bf92-001eeceb08c3}\Shell - "" = AutoRun O33 - MountPoints2\{cfb92d43-e780-11df-bf92-001eeceb08c3}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2010-05-10 12:48:36 | 000,126,976 | R--- | M] () O33 - MountPoints2\G\Shell - "" = AutoRun O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found O33 - MountPoints2\H\Shell - "" = AutoRun O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2010-05-10 12:48:36 | 000,126,976 | R--- | M] () O33 - MountPoints2\I\Shell - "" = AutoRun O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\AutoRun.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2010-11-18 13:49:02 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro [2010-11-18 13:49:01 | 000,000,000 | ---D | C] -- C:\rsit [2010-11-17 17:13:29 | 000,000,000 | ---D | C] -- C:\_OTL [2010-11-17 14:57:55 | 000,000,000 | ---D | C] -- C:\symbols [2010-11-17 14:53:23 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Windows Performance Toolkit [2010-11-17 14:52:47 | 000,000,000 | ---D | C] -- C:\Program Files\Debugging Tools for Windows (x86) [2010-11-17 14:52:30 | 000,000,000 | ---D | C] -- C:\Program Files\Application Verifier [2010-11-17 14:35:51 | 000,000,000 | ---D | C] -- C:\Windows\System32\tr [2010-11-17 14:35:51 | 000,000,000 | ---D | C] -- C:\Windows\System32\sv [2010-11-17 14:35:51 | 000,000,000 | ---D | C] -- C:\Windows\System32\ru [2010-11-17 14:35:51 | 000,000,000 | ---D | C] -- C:\Windows\System32\no [2010-11-17 14:35:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\da [2010-11-17 14:35:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\ko [2010-11-17 14:35:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\ja [2010-11-17 14:35:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\it [2010-11-17 14:35:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\fr [2010-11-17 14:35:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\es [2010-11-17 14:35:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\de [2010-11-17 14:35:41 | 000,000,000 | ---D | C] -- C:\Windows\DPDrv [2010-11-17 14:34:29 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2010-11-17 14:18:50 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SDKs [2010-11-16 16:35:30 | 000,000,000 | ---D | C] -- C:\Users\Artur\AppData\Roaming\Macrovision [2010-11-16 16:34:27 | 000,000,000 | ---D | C] -- C:\Users\Artur\AppData\Roaming\DigitalPersona [2010-11-16 16:34:27 | 000,000,000 | ---D | C] -- C:\Users\Artur\AppData\Local\DigitalPersona [2010-11-16 16:07:08 | 000,000,000 | ---D | C] -- C:\Users\Artur\AppData\Local\Programs [2010-11-16 16:04:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Macrovision [2010-11-16 16:04:52 | 000,000,000 | ---D | C] -- C:\Program Files\DigitalPersona [2010-11-16 16:02:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations [2010-11-16 14:21:57 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Artur\Desktop\OTL.exe [2010-11-15 23:18:21 | 000,000,000 | ---D | C] -- C:\Program Files\sp45082 [2010-11-15 19:15:08 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys [2010-11-15 18:21:20 | 000,000,000 | ---D | C] -- C:\Program Files\Emsisoft Anti-Malware [2010-11-15 18:21:20 | 000,000,000 | ---D | C] -- C:\Users\Artur\Documents\Anti-Malware [2010-11-15 17:36:25 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation [2010-11-15 17:35:52 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll [2010-11-14 20:45:27 | 000,000,000 | ---D | C] -- C:\Program Files\alaplaya [2010-11-14 20:18:31 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2010-11-14 16:54:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Akamai [2010-11-12 13:24:01 | 000,000,000 | ---D | C] -- C:\Program Files\Core Temp [2010-11-12 00:45:48 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler [2010-11-11 13:49:25 | 000,000,000 | ---D | C] -- C:\Users\Artur\AppData\Roaming\ImgBurn [2010-11-10 22:19:10 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO [2010-11-10 18:49:27 | 000,000,000 | ---D | C] -- C:\Program Files\Simnet [2010-11-07 02:07:12 | 000,000,000 | ---D | C] -- C:\Users\Artur\AppData\Roaming\skypePM [2010-11-07 02:04:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2010-11-07 02:04:09 | 000,000,000 | R--D | C] -- C:\Program Files\Skype [2010-11-07 02:04:06 | 000,000,000 | ---D | C] -- C:\Users\Artur\AppData\Roaming\Skype [2010-11-07 02:03:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2010-11-03 20:34:24 | 000,167,936 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_juwwanecm.sys [2010-11-03 20:34:24 | 000,070,656 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jubusenum.sys [2010-11-03 20:34:24 | 000,069,632 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jucdcacm.sys [2010-11-03 20:34:24 | 000,051,584 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jucdcecm.sys [2010-11-03 20:34:24 | 000,026,880 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_juextctrl.sys [2010-11-03 20:34:16 | 000,206,336 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbnet.sys [2010-11-03 20:34:16 | 000,105,984 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbmdm.sys [2010-11-03 20:34:16 | 000,027,136 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\Windows\System32\drivers\ewdcsc.sys [2010-11-03 20:34:16 | 000,011,136 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_usbenumfilter.sys [2010-11-03 20:34:08 | 000,101,504 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_hwusbdev.sys [2010-11-03 20:32:27 | 000,000,000 | ---D | C] -- C:\ProgramData\DatacardService [2010-10-31 12:50:48 | 000,000,000 | ---D | C] -- C:\Users\Artur\Desktop\Nowy folder (6) [2010-10-28 15:54:30 | 000,031,696 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\System32\drivers\CFRPD.sys [2010-10-28 15:54:02 | 000,064,096 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\System32\drivers\CFRMD.sys [2010-10-21 21:58:46 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack [2010-10-21 21:56:44 | 000,000,000 | ---D | C] -- C:\Program Files\3gp Player [2010-10-17 11:17:44 | 000,000,000 | ---D | C] -- C:\Users\Artur\Desktop\360 Waves Patcher 1.2.2 [2010-10-16 16:33:13 | 000,000,000 | RH-D | C] -- C:\Users\Artur\AppData\Roaming\SecuROM [2010-10-14 16:15:27 | 000,000,000 | ---D | C] -- C:\Users\Artur\AppData\Local\MetaGeek,_LLC [2010-10-14 16:12:41 | 000,000,000 | ---D | C] -- C:\Program Files\MetaGeek [2010-10-14 09:29:25 | 000,000,000 | ---D | C] -- C:\Users\Artur\Desktop\Nowy folder (5) [2010-09-30 21:20:13 | 000,204,800 | ---- | C] (SEC) -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvcm.dll [2010-09-30 21:20:12 | 000,151,552 | ---- | C] (SS) -- C:\Windows\System32\sse1mci.exe [2010-09-30 21:20:12 | 000,151,552 | ---- | C] (SS) -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\coinst.exe [2010-09-30 21:20:12 | 000,065,536 | ---- | C] (SS) -- C:\Windows\System32\sse1mci.dll [2010-09-30 21:20:12 | 000,065,536 | ---- | C] (SS) -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\coinst.dll [2010-09-30 21:20:12 | 000,005,120 | ---- | C] (Samsung Electronics) -- C:\Windows\System32\drivers\SSPORT.SYS [2010-09-30 21:20:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series [2010-09-30 21:20:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\Samsung [2010-09-30 21:20:10 | 000,000,000 | ---D | C] -- C:\Program Files\Samsung [2010-09-30 21:20:07 | 000,000,000 | ---D | C] -- C:\Temp [2010-09-28 14:03:19 | 000,000,000 | ---D | C] -- C:\Program Files\Ubi Soft [2010-09-28 13:23:13 | 000,000,000 | ---D | C] -- C:\Users\Artur\AppData\Roaming\ubi.com [2010-09-28 13:23:08 | 000,000,000 | ---D | C] -- C:\Program Files\ubi.com [2010-09-28 13:23:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PocketSoft [2010-09-26 20:01:56 | 000,000,000 | ---D | C] -- C:\Program Files\ImgBurn [2010-09-26 19:48:44 | 000,000,000 | ---D | C] -- C:\Users\Artur\AppData\Roaming\abgx360 [2010-09-26 19:12:42 | 000,000,000 | ---D | C] -- C:\Program Files\abgx360 [2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2010-11-18 14:26:29 | 002,097,152 | -HS- | M] () -- C:\Users\Artur\NTUSER.DAT [2010-11-18 14:24:40 | 000,043,895 | ---- | M] () -- C:\Users\Artur\Desktop\zakładki 2010-10-17.adr [2010-11-18 13:49:57 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempZN2824.html [2010-11-18 13:48:50 | 000,339,991 | ---- | M] () -- C:\Users\Artur\Desktop\RSIT.exe [2010-11-18 13:31:45 | 000,014,976 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010-11-18 13:31:45 | 000,014,976 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010-11-18 13:30:46 | 001,549,696 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2010-11-18 13:30:46 | 000,697,912 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2010-11-18 13:30:46 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010-11-18 13:30:46 | 000,134,990 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2010-11-18 13:30:46 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010-11-18 13:24:02 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010-11-18 13:23:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010-11-18 13:23:33 | 2413,522,944 | -HS- | M] () -- C:\hiberfil.sys [2010-11-17 23:10:55 | 000,024,338 | ---- | M] () -- C:\Windows\cscmondump.bin [2010-11-17 23:10:46 | 000,703,242 | ---- | M] () -- C:\Windows\CSC_ServiceDump.dat [2010-11-17 23:10:46 | 000,001,616 | ---- | M] () -- C:\Windows\CSC_ActiveCleanLog.dat [2010-11-17 23:10:39 | 009,186,233 | -H-- | M] () -- C:\Users\Artur\AppData\Local\IconCache.db [2010-11-17 22:19:00 | 000,000,450 | ---- | M] () -- C:\Windows\tasks\COMODO Updater.job [2010-11-17 17:04:05 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempUn2700.html [2010-11-17 15:21:37 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempWs1704.html [2010-11-17 15:21:37 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempZj1704.html [2010-11-17 14:36:48 | 000,000,179 | ---- | M] () -- C:\Windows\{8D4B1164-3935-44B2-9152-D0CB0AFBCCF4}.ini [2010-11-17 14:36:48 | 000,000,000 | ---- | M] () -- C:\Windows\System32\{8D4B1164-3935-44B2-9152-D0CB0AFBCCF4}.ini [2010-11-16 23:21:47 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempSP2164.html [2010-11-16 23:21:47 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempDD2164.html [2010-11-16 21:59:03 | 312,339,882 | ---- | M] () -- C:\Windows\MEMORY.DMP [2010-11-16 21:45:01 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempKc1936.html [2010-11-16 21:45:01 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempxf1936.html [2010-11-16 16:35:35 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempjm2368.html [2010-11-16 16:35:35 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempMo2368.html [2010-11-16 15:55:13 | 000,000,125 | ---- | M] () -- C:\Windows\xUninstall.bat [2010-11-16 14:42:06 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempZv2056.html [2010-11-16 14:23:02 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Artur\Desktop\OTL.exe [2010-11-15 19:15:29 | 000,001,118 | ---- | M] () -- C:\Users\Artur\Desktop\EVEREST Ultimate Edition.lnk [2010-11-15 18:53:11 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TemprcN520.html [2010-11-15 18:22:25 | 000,000,993 | ---- | M] () -- C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk [2010-11-15 17:59:17 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempHw2120.html [2010-11-15 17:59:17 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempGE2120.html [2010-11-15 17:54:23 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempjB2184.html [2010-11-15 17:54:23 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempEc2184.html [2010-11-15 17:51:40 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempQK3268.html [2010-11-15 17:51:40 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempyD3268.html [2010-11-15 15:03:15 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempOdM404.html [2010-11-15 15:03:15 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempmmj404.html [2010-11-14 22:38:43 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempmr1288.html [2010-11-14 22:38:43 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempgN1288.html [2010-11-14 21:33:28 | 000,000,428 | ---- | M] () -- C:\Users\Artur\AppData\Roaming\Network Monitor II_Settings.ini [2010-11-14 21:08:40 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempfw2052.html [2010-11-14 21:08:40 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempoc2052.html [2010-11-14 20:49:20 | 000,001,768 | ---- | M] () -- C:\Users\Public\Desktop\S4League.lnk [2010-11-14 20:40:10 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempPj2308.html [2010-11-14 20:40:10 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempoF2308.html [2010-11-14 20:26:12 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempFD1392.html [2010-11-14 20:20:50 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempxyV604.html [2010-11-14 20:20:50 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempFSW604.html [2010-11-14 17:36:16 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempoa2192.html [2010-11-14 17:11:58 | 000,001,251 | ---- | M] () -- C:\Users\Artur\AppData\Roaming\System Monitor II_Settings.ini [2010-11-14 17:11:39 | 000,000,363 | ---- | M] () -- C:\Users\Artur\AppData\Roaming\GPU Monitor_Settings.ini [2010-11-14 16:53:56 | 000,129,521 | ---- | M] () -- C:\Users\Artur\Desktop\S4_Downloader.exe [2010-11-14 00:02:35 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Temprk2200.html [2010-11-12 17:53:53 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Templj3136.html [2010-11-12 17:53:53 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempLP3136.html [2010-11-12 15:20:19 | 010,211,112 | ---- | M] () -- C:\Users\Artur\Desktop\12. Enrique Iglesias Nicole Scherzinger - Heartbeat.mp3.mp3 [2010-11-12 02:17:43 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempNn2212.html [2010-11-11 14:44:47 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TemptS2640.html [2010-11-11 14:44:47 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempCw2640.html [2010-11-11 00:25:23 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempmW2092.html [2010-11-11 00:25:23 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempTV2092.html [2010-11-10 18:58:13 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempNj2936.html [2010-11-10 18:58:13 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempkQ2936.html [2010-11-08 23:57:39 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempjt1260.html [2010-11-08 23:57:39 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempmU1260.html [2010-11-08 22:35:41 | 000,019,968 | ---- | M] () -- C:\Users\Artur\Desktop\Nowy Dokument programu Microsoft Word (3).doc [2010-11-07 23:17:16 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Templd2252.html [2010-11-07 23:17:16 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempiB2252.html [2010-11-07 14:59:18 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempYo2328.html [2010-11-07 02:07:26 | 000,000,056 | -H-- | M] () -- C:\Windows\System32\ezsidmv.dat [2010-11-07 02:06:02 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempGS5436.html [2010-11-07 00:48:58 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempDe4884.html [2010-11-06 21:05:48 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempoi3392.html [2010-11-06 19:14:33 | 000,001,343 | ---- | M] () -- C:\Users\Artur\Desktop\YT2 — skrót.lnk [2010-11-06 00:43:31 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempIS3156.html [2010-11-06 00:43:31 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempCb3156.html [2010-11-05 15:00:43 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempKi1600.html [2010-11-05 15:00:43 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempdn1600.html [2010-11-04 22:55:31 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempKn4272.html [2010-11-04 22:55:31 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempsG4272.html [2010-11-04 00:20:40 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempaL1992.html [2010-11-04 00:20:40 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempJT1992.html [2010-11-04 00:07:00 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempNcI452.html [2010-11-04 00:07:00 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempBvz452.html [2010-11-03 20:34:30 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ew_jubusenum_01009.Wdf [2010-11-03 16:38:37 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempaqS404.html [2010-11-03 16:38:37 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempjpc404.html [2010-11-02 22:32:40 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempZe1584.html [2010-11-02 22:32:40 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempAK1584.html [2010-11-02 21:49:29 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempFj7360.html [2010-11-02 21:49:29 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempaG7360.html [2010-11-02 15:38:35 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempWZ1976.html [2010-11-01 22:46:19 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempiv1604.html [2010-11-01 22:46:19 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempGl1604.html [2010-11-01 10:17:19 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempPK1396.html [2010-11-01 10:17:19 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempHB1396.html [2010-11-01 01:15:27 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempkQ5152.html [2010-11-01 01:15:27 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempyD5152.html [2010-10-31 22:30:12 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempCfl428.html [2010-10-31 00:26:22 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempY11140.html [2010-10-31 00:26:22 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempM11140.html [2010-10-30 22:14:57 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempKrU364.html [2010-10-30 22:14:57 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempzHD364.html [2010-10-29 21:55:35 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempT23260.html [2010-10-29 21:55:35 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempr23260.html [2010-10-28 22:01:56 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempr38984.html [2010-10-28 22:01:56 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempN38984.html [2010-10-28 15:54:30 | 000,031,696 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\Windows\System32\drivers\CFRPD.sys [2010-10-28 15:54:02 | 000,064,096 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\Windows\System32\drivers\CFRMD.sys [2010-10-27 21:38:10 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempM20272.html [2010-10-26 22:29:18 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempDg2352.html [2010-10-26 22:29:18 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempaW2352.html [2010-10-25 21:00:00 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempgL2396.html [2010-10-25 16:47:54 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempEY1740.html [2010-10-25 16:47:54 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempRx1740.html [2010-10-24 21:47:22 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempFs1672.html [2010-10-23 23:41:07 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempo28316.html [2010-10-23 23:41:07 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempq28316.html [2010-10-23 15:51:13 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempwd2992.html [2010-10-22 22:31:44 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempwV2352.html [2010-10-22 22:31:44 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempKw2352.html [2010-10-21 21:56:48 | 000,000,036 | -H-- | M] () -- C:\Windows\System32\swk.ini [2010-10-21 21:54:40 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempj86412.html [2010-10-20 23:26:02 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempTz2284.html [2010-10-20 23:26:02 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempfM2284.html [2010-10-20 22:07:18 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempCx2952.html [2010-10-20 22:07:18 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempYi2952.html [2010-10-19 22:36:40 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempPl6900.html [2010-10-19 22:36:40 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempRj6900.html [2010-10-18 22:45:01 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempw20308.html [2010-10-18 22:45:01 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Temph20308.html [2010-10-18 16:53:44 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempYK2744.html [2010-10-17 22:06:15 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempiU2692.html [2010-10-17 22:06:15 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempJj2692.html [2010-10-16 22:51:15 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempv26128.html [2010-10-16 22:51:15 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempA26128.html [2010-10-16 19:55:00 | 000,057,960 | ---- | M] (Khronos Group) -- C:\Windows\System32\OpenCL.dll [2010-10-16 19:55:00 | 000,004,962 | ---- | M] () -- C:\Windows\System32\nvinfo.pb [2010-10-16 12:55:43 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempKs2856.html [2010-10-15 23:41:31 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempCy2636.html [2010-10-15 23:41:31 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempwa2636.html [2010-10-15 16:56:06 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempQe3144.html [2010-10-15 16:56:06 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempUf3144.html [2010-10-14 22:27:50 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempTA3172.html [2010-10-14 22:27:50 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempPy3172.html [2010-10-14 09:33:53 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempLP3076.html [2010-10-14 09:33:53 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempxw3076.html [2010-10-14 09:26:14 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempZj2984.html [2010-10-14 09:26:14 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempOk2984.html [2010-10-13 23:01:29 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempgR3020.html [2010-10-13 23:01:29 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempTi3020.html [2010-10-13 22:52:29 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempW14100.html [2010-10-13 22:52:29 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempL14100.html [2010-10-13 13:35:43 | 000,409,288 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010-10-13 13:33:50 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Temprt1800.html [2010-10-13 13:33:50 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempbz1800.html [2010-10-13 13:05:09 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempfA2460.html [2010-10-13 12:48:19 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempeh3140.html [2010-10-13 12:48:19 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempeu3140.html [2010-10-12 22:22:29 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Templ92180.html [2010-10-12 22:22:29 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempV92180.html [2010-10-12 18:33:44 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempJI3184.html [2010-10-11 22:37:22 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempKe2328.html [2010-10-11 22:37:22 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempiV2328.html [2010-10-11 17:17:51 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempJO3208.html [2010-10-10 20:58:43 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempaU5804.html [2010-10-10 10:44:39 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempPOY320.html [2010-10-09 22:33:39 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempUY3492.html [2010-10-09 14:15:32 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempHd3028.html [2010-10-09 09:09:10 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempfV3108.html [2010-10-09 09:09:10 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempeP3108.html [2010-10-07 21:23:22 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempzz2652.html [2010-10-07 21:23:22 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempWB2652.html [2010-10-07 15:11:48 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempoX3204.html [2010-10-06 21:49:04 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempo18344.html [2010-10-06 17:04:29 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempud2980.html [2010-10-05 22:46:45 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempFw3972.html [2010-10-05 22:46:45 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempdi3972.html [2010-10-05 18:35:22 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempzx2836.html [2010-10-05 18:35:22 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempCE2836.html [2010-10-05 17:50:10 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempYs3208.html [2010-10-05 17:50:10 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TemplD3208.html [2010-10-05 15:04:42 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempIc3032.html [2010-10-05 15:04:41 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempwY3032.html [2010-10-05 14:34:44 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempLo3140.html [2010-10-05 07:08:04 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempxO3188.html [2010-10-05 07:08:04 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Temphb3188.html [2010-10-04 22:36:02 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempT99548.html [2010-10-04 22:36:02 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempg99548.html [2010-10-03 20:51:33 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Temptt2908.html [2010-10-01 16:22:59 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempjW2960.html [2010-10-01 16:22:59 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempsp2960.html [2010-09-30 21:45:03 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempJw2944.html [2010-09-29 23:33:47 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempp21664.html [2010-09-29 23:33:47 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempI21664.html [2010-09-29 22:27:26 | 000,026,112 | ---- | M] () -- C:\Users\Artur\Desktop\Nowy Dokument programu Microsoft Word (2).doc [2010-09-29 19:17:02 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TemppZ2740.html [2010-09-28 21:52:37 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempGz3024.html [2010-09-28 21:52:37 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempLD3024.html [2010-09-28 13:23:42 | 000,000,000 | ---- | M] () -- C:\Windows\PowerReg.dat [2010-09-26 21:44:36 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempps3028.html [2010-09-26 21:44:36 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempdl3028.html [2010-09-25 23:19:00 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempBv2880.html [2010-09-25 23:19:00 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempoK2880.html [2010-09-24 22:25:49 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempIn5208.html [2010-09-24 22:25:49 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempaB5208.html [2010-09-24 20:52:35 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempwM2892.html [2010-09-24 15:10:12 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempZg3052.html [2010-09-24 15:10:12 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempnV3052.html [2010-09-23 22:20:34 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Temp143576.html [2010-09-23 22:20:34 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempa43576.html [2010-09-23 14:03:32 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempPd3040.html [2010-09-22 22:30:13 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempce3144.html [2010-09-22 22:30:13 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempTb3144.html [2010-09-22 16:47:38 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempDl3004.html [2010-09-22 16:47:38 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempNi3004.html [2010-09-21 21:38:52 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempE11968.html [2010-09-21 21:38:52 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempU11968.html [2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-11-18 14:17:14 | 000,043,895 | ---- | C] () -- C:\Users\Artur\Desktop\zakładki 2010-10-17.adr [2010-11-18 13:48:50 | 000,339,991 | ---- | C] () -- C:\Users\Artur\Desktop\RSIT.exe [2010-11-18 13:25:10 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempZN2824.html [2010-11-17 15:24:38 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempUn2700.html [2010-11-17 14:36:48 | 000,000,179 | ---- | C] () -- C:\Windows\{8D4B1164-3935-44B2-9152-D0CB0AFBCCF4}.ini [2010-11-17 14:36:48 | 000,000,000 | ---- | C] () -- C:\Windows\System32\{8D4B1164-3935-44B2-9152-D0CB0AFBCCF4}.ini [2010-11-17 14:07:13 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempWs1704.html [2010-11-17 14:07:13 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempZj1704.html [2010-11-16 22:00:43 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempSP2164.html [2010-11-16 22:00:43 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempDD2164.html [2010-11-16 21:45:01 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempKc1936.html [2010-11-16 21:45:01 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempxf1936.html [2010-11-16 16:35:35 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempjm2368.html [2010-11-16 16:35:35 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempMo2368.html [2010-11-16 12:35:14 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempZv2056.html [2010-11-15 19:15:29 | 000,001,118 | ---- | C] () -- C:\Users\Artur\Desktop\EVEREST Ultimate Edition.lnk [2010-11-15 18:22:25 | 000,000,993 | ---- | C] () -- C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk [2010-11-15 18:10:31 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TemprcN520.html [2010-11-15 17:59:17 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempHw2120.html [2010-11-15 17:59:17 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempGE2120.html [2010-11-15 17:54:23 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempjB2184.html [2010-11-15 17:54:23 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempEc2184.html [2010-11-15 17:35:52 | 000,004,962 | ---- | C] () -- C:\Windows\System32\nvinfo.pb [2010-11-15 17:11:40 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempQK3268.html [2010-11-15 17:11:40 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempyD3268.html [2010-11-15 15:03:15 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempOdM404.html [2010-11-15 15:03:15 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempmmj404.html [2010-11-14 21:14:16 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempmr1288.html [2010-11-14 21:14:16 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempgN1288.html [2010-11-14 21:08:40 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempfw2052.html [2010-11-14 21:08:40 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempoc2052.html [2010-11-14 20:49:20 | 000,001,768 | ---- | C] () -- C:\Users\Public\Desktop\S4League.lnk [2010-11-14 20:40:10 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempPj2308.html [2010-11-14 20:40:10 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempoF2308.html [2010-11-14 20:24:38 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempFD1392.html [2010-11-14 20:20:16 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempxyV604.html [2010-11-14 20:20:16 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempFSW604.html [2010-11-14 20:18:15 | 312,339,882 | ---- | C] () -- C:\Windows\MEMORY.DMP [2010-11-14 17:13:42 | 000,000,428 | ---- | C] () -- C:\Users\Artur\AppData\Roaming\Network Monitor II_Settings.ini [2010-11-14 16:53:56 | 000,129,521 | ---- | C] () -- C:\Users\Artur\Desktop\S4_Downloader.exe [2010-11-14 14:40:35 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempoa2192.html [2010-11-13 23:05:07 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temprk2200.html [2010-11-12 15:18:04 | 010,211,112 | ---- | C] () -- C:\Users\Artur\Desktop\12. Enrique Iglesias Nicole Scherzinger - Heartbeat.mp3.mp3 [2010-11-12 13:22:40 | 000,000,363 | ---- | C] () -- C:\Users\Artur\AppData\Roaming\GPU Monitor_Settings.ini [2010-11-12 11:40:16 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Templj3136.html [2010-11-12 11:40:16 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempLP3136.html [2010-11-12 00:40:58 | 000,001,251 | ---- | C] () -- C:\Users\Artur\AppData\Roaming\System Monitor II_Settings.ini [2010-11-12 00:25:10 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempNn2212.html [2010-11-11 11:21:44 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TemptS2640.html [2010-11-11 11:21:44 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempCw2640.html [2010-11-11 00:25:50 | 000,024,338 | ---- | C] () -- C:\Windows\cscmondump.bin [2010-11-11 00:25:29 | 000,703,242 | ---- | C] () -- C:\Windows\CSC_ServiceDump.dat [2010-11-11 00:25:29 | 000,001,616 | ---- | C] () -- C:\Windows\CSC_ActiveCleanLog.dat [2010-11-10 22:19:27 | 000,000,450 | ---- | C] () -- C:\Windows\tasks\COMODO Updater.job [2010-11-10 21:53:41 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempmW2092.html [2010-11-10 21:53:41 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempTV2092.html [2010-11-10 15:05:07 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempNj2936.html [2010-11-10 15:05:07 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempkQ2936.html [2010-11-08 22:28:03 | 000,019,968 | ---- | C] () -- C:\Users\Artur\Desktop\Nowy Dokument programu Microsoft Word (3).doc [2010-11-08 15:10:36 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempjt1260.html [2010-11-08 15:10:36 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempmU1260.html [2010-11-07 20:01:52 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Templd2252.html [2010-11-07 20:01:52 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempiB2252.html [2010-11-07 11:53:41 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempYo2328.html [2010-11-07 02:07:26 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat [2010-11-07 01:35:43 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempGS5436.html [2010-11-06 22:36:25 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempDe4884.html [2010-11-06 19:14:33 | 000,001,343 | ---- | C] () -- C:\Users\Artur\Desktop\YT2 — skrót.lnk [2010-11-06 09:51:01 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempoi3392.html [2010-11-05 16:02:15 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempIS3156.html [2010-11-05 16:02:15 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempCb3156.html [2010-11-05 15:00:43 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempKi1600.html [2010-11-05 15:00:43 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempdn1600.html [2010-11-04 21:56:58 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempKn4272.html [2010-11-04 21:56:58 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempsG4272.html [2010-11-04 00:17:43 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempaL1992.html [2010-11-04 00:17:43 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempJT1992.html [2010-11-03 20:34:30 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ew_jubusenum_01009.Wdf [2010-11-03 20:31:06 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempNcI452.html [2010-11-03 20:31:06 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempBvz452.html [2010-11-03 14:30:55 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempaqS404.html [2010-11-03 14:30:55 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempjpc404.html [2010-11-02 22:07:03 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempZe1584.html [2010-11-02 22:07:03 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempAK1584.html [2010-11-02 20:27:41 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempFj7360.html [2010-11-02 20:27:41 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempaG7360.html [2010-11-02 13:03:36 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempWZ1976.html [2010-11-01 12:14:09 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempiv1604.html [2010-11-01 12:14:09 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempGl1604.html [2010-11-01 08:57:01 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempPK1396.html [2010-11-01 08:57:01 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempHB1396.html [2010-11-01 01:15:07 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempkQ5152.html [2010-11-01 01:15:07 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempyD5152.html [2010-10-31 12:27:40 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempCfl428.html [2010-10-31 00:26:08 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempY11140.html [2010-10-31 00:26:08 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempM11140.html [2010-10-30 09:29:27 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempKrU364.html [2010-10-30 09:29:27 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempzHD364.html [2010-10-29 21:29:07 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempT23260.html [2010-10-29 21:29:07 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempr23260.html [2010-10-28 19:57:02 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempr38984.html [2010-10-28 19:57:02 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempN38984.html [2010-10-27 20:53:31 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempM20272.html [2010-10-26 12:14:59 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempDg2352.html [2010-10-26 12:14:59 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempaW2352.html [2010-10-25 19:53:21 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempgL2396.html [2010-10-25 14:20:39 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempEY1740.html [2010-10-25 14:20:39 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempRx1740.html [2010-10-24 10:43:54 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempFs1672.html [2010-10-23 21:48:19 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempo28316.html [2010-10-23 21:48:19 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempq28316.html [2010-10-23 12:46:08 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempwd2992.html [2010-10-22 16:11:42 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempwV2352.html [2010-10-22 16:11:42 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempKw2352.html [2010-10-21 21:58:47 | 000,010,752 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2010-10-21 21:58:47 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest [2010-10-21 21:56:48 | 000,000,036 | -H-- | C] () -- C:\Windows\System32\swk.ini [2010-10-21 19:39:31 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempj86412.html [2010-10-20 22:29:13 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempTz2284.html [2010-10-20 22:29:13 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempfM2284.html [2010-10-20 13:54:09 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempCx2952.html [2010-10-20 13:54:09 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempYi2952.html [2010-10-19 19:16:49 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempPl6900.html [2010-10-19 19:16:49 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempRj6900.html [2010-10-18 22:42:48 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempw20308.html [2010-10-18 22:42:48 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temph20308.html [2010-10-18 14:49:27 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempYK2744.html [2010-10-17 09:29:23 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempiU2692.html [2010-10-17 09:29:23 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempJj2692.html [2010-10-16 17:45:59 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempv26128.html [2010-10-16 17:45:59 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempA26128.html [2010-10-16 11:20:43 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempKs2856.html [2010-10-15 20:10:52 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempCy2636.html [2010-10-15 20:10:52 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempwa2636.html [2010-10-15 14:50:26 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempQe3144.html [2010-10-15 14:50:26 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempUf3144.html [2010-10-14 13:21:59 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempTA3172.html [2010-10-14 13:21:59 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempPy3172.html [2010-10-14 09:28:24 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempLP3076.html [2010-10-14 09:28:24 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempxw3076.html [2010-10-14 09:16:20 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempZj2984.html [2010-10-14 09:16:20 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempOk2984.html [2010-10-13 22:54:52 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempgR3020.html [2010-10-13 22:54:52 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempTi3020.html [2010-10-13 20:17:16 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempW14100.html [2010-10-13 20:17:16 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempL14100.html [2010-10-13 13:05:19 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temprt1800.html [2010-10-13 13:05:19 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempbz1800.html [2010-10-13 12:57:21 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempfA2460.html [2010-10-13 12:37:57 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempeh3140.html [2010-10-13 12:37:57 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempeu3140.html [2010-10-12 21:05:56 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Templ92180.html [2010-10-12 21:05:56 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempV92180.html [2010-10-12 12:37:57 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempJI3184.html [2010-10-11 21:03:35 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempKe2328.html [2010-10-11 21:03:35 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempiV2328.html [2010-10-11 13:45:42 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempJO3208.html [2010-10-10 15:47:11 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempaU5804.html [2010-10-10 09:38:11 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempPOY320.html [2010-10-09 15:41:35 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempUY3492.html [2010-10-09 12:48:22 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempHd3028.html [2010-10-09 09:06:48 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempfV3108.html [2010-10-09 09:06:48 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempeP3108.html [2010-10-07 17:21:50 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempzz2652.html [2010-10-07 17:21:50 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempWB2652.html [2010-10-07 12:12:49 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempoX3204.html [2010-10-06 20:47:58 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempo18344.html [2010-10-06 13:12:31 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempud2980.html [2010-10-05 20:24:36 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempFw3972.html [2010-10-05 20:24:36 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempdi3972.html [2010-10-05 18:26:45 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempzx2836.html [2010-10-05 18:26:45 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempCE2836.html [2010-10-05 17:47:35 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempYs3208.html [2010-10-05 17:47:35 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TemplD3208.html [2010-10-05 15:04:42 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempIc3032.html [2010-10-05 15:04:41 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempwY3032.html [2010-10-05 12:04:30 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempLo3140.html [2010-10-05 07:05:47 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempxO3188.html [2010-10-05 07:05:47 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temphb3188.html [2010-10-04 21:26:59 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempT99548.html [2010-10-04 21:26:59 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempg99548.html [2010-10-03 14:48:44 | 000,069,632 | R--- | C] () -- C:\Windows\System32\xmltok.dll [2010-10-03 14:48:44 | 000,036,864 | R--- | C] () -- C:\Windows\System32\xmlparse.dll [2010-10-03 14:48:44 | 000,035,840 | R--- | C] () -- C:\Windows\System32\comdlg32.oca [2010-10-03 14:48:44 | 000,029,184 | R--- | C] () -- C:\Windows\System32\MSINET.oca [2010-10-03 10:01:11 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temptt2908.html [2010-10-01 14:04:48 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempjW2960.html [2010-10-01 14:04:48 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempsp2960.html [2010-09-30 21:20:28 | 000,011,502 | ---- | C] () -- C:\Windows\Dr. Printer Icon.ico [2010-09-30 21:20:13 | 001,032,192 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvum.dll [2010-09-30 21:20:13 | 000,929,792 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvu.dll [2010-09-30 21:20:13 | 000,835,584 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvu2.dll [2010-09-30 21:20:13 | 000,626,874 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvua.bmp [2010-09-30 21:20:13 | 000,217,088 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvo.dll [2010-09-30 21:20:13 | 000,206,278 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvub.bmp [2010-09-30 21:20:13 | 000,087,134 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvfn.dat [2010-09-30 21:20:13 | 000,084,076 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvel.dat [2010-09-30 21:20:13 | 000,083,730 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvgr.dat [2010-09-30 21:20:13 | 000,082,987 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvsp.dat [2010-09-30 21:20:13 | 000,082,974 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvpt.dat [2010-09-30 21:20:13 | 000,082,040 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvit.dat [2010-09-30 21:20:13 | 000,081,898 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvbp.dat [2010-09-30 21:20:13 | 000,081,018 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvdt.dat [2010-09-30 21:20:13 | 000,080,802 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvhu.dat [2010-09-30 21:20:13 | 000,080,441 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvru.dat [2010-09-30 21:20:13 | 000,079,600 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvpo.dat [2010-09-30 21:20:13 | 000,078,768 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvfi.dat [2010-09-30 21:20:13 | 000,077,879 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvdn.dat [2010-09-30 21:20:13 | 000,077,734 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvcz.dat [2010-09-30 21:20:13 | 000,077,604 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvtk.dat [2010-09-30 21:20:13 | 000,076,959 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvsw.dat [2010-09-30 21:20:13 | 000,076,904 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvnr.dat [2010-09-30 21:20:13 | 000,074,785 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrven.dat [2010-09-30 21:20:13 | 000,071,490 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvkr.dat [2010-09-30 21:20:13 | 000,069,632 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvlf.dll [2010-09-30 21:20:13 | 000,064,494 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvcp.dat [2010-09-30 21:20:13 | 000,064,315 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvct.dat [2010-09-30 21:20:13 | 000,051,536 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\sse1mu.bmp [2010-09-30 21:20:13 | 000,049,152 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvIO.DLL [2010-09-30 21:20:13 | 000,038,192 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvcm.ctd [2010-09-30 21:20:13 | 000,036,323 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\sse1m.cat [2010-09-30 21:20:13 | 000,034,625 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvel.chm [2010-09-30 21:20:13 | 000,034,205 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvhu.chm [2010-09-30 21:20:13 | 000,034,075 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvpo.chm [2010-09-30 21:20:13 | 000,033,815 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvgr.chm [2010-09-30 21:20:13 | 000,033,649 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvru.chm [2010-09-30 21:20:13 | 000,033,451 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvcz.chm [2010-09-30 21:20:13 | 000,033,417 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvfn.chm [2010-09-30 21:20:13 | 000,033,187 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvkr.chm [2010-09-30 21:20:13 | 000,033,107 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvdt.chm [2010-09-30 21:20:13 | 000,033,089 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvpt.chm [2010-09-30 21:20:13 | 000,033,047 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvsp.chm [2010-09-30 21:20:13 | 000,032,749 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvct.chm [2010-09-30 21:20:13 | 000,032,741 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvit.chm [2010-09-30 21:20:13 | 000,032,719 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvcp.chm [2010-09-30 21:20:13 | 000,032,467 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvbp.chm [2010-09-30 21:20:13 | 000,032,409 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvdn.chm [2010-09-30 21:20:13 | 000,032,345 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvtk.chm [2010-09-30 21:20:13 | 000,032,299 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvfi.chm [2010-09-30 21:20:13 | 000,032,243 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvsw.chm [2010-09-30 21:20:13 | 000,031,821 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvnr.chm [2010-09-30 21:20:13 | 000,031,467 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrven.chm [2010-09-30 21:20:13 | 000,024,250 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvum.xml [2010-09-30 21:20:13 | 000,022,723 | ---- | C] () -- C:\Windows\System32\sse1ml3.dll [2010-09-30 21:20:13 | 000,022,723 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\sse1ml3.dll [2010-09-30 21:20:13 | 000,015,318 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvpp.dll [2010-09-30 21:20:13 | 000,008,465 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\sse1m.inf [2010-09-30 21:20:13 | 000,005,020 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\sse1mu.ini [2010-09-30 21:20:13 | 000,004,072 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvul.bmp [2010-09-30 21:20:13 | 000,000,556 | ---- | C] () -- C:\Windows\System32\sse1ml3.smt [2010-09-30 21:20:13 | 000,000,556 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\sse1ml3.SMT [2010-09-30 21:20:13 | 000,000,527 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\sse1mpp.ver [2010-09-30 13:17:42 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempJw2944.html [2010-09-29 19:58:34 | 000,026,112 | ---- | C] () -- C:\Users\Artur\Desktop\Nowy Dokument programu Microsoft Word (2).doc [2010-09-29 19:43:57 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempp21664.html [2010-09-29 19:43:57 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempI21664.html [2010-09-29 14:07:51 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TemppZ2740.html [2010-09-28 13:23:42 | 000,000,000 | ---- | C] () -- C:\Windows\PowerReg.dat [2010-09-28 13:23:13 | 000,185,344 | ---- | C] () -- C:\Windows\patchw32.dll [2010-09-28 13:15:19 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempGz3024.html [2010-09-28 13:15:19 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempLD3024.html [2010-09-26 07:45:37 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempps3028.html [2010-09-26 07:45:37 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempdl3028.html [2010-09-25 10:11:05 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempBv2880.html [2010-09-25 10:11:05 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempoK2880.html [2010-09-24 21:45:46 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempIn5208.html [2010-09-24 21:45:46 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempaB5208.html [2010-09-24 19:32:38 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempwM2892.html [2010-09-24 14:03:40 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempZg3052.html [2010-09-24 14:03:40 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempnV3052.html [2010-09-23 21:09:20 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temp143576.html [2010-09-23 21:09:20 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempa43576.html [2010-09-23 13:09:08 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempPd3040.html [2010-09-22 19:33:04 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempce3144.html [2010-09-22 19:33:04 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempTb3144.html [2010-09-22 14:17:12 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempDl3004.html [2010-09-22 14:17:12 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempNi3004.html [2010-09-21 20:19:41 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempE11968.html [2010-09-21 20:19:41 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempU11968.html [2010-09-18 23:49:43 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempjS3124.html [2010-09-18 23:49:43 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempPm3124.html [2010-09-18 18:58:13 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempU21712.html [2010-09-18 18:58:13 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempd21712.html [2010-09-18 10:04:32 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempyC2952.html [2010-09-18 10:04:32 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempAx2952.html [2010-09-17 19:02:43 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempM96720.html [2010-09-17 18:04:42 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temp119244.html [2010-09-17 17:50:59 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temp113764.html [2010-09-17 17:36:43 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temp110156.html [2010-09-17 17:16:38 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temp103396.html [2010-09-17 11:49:58 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempof2712.html [2010-09-17 11:49:58 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempdX2712.html [2010-09-16 15:28:56 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempLv1704.html [2010-09-16 15:28:56 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempgg1704.html [2010-09-15 18:48:01 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempsy3320.html [2010-09-15 17:10:36 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempUj6004.html [2010-09-15 17:10:36 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempgd6004.html [2010-09-14 15:33:53 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempp57644.html [2010-09-13 22:58:09 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempyl1560.html [2010-09-13 22:58:09 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempka1560.html [2010-09-13 10:05:17 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempOq4016.html [2010-09-13 10:05:17 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempWL4016.html [2010-09-12 22:53:36 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempqf6012.html [2010-09-12 22:53:36 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempPG6012.html [2010-09-12 19:40:47 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempG75204.html [2010-09-12 19:40:47 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempH75204.html [2010-09-12 14:06:55 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempV22244.html [2010-09-12 12:32:44 | 000,000,412 | ---- | C] () -- C:\Windows\ODBC.INI [2010-09-11 21:22:20 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temph50740.html [2010-09-11 21:22:20 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempi50740.html [2010-09-11 12:15:28 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempn30548.html [2010-09-11 10:38:11 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempCF3652.html [2010-09-11 10:38:11 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempJP3652.html [2010-09-10 13:31:35 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempTO3788.html [2010-09-10 13:31:35 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempqa3788.html [2010-09-09 22:59:12 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempCeu508.html [2010-09-09 22:59:12 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempXrv508.html [2010-09-09 21:57:44 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempBG2396.html [2010-09-09 13:23:47 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempwS2184.html [2010-09-09 13:23:47 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempNu2184.html [2010-09-08 20:18:21 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempfc5964.html [2010-09-08 16:38:00 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempqm3104.html [2010-09-08 16:38:00 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TemprM3104.html [2010-09-07 15:27:55 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempSO3476.html [2010-09-07 13:28:51 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempvpt468.html [2010-09-06 19:26:34 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temprj7908.html [2010-09-06 19:26:34 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempiQ7908.html [2010-09-05 20:33:36 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempcW3832.html [2010-09-05 20:33:36 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempDH3832.html [2010-09-05 14:00:19 | 000,000,316 | ---- | C] () -- C:\Windows\game.ini [2010-09-05 11:56:11 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempIr3612.html [2010-09-05 09:48:41 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempYE3116.html [2010-09-04 20:49:46 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempUZ3760.html [2010-09-04 18:41:33 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempsJ4000.html [2010-09-04 18:41:33 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempAk4000.html [2010-09-04 08:40:09 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempRl1392.html [2010-09-04 08:40:09 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempWO1392.html [2010-09-03 21:23:11 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempgJ2236.html [2010-09-03 21:23:11 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempVD2236.html [2010-09-03 16:04:17 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempNT4080.html [2010-09-03 16:04:17 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempsM4080.html [2010-09-03 14:37:34 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempJkh932.html [2010-09-03 14:37:34 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempTIc932.html [2010-09-02 20:41:11 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempjX2476.html [2010-09-02 19:55:57 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempKm6264.html [2010-09-02 19:55:57 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempdp6264.html [2010-09-01 18:00:30 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempw22280.html [2010-08-31 22:58:11 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempsI2900.html [2010-08-31 22:58:11 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempWI2900.html [2010-08-30 20:51:30 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempeb9828.html [2010-08-30 13:48:54 | 000,138,664 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2010-08-30 13:20:42 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempVo3468.html [2010-08-30 00:43:29 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempN72660.html [2010-08-29 19:54:49 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temprf3580.html [2010-08-28 19:33:01 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temptn3624.html [2010-08-27 12:28:32 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temptl3676.html [2010-08-26 19:44:26 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempEp2176.html [2010-08-26 14:00:16 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempzc3692.html [2010-08-26 14:00:16 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempWe3692.html [2010-08-26 02:44:15 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempJh1508.html [2010-08-25 21:24:02 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys [2010-08-25 18:44:46 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempmh3564.html [2010-08-25 18:44:46 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempLM3564.html [2010-08-25 10:23:50 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempUB2960.html [2010-08-24 16:43:01 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempQLm604.html [2010-08-24 11:29:07 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempoMZ716.html [2010-08-24 11:28:23 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempGk3868.html [2010-08-24 00:14:43 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temp123388.html [2010-08-23 20:31:20 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempu48020.html [2010-08-23 15:32:31 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempn18332.html [2010-08-23 11:00:44 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempbg2276.html [2010-08-22 23:32:01 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempfg1052.html [2010-08-22 23:32:01 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempHF1052.html [2010-08-22 20:10:04 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempOa1220.html [2010-08-22 18:38:59 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempcR3444.html [2010-08-22 18:38:59 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempEX3444.html [2010-08-20 09:32:11 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempTi3808.html [2010-08-20 09:32:11 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempYy3808.html [2010-08-19 09:40:02 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempqs3176.html [2010-08-19 09:40:02 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempAi3176.html [2010-08-18 21:23:28 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempGY3588.html [2010-08-18 21:23:28 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempSE3588.html [2010-08-17 12:15:46 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempjq2528.html [2010-08-17 12:15:45 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempYs2528.html [2010-08-17 09:10:26 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempyM1820.html [2010-08-17 09:10:26 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempDW1820.html [2010-08-16 21:07:14 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempyJW964.html [2010-08-15 23:05:22 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempFQ4064.html [2010-08-15 21:26:10 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempta3924.html [2010-08-15 21:25:09 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempkC2304.html [2010-08-11 21:38:42 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temphco724.html [2010-08-11 21:38:42 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempfxY724.html [2010-08-11 09:28:14 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempAr3400.html [2010-08-10 21:03:30 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temp234128.html [2010-08-06 16:40:45 | 000,109,608 | ---- | C] () -- C:\Users\Artur\AppData\Local\GDIPFONTCACHEV1.DAT [2010-08-06 16:13:11 | 009,186,233 | -H-- | C] () -- C:\Users\Artur\AppData\Local\IconCache.db [2010-08-06 15:26:53 | 001,549,696 | ---- | C] () -- C:\Windows\System32\PerfStringBackup.INI [2010-02-08 07:33:04 | 000,359,320 | ---- | C] () -- C:\Windows\System32\vfprintpthelper.dll [2009-07-14 05:41:57 | 000,000,174 | -HS- | C] () -- C:\Program Files\desktop.ini [2009-07-14 03:04:57 | 000,001,405 | ---- | C] () -- C:\Windows\msdfmap.ini [2009-07-14 03:04:23 | 000,000,499 | ---- | C] () -- C:\Windows\win.ini [2009-07-14 03:04:23 | 000,000,219 | ---- | C] () -- C:\Windows\system.ini [2009-07-14 01:59:08 | 000,011,776 | ---- | C] () -- C:\Windows\System32\SaSegFlt.dll [2009-07-14 01:58:40 | 000,037,376 | ---- | C] () -- C:\Windows\System32\SaImgFlt.dll [2009-07-14 01:58:25 | 000,010,240 | ---- | C] () -- C:\Windows\System32\SaErHdlr.dll [2009-07-14 01:56:53 | 000,159,232 | ---- | C] () -- C:\Windows\System32\SaMinDrv.dll [2009-07-14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009-07-14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2009-07-13 22:40:44 | 000,027,097 | ---- | C] () -- C:\Windows\System32\country.sys [2009-07-13 22:40:43 | 000,042,809 | ---- | C] () -- C:\Windows\System32\KEY01.SYS [2009-07-13 22:40:43 | 000,042,537 | ---- | C] () -- C:\Windows\System32\KEYBOARD.SYS [2009-07-13 22:40:41 | 000,009,029 | ---- | C] () -- C:\Windows\System32\ANSI.SYS [2009-07-13 22:40:40 | 000,004,768 | ---- | C] () -- C:\Windows\System32\HIMEM.SYS [2009-07-13 22:40:39 | 000,029,274 | ---- | C] () -- C:\Windows\System32\NTDOS412.SYS [2009-07-13 22:40:35 | 000,029,370 | ---- | C] () -- C:\Windows\System32\NTDOS411.SYS [2009-07-13 22:40:31 | 000,029,146 | ---- | C] () -- C:\Windows\System32\NTDOS404.SYS [2009-07-13 22:40:27 | 000,029,146 | ---- | C] () -- C:\Windows\System32\NTDOS804.SYS [2009-07-13 22:40:23 | 000,027,866 | ---- | C] () -- C:\Windows\System32\NTDOS.SYS [2009-07-13 22:40:19 | 000,035,536 | ---- | C] () -- C:\Windows\System32\NTIO412.SYS [2009-07-13 22:40:17 | 000,035,776 | ---- | C] () -- C:\Windows\System32\NTIO411.SYS [2009-07-13 22:40:15 | 000,034,672 | ---- | C] () -- C:\Windows\System32\NTIO404.SYS [2009-07-13 22:40:13 | 000,034,672 | ---- | C] () -- C:\Windows\System32\NTIO804.SYS [2009-07-13 22:40:11 | 000,033,952 | ---- | C] () -- C:\Windows\System32\NTIO.SYS [2009-07-13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\System32\msjetoledb40.dll [2009-07-13 21:29:46 | 000,013,312 | ---- | C] () -- C:\Windows\System32\win87em.dll [2009-06-10 22:39:59 | 000,060,124 | ---- | C] () -- C:\Windows\System32\tcpmon.ini [2007-11-14 15:17:34 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CogentBioSDK.dll [2006-03-09 08:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2003-04-08 10:40:22 | 000,005,679 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI [color=#E56717]========== LOP Check ==========[/color] [2010-09-26 19:48:45 | 000,000,000 | ---D | M] -- C:\Users\Artur\AppData\Roaming\abgx360 [2010-08-25 23:33:20 | 000,000,000 | ---D | M] -- C:\Users\Artur\AppData\Roaming\DAEMON Tools Lite [2010-11-16 16:34:27 | 000,000,000 | ---D | M] -- C:\Users\Artur\AppData\Roaming\DigitalPersona [2010-11-17 18:35:15 | 000,000,000 | ---D | M] -- C:\Users\Artur\AppData\Roaming\foobar2000 [2010-08-10 22:36:18 | 000,000,000 | ---D | M] -- C:\Users\Artur\AppData\Roaming\Gadu-Gadu 10 [2010-11-11 14:44:27 | 000,000,000 | ---D | M] -- C:\Users\Artur\AppData\Roaming\ImgBurn [2010-09-11 13:06:16 | 000,000,000 | ---D | M] -- C:\Users\Artur\AppData\Roaming\Opera [2010-08-22 19:37:33 | 000,000,000 | ---D | M] -- C:\Users\Artur\AppData\Roaming\Soldat [2010-09-28 13:23:13 | 000,000,000 | ---D | M] -- C:\Users\Artur\AppData\Roaming\ubi.com [2010-08-06 16:04:15 | 000,000,000 | ---D | M] -- C:\Users\Artur\AppData\Roaming\wargaming.net [2010-10-15 20:10:15 | 000,032,590 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] < End of report >[/log] RSIT [log]Logfile of random's system information tool 1.08 (written by random/random) Run by Artur at 2010-11-18 13:51:37 Microsoft Windows 7 Professional System drive C: has 70 GB (55%) free of 127 GB Total RAM: 3069 MB (60% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:51:48, on 2010-11-18 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16671) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files\IDT\WDM\sttray.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Emsisoft Anti-Malware\a2guard.exe C:\Program Files\DigitalPersona\Bin\DpAgent.exe C:\ProgramData\DatacardService\DCSHelper.exe d:\Program Files\PLAY ONLINE\PLAY ONLINE.exe C:\Program Files\Opera\opera.exe C:\Windows\system32\NOTEPAD.EXE C:\Users\Artur\Desktop\RSIT.exe C:\Program Files\trend micro\Artur.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: DigitalPersona Personal Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [a-squared] "C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2guard.exe" /d=60 O4 - HKLM\..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\dpagent.exe O4 - HKCU\..\Run: [Gadu-Gadu 10] "C:\Program Files\Gadu-Gadu 10\gg.exe" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA SIECIOWA') O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\Microsoft Office\OFFICE11\REFIEBAR.DLL O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{66EA071A-F6F4-42EC-8F82-30BD68E27AF7}: NameServer = 89.108.195.20 89.108.195.21 O17 - HKLM\System\CCS\Services\Tcpip\..\{A472EFFC-64E2-473E-BA61-3D0F0BD48545}: NameServer = 89.108.195.20 217.17.34.10 O17 - HKLM\System\CCS\Services\Tcpip\..\{E1F70F82-028F-4AAD-972C-D1DBB3A81779}: NameServer = 89.108.195.20 217.17.34.10 O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll O23 - Service: Emsisoft Anti-Malware 5.0 - Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\Emsisoft Anti-Malware\a2service.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\aestsrv.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: COMODO System - Cleaner Service (Cleaner_Validator) - Unknown owner - C:\Program Files\COMODO\COMODO System-Cleaner\Cleaner_Validator.exe O23 - Service: DCService.exe - Unknown owner - C:\ProgramData\DatacardService\DCService.exe O23 - Service: @C:\Program Files\DigitalPersona\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\STacSV.exe O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - c:\Windows\system32\vfsFPService.exe -- End of file - 6609 bytes ======Scheduled tasks folder====== C:\Windows\tasks\COMODO Updater.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{395610AE-C624-4f58-B89E-23733EA00F9A}] DigitalPersona Personal Extension - C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll [2009-12-01 1256512] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-15 1250696] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-27 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-05-27 1721640] "avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-09-07 2838912] "SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2010-03-23 495708] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288] "a-squared"=C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2guard.exe [2010-11-15 3416968] "DpAgent"=C:\Program Files\DigitalPersona\Bin\dpagent.exe [2009-12-01 842816] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Gadu-Gadu 10"=C:\Program Files\Gadu-Gadu 10\gg.exe [2010-10-07 12661344] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Simple Sticky Notes] C:\Program Files\Simnet\Simple Sticky Notes\ssn.exe [2010-11-08 1530320] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "notification packages"=scecli DPPWDFLT [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=0 "ConsentPromptBehaviorUser"=3 "EnableLUA"=0 "EnableUIADesktopToggle"=0 "PromptOnSecureDesktop"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 2 months====== 2010-11-18 13:49:02 ----D---- C:\Program Files\trend micro 2010-11-18 13:49:01 ----D---- C:\rsit 2010-11-17 17:13:29 ----D---- C:\_OTL 2010-11-17 14:57:55 ----D---- C:\symbols 2010-11-17 14:53:23 ----D---- C:\Program Files\Microsoft Windows Performance Toolkit 2010-11-17 14:52:47 ----D---- C:\Program Files\Debugging Tools for Windows (x86) 2010-11-17 14:52:30 ----D---- C:\Program Files\Application Verifier 2010-11-17 14:36:48 ----A---- C:\Windows\system32\{8D4B1164-3935-44B2-9152-D0CB0AFBCCF4}.ini 2010-11-17 14:36:48 ----A---- C:\Windows\{8D4B1164-3935-44B2-9152-D0CB0AFBCCF4}.ini 2010-11-17 14:35:51 ----D---- C:\Windows\system32\tr 2010-11-17 14:35:51 ----D---- C:\Windows\system32\sv 2010-11-17 14:35:51 ----D---- C:\Windows\system32\ru 2010-11-17 14:35:51 ----D---- C:\Windows\system32\no 2010-11-17 14:35:50 ----D---- C:\Windows\system32\da 2010-11-17 14:35:44 ----D---- C:\Windows\system32\ko 2010-11-17 14:35:44 ----D---- C:\Windows\system32\ja 2010-11-17 14:35:44 ----D---- C:\Windows\system32\it 2010-11-17 14:35:44 ----D---- C:\Windows\system32\fr 2010-11-17 14:35:44 ----D---- C:\Windows\system32\es 2010-11-17 14:35:44 ----D---- C:\Windows\system32\de 2010-11-17 14:35:41 ----D---- C:\Windows\DPDrv 2010-11-17 14:34:29 ----SHD---- C:\Config.Msi 2010-11-17 14:18:50 ----D---- C:\Program Files\Microsoft SDKs 2010-11-16 16:35:30 ----D---- C:\Users\Artur\AppData\Roaming\Macrovision 2010-11-16 16:34:27 ----D---- C:\Users\Artur\AppData\Roaming\DigitalPersona 2010-11-16 16:04:52 ----D---- C:\ProgramData\Macrovision 2010-11-16 16:04:52 ----D---- C:\Program Files\DigitalPersona 2010-11-16 16:02:15 ----D---- C:\ProgramData\Downloaded Installations 2010-11-15 23:18:21 ----D---- C:\Program Files\sp45082 2010-11-15 19:15:08 ----D---- C:\Program Files\Lavalys 2010-11-15 18:21:20 ----D---- C:\Program Files\Emsisoft Anti-Malware 2010-11-15 17:36:25 ----D---- C:\ProgramData\NVIDIA Corporation 2010-11-15 17:35:52 ----A---- C:\Windows\system32\OpenCL.dll 2010-11-15 17:35:52 ----A---- C:\Windows\system32\nvoglv32.dll 2010-11-15 17:35:52 ----A---- C:\Windows\system32\nvhdap32.dll 2010-11-15 17:35:52 ----A---- C:\Windows\system32\nvgenco322030.dll 2010-11-15 17:35:52 ----A---- C:\Windows\system32\nvgenco32.dll 2010-11-15 17:35:52 ----A---- C:\Windows\system32\nvdispco322050.dll 2010-11-15 17:35:52 ----A---- C:\Windows\system32\nvdecodemft.dll 2010-11-15 17:35:52 ----A---- C:\Windows\system32\nvcuvid.dll 2010-11-15 17:35:52 ----A---- C:\Windows\system32\nvcuvenc.dll 2010-11-15 17:35:52 ----A---- C:\Windows\system32\nvcuda.dll 2010-11-15 17:35:52 ----A---- C:\Windows\system32\nvcompiler.dll 2010-11-15 17:35:52 ----A---- C:\Windows\system32\nvapo32v.dll 2010-11-15 17:35:52 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys 2010-11-15 17:35:52 ----A---- C:\Windows\system32\drivers\nvhda32v.sys 2010-11-15 16:32:36 ----A---- C:\Windows\ntbtlog.txt 2010-11-14 20:45:27 ----D---- C:\Program Files\alaplaya 2010-11-14 20:18:31 ----D---- C:\Windows\Minidump 2010-11-14 17:13:42 ----A---- C:\Users\Artur\AppData\Roaming\Network Monitor II_Settings.ini 2010-11-14 16:54:10 ----D---- C:\Program Files\Common Files\Akamai 2010-11-12 13:24:01 ----D---- C:\Program Files\Core Temp 2010-11-12 13:22:40 ----A---- C:\Users\Artur\AppData\Roaming\GPU Monitor_Settings.ini 2010-11-12 00:45:48 ----D---- C:\Program Files\Defraggler 2010-11-12 00:40:58 ----A---- C:\Users\Artur\AppData\Roaming\System Monitor II_Settings.ini 2010-11-11 13:49:25 ----D---- C:\Users\Artur\AppData\Roaming\ImgBurn 2010-11-10 22:22:49 ----A---- C:\Windows\system32\msdri.dll 2010-11-10 22:22:49 ----A---- C:\Windows\system32\CPFilters.dll 2010-11-10 22:22:12 ----A---- C:\Windows\system32\drivers\Diskdump.sys 2010-11-10 22:19:10 ----D---- C:\Program Files\COMODO 2010-11-10 22:19:01 ----A---- C:\Windows\system32\mfc71.dll 2010-11-10 22:19:01 ----A---- C:\Windows\system32\gdiplus.dll 2010-11-10 18:49:27 ----D---- C:\Program Files\Simnet 2010-11-07 02:07:12 ----D---- C:\Users\Artur\AppData\Roaming\skypePM 2010-11-07 02:04:22 ----D---- C:\Program Files\Common Files\Skype 2010-11-07 02:04:09 ----RD---- C:\Program Files\Skype 2010-11-07 02:04:06 ----D---- C:\Users\Artur\AppData\Roaming\Skype 2010-11-07 02:03:54 ----D---- C:\ProgramData\Skype 2010-11-03 20:34:24 ----A---- C:\Windows\system32\drivers\WdfCoInstaller01009.dll 2010-11-03 20:34:24 ----A---- C:\Windows\system32\drivers\ew_juwwanecm.sys 2010-11-03 20:34:24 ----A---- C:\Windows\system32\drivers\ew_juextctrl.sys 2010-11-03 20:34:24 ----A---- C:\Windows\system32\drivers\ew_jucdcecm.sys 2010-11-03 20:34:24 ----A---- C:\Windows\system32\drivers\ew_jucdcacm.sys 2010-11-03 20:34:24 ----A---- C:\Windows\system32\drivers\ew_jubusenum.sys 2010-11-03 20:34:16 ----A---- C:\Windows\system32\drivers\ewusbnet.sys 2010-11-03 20:34:16 ----A---- C:\Windows\system32\drivers\ewusbmdm.sys 2010-11-03 20:34:16 ----A---- C:\Windows\system32\drivers\ewdcsc.sys 2010-11-03 20:34:16 ----A---- C:\Windows\system32\drivers\ew_usbenumfilter.sys 2010-11-03 20:34:08 ----A---- C:\Windows\system32\drivers\ew_hwusbdev.sys 2010-11-03 20:32:27 ----D---- C:\ProgramData\DatacardService 2010-10-28 15:54:30 ----A---- C:\Windows\system32\drivers\CFRPD.sys 2010-10-28 15:54:02 ----A---- C:\Windows\system32\drivers\CFRMD.sys 2010-10-21 21:58:47 ----A---- C:\Windows\system32\ff_vfw.dll.manifest 2010-10-21 21:58:47 ----A---- C:\Windows\system32\ff_vfw.dll 2010-10-21 21:58:46 ----D---- C:\Program Files\K-Lite Codec Pack 2010-10-21 21:56:48 ----H---- C:\Windows\system32\swk.ini 2010-10-21 21:56:44 ----D---- C:\Program Files\3gp Player 2010-10-16 16:33:13 ----RHD---- C:\Users\Artur\AppData\Roaming\SecuROM 2010-10-16 12:42:46 ----A---- C:\Windows\system32\nvvsvc.exe 2010-10-16 12:42:46 ----A---- C:\Windows\system32\nvsvcr.dll 2010-10-16 12:42:46 ----A---- C:\Windows\system32\nvmctray.dll 2010-10-16 12:42:46 ----A---- C:\Windows\system32\nvhotkey.dll 2010-10-16 12:42:42 ----A---- C:\Windows\system32\nvcpl.dll 2010-10-16 12:42:38 ----A---- C:\Windows\system32\nvsvc.dll 2010-10-14 16:12:41 ----D---- C:\Program Files\MetaGeek 2010-10-13 12:55:23 ----A---- C:\Windows\system32\mshtml.dll 2010-10-13 12:55:23 ----A---- C:\Windows\system32\iertutil.dll 2010-10-13 12:55:22 ----A---- C:\Windows\system32\urlmon.dll 2010-10-13 12:55:22 ----A---- C:\Windows\system32\msfeeds.dll 2010-10-13 12:55:22 ----A---- C:\Windows\system32\ieframe.dll 2010-10-13 12:55:21 ----A---- C:\Windows\system32\wininet.dll 2010-10-13 12:55:21 ----A---- C:\Windows\system32\mstime.dll 2010-10-13 12:55:21 ----A---- C:\Windows\system32\mshtmled.dll 2010-10-13 12:55:21 ----A---- C:\Windows\system32\msfeedssync.exe 2010-10-13 12:55:21 ----A---- C:\Windows\system32\msfeedsbs.dll 2010-10-13 12:55:21 ----A---- C:\Windows\system32\licmgr10.dll 2010-10-13 12:55:21 ----A---- C:\Windows\system32\jsproxy.dll 2010-10-13 12:55:21 ----A---- C:\Windows\system32\ieui.dll 2010-10-13 12:55:21 ----A---- C:\Windows\system32\iepeers.dll 2010-10-13 12:55:21 ----A---- C:\Windows\system32\iedkcs32.dll 2010-10-13 12:55:16 ----A---- C:\Windows\system32\ole32.dll 2010-10-13 12:49:58 ----A---- C:\Windows\system32\t2embed.dll 2010-10-13 12:49:55 ----A---- C:\Windows\system32\schannel.dll 2010-10-13 12:49:54 ----A---- C:\Windows\system32\comctl32.dll 2010-10-13 12:49:52 ----A---- C:\Windows\system32\mfc40u.dll 2010-10-13 12:49:52 ----A---- C:\Windows\system32\mfc40.dll 2010-10-13 12:49:46 ----A---- C:\Windows\system32\wmp.dll 2010-10-13 12:49:45 ----A---- C:\Windows\system32\wmploc.DLL 2010-10-13 12:49:41 ----A---- C:\Windows\system32\win32k.sys 2010-10-13 12:49:39 ----A---- C:\Windows\system32\srvsvc.dll 2010-10-13 12:49:39 ----A---- C:\Windows\system32\drivers\srvnet.sys 2010-10-13 12:49:39 ----A---- C:\Windows\system32\drivers\srv2.sys 2010-10-13 12:49:39 ----A---- C:\Windows\system32\drivers\srv.sys 2010-10-13 12:49:25 ----A---- C:\Windows\system32\wmpmde.dll 2010-10-13 12:49:24 ----A---- C:\Windows\system32\StructuredQuery.dll 2010-10-11 14:24:18 ----A---- C:\Windows\system32\drivers\usbvideo.sys 2010-10-11 14:24:18 ----A---- C:\Windows\system32\drivers\ks.sys 2010-10-03 14:48:46 ----RA---- C:\Windows\system32\msxml.dll 2010-10-03 14:48:44 ----RA---- C:\Windows\system32\xmltok.dll 2010-10-03 14:48:44 ----RA---- C:\Windows\system32\xmlparse.dll 2010-10-03 14:48:44 ----RA---- C:\Windows\system32\xmlinst.exe 2010-10-03 14:48:44 ----RA---- C:\Windows\system32\VB5DB.DLL 2010-10-03 14:48:44 ----RA---- C:\Windows\system32\msxmlr.dll 2010-10-03 14:48:44 ----RA---- C:\Windows\system32\msxml3a.dll 2010-09-30 21:20:13 ----A---- C:\Windows\system32\sse1ml3.dll 2010-09-30 21:20:12 ----N---- C:\Windows\system32\drivers\SSPORT.SYS 2010-09-30 21:20:12 ----D---- C:\Windows\system32\drivers\Samsung 2010-09-30 21:20:12 ----A---- C:\Windows\system32\sse1mci.exe 2010-09-30 21:20:12 ----A---- C:\Windows\system32\sse1mci.dll 2010-09-30 21:20:10 ----D---- C:\Program Files\Samsung 2010-09-30 21:20:07 ----D---- C:\Temp 2010-09-29 14:12:05 ----A---- C:\Windows\system32\tzres.dll 2010-09-28 14:03:19 ----D---- C:\Program Files\Ubi Soft 2010-09-28 13:23:13 ----D---- C:\Users\Artur\AppData\Roaming\ubi.com 2010-09-28 13:23:13 ----A---- C:\Windows\patchw32.dll 2010-09-28 13:23:08 ----D---- C:\Program Files\ubi.com 2010-09-28 13:23:08 ----D---- C:\Program Files\Common Files\PocketSoft 2010-09-26 20:01:56 ----D---- C:\Program Files\ImgBurn 2010-09-26 19:48:44 ----D---- C:\Users\Artur\AppData\Roaming\abgx360 2010-09-26 19:12:42 ----D---- C:\Program Files\abgx360 ======List of files/folders modified in the last 2 months====== 2010-11-18 13:51:45 ----D---- C:\Windows\Temp 2010-11-18 13:49:02 ----RD---- C:\Program Files 2010-11-18 13:37:56 ----D---- C:\Windows\system32\config 2010-11-18 13:30:46 ----D---- C:\Windows\System32 2010-11-18 13:30:46 ----A---- C:\Windows\system32\PerfStringBackup.INI 2010-11-18 13:30:45 ----D---- C:\Windows\inf 2010-11-17 18:35:15 ----D---- C:\Users\Artur\AppData\Roaming\foobar2000 2010-11-17 14:53:42 ----SHD---- C:\Windows\Installer 2010-11-17 14:36:48 ----D---- C:\Windows 2010-11-17 14:35:52 ----D---- C:\Windows\system32\pt-PT 2010-11-17 14:35:52 ----D---- C:\Windows\system32\nl-NL 2010-11-17 14:35:47 ----D---- C:\Windows\system32\zh-TW 2010-11-17 14:35:47 ----D---- C:\Windows\system32\zh-CN 2010-11-17 14:35:47 ----D---- C:\Windows\system32\pt-BR 2010-11-17 14:35:47 ----D---- C:\Windows\system32\en-US 2010-11-17 14:33:35 ----SHD---- C:\System Volume Information 2010-11-17 14:18:50 ----D---- C:\Program Files\MSBuild 2010-11-16 22:00:38 ----D---- C:\Windows\Prefetch 2010-11-16 16:06:35 ----D---- C:\Windows\system32\catroot 2010-11-16 16:06:34 ----D---- C:\Windows\system32\DriverStore 2010-11-16 16:04:52 ----HD---- C:\ProgramData 2010-11-16 16:01:47 ----D---- C:\SwSetup 2010-11-16 15:55:13 ----A---- C:\Windows\xUninstall.bat 2010-11-16 15:52:02 ----D---- C:\Windows\JMCR_DIR 2010-11-15 20:11:07 ----D---- C:\Windows\system32\Tasks 2010-11-15 18:18:50 ----SD---- C:\Users\Artur\AppData\Roaming\Microsoft 2010-11-15 18:18:50 ----SD---- C:\ProgramData\Microsoft 2010-11-15 17:37:26 ----D---- C:\Program Files\NVIDIA Corporation 2010-11-15 17:37:16 ----D---- C:\Windows\system32\drivers 2010-11-14 20:45:27 ----HD---- C:\Program Files\InstallShield Installation Information 2010-11-14 20:45:27 ----D---- C:\Windows\system32\catroot2 2010-11-14 19:57:42 ----D---- C:\Windows\Downloaded Program Files 2010-11-14 19:57:42 ----D---- C:\Program Files\Common Files\InstallShield 2010-11-14 17:09:37 ----D---- C:\Windows\winsxs 2010-11-14 16:54:10 ----D---- C:\Program Files\Common Files 2010-11-10 22:57:02 ----D---- C:\Windows\Microsoft.NET 2010-11-10 22:57:00 ----RSD---- C:\Windows\assembly 2010-11-10 22:30:35 ----D---- C:\Windows\ehome 2010-11-10 22:28:48 ----A---- C:\Windows\system32\MRT.exe 2010-11-10 22:28:38 ----D---- C:\Windows\AppPatch 2010-11-10 22:28:04 ----D---- C:\Windows\system32\pl-PL 2010-11-10 22:25:16 ----D---- C:\Users\Artur\AppData\Roaming\Media Player Classic 2010-11-10 22:24:19 ----D---- C:\Program Files\Microsoft.NET 2010-11-10 22:23:28 ----D---- C:\Program Files\Internet Explorer 2010-11-10 22:19:27 ----D---- C:\Windows\Tasks 2010-11-06 00:13:24 ----D---- C:\Windows\system32\wdi 2010-11-03 14:50:52 ----D---- C:\Users\Artur\AppData\Roaming\vlc 2010-10-30 12:36:01 ----D---- C:\Program Files\Common Files\Adobe 2010-10-30 12:36:00 ----D---- C:\ProgramData\Adobe 2010-10-30 12:35:58 ----D---- C:\Program Files\Adobe 2010-10-21 16:33:02 ----D---- C:\Users\Artur\AppData\Roaming\dvdcss 2010-10-19 10:41:44 ----N---- C:\Windows\system32\MpSigStub.exe 2010-10-16 19:55:00 ----A---- C:\Windows\system32\nvwgf2um.dll 2010-10-16 19:55:00 ----A---- C:\Windows\system32\nvd3dum.dll 2010-10-16 19:55:00 ----A---- C:\Windows\system32\nvapi.dll 2010-10-16 16:30:15 ----D---- C:\Windows\system32\NDF 2010-10-15 21:14:35 ----D---- C:\Windows\ModemLogs 2010-10-14 16:00:38 ----D---- C:\Program Files\Opera 2010-10-14 09:26:18 ----D---- C:\Windows\system32\migration 2010-10-13 13:34:00 ----D---- C:\Program Files\Windows Media Player 2010-10-13 12:56:58 ----D---- C:\Program Files\Gadu-Gadu 10 2010-10-03 16:41:39 ----D---- C:\Windows\rescache ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648] R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-08-25 691696] R1 a2injectiondriver;a2injectiondriver; \??\C:\Program Files\Emsisoft Anti-Malware\a2dix86.sys [2010-11-15 41928] R1 a2util;a-squared Malware-IDS utility driver; \??\C:\Program Files\Emsisoft Anti-Malware\a2util32.sys [2010-05-05 11776] R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-09-07 23376] R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-09-07 165584] R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-09-07 46672] R1 CFRMD;CFRMD; C:\Windows\system32\DRIVERS\CFRMD.sys [2010-10-28 64096] R1 CFRPD;CFRPD; C:\Windows\system32\DRIVERS\CFRPD.sys [2010-10-28 31696] R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128] R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-09-07 17744] R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768] R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2008-01-03 5120] R3 a2acc;a2acc; \??\C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys [2010-11-15 72808] R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2008-04-28 54784] R3 ewusbnet;HUAWEI USB-NDIS miniport; C:\Windows\system32\DRIVERS\ewusbnet.sys [2010-04-30 206336] R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2010-05-22 70656] R3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2010-03-25 105984] R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2008-07-20 100184] R3 NETw5s32;Sterownik karty Intel(R) Wireless WiFi Link dla systemu Windows 7 32 Bit; C:\Windows\system32\DRIVERS\NETw5s32.sys [2010-01-13 6755840] R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2010-09-07 123496] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776] R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2010-03-23 423424] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-05-27 245936] R3 vfs101x;vfs101x; C:\Windows\system32\drivers\vfs101x.sys [2008-04-27 40752] R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336] S2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [] S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704] S3 a5lvshjr;a5lvshjr; C:\Windows\system32\drivers\a5lvshjr.sys [] S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720] S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888] S3 BthEnum;Sterownik Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816] S3 BthPan;Urządzenie Bluetooth (sieć osobista); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696] S3 BTHPORT;Sterownik portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 392704] S3 BTHUSB;Sterownik USB odbiornika radiowego Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880] S3 dc3d;MS Hardware Device Detection Driver; C:\Windows\system32\DRIVERS\dc3d.sys [2009-03-23 16384] S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2010-03-20 101504] S3 netw5v32;Sterownik karty Intel(R) Wireless WiFi Link 5000 Series dla systemu Windows Vista w wersji 32-bitowej; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168] S3 NuidFltr;NUID filter driver; C:\Windows\system32\DRIVERS\NuidFltr.sys [2007-08-31 18856] S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368] S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120] S3 RFCOMM;Urządzenie Bluetooth (Protokół TDI RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536] S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632] S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-10-10 84992] S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304] S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224] S3 usbscan;Sterownik skanera USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840] S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328] S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736] S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824] S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920] S3 XDva370;XDva370; \??\C:\Windows\system32\XDva370.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 a2AntiMalware;Emsisoft Anti-Malware 5.0 - Service; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [2010-11-15 2806000] R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\aestsrv.exe [2009-03-02 81920] R2 Akamai;Akamai NetSession Interface; C:\Windows\System32\svchost.exe [2009-07-14 20992] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384] R2 Cleaner_Validator;COMODO System - Cleaner Service; C:\Program Files\COMODO\COMODO System-Cleaner\Cleaner_Validator.exe [2010-10-28 311744] R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992] R2 DCService.exe;DCService.exe; C:\ProgramData\DatacardService\DCService.exe [2010-05-08 229376] R2 DpHost;@C:\Program Files\DigitalPersona\Bin\DpHostW.exe,-128; C:\Program Files\DigitalPersona\Bin\DpHostW.exe [2009-12-01 322624] R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-10-16 600680] R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2010-08-30 75064] R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\STacSV.exe [2010-03-23 229458] R2 vfsFPService;Validity Fingerprint Service; c:\Windows\system32\vfsFPService.exe [2008-04-27 599344] R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384] R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-08-08 1343400] -----------------EOF-----------------[/log] Screen BSOD-a [spoiler]http://img594.imageshack.us/i/20101114059.jpg/[/spoiler] Komputer to HP Pavilion dv7 1140-ew System to Win7. Procek Intel Core2Duo T5800 2.00 Ghz, Grafika Nvidia 9600m GT P.S Bardzo przepraszam jeśli logi są źle wykonane ale jak już mówiłem jestem w tych sprawach zielony. i gdy wykonywałem Dump w OTL sposobem podanym na forum to OTL się zawieszał i nie analizował dalej (przez parę godzin pokazywał jedno i to samo czyli getting folder structure" czy jakoś tak). POZDRAWIAM
Sohei komentarz 18 listopada 2010 komentarz 18 listopada 2010 [code]:Processes Explorer.exe :OTL O33 - MountPoints2\{30ce7deb-b087-11df-972b-002186b24436}\Shell - "" = AutoRun O33 - MountPoints2\{30ce7deb-b087-11df-972b-002186b24436}\Shell\AutoRun\command - "" = G:\setup.exe -- File not found O33 - MountPoints2\{6cda2e14-e7a0-11df-93b6-001eeceb08c3}\Shell - "" = AutoRun O33 - MountPoints2\{6cda2e14-e7a0-11df-93b6-001eeceb08c3}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2010-05-10 12:48:36 | 000,126,976 | R--- | M] () O33 - MountPoints2\{6e73b50e-a9d6-11df-acf7-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{6e73b50e-a9d6-11df-acf7-806e6f6e6963}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found O33 - MountPoints2\{6e73b520-a9d6-11df-acf7-001eeceb08c3}\Shell - "" = AutoRun O33 - MountPoints2\{6e73b520-a9d6-11df-acf7-001eeceb08c3}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2010-05-10 12:48:36 | 000,126,976 | R--- | M] () O33 - MountPoints2\{90abe8f6-a456-11df-9a77-001eeceb08c3}\Shell - "" = AutoRun O33 - MountPoints2\{90abe8f6-a456-11df-9a77-001eeceb08c3}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2010-05-10 12:48:36 | 000,126,976 | R--- | M] () O33 - MountPoints2\{943570f2-c939-11df-b9cd-001eeceb08c3}\Shell - "" = AutoRun O33 - MountPoints2\{943570f2-c939-11df-b9cd-001eeceb08c3}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2010-05-10 12:48:36 | 000,126,976 | R--- | M] () O33 - MountPoints2\{94357141-c939-11df-b9cd-001eeceb08c3}\Shell - "" = AutoRun O33 - MountPoints2\{94357141-c939-11df-b9cd-001eeceb08c3}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2010-05-10 12:48:36 | 000,126,976 | R--- | M] () O33 - MountPoints2\{94357145-c939-11df-b9cd-001eeceb08c3}\Shell - "" = AutoRun O33 - MountPoints2\{94357145-c939-11df-b9cd-001eeceb08c3}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2010-05-10 12:48:36 | 000,126,976 | R--- | M] () O33 - MountPoints2\{a083fa6e-a8a2-11df-bb6d-001eeceb08c3}\Shell - "" = AutoRun O33 - MountPoints2\{a083fa6e-a8a2-11df-bb6d-001eeceb08c3}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2010-05-10 12:48:36 | 000,126,976 | R--- | M] () O33 - MountPoints2\{cb848071-d88f-11df-86b8-001eeceb08c3}\Shell - "" = AutoRun O33 - MountPoints2\{cb848071-d88f-11df-86b8-001eeceb08c3}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2010-05-10 12:48:36 | 000,126,976 | R--- | M] () O33 - MountPoints2\{ce81afb7-e811-11df-a2d5-001e101f7f74}\Shell - "" = AutoRun O33 - MountPoints2\{ce81afb7-e811-11df-a2d5-001e101f7f74}\Shell\AutoRun\command - "" = I:\AutoRun.exe -- File not found O33 - MountPoints2\{cfb92d32-e780-11df-bf92-001eeceb08c3}\Shell - "" = AutoRun O33 - MountPoints2\{cfb92d32-e780-11df-bf92-001eeceb08c3}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2010-05-10 12:48:36 | 000,126,976 | R--- | M] () O33 - MountPoints2\{cfb92d43-e780-11df-bf92-001eeceb08c3}\Shell - "" = AutoRun O33 - MountPoints2\{cfb92d43-e780-11df-bf92-001eeceb08c3}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2010-05-10 12:48:36 | 000,126,976 | R--- | M] () O33 - MountPoints2\G\Shell - "" = AutoRun O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found O33 - MountPoints2\H\Shell - "" = AutoRun O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2010-05-10 12:48:36 | 000,126,976 | R--- | M] () O33 - MountPoints2\I\Shell - "" = AutoRun O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\AutoRun.exe -- File not found :files :\Users\Artur\AppData\Local\Temp*.html :services :Commands [emptytemp] [start explorer] [reboot][/code] Wklejasz to do OTL w białe okienko i klikasz run fix(wykonaj skrypt). Wykonaj pełny skan [url=http://dobreprogramy.pl/index.php?dz=2&id=1998][b]DR WEB CureIt[/b][/url] Wykonaj pełny skan[url=http://www.dobreprogramy.pl/Malwarebytes-AntiMalware,Program,Windows,13117.html][b]MBAM[/b][/url] Co znajda usun po czym daj logi z usuwania + nowy log OTL Co do BSDOS zajrzyj tutaj http://www.forumpc.pl/index.php?showforum=221 .
Arczi256 komentarz 19 listopada 2010 Autor komentarz 19 listopada 2010 Programy nic nie znalazły mimo iż ustawiałem na "Pełne skanowanie" mbam LOG[log]Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Wersja bazy: 5144 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 2010-11-18 19:48:33 mbam-log-2010-11-18 (19-48-33).txt Typ skanowania: Pełne skanowanie (C:\|D:\|E:\|) Przeskanowano obiektów: 353926 Upłynęło: 1 godzin(y), 31 minut(y), 7 sekund(y) Zainfekowanych procesów w pamięci: 0 Zainfekowanych modułów w pamięci: 0 Zainfekowanych kluczy rejestru: 0 Zainfekowanych wartości rejestru: 0 Zainfekowane informacje rejestru systemowego: 0 Zainfekowanych folderów: 0 Zainfekowanych plików: 0 Zainfekowanych procesów w pamięci: (Nie znaleziono zagrożeń) Zainfekowanych modułów w pamięci: (Nie znaleziono zagrożeń) Zainfekowanych kluczy rejestru: (Nie znaleziono zagrożeń) Zainfekowanych wartości rejestru: (Nie znaleziono zagrożeń) Zainfekowane informacje rejestru systemowego: (Nie znaleziono zagrożeń) Zainfekowanych folderów: (Nie znaleziono zagrożeń) Zainfekowanych plików: (Nie znaleziono zagrożeń) [/log] Nowe logi z OTL [log]OTL logfile created on: 2010-11-19 22:21:01 - Run 4 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Artur\Desktop An unknown product (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 59,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 75,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 123,65 Gb Total Space | 67,75 Gb Free Space | 54,79% Space Free | Partition Type: NTFS Drive D: | 166,43 Gb Total Space | 23,29 Gb Free Space | 13,99% Space Free | Partition Type: NTFS Drive E: | 8,01 Gb Total Space | 7,93 Gb Free Space | 99,04% Space Free | Partition Type: NTFS Drive H: | 18,78 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: ARTUR-KOMPUTER | User Name: Artur | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2010-11-16 14:23:02 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Artur\Desktop\OTL.exe PRC - [2010-11-15 22:08:54 | 000,792,680 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NVXDSYNC.EXE PRC - [2010-11-15 18:34:52 | 003,416,968 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Emsisoft Anti-Malware\a2guard.exe PRC - [2010-11-15 18:34:27 | 002,806,000 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe PRC - [2010-11-03 20:33:59 | 000,114,688 | ---- | M] () -- d:\Program Files\PLAY ONLINE\PLAY ONLINE.exe PRC - [2010-10-28 15:54:42 | 000,311,744 | ---- | M] () -- C:\Program Files\COMODO\COMODO System-Cleaner\Cleaner_Validator.exe PRC - [2010-10-16 12:42:46 | 000,600,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe PRC - [2010-10-08 13:00:10 | 000,836,464 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe PRC - [2010-10-07 09:04:26 | 012,661,344 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe PRC - [2010-09-07 16:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2010-09-07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2010-08-30 13:53:06 | 000,075,064 | ---- | M] () -- C:\Windows\System32\PnkBstrA.exe PRC - [2010-08-21 06:32:37 | 000,316,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe PRC - [2010-05-27 21:31:22 | 001,721,640 | ---- | M] (Synaptics Incorporated) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe PRC - [2010-05-27 21:31:22 | 000,103,720 | ---- | M] (Synaptics Incorporated) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe PRC - [2010-05-14 10:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe PRC - [2010-05-08 12:48:36 | 000,229,376 | ---- | M] () -- C:\ProgramData\DatacardService\DCService.exe PRC - [2010-05-08 12:48:26 | 000,241,664 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe PRC - [2010-03-23 13:53:06 | 000,495,708 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe PRC - [2010-03-23 13:53:06 | 000,229,458 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\stacsv.exe PRC - [2009-12-01 13:37:48 | 000,322,624 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe PRC - [2009-12-01 13:37:46 | 000,842,816 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpAgent.exe PRC - [2009-10-31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009-10-28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe PRC - [2009-07-14 02:14:50 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exe PRC - [2009-07-14 02:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe PRC - [2009-07-14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe PRC - [2009-07-14 02:14:43 | 001,025,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\VSSVC.exe PRC - [2009-07-14 02:14:42 | 000,204,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\servicing\TrustedInstaller.exe PRC - [2009-07-14 02:14:42 | 000,190,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe PRC - [2009-07-14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe PRC - [2009-07-14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe PRC - [2009-07-14 02:14:35 | 000,428,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe PRC - [2009-07-14 02:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sppsvc.exe PRC - [2009-07-14 02:14:23 | 000,261,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe PRC - [2009-07-14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe PRC - [2009-07-14 02:14:19 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe PRC - [2009-07-14 02:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe PRC - [2009-03-02 17:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\AEstSrv.exe PRC - [2008-04-27 21:26:44 | 000,599,344 | ---- | M] (Validity Sensors, Inc.) -- C:\Windows\System32\vfsFPService.exe PRC - [2003-06-19 22:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE [color=#E56717]========== Modules (All) ==========[/color] MOD - [2010-11-16 14:23:02 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Artur\Desktop\OTL.exe MOD - [2010-11-15 18:29:18 | 000,211,432 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Emsisoft Anti-Malware\a2hooks32.dll MOD - [2010-08-21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll MOD - [2010-07-27 15:03:24 | 012,867,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll MOD - [2010-06-29 06:02:02 | 001,413,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll MOD - [2010-03-24 07:37:04 | 001,286,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll MOD - [2009-12-08 12:33:31 | 000,857,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll MOD - [2009-12-08 12:32:02 | 000,292,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll MOD - [2009-12-01 13:37:48 | 000,502,848 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpOFeedb.dll MOD - [2009-12-01 13:37:48 | 000,363,584 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpOSet.dll MOD - [2009-07-14 02:16:19 | 000,268,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll MOD - [2009-07-14 02:16:17 | 001,123,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll MOD - [2009-07-14 02:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll MOD - [2009-07-14 02:16:17 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll MOD - [2009-07-14 02:16:17 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll MOD - [2009-07-14 02:16:17 | 000,079,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll MOD - [2009-07-14 02:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll MOD - [2009-07-14 02:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll MOD - [2009-07-14 02:16:15 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll MOD - [2009-07-14 02:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll MOD - [2009-07-14 02:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll MOD - [2009-07-14 02:16:14 | 001,668,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll MOD - [2009-07-14 02:16:14 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll MOD - [2009-07-14 02:16:14 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll MOD - [2009-07-14 02:16:13 | 000,652,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll MOD - [2009-07-14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll MOD - [2009-07-14 02:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll MOD - [2009-07-14 02:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll MOD - [2009-07-14 02:16:13 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll MOD - [2009-07-14 02:16:12 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll MOD - [2009-07-14 02:16:12 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll MOD - [2009-07-14 02:16:12 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll MOD - [2009-07-14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll MOD - [2009-07-14 02:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll MOD - [2009-07-14 02:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll MOD - [2009-07-14 02:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll MOD - [2009-07-14 02:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll MOD - [2009-07-14 02:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll MOD - [2009-07-14 02:15:36 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll MOD - [2009-07-14 02:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll MOD - [2009-07-14 02:15:32 | 000,118,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll MOD - [2009-07-14 02:15:22 | 000,304,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll MOD - [2009-07-14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll MOD - [2009-07-14 02:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll MOD - [2009-07-14 02:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll MOD - [2009-07-14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll MOD - [2009-07-14 02:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll MOD - [2009-07-14 02:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll MOD - [2009-07-14 02:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll MOD - [2009-07-14 02:14:53 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll MOD - [2009-07-14 02:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx MOD - [2009-07-14 02:14:08 | 000,319,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2010-11-15 18:34:27 | 002,806,000 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware) SRV - [2010-11-14 16:54:41 | 003,019,352 | ---- | M] () [Auto | Running] -- C:/Program Files/Common Files/Akamai/netsession_win_4176eef.dll -- (Akamai) SRV - [2010-10-28 15:54:42 | 000,311,744 | ---- | M] () [Auto | Running] -- C:\Program Files\COMODO\COMODO System-Cleaner\Cleaner_Validator.exe -- (Cleaner_Validator) SRV - [2010-09-07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner) SRV - [2010-09-07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner) SRV - [2010-09-07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2010-08-08 18:21:25 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2010-05-08 12:48:36 | 000,229,376 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\DCService.exe -- (DCService.exe) SRV - [2010-03-23 13:53:06 | 000,229,458 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\stacsv.exe -- (STacSV) SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009-12-01 13:37:48 | 000,322,624 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe -- (DpHost) SRV - [2009-07-14 02:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc) SRV - [2009-07-14 02:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc) SRV - [2009-07-14 02:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power) SRV - [2009-07-14 02:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes) SRV - [2009-07-14 02:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify) SRV - [2009-07-14 02:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc) SRV - [2009-07-14 02:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper) SRV - [2009-07-14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009-07-14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009-07-14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc) SRV - [2009-07-14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc) SRV - [2009-07-14 02:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider) SRV - [2009-07-14 02:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg) SRV - [2009-07-14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2009-07-14 02:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener) SRV - [2009-07-14 02:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2009-07-14 02:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp) SRV - [2009-07-14 02:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc) SRV - [2009-07-14 02:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC) SRV - [2009-07-14 02:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) Instalator formantów ActiveX (AxInstSV) SRV - [2009-07-14 02:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc) SRV - [2009-07-14 02:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\sppsvc.exe -- (sppsvc) SRV - [2009-03-02 17:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\AEstSrv.exe -- (AESTFilters) SRV - [2008-04-27 21:26:44 | 000,599,344 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\System32\vfsFPService.exe -- (vfsFPService) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | Auto | Stopped] -- C:\Windows\System32\Drivers\DgiVecp.sys -- (DgiVecp) DRV - [2010-11-19 15:15:27 | 000,075,592 | ---- | M] (www.wiselogic.co.kr) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\XDva370.sys -- (XDva370) DRV - [2010-11-15 18:33:33 | 000,072,808 | ---- | M] (Emsi Software GmbH) [File_System | On_Demand | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2accx86.sys -- (a2acc) DRV - [2010-11-15 18:31:38 | 000,041,928 | ---- | M] (Emsi Software GmbH) [File_System | System | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2dix86.sys -- (a2injectiondriver) DRV - [2010-10-28 15:54:30 | 000,031,696 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | System | Running] -- C:\Windows\System32\drivers\CFRPD.sys -- (CFRPD) DRV - [2010-10-28 15:54:02 | 000,064,096 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | System | Running] -- C:\Windows\System32\drivers\CFRMD.sys -- (CFRMD) DRV - [2010-10-16 19:55:00 | 010,084,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2010-09-07 21:08:56 | 000,123,496 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA) DRV - [2010-09-07 15:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2010-09-07 15:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2010-09-07 15:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2010-09-07 15:47:30 | 000,050,768 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2010-09-07 15:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2010-08-25 21:24:02 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2010-05-27 21:32:58 | 000,245,936 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP) DRV - [2010-05-22 14:48:20 | 000,070,656 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator) DRV - [2010-05-05 09:40:32 | 000,011,776 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2util32.sys -- (a2util) DRV - [2010-04-30 16:52:06 | 000,206,336 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ewusbnet.sys -- (ewusbnet) DRV - [2010-03-25 10:08:38 | 000,105,984 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2010-03-23 13:53:06 | 000,423,424 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA) DRV - [2010-03-20 11:56:04 | 000,101,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev) DRV - [2010-01-13 15:36:40 | 006,755,840 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5s32.sys -- (NETw5s32) Sterownik karty Intel(R) DRV - [2009-12-11 08:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg) DRV - [2009-07-14 02:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide) DRV - [2009-07-14 02:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci) DRV - [2009-07-14 02:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx) DRV - [2009-07-14 02:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs) DRV - [2009-07-14 02:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320) DRV - [2009-07-14 02:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas) DRV - [2009-07-14 02:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata) DRV - [2009-07-14 02:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc) DRV - [2009-07-14 02:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata) DRV - [2009-07-14 02:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide) DRV - [2009-07-14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor) DRV - [2009-07-14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid) DRV - [2009-07-14 02:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960) DRV - [2009-07-14 02:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS) DRV - [2009-07-14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV) DRV - [2009-07-14 02:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR) DRV - [2009-07-14 02:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI) DRV - [2009-07-14 02:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC) DRV - [2009-07-14 02:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2) DRV - [2009-07-14 02:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp) DRV - [2009-07-14 02:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas) DRV - [2009-07-14 02:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy) DRV - [2009-07-14 02:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor) DRV - [2009-07-14 02:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx) DRV - [2009-07-14 02:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD) DRV - [2009-07-14 02:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends) DRV - [2009-07-14 02:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid) DRV - [2009-07-14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus) DRV - [2009-07-14 02:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp) DRV - [2009-07-14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt) DRV - [2009-07-14 02:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot) DRV - [2009-07-14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc) DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount) DRV - [2009-07-14 02:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide) DRV - [2009-07-14 02:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300) DRV - [2009-07-14 02:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost) DRV - [2009-07-14 02:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx) DRV - [2009-07-14 02:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4) DRV - [2009-07-14 02:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw) DRV - [2009-07-14 02:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2) DRV - [2009-07-14 02:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor) DRV - [2009-07-14 02:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG) DRV - [2009-07-14 01:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2009-07-14 01:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rdpbus.sys -- (rdpbus) DRV - [2009-07-14 01:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP) DRV - [2009-07-14 00:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2) DRV - [2009-07-14 00:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf) DRV - [2009-07-14 00:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap) DRV - [2009-07-14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp) DRV - [2009-07-14 00:52:04 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vwififlt.sys -- (vwififlt) DRV - [2009-07-14 00:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus) DRV - [2009-07-14 00:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\1394ohci.sys -- (1394ohci) DRV - [2009-07-14 00:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass) DRV - [2009-07-14 00:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf) DRV - [2009-07-14 00:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig) DRV - [2009-07-14 00:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus) DRV - [2009-07-14 00:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID) DRV - [2009-07-14 00:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter) DRV - [2009-07-14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap) DRV - [2009-07-14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID) DRV - [2009-07-14 00:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache) DRV - [2009-07-14 00:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi) DRV - [2009-07-14 00:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM) DRV - [2009-07-13 23:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2009-07-13 23:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm) DRV - [2009-07-13 23:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer) DRV - [2009-07-13 23:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm) DRV - [2009-07-13 23:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo) DRV - [2009-07-13 23:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp) DRV - [2009-07-13 23:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Sterownik karty Intel(R) DRV - [2009-07-13 23:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x) DRV - [2009-07-13 23:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv) DRV - [2009-07-13 23:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv) DRV - [2009-03-23 07:58:36 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dc3d.sys -- (dc3d) DRV - [2009-03-01 22:05:32 | 000,139,776 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rt86win7.sys -- (RTL8167) DRV - [2008-07-20 18:53:02 | 000,100,184 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR) DRV - [2008-04-28 09:54:58 | 000,054,784 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\enecir.sys -- (enecir) DRV - [2008-04-27 21:27:10 | 000,040,752 | ---- | M] (Validity Sensors, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vfs101x.sys -- (vfs101x) DRV - [2008-01-03 21:50:22 | 000,005,120 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SSPORT.SYS -- (SSPORT) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3800391445-3349888462-4249771307-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files\DigitalPersona\Bin\FirefoxExt\ [2010-11-17 14:35:41 | 000,000,000 | ---D | M] O1 HOSTS File: ([2009-06-10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (DigitalPersona Personal Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.) O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SKYPEIEPLUGIN.DLL (Skype Technologies S.A.) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKU\S-1-5-21-3800391445-3349888462-4249771307-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O4 - HKLM..\Run: [a-squared] C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2guard.exe (Emsi Software GmbH) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\DpAgent.exe (DigitalPersona, Inc.) O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.) O4 - HKU\S-1-5-21-3800391445-3349888462-4249771307-1000..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SKYPEIEPLUGIN.DLL (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SKYPEIEPLUGIN.DLL (Skype Technologies S.A.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SKYPEIEPLUGIN.DLL (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-06-10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2010-05-10 12:48:36 | 000,126,976 | R--- | M] () - H:\AutoRun.exe -- [ CDFS ] O32 - AutoRun File - [2008-03-07 01:34:52 | 000,000,047 | R--- | M] () - H:\AUTORUN.INF -- [ CDFS ] O33 - MountPoints2\{cfb92d43-e780-11df-bf92-001eeceb08c3}\Shell - "" = AutoRun O33 - MountPoints2\{cfb92d43-e780-11df-bf92-001eeceb08c3}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2010-05-10 12:48:36 | 000,126,976 | R--- | M] () O33 - MountPoints2\H\Shell - "" = AutoRun O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2010-05-10 12:48:36 | 000,126,976 | R--- | M] () O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2010-11-19 15:15:27 | 000,075,592 | ---- | C] (www.wiselogic.co.kr) -- C:\Windows\System32\XDva370.sys [2010-11-18 19:51:00 | 000,000,000 | ---D | C] -- C:\Users\Artur\DoctorWeb [2010-11-18 18:05:38 | 000,000,000 | ---D | C] -- C:\Users\Artur\AppData\Roaming\Malwarebytes [2010-11-18 18:04:52 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010-11-18 18:04:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010-11-18 18:04:27 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010-11-18 18:04:24 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010-11-18 18:01:28 | 006,153,352 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Artur\Desktop\mbam-setup-1.46(dobreprogramy.pl).exe [2010-11-18 15:37:30 | 000,000,000 | ---D | C] -- C:\Users\Artur\Desktop\BS [2010-11-18 13:49:02 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro [2010-11-18 13:49:01 | 000,000,000 | ---D | C] -- C:\rsit [2010-11-17 17:13:29 | 000,000,000 | ---D | C] -- C:\_OTL [2010-11-17 14:57:55 | 000,000,000 | ---D | C] -- C:\symbols [2010-11-17 14:53:23 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Windows Performance Toolkit [2010-11-17 14:52:47 | 000,000,000 | ---D | C] -- C:\Program Files\Debugging Tools for Windows (x86) [2010-11-17 14:52:30 | 000,000,000 | ---D | C] -- C:\Program Files\Application Verifier [2010-11-17 14:35:51 | 000,000,000 | ---D | C] -- C:\Windows\System32\tr [2010-11-17 14:35:51 | 000,000,000 | ---D | C] -- C:\Windows\System32\sv [2010-11-17 14:35:51 | 000,000,000 | ---D | C] -- C:\Windows\System32\ru [2010-11-17 14:35:51 | 000,000,000 | ---D | C] -- C:\Windows\System32\no [2010-11-17 14:35:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\da [2010-11-17 14:35:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\ko [2010-11-17 14:35:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\ja [2010-11-17 14:35:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\it [2010-11-17 14:35:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\fr [2010-11-17 14:35:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\es [2010-11-17 14:35:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\de [2010-11-17 14:35:41 | 000,000,000 | ---D | C] -- C:\Windows\DPDrv [2010-11-17 14:18:50 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SDKs [2010-11-16 16:35:30 | 000,000,000 | ---D | C] -- C:\Users\Artur\AppData\Roaming\Macrovision [2010-11-16 16:34:27 | 000,000,000 | ---D | C] -- C:\Users\Artur\AppData\Roaming\DigitalPersona [2010-11-16 16:34:27 | 000,000,000 | ---D | C] -- C:\Users\Artur\AppData\Local\DigitalPersona [2010-11-16 16:07:08 | 000,000,000 | ---D | C] -- C:\Users\Artur\AppData\Local\Programs [2010-11-16 16:04:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Macrovision [2010-11-16 16:04:52 | 000,000,000 | ---D | C] -- C:\Program Files\DigitalPersona [2010-11-16 16:02:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations [2010-11-16 14:21:57 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Artur\Desktop\OTL.exe [2010-11-15 23:18:21 | 000,000,000 | ---D | C] -- C:\Program Files\sp45082 [2010-11-15 19:15:08 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys [2010-11-15 18:21:20 | 000,000,000 | ---D | C] -- C:\Program Files\Emsisoft Anti-Malware [2010-11-15 18:21:20 | 000,000,000 | ---D | C] -- C:\Users\Artur\Documents\Anti-Malware [2010-11-15 17:36:25 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation [2010-11-15 17:35:52 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll [2010-11-14 20:45:27 | 000,000,000 | ---D | C] -- C:\Program Files\alaplaya [2010-11-14 20:18:31 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2010-11-14 16:54:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Akamai [2010-11-12 13:24:01 | 000,000,000 | ---D | C] -- C:\Program Files\Core Temp [2010-11-12 00:45:48 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler [2010-11-11 13:49:25 | 000,000,000 | ---D | C] -- C:\Users\Artur\AppData\Roaming\ImgBurn [2010-11-10 22:19:10 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO [2010-11-10 18:49:27 | 000,000,000 | ---D | C] -- C:\Program Files\Simnet [2010-11-07 02:07:12 | 000,000,000 | ---D | C] -- C:\Users\Artur\AppData\Roaming\skypePM [2010-11-07 02:04:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2010-11-07 02:04:09 | 000,000,000 | R--D | C] -- C:\Program Files\Skype [2010-11-07 02:04:06 | 000,000,000 | ---D | C] -- C:\Users\Artur\AppData\Roaming\Skype [2010-11-07 02:03:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2010-11-03 20:34:24 | 000,167,936 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_juwwanecm.sys [2010-11-03 20:34:24 | 000,070,656 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jubusenum.sys [2010-11-03 20:34:24 | 000,069,632 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jucdcacm.sys [2010-11-03 20:34:24 | 000,051,584 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jucdcecm.sys [2010-11-03 20:34:24 | 000,026,880 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_juextctrl.sys [2010-11-03 20:34:16 | 000,206,336 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbnet.sys [2010-11-03 20:34:16 | 000,105,984 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbmdm.sys [2010-11-03 20:34:16 | 000,027,136 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\Windows\System32\drivers\ewdcsc.sys [2010-11-03 20:34:16 | 000,011,136 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_usbenumfilter.sys [2010-11-03 20:34:08 | 000,101,504 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_hwusbdev.sys [2010-11-03 20:32:27 | 000,000,000 | ---D | C] -- C:\ProgramData\DatacardService [2010-10-31 12:50:48 | 000,000,000 | ---D | C] -- C:\Users\Artur\Desktop\Nowy folder (6) [2010-10-28 15:54:30 | 000,031,696 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\System32\drivers\CFRPD.sys [2010-10-28 15:54:02 | 000,064,096 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\System32\drivers\CFRMD.sys [2010-10-21 21:58:46 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack [2010-10-21 21:56:44 | 000,000,000 | ---D | C] -- C:\Program Files\3gp Player [2010-10-17 11:17:44 | 000,000,000 | ---D | C] -- C:\Users\Artur\Desktop\360 Waves Patcher 1.2.2 [2010-10-16 16:33:13 | 000,000,000 | RH-D | C] -- C:\Users\Artur\AppData\Roaming\SecuROM [2010-10-14 16:15:27 | 000,000,000 | ---D | C] -- C:\Users\Artur\AppData\Local\MetaGeek,_LLC [2010-10-14 16:12:41 | 000,000,000 | ---D | C] -- C:\Program Files\MetaGeek [2010-10-14 09:29:25 | 000,000,000 | ---D | C] -- C:\Users\Artur\Desktop\Nowy folder (5) [2010-09-30 21:20:13 | 000,204,800 | ---- | C] (SEC) -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvcm.dll [2010-09-30 21:20:12 | 000,151,552 | ---- | C] (SS) -- C:\Windows\System32\sse1mci.exe [2010-09-30 21:20:12 | 000,151,552 | ---- | C] (SS) -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\coinst.exe [2010-09-30 21:20:12 | 000,065,536 | ---- | C] (SS) -- C:\Windows\System32\sse1mci.dll [2010-09-30 21:20:12 | 000,065,536 | ---- | C] (SS) -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\coinst.dll [2010-09-30 21:20:12 | 000,005,120 | ---- | C] (Samsung Electronics) -- C:\Windows\System32\drivers\SSPORT.SYS [2010-09-30 21:20:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series [2010-09-30 21:20:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\Samsung [2010-09-30 21:20:10 | 000,000,000 | ---D | C] -- C:\Program Files\Samsung [2010-09-30 21:20:07 | 000,000,000 | ---D | C] -- C:\Temp [2010-09-28 14:03:19 | 000,000,000 | ---D | C] -- C:\Program Files\Ubi Soft [2010-09-28 13:23:13 | 000,000,000 | ---D | C] -- C:\Users\Artur\AppData\Roaming\ubi.com [2010-09-28 13:23:08 | 000,000,000 | ---D | C] -- C:\Program Files\ubi.com [2010-09-28 13:23:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PocketSoft [2010-09-26 20:01:56 | 000,000,000 | ---D | C] -- C:\Program Files\ImgBurn [2010-09-26 19:48:44 | 000,000,000 | ---D | C] -- C:\Users\Artur\AppData\Roaming\abgx360 [2010-09-26 19:12:42 | 000,000,000 | ---D | C] -- C:\Program Files\abgx360 [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2010-11-19 22:27:24 | 002,097,152 | -HS- | M] () -- C:\Users\Artur\NTUSER.DAT [2010-11-19 22:25:20 | 000,044,299 | ---- | M] () -- C:\Users\Artur\Desktop\zakładki 2010-10-17.adr [2010-11-19 22:24:25 | 000,014,976 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010-11-19 22:24:25 | 000,014,976 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010-11-19 22:19:33 | 000,000,450 | ---- | M] () -- C:\Windows\tasks\COMODO Updater.job [2010-11-19 22:11:10 | 001,549,696 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2010-11-19 22:11:10 | 000,697,912 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2010-11-19 22:11:10 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010-11-19 22:11:10 | 000,134,990 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2010-11-19 22:11:10 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010-11-19 22:06:06 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempgH2056.html [2010-11-19 22:06:06 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempNM2056.html [2010-11-19 22:04:52 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010-11-19 22:04:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010-11-19 22:04:11 | 2413,522,944 | -HS- | M] () -- C:\hiberfil.sys [2010-11-19 22:00:22 | 000,072,952 | ---- | M] () -- C:\Windows\System32\GDIPFONTCACHEV1.DAT [2010-11-19 22:00:19 | 000,000,000 | ---- | M] () -- C:\Users\Artur\Desktop\Nowy Obraz — mapa bitowa.bmp [2010-11-19 15:28:47 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempWs2356.html [2010-11-19 15:16:29 | 303,799,722 | ---- | M] () -- C:\Windows\MEMORY.DMP [2010-11-19 15:15:27 | 000,075,592 | ---- | M] (www.wiselogic.co.kr) -- C:\Windows\System32\XDva370.sys [2010-11-18 23:41:15 | 000,024,338 | ---- | M] () -- C:\Windows\cscmondump.bin [2010-11-18 23:40:54 | 000,455,454 | ---- | M] () -- C:\Windows\CSC_ServiceDump.dat [2010-11-18 23:40:54 | 000,001,616 | ---- | M] () -- C:\Windows\CSC_ActiveCleanLog.dat [2010-11-18 23:40:46 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempkL2164.html [2010-11-18 23:40:46 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempvo2164.html [2010-11-18 23:40:42 | 009,187,139 | -H-- | M] () -- C:\Users\Artur\AppData\Local\IconCache.db [2010-11-18 18:15:40 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempMv3220.html [2010-11-18 18:15:40 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempgv3220.html [2010-11-18 18:10:29 | 052,129,288 | ---- | M] () -- C:\Users\Artur\Desktop\launch.exe [2010-11-18 18:05:04 | 000,001,007 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010-11-18 18:02:26 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Artur\Desktop\mbam-setup-1.46(dobreprogramy.pl).exe [2010-11-18 13:49:57 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempZN2824.html [2010-11-18 13:48:50 | 000,339,991 | ---- | M] () -- C:\Users\Artur\Desktop\RSIT.exe [2010-11-17 17:04:05 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempUn2700.html [2010-11-17 15:21:37 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempWs1704.html [2010-11-17 15:21:37 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempZj1704.html [2010-11-17 14:36:48 | 000,000,179 | ---- | M] () -- C:\Windows\{8D4B1164-3935-44B2-9152-D0CB0AFBCCF4}.ini [2010-11-17 14:36:48 | 000,000,000 | ---- | M] () -- C:\Windows\System32\{8D4B1164-3935-44B2-9152-D0CB0AFBCCF4}.ini [2010-11-16 23:21:47 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempSP2164.html [2010-11-16 23:21:47 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempDD2164.html [2010-11-16 21:45:01 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempKc1936.html [2010-11-16 21:45:01 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempxf1936.html [2010-11-16 16:35:35 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempjm2368.html [2010-11-16 16:35:35 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempMo2368.html [2010-11-16 15:55:13 | 000,000,125 | ---- | M] () -- C:\Windows\xUninstall.bat [2010-11-16 14:42:06 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempZv2056.html [2010-11-16 14:23:02 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Artur\Desktop\OTL.exe [2010-11-15 19:15:29 | 000,001,118 | ---- | M] () -- C:\Users\Artur\Desktop\EVEREST Ultimate Edition.lnk [2010-11-15 18:53:11 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TemprcN520.html [2010-11-15 18:22:25 | 000,000,993 | ---- | M] () -- C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk [2010-11-15 17:59:17 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempHw2120.html [2010-11-15 17:59:17 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempGE2120.html [2010-11-15 17:54:23 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempjB2184.html [2010-11-15 17:54:23 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempEc2184.html [2010-11-15 17:51:40 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempQK3268.html [2010-11-15 17:51:40 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempyD3268.html [2010-11-15 15:03:15 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempOdM404.html [2010-11-15 15:03:15 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempmmj404.html [2010-11-14 22:38:43 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempmr1288.html [2010-11-14 22:38:43 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempgN1288.html [2010-11-14 21:33:28 | 000,000,428 | ---- | M] () -- C:\Users\Artur\AppData\Roaming\Network Monitor II_Settings.ini [2010-11-14 21:08:40 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempfw2052.html [2010-11-14 21:08:40 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempoc2052.html [2010-11-14 20:49:20 | 000,001,768 | ---- | M] () -- C:\Users\Public\Desktop\S4League.lnk [2010-11-14 20:40:10 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempPj2308.html [2010-11-14 20:40:10 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempoF2308.html [2010-11-14 20:26:12 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempFD1392.html [2010-11-14 20:20:50 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempxyV604.html [2010-11-14 20:20:50 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempFSW604.html [2010-11-14 17:36:16 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempoa2192.html [2010-11-14 17:11:58 | 000,001,251 | ---- | M] () -- C:\Users\Artur\AppData\Roaming\System Monitor II_Settings.ini [2010-11-14 17:11:39 | 000,000,363 | ---- | M] () -- C:\Users\Artur\AppData\Roaming\GPU Monitor_Settings.ini [2010-11-14 16:53:56 | 000,129,521 | ---- | M] () -- C:\Users\Artur\Desktop\S4_Downloader.exe [2010-11-14 00:02:35 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Temprk2200.html [2010-11-12 17:53:53 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Templj3136.html [2010-11-12 17:53:53 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempLP3136.html [2010-11-12 15:20:19 | 010,211,112 | ---- | M] () -- C:\Users\Artur\Desktop\12. Enrique Iglesias Nicole Scherzinger - Heartbeat.mp3.mp3 [2010-11-12 02:17:43 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempNn2212.html [2010-11-11 14:44:47 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TemptS2640.html [2010-11-11 14:44:47 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempCw2640.html [2010-11-11 00:25:23 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempmW2092.html [2010-11-11 00:25:23 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempTV2092.html [2010-11-10 18:58:13 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempNj2936.html [2010-11-10 18:58:13 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempkQ2936.html [2010-11-08 23:57:39 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempjt1260.html [2010-11-08 23:57:39 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempmU1260.html [2010-11-08 22:35:41 | 000,019,968 | ---- | M] () -- C:\Users\Artur\Desktop\Nowy Dokument programu Microsoft Word (3).doc [2010-11-07 23:17:16 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Templd2252.html [2010-11-07 23:17:16 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempiB2252.html [2010-11-07 14:59:18 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempYo2328.html [2010-11-07 02:07:26 | 000,000,056 | -H-- | M] () -- C:\Windows\System32\ezsidmv.dat [2010-11-07 02:06:02 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempGS5436.html [2010-11-07 00:48:58 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempDe4884.html [2010-11-06 21:05:48 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempoi3392.html [2010-11-06 19:14:33 | 000,001,343 | ---- | M] () -- C:\Users\Artur\Desktop\YT2 — skrót.lnk [2010-11-06 00:43:31 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempIS3156.html [2010-11-06 00:43:31 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempCb3156.html [2010-11-05 15:00:43 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempKi1600.html [2010-11-05 15:00:43 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempdn1600.html [2010-11-04 22:55:31 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempKn4272.html [2010-11-04 22:55:31 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempsG4272.html [2010-11-04 00:20:40 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempaL1992.html [2010-11-04 00:20:40 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempJT1992.html [2010-11-04 00:07:00 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempNcI452.html [2010-11-04 00:07:00 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempBvz452.html [2010-11-03 20:34:30 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ew_jubusenum_01009.Wdf [2010-11-03 16:38:37 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempaqS404.html [2010-11-03 16:38:37 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempjpc404.html [2010-11-02 22:32:40 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempZe1584.html [2010-11-02 22:32:40 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempAK1584.html [2010-11-02 21:49:29 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempFj7360.html [2010-11-02 21:49:29 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempaG7360.html [2010-11-02 15:38:35 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempWZ1976.html [2010-11-01 22:46:19 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempiv1604.html [2010-11-01 22:46:19 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempGl1604.html [2010-11-01 10:17:19 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempPK1396.html [2010-11-01 10:17:19 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempHB1396.html [2010-11-01 01:15:27 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempkQ5152.html [2010-11-01 01:15:27 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempyD5152.html [2010-10-31 22:30:12 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempCfl428.html [2010-10-31 00:26:22 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempY11140.html [2010-10-31 00:26:22 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempM11140.html [2010-10-30 22:14:57 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempKrU364.html [2010-10-30 22:14:57 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempzHD364.html [2010-10-29 21:55:35 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempT23260.html [2010-10-29 21:55:35 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempr23260.html [2010-10-28 22:01:56 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempr38984.html [2010-10-28 22:01:56 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempN38984.html [2010-10-28 15:54:30 | 000,031,696 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\Windows\System32\drivers\CFRPD.sys [2010-10-28 15:54:02 | 000,064,096 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\Windows\System32\drivers\CFRMD.sys [2010-10-27 21:38:10 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempM20272.html [2010-10-26 22:29:18 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempDg2352.html [2010-10-26 22:29:18 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempaW2352.html [2010-10-25 21:00:00 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempgL2396.html [2010-10-25 16:47:54 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempEY1740.html [2010-10-25 16:47:54 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempRx1740.html [2010-10-24 21:47:22 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempFs1672.html [2010-10-23 23:41:07 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempo28316.html [2010-10-23 23:41:07 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempq28316.html [2010-10-23 15:51:13 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempwd2992.html [2010-10-22 22:31:44 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempwV2352.html [2010-10-22 22:31:44 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempKw2352.html [2010-10-21 21:56:48 | 000,000,036 | -H-- | M] () -- C:\Windows\System32\swk.ini [2010-10-21 21:54:40 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempj86412.html [2010-10-20 23:26:02 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempTz2284.html [2010-10-20 23:26:02 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempfM2284.html [2010-10-20 22:07:18 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempCx2952.html [2010-10-20 22:07:18 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempYi2952.html [2010-10-19 22:36:40 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempPl6900.html [2010-10-19 22:36:40 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempRj6900.html [2010-10-18 22:45:01 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempw20308.html [2010-10-18 22:45:01 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Temph20308.html [2010-10-18 16:53:44 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempYK2744.html [2010-10-17 22:06:15 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempiU2692.html [2010-10-17 22:06:15 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempJj2692.html [2010-10-16 22:51:15 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempv26128.html [2010-10-16 22:51:15 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempA26128.html [2010-10-16 19:55:00 | 000,057,960 | ---- | M] (Khronos Group) -- C:\Windows\System32\OpenCL.dll [2010-10-16 19:55:00 | 000,004,962 | ---- | M] () -- C:\Windows\System32\nvinfo.pb [2010-10-16 12:55:43 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempKs2856.html [2010-10-15 23:41:31 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempCy2636.html [2010-10-15 23:41:31 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempwa2636.html [2010-10-15 16:56:06 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempQe3144.html [2010-10-15 16:56:06 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempUf3144.html [2010-10-14 22:27:50 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempTA3172.html [2010-10-14 22:27:50 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempPy3172.html [2010-10-14 09:33:53 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempLP3076.html [2010-10-14 09:33:53 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempxw3076.html [2010-10-14 09:26:14 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempZj2984.html [2010-10-14 09:26:14 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempOk2984.html [2010-10-13 23:01:29 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempgR3020.html [2010-10-13 23:01:29 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempTi3020.html [2010-10-13 22:52:29 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempW14100.html [2010-10-13 22:52:29 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempL14100.html [2010-10-13 13:35:43 | 000,409,288 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010-10-13 13:33:50 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Temprt1800.html [2010-10-13 13:33:50 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempbz1800.html [2010-10-13 13:05:09 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempfA2460.html [2010-10-13 12:48:19 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempeh3140.html [2010-10-13 12:48:19 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempeu3140.html [2010-10-12 22:22:29 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Templ92180.html [2010-10-12 22:22:29 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempV92180.html [2010-10-12 18:33:44 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempJI3184.html [2010-10-11 22:37:22 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempKe2328.html [2010-10-11 22:37:22 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempiV2328.html [2010-10-11 17:17:51 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempJO3208.html [2010-10-10 20:58:43 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempaU5804.html [2010-10-10 10:44:39 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempPOY320.html [2010-10-09 22:33:39 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempUY3492.html [2010-10-09 14:15:32 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempHd3028.html [2010-10-09 09:09:10 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempfV3108.html [2010-10-09 09:09:10 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempeP3108.html [2010-10-07 21:23:22 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempzz2652.html [2010-10-07 21:23:22 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempWB2652.html [2010-10-07 15:11:48 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempoX3204.html [2010-10-06 21:49:04 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempo18344.html [2010-10-06 17:04:29 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempud2980.html [2010-10-05 22:46:45 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempFw3972.html [2010-10-05 22:46:45 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempdi3972.html [2010-10-05 18:35:22 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempzx2836.html [2010-10-05 18:35:22 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempCE2836.html [2010-10-05 17:50:10 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempYs3208.html [2010-10-05 17:50:10 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TemplD3208.html [2010-10-05 15:04:42 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempIc3032.html [2010-10-05 15:04:41 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempwY3032.html [2010-10-05 14:34:44 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempLo3140.html [2010-10-05 07:08:04 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempxO3188.html [2010-10-05 07:08:04 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Temphb3188.html [2010-10-04 22:36:02 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempT99548.html [2010-10-04 22:36:02 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempg99548.html [2010-10-03 20:51:33 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Temptt2908.html [2010-10-01 16:22:59 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempjW2960.html [2010-10-01 16:22:59 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempsp2960.html [2010-09-30 21:45:03 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempJw2944.html [2010-09-29 23:33:47 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempp21664.html [2010-09-29 23:33:47 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempI21664.html [2010-09-29 22:27:26 | 000,026,112 | ---- | M] () -- C:\Users\Artur\Desktop\Nowy Dokument programu Microsoft Word (2).doc [2010-09-29 19:17:02 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TemppZ2740.html [2010-09-28 21:52:37 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempGz3024.html [2010-09-28 21:52:37 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempLD3024.html [2010-09-28 13:23:42 | 000,000,000 | ---- | M] () -- C:\Windows\PowerReg.dat [2010-09-26 21:44:36 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempps3028.html [2010-09-26 21:44:36 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempdl3028.html [2010-09-25 23:19:00 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempBv2880.html [2010-09-25 23:19:00 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempoK2880.html [2010-09-24 22:25:49 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempIn5208.html [2010-09-24 22:25:49 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempaB5208.html [2010-09-24 20:52:35 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempwM2892.html [2010-09-24 15:10:12 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempZg3052.html [2010-09-24 15:10:12 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempnV3052.html [2010-09-23 22:20:34 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Temp143576.html [2010-09-23 22:20:34 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempa43576.html [2010-09-23 14:03:32 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempPd3040.html [2010-09-22 22:30:13 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempce3144.html [2010-09-22 22:30:13 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempTb3144.html [2010-09-22 16:47:38 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempDl3004.html [2010-09-22 16:47:38 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempNi3004.html [2010-09-21 21:38:52 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempE11968.html [2010-09-21 21:38:52 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempU11968.html [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-11-19 22:25:20 | 000,044,299 | ---- | C] () -- C:\Users\Artur\Desktop\zakładki 2010-10-17.adr [2010-11-19 22:06:06 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempgH2056.html [2010-11-19 22:06:06 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempNM2056.html [2010-11-19 22:00:22 | 000,072,952 | ---- | C] () -- C:\Windows\System32\GDIPFONTCACHEV1.DAT [2010-11-19 22:00:19 | 000,000,000 | ---- | C] () -- C:\Users\Artur\Desktop\Nowy Obraz — mapa bitowa.bmp [2010-11-19 15:18:09 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempWs2356.html [2010-11-18 23:06:12 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempkL2164.html [2010-11-18 23:06:12 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempvo2164.html [2010-11-18 18:15:40 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempMv3220.html [2010-11-18 18:15:40 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempgv3220.html [2010-11-18 18:05:03 | 000,001,007 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010-11-18 18:01:49 | 052,129,288 | ---- | C] () -- C:\Users\Artur\Desktop\launch.exe [2010-11-18 13:48:50 | 000,339,991 | ---- | C] () -- C:\Users\Artur\Desktop\RSIT.exe [2010-11-18 13:25:10 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempZN2824.html [2010-11-17 15:24:38 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempUn2700.html [2010-11-17 14:36:48 | 000,000,179 | ---- | C] () -- C:\Windows\{8D4B1164-3935-44B2-9152-D0CB0AFBCCF4}.ini [2010-11-17 14:36:48 | 000,000,000 | ---- | C] () -- C:\Windows\System32\{8D4B1164-3935-44B2-9152-D0CB0AFBCCF4}.ini [2010-11-17 14:07:13 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempWs1704.html [2010-11-17 14:07:13 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempZj1704.html [2010-11-16 22:00:43 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempSP2164.html [2010-11-16 22:00:43 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempDD2164.html [2010-11-16 21:45:01 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempKc1936.html [2010-11-16 21:45:01 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempxf1936.html [2010-11-16 16:35:35 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempjm2368.html [2010-11-16 16:35:35 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempMo2368.html [2010-11-16 12:35:14 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempZv2056.html [2010-11-15 19:15:29 | 000,001,118 | ---- | C] () -- C:\Users\Artur\Desktop\EVEREST Ultimate Edition.lnk [2010-11-15 18:22:25 | 000,000,993 | ---- | C] () -- C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk [2010-11-15 18:10:31 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TemprcN520.html [2010-11-15 17:59:17 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempHw2120.html [2010-11-15 17:59:17 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempGE2120.html [2010-11-15 17:54:23 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempjB2184.html [2010-11-15 17:54:23 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempEc2184.html [2010-11-15 17:35:52 | 000,004,962 | ---- | C] () -- C:\Windows\System32\nvinfo.pb [2010-11-15 17:11:40 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempQK3268.html [2010-11-15 17:11:40 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempyD3268.html [2010-11-15 15:03:15 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempOdM404.html [2010-11-15 15:03:15 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempmmj404.html [2010-11-14 21:14:16 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempmr1288.html [2010-11-14 21:14:16 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempgN1288.html [2010-11-14 21:08:40 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempfw2052.html [2010-11-14 21:08:40 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempoc2052.html [2010-11-14 20:49:20 | 000,001,768 | ---- | C] () -- C:\Users\Public\Desktop\S4League.lnk [2010-11-14 20:40:10 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempPj2308.html [2010-11-14 20:40:10 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempoF2308.html [2010-11-14 20:24:38 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempFD1392.html [2010-11-14 20:20:16 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempxyV604.html [2010-11-14 20:20:16 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempFSW604.html [2010-11-14 20:18:15 | 303,799,722 | ---- | C] () -- C:\Windows\MEMORY.DMP [2010-11-14 17:13:42 | 000,000,428 | ---- | C] () -- C:\Users\Artur\AppData\Roaming\Network Monitor II_Settings.ini [2010-11-14 16:53:56 | 000,129,521 | ---- | C] () -- C:\Users\Artur\Desktop\S4_Downloader.exe [2010-11-14 14:40:35 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempoa2192.html [2010-11-13 23:05:07 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temprk2200.html [2010-11-12 15:18:04 | 010,211,112 | ---- | C] () -- C:\Users\Artur\Desktop\12. Enrique Iglesias Nicole Scherzinger - Heartbeat.mp3.mp3 [2010-11-12 13:22:40 | 000,000,363 | ---- | C] () -- C:\Users\Artur\AppData\Roaming\GPU Monitor_Settings.ini [2010-11-12 11:40:16 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Templj3136.html [2010-11-12 11:40:16 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempLP3136.html [2010-11-12 00:40:58 | 000,001,251 | ---- | C] () -- C:\Users\Artur\AppData\Roaming\System Monitor II_Settings.ini [2010-11-12 00:25:10 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempNn2212.html [2010-11-11 11:21:44 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TemptS2640.html [2010-11-11 11:21:44 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempCw2640.html [2010-11-11 00:25:50 | 000,024,338 | ---- | C] () -- C:\Windows\cscmondump.bin [2010-11-11 00:25:29 | 000,455,454 | ---- | C] () -- C:\Windows\CSC_ServiceDump.dat [2010-11-11 00:25:29 | 000,001,616 | ---- | C] () -- C:\Windows\CSC_ActiveCleanLog.dat [2010-11-10 22:19:27 | 000,000,450 | ---- | C] () -- C:\Windows\tasks\COMODO Updater.job [2010-11-10 21:53:41 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempmW2092.html [2010-11-10 21:53:41 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempTV2092.html [2010-11-10 15:05:07 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempNj2936.html [2010-11-10 15:05:07 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempkQ2936.html [2010-11-08 22:28:03 | 000,019,968 | ---- | C] () -- C:\Users\Artur\Desktop\Nowy Dokument programu Microsoft Word (3).doc [2010-11-08 15:10:36 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempjt1260.html [2010-11-08 15:10:36 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempmU1260.html [2010-11-07 20:01:52 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Templd2252.html [2010-11-07 20:01:52 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempiB2252.html [2010-11-07 11:53:41 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempYo2328.html [2010-11-07 02:07:26 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat [2010-11-07 01:35:43 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempGS5436.html [2010-11-06 22:36:25 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempDe4884.html [2010-11-06 19:14:33 | 000,001,343 | ---- | C] () -- C:\Users\Artur\Desktop\YT2 — skrót.lnk [2010-11-06 09:51:01 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempoi3392.html [2010-11-05 16:02:15 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempIS3156.html [2010-11-05 16:02:15 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempCb3156.html [2010-11-05 15:00:43 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempKi1600.html [2010-11-05 15:00:43 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempdn1600.html [2010-11-04 21:56:58 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempKn4272.html [2010-11-04 21:56:58 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempsG4272.html [2010-11-04 00:17:43 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempaL1992.html [2010-11-04 00:17:43 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempJT1992.html [2010-11-03 20:34:30 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ew_jubusenum_01009.Wdf [2010-11-03 20:31:06 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempNcI452.html [2010-11-03 20:31:06 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempBvz452.html [2010-11-03 14:30:55 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempaqS404.html [2010-11-03 14:30:55 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempjpc404.html [2010-11-02 22:07:03 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempZe1584.html [2010-11-02 22:07:03 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempAK1584.html [2010-11-02 20:27:41 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempFj7360.html [2010-11-02 20:27:41 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempaG7360.html [2010-11-02 13:03:36 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempWZ1976.html [2010-11-01 12:14:09 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempiv1604.html [2010-11-01 12:14:09 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempGl1604.html [2010-11-01 08:57:01 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempPK1396.html [2010-11-01 08:57:01 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempHB1396.html [2010-11-01 01:15:07 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempkQ5152.html [2010-11-01 01:15:07 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempyD5152.html [2010-10-31 12:27:40 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempCfl428.html [2010-10-31 00:26:08 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempY11140.html [2010-10-31 00:26:08 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempM11140.html [2010-10-30 09:29:27 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempKrU364.html [2010-10-30 09:29:27 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempzHD364.html [2010-10-29 21:29:07 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempT23260.html [2010-10-29 21:29:07 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempr23260.html [2010-10-28 19:57:02 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempr38984.html [2010-10-28 19:57:02 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempN38984.html [2010-10-27 20:53:31 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempM20272.html [2010-10-26 12:14:59 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempDg2352.html [2010-10-26 12:14:59 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempaW2352.html [2010-10-25 19:53:21 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempgL2396.html [2010-10-25 14:20:39 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempEY1740.html [2010-10-25 14:20:39 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempRx1740.html [2010-10-24 10:43:54 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempFs1672.html [2010-10-23 21:48:19 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempo28316.html [2010-10-23 21:48:19 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempq28316.html [2010-10-23 12:46:08 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempwd2992.html [2010-10-22 16:11:42 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempwV2352.html [2010-10-22 16:11:42 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempKw2352.html [2010-10-21 21:58:47 | 000,010,752 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2010-10-21 21:58:47 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest [2010-10-21 21:56:48 | 000,000,036 | -H-- | C] () -- C:\Windows\System32\swk.ini [2010-10-21 19:39:31 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempj86412.html [2010-10-20 22:29:13 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempTz2284.html [2010-10-20 22:29:13 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempfM2284.html [2010-10-20 13:54:09 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempCx2952.html [2010-10-20 13:54:09 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempYi2952.html [2010-10-19 19:16:49 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempPl6900.html [2010-10-19 19:16:49 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempRj6900.html [2010-10-18 22:42:48 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempw20308.html [2010-10-18 22:42:48 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temph20308.html [2010-10-18 14:49:27 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempYK2744.html [2010-10-17 09:29:23 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempiU2692.html [2010-10-17 09:29:23 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempJj2692.html [2010-10-16 17:45:59 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempv26128.html [2010-10-16 17:45:59 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempA26128.html [2010-10-16 11:20:43 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempKs2856.html [2010-10-15 20:10:52 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempCy2636.html [2010-10-15 20:10:52 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempwa2636.html [2010-10-15 14:50:26 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempQe3144.html [2010-10-15 14:50:26 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempUf3144.html [2010-10-14 13:21:59 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempTA3172.html [2010-10-14 13:21:59 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempPy3172.html [2010-10-14 09:28:24 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempLP3076.html [2010-10-14 09:28:24 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempxw3076.html [2010-10-14 09:16:20 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempZj2984.html [2010-10-14 09:16:20 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempOk2984.html [2010-10-13 22:54:52 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempgR3020.html [2010-10-13 22:54:52 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempTi3020.html [2010-10-13 20:17:16 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempW14100.html [2010-10-13 20:17:16 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempL14100.html [2010-10-13 13:05:19 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temprt1800.html [2010-10-13 13:05:19 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempbz1800.html [2010-10-13 12:57:21 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempfA2460.html [2010-10-13 12:37:57 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempeh3140.html [2010-10-13 12:37:57 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempeu3140.html [2010-10-12 21:05:56 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Templ92180.html [2010-10-12 21:05:56 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempV92180.html [2010-10-12 12:37:57 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempJI3184.html [2010-10-11 21:03:35 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempKe2328.html [2010-10-11 21:03:35 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempiV2328.html [2010-10-11 13:45:42 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempJO3208.html [2010-10-10 15:47:11 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempaU5804.html [2010-10-10 09:38:11 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempPOY320.html [2010-10-09 15:41:35 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempUY3492.html [2010-10-09 12:48:22 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempHd3028.html [2010-10-09 09:06:48 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempfV3108.html [2010-10-09 09:06:48 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempeP3108.html [2010-10-07 17:21:50 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempzz2652.html [2010-10-07 17:21:50 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempWB2652.html [2010-10-07 12:12:49 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempoX3204.html [2010-10-06 20:47:58 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempo18344.html [2010-10-06 13:12:31 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempud2980.html [2010-10-05 20:24:36 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempFw3972.html [2010-10-05 20:24:36 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempdi3972.html [2010-10-05 18:26:45 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempzx2836.html [2010-10-05 18:26:45 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempCE2836.html [2010-10-05 17:47:35 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempYs3208.html [2010-10-05 17:47:35 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TemplD3208.html [2010-10-05 15:04:42 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempIc3032.html [2010-10-05 15:04:41 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempwY3032.html [2010-10-05 12:04:30 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempLo3140.html [2010-10-05 07:05:47 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempxO3188.html [2010-10-05 07:05:47 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temphb3188.html [2010-10-04 21:26:59 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempT99548.html [2010-10-04 21:26:59 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempg99548.html [2010-10-03 14:48:44 | 000,069,632 | R--- | C] () -- C:\Windows\System32\xmltok.dll [2010-10-03 14:48:44 | 000,036,864 | R--- | C] () -- C:\Windows\System32\xmlparse.dll [2010-10-03 14:48:44 | 000,035,840 | R--- | C] () -- C:\Windows\System32\comdlg32.oca [2010-10-03 14:48:44 | 000,029,184 | R--- | C] () -- C:\Windows\System32\MSINET.oca [2010-10-03 10:01:11 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temptt2908.html [2010-10-01 14:04:48 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempjW2960.html [2010-10-01 14:04:48 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempsp2960.html [2010-09-30 21:20:28 | 000,011,502 | ---- | C] () -- C:\Windows\Dr. Printer Icon.ico [2010-09-30 21:20:13 | 001,032,192 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvum.dll [2010-09-30 21:20:13 | 000,929,792 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvu.dll [2010-09-30 21:20:13 | 000,835,584 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvu2.dll [2010-09-30 21:20:13 | 000,626,874 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvua.bmp [2010-09-30 21:20:13 | 000,217,088 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvo.dll [2010-09-30 21:20:13 | 000,206,278 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvub.bmp [2010-09-30 21:20:13 | 000,087,134 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvfn.dat [2010-09-30 21:20:13 | 000,084,076 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvel.dat [2010-09-30 21:20:13 | 000,083,730 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvgr.dat [2010-09-30 21:20:13 | 000,082,987 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvsp.dat [2010-09-30 21:20:13 | 000,082,974 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvpt.dat [2010-09-30 21:20:13 | 000,082,040 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvit.dat [2010-09-30 21:20:13 | 000,081,898 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvbp.dat [2010-09-30 21:20:13 | 000,081,018 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvdt.dat [2010-09-30 21:20:13 | 000,080,802 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvhu.dat [2010-09-30 21:20:13 | 000,080,441 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvru.dat [2010-09-30 21:20:13 | 000,079,600 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvpo.dat [2010-09-30 21:20:13 | 000,078,768 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvfi.dat [2010-09-30 21:20:13 | 000,077,879 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvdn.dat [2010-09-30 21:20:13 | 000,077,734 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvcz.dat [2010-09-30 21:20:13 | 000,077,604 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvtk.dat [2010-09-30 21:20:13 | 000,076,959 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvsw.dat [2010-09-30 21:20:13 | 000,076,904 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvnr.dat [2010-09-30 21:20:13 | 000,074,785 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrven.dat [2010-09-30 21:20:13 | 000,071,490 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvkr.dat [2010-09-30 21:20:13 | 000,069,632 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvlf.dll [2010-09-30 21:20:13 | 000,064,494 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvcp.dat [2010-09-30 21:20:13 | 000,064,315 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvct.dat [2010-09-30 21:20:13 | 000,051,536 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\sse1mu.bmp [2010-09-30 21:20:13 | 000,049,152 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvIO.DLL [2010-09-30 21:20:13 | 000,038,192 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvcm.ctd [2010-09-30 21:20:13 | 000,036,323 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\sse1m.cat [2010-09-30 21:20:13 | 000,034,625 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvel.chm [2010-09-30 21:20:13 | 000,034,205 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvhu.chm [2010-09-30 21:20:13 | 000,034,075 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvpo.chm [2010-09-30 21:20:13 | 000,033,815 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvgr.chm [2010-09-30 21:20:13 | 000,033,649 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvru.chm [2010-09-30 21:20:13 | 000,033,451 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvcz.chm [2010-09-30 21:20:13 | 000,033,417 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvfn.chm [2010-09-30 21:20:13 | 000,033,187 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvkr.chm [2010-09-30 21:20:13 | 000,033,107 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvdt.chm [2010-09-30 21:20:13 | 000,033,089 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvpt.chm [2010-09-30 21:20:13 | 000,033,047 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvsp.chm [2010-09-30 21:20:13 | 000,032,749 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvct.chm [2010-09-30 21:20:13 | 000,032,741 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvit.chm [2010-09-30 21:20:13 | 000,032,719 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvcp.chm [2010-09-30 21:20:13 | 000,032,467 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvbp.chm [2010-09-30 21:20:13 | 000,032,409 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvdn.chm [2010-09-30 21:20:13 | 000,032,345 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvtk.chm [2010-09-30 21:20:13 | 000,032,299 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvfi.chm [2010-09-30 21:20:13 | 000,032,243 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvsw.chm [2010-09-30 21:20:13 | 000,031,821 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvnr.chm [2010-09-30 21:20:13 | 000,031,467 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrven.chm [2010-09-30 21:20:13 | 000,024,250 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvum.xml [2010-09-30 21:20:13 | 000,022,723 | ---- | C] () -- C:\Windows\System32\sse1ml3.dll [2010-09-30 21:20:13 | 000,022,723 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\sse1ml3.dll [2010-09-30 21:20:13 | 000,015,318 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvpp.dll [2010-09-30 21:20:13 | 000,008,465 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\sse1m.inf [2010-09-30 21:20:13 | 000,005,020 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\sse1mu.ini [2010-09-30 21:20:13 | 000,004,072 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvul.bmp [2010-09-30 21:20:13 | 000,000,556 | ---- | C] () -- C:\Windows\System32\sse1ml3.smt [2010-09-30 21:20:13 | 000,000,556 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\sse1ml3.SMT [2010-09-30 21:20:13 | 000,000,527 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\sse1mpp.ver [2010-09-30 13:17:42 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempJw2944.html [2010-09-29 19:58:34 | 000,026,112 | ---- | C] () -- C:\Users\Artur\Desktop\Nowy Dokument programu Microsoft Word (2).doc [2010-09-29 19:43:57 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempp21664.html [2010-09-29 19:43:57 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempI21664.html [2010-09-29 14:07:51 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TemppZ2740.html [2010-09-28 13:23:42 | 000,000,000 | ---- | C] () -- C:\Windows\PowerReg.dat [2010-09-28 13:23:13 | 000,185,344 | ---- | C] () -- C:\Windows\patchw32.dll [2010-09-28 13:15:19 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempGz3024.html [2010-09-28 13:15:19 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempLD3024.html [2010-09-26 07:45:37 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempps3028.html [2010-09-26 07:45:37 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempdl3028.html [2010-09-25 10:11:05 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempBv2880.html [2010-09-25 10:11:05 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempoK2880.html [2010-09-24 21:45:46 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempIn5208.html [2010-09-24 21:45:46 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempaB5208.html [2010-09-24 19:32:38 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempwM2892.html [2010-09-24 14:03:40 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempZg3052.html [2010-09-24 14:03:40 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempnV3052.html [2010-09-23 21:09:20 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temp143576.html [2010-09-23 21:09:20 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempa43576.html [2010-09-23 13:09:08 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempPd3040.html [2010-09-22 19:33:04 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempce3144.html [2010-09-22 19:33:04 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempTb3144.html [2010-09-22 14:17:12 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempDl3004.html [2010-09-22 14:17:12 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempNi3004.html [2010-09-21 20:19:41 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempE11968.html [2010-09-21 20:19:41 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempU11968.html [2010-09-18 23:49:43 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempjS3124.html [2010-09-18 23:49:43 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempPm3124.html [2010-09-18 18:58:13 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempU21712.html [2010-09-18 18:58:13 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempd21712.html [2010-09-18 10:04:32 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempyC2952.html [2010-09-18 10:04:32 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempAx2952.html [2010-09-17 19:02:43 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempM96720.html [2010-09-17 18:04:42 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temp119244.html [2010-09-17 17:50:59 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temp113764.html [2010-09-17 17:36:43 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temp110156.html [2010-09-17 17:16:38 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temp103396.html [2010-09-17 11:49:58 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempof2712.html [2010-09-17 11:49:58 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempdX2712.html [2010-09-16 15:28:56 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempLv1704.html [2010-09-16 15:28:56 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempgg1704.html [2010-09-15 18:48:01 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempsy3320.html [2010-09-15 17:10:36 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempUj6004.html [2010-09-15 17:10:36 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempgd6004.html [2010-09-14 15:33:53 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempp57644.html [2010-09-13 22:58:09 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempyl1560.html [2010-09-13 22:58:09 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempka1560.html [2010-09-13 10:05:17 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempOq4016.html [2010-09-13 10:05:17 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempWL4016.html [2010-09-12 22:53:36 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempqf6012.html [2010-09-12 22:53:36 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempPG6012.html [2010-09-12 19:40:47 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempG75204.html [2010-09-12 19:40:47 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempH75204.html [2010-09-12 14:06:55 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempV22244.html [2010-09-12 12:32:44 | 000,000,412 | ---- | C] () -- C:\Windows\ODBC.INI [2010-09-11 21:22:20 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temph50740.html [2010-09-11 21:22:20 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempi50740.html [2010-09-11 12:15:28 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempn30548.html [2010-09-11 10:38:11 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempCF3652.html [2010-09-11 10:38:11 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempJP3652.html [2010-09-10 13:31:35 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempTO3788.html [2010-09-10 13:31:35 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempqa3788.html [2010-09-09 22:59:12 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempCeu508.html [2010-09-09 22:59:12 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempXrv508.html [2010-09-09 21:57:44 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempBG2396.html [2010-09-09 13:23:47 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempwS2184.html [2010-09-09 13:23:47 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempNu2184.html [2010-09-08 20:18:21 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempfc5964.html [2010-09-08 16:38:00 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempqm3104.html [2010-09-08 16:38:00 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TemprM3104.html [2010-09-07 15:27:55 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempSO3476.html [2010-09-07 13:28:51 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempvpt468.html [2010-09-06 19:26:34 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temprj7908.html [2010-09-06 19:26:34 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempiQ7908.html [2010-09-05 20:33:36 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempcW3832.html [2010-09-05 20:33:36 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempDH3832.html [2010-09-05 14:00:19 | 000,000,316 | ---- | C] () -- C:\Windows\game.ini [2010-09-05 11:56:11 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempIr3612.html [2010-09-05 09:48:41 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempYE3116.html [2010-09-04 20:49:46 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempUZ3760.html [2010-09-04 18:41:33 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempsJ4000.html [2010-09-04 18:41:33 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempAk4000.html [2010-09-04 08:40:09 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempRl1392.html [2010-09-04 08:40:09 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempWO1392.html [2010-09-03 21:23:11 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempgJ2236.html [2010-09-03 21:23:11 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempVD2236.html [2010-09-03 16:04:17 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempNT4080.html [2010-09-03 16:04:17 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempsM4080.html [2010-09-03 14:37:34 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempJkh932.html [2010-09-03 14:37:34 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempTIc932.html [2010-09-02 20:41:11 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempjX2476.html [2010-09-02 19:55:57 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempKm6264.html [2010-09-02 19:55:57 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempdp6264.html [2010-09-01 18:00:30 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempw22280.html [2010-08-31 22:58:11 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempsI2900.html [2010-08-31 22:58:11 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempWI2900.html [2010-08-30 20:51:30 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempeb9828.html [2010-08-30 13:48:54 | 000,138,664 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2010-08-30 13:20:42 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempVo3468.html [2010-08-30 00:43:29 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempN72660.html [2010-08-29 19:54:49 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temprf3580.html [2010-08-28 19:33:01 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temptn3624.html [2010-08-27 12:28:32 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temptl3676.html [2010-08-26 19:44:26 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempEp2176.html [2010-08-26 14:00:16 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempzc3692.html [2010-08-26 14:00:16 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempWe3692.html [2010-08-26 02:44:15 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempJh1508.html [2010-08-25 21:24:02 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys [2010-08-25 18:44:46 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempmh3564.html [2010-08-25 18:44:46 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempLM3564.html [2010-08-25 10:23:50 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempUB2960.html [2010-08-24 16:43:01 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempQLm604.html [2010-08-24 11:29:07 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempoMZ716.html [2010-08-24 11:28:23 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempGk3868.html [2010-08-24 00:14:43 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temp123388.html [2010-08-23 20:31:20 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempu48020.html [2010-08-23 15:32:31 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempn18332.html [2010-08-23 11:00:44 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempbg2276.html [2010-08-22 23:32:01 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempfg1052.html [2010-08-22 23:32:01 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempHF1052.html [2010-08-22 20:10:04 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempOa1220.html [2010-08-22 18:38:59 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempcR3444.html [2010-08-22 18:38:59 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempEX3444.html [2010-08-20 09:32:11 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempTi3808.html [2010-08-20 09:32:11 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempYy3808.html [2010-08-19 09:40:02 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempqs3176.html [2010-08-19 09:40:02 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempAi3176.html [2010-08-18 21:23:28 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempGY3588.html [2010-08-18 21:23:28 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempSE3588.html [2010-08-17 12:15:46 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempjq2528.html [2010-08-17 12:15:45 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempYs2528.html [2010-08-17 09:10:26 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempyM1820.html [2010-08-17 09:10:26 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempDW1820.html [2010-08-16 21:07:14 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempyJW964.html [2010-08-15 23:05:22 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempFQ4064.html [2010-08-15 21:26:10 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempta3924.html [2010-08-15 21:25:09 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempkC2304.html [2010-08-11 21:38:42 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temphco724.html [2010-08-11 21:38:42 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempfxY724.html [2010-08-11 09:28:14 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempAr3400.html [2010-08-10 21:03:30 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temp234128.html [2010-08-06 16:40:45 | 000,109,608 | ---- | C] () -- C:\Users\Artur\AppData\Local\GDIPFONTCACHEV1.DAT [2010-08-06 16:13:11 | 009,187,139 | -H-- | C] () -- C:\Users\Artur\AppData\Local\IconCache.db [2010-08-06 15:26:53 | 001,549,696 | ---- | C] () -- C:\Windows\System32\PerfStringBackup.INI [2010-02-08 07:33:04 | 000,359,320 | ---- | C] () -- C:\Windows\System32\vfprintpthelper.dll [2009-07-14 05:41:57 | 000,000,174 | -HS- | C] () -- C:\Program Files\desktop.ini [2009-07-14 03:04:57 | 000,001,405 | ---- | C] () -- C:\Windows\msdfmap.ini [2009-07-14 03:04:23 | 000,000,499 | ---- | C] () -- C:\Windows\win.ini [2009-07-14 03:04:23 | 000,000,219 | ---- | C] () -- C:\Windows\system.ini [2009-07-14 01:59:08 | 000,011,776 | ---- | C] () -- C:\Windows\System32\SaSegFlt.dll [2009-07-14 01:58:40 | 000,037,376 | ---- | C] () -- C:\Windows\System32\SaImgFlt.dll [2009-07-14 01:58:25 | 000,010,240 | ---- | C] () -- C:\Windows\System32\SaErHdlr.dll [2009-07-14 01:56:53 | 000,159,232 | ---- | C] () -- C:\Windows\System32\SaMinDrv.dll [2009-07-14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009-07-14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2009-07-13 22:40:44 | 000,027,097 | ---- | C] () -- C:\Windows\System32\country.sys [2009-07-13 22:40:43 | 000,042,809 | ---- | C] () -- C:\Windows\System32\KEY01.SYS [2009-07-13 22:40:43 | 000,042,537 | ---- | C] () -- C:\Windows\System32\KEYBOARD.SYS [2009-07-13 22:40:41 | 000,009,029 | ---- | C] () -- C:\Windows\System32\ANSI.SYS [2009-07-13 22:40:40 | 000,004,768 | ---- | C] () -- C:\Windows\System32\HIMEM.SYS [2009-07-13 22:40:39 | 000,029,274 | ---- | C] () -- C:\Windows\System32\NTDOS412.SYS [2009-07-13 22:40:35 | 000,029,370 | ---- | C] () -- C:\Windows\System32\NTDOS411.SYS [2009-07-13 22:40:31 | 000,029,146 | ---- | C] () -- C:\Windows\System32\NTDOS404.SYS [2009-07-13 22:40:27 | 000,029,146 | ---- | C] () -- C:\Windows\System32\NTDOS804.SYS [2009-07-13 22:40:23 | 000,027,866 | ---- | C] () -- C:\Windows\System32\NTDOS.SYS [2009-07-13 22:40:19 | 000,035,536 | ---- | C] () -- C:\Windows\System32\NTIO412.SYS [2009-07-13 22:40:17 | 000,035,776 | ---- | C] () -- C:\Windows\System32\NTIO411.SYS [2009-07-13 22:40:15 | 000,034,672 | ---- | C] () -- C:\Windows\System32\NTIO404.SYS [2009-07-13 22:40:13 | 000,034,672 | ---- | C] () -- C:\Windows\System32\NTIO804.SYS [2009-07-13 22:40:11 | 000,033,952 | ---- | C] () -- C:\Windows\System32\NTIO.SYS [2009-07-13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\System32\msjetoledb40.dll [2009-07-13 21:29:46 | 000,013,312 | ---- | C] () -- C:\Windows\System32\win87em.dll [2009-06-10 22:39:59 | 000,060,124 | ---- | C] () -- C:\Windows\System32\tcpmon.ini [2007-11-14 15:17:34 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CogentBioSDK.dll [2006-03-09 08:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2003-04-08 10:40:22 | 000,005,679 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI [color=#E56717]========== LOP Check ==========[/color] [2010-09-26 19:48:45 | 000,000,000 | ---D | M] -- C:\Users\Artur\AppData\Roaming\abgx360 [2010-08-25 23:33:20 | 000,000,000 | ---D | M] -- C:\Users\Artur\AppData\Roaming\DAEMON Tools Lite [2010-11-16 16:34:27 | 000,000,000 | ---D | M] -- C:\Users\Artur\AppData\Roaming\DigitalPersona [2010-11-18 16:35:00 | 000,000,000 | ---D | M] -- C:\Users\Artur\AppData\Roaming\foobar2000 [2010-08-10 22:36:18 | 000,000,000 | ---D | M] -- C:\Users\Artur\AppData\Roaming\Gadu-Gadu 10 [2010-11-11 14:44:27 | 000,000,000 | ---D | M] -- C:\Users\Artur\AppData\Roaming\ImgBurn [2010-09-11 13:06:16 | 000,000,000 | ---D | M] -- C:\Users\Artur\AppData\Roaming\Opera [2010-08-22 19:37:33 | 000,000,000 | ---D | M] -- C:\Users\Artur\AppData\Roaming\Soldat [2010-09-28 13:23:13 | 000,000,000 | ---D | M] -- C:\Users\Artur\AppData\Roaming\ubi.com [2010-08-06 16:04:15 | 000,000,000 | ---D | M] -- C:\Users\Artur\AppData\Roaming\wargaming.net [2010-10-15 20:10:15 | 000,032,590 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] < End of report > O[/log] Niestety nie udało mi się zapisać LOGA z DR WEB CureIt Pozdrawiam
Sohei komentarz 19 listopada 2010 komentarz 19 listopada 2010 C:\Windows\System32\XDva370.sys przeskanuj to na virustotal.com
Tomek01 komentarz 19 listopada 2010 komentarz 19 listopada 2010 Wrzuć jeszcze log Silent Runners oraz Gmer (wcześniej jednak odinstaluj sterownik sptd.sys oraz programy emulujące napęd: Alcohol, Deamon Tools, jest to niezbędne do wykonania log'u). Ustawienia: http://www.forumpc.pl/index.php?showtopic=116175
Arczi256 komentarz 19 listopada 2010 Autor komentarz 19 listopada 2010 (edytowane) Log z virustotal.com [log]Antivirus Version Last update Result AhnLab-V3 2010.10.13.00 2010.10.12 - AntiVir 7.10.12.193 2010.10.12 - Antiy-AVL 2.0.3.7 2010.10.13 - Authentium 5.2.0.5 2010.10.13 - Avast 4.8.1351.0 2010.10.12 - Avast5 5.0.594.0 2010.10.12 - AVG 9.0.0.851 2010.10.12 - BitDefender 7.2 2010.10.13 - CAT-QuickHeal 11.00 2010.10.13 - ClamAV 0.96.2.0-git 2010.10.12 - Comodo 6372 2010.10.13 - DrWeb 5.0.2.03300 2010.10.13 - eSafe 7.0.17.0 2010.10.12 - eTrust-Vet 36.1.7907 2010.10.12 - F-Prot 4.6.2.117 2010.10.12 - F-Secure 9.0.15370.0 2010.10.13 - Fortinet 4.2.249.0 2010.10.12 - GData 21 2010.10.13 - Ikarus T3.1.1.90.0 2010.10.13 - Jiangmin 13.0.900 2010.10.13 - K7AntiVirus 9.65.2733 2010.10.12 - McAfee 5.400.0.1158 2010.10.13 - McAfee-GW-Edition 2010.1C 2010.10.12 - Microsoft 1.6201 2010.10.12 - NOD32 5525 2010.10.12 - Norman 6.06.07 2010.10.12 - nProtect 2010-10-12.01 2010.10.12 - Panda 10.0.2.7 2010.10.12 - PCTools 7.0.3.5 2010.10.13 - Prevx 3.0 2010.10.13 - Rising 22.69.01.04 2010.10.12 - Sophos 4.58.0 2010.10.13 - Sunbelt 7047 2010.10.13 - SUPERAntiSpyware 4.40.0.1006 2010.10.13 - Symantec 20101.2.0.161 2010.10.13 - TheHacker 6.7.0.1.056 2010.10.13 - TrendMicro 9.120.0.1004 2010.10.13 - TrendMicro-HouseCall 9.120.0.1004 2010.10.13 - VBA32 3.12.14.1 2010.10.12 - ViRobot 2010.9.25.4060 2010.10.13 - VirusBuster 12.67.14.0 2010.10.12 - MD5: a6f91455c134194e473d5b201ea47e56 SHA1: 3d9483b140636b94d254f5eb5ea8b77079e0e321 SHA256: 61a7f0cbeb7ec0105b7347b6ca76826d7c13a1fbcdd43b73bd18e27bb93a09c4 File size: 75592 bytes Scan date: 2010-10-13 05:49:26 (UTC)[/log] Pytanie do Tomek01.[s] Te "Silent Runners oraz Gmer" to są jakieś programy czy pliki?[/s] I jak mam odinstalować sterownik sptd.sys? Przepraszam za upierdliwość ale naprawdę w tych sprawach jestem totalny nieogar [color="#FF0000"]EDIT[/color] Już wiem co to ten GMER oraz Silent Runners. Ale jak mam odinstalować ten sterownik?
Sohei komentarz 20 listopada 2010 komentarz 20 listopada 2010 http://www.jpshortstuff.247fixes.com/Defogger.exe ściagasz to odpalasz i klikasz disable
Arczi256 komentarz 20 listopada 2010 Autor komentarz 20 listopada 2010 GMER [log]GMER 1.0.15.15530 - http://www.gmer.net Rootkit scan 2010-11-20 13:53:07 Windows 6.1.7600 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 FUJITSU_MHZ2320BH_G2 rev.8909 Running: nzql9pwo.exe; Driver: C:\Users\Artur\AppData\Local\Temp\awlyakod.sys ---- System - GMER 1.0.15 ---- Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0x90CC3BAE] Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateSection [0x90CC39D2] Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwLoadDriver [0x90CC3B0C] Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) NtCreateSection Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject ---- Kernel code sections - GMER 1.0.15 ---- .text ntkrnlpa.exe!ZwSaveKeyEx + 13AD 83046599 1 Byte [06] .text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 8306AF52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3} PAGE ntkrnlpa.exe!ZwLoadDriver 831A4291 7 Bytes JMP 90CC3B10 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) PAGE ntkrnlpa.exe!ObMakeTemporaryObject 8320BFBF 5 Bytes JMP 90CBF5D4 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) PAGE ntkrnlpa.exe!ObInsertObject + 27 83225CF3 5 Bytes JMP 90CC1012 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) PAGE ntkrnlpa.exe!NtCreateSection 83233D63 7 Bytes JMP 90CC39D6 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) PAGE ntkrnlpa.exe!ZwCreateProcessEx 832DDEAC 7 Bytes JMP 90CC3BB2 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ---- User code sections - GMER 1.0.15 ---- .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1984] kernel32.dll!SetUnhandledExceptionFilter 76EA3162 4 Bytes [C2, 04, 00, 90] {RET 0x4; NOP } .text d:\Program Files\PLAY ONLINE\PLAY ONLINE.exe[2984] USER32.dll!SetScrollRange 7680AE3C 5 Bytes JMP 0045B930 d:\Program Files\PLAY ONLINE\SkinMagicU.dll (SkinMagic Toolkit/Appspeed Inc.) .text d:\Program Files\PLAY ONLINE\PLAY ONLINE.exe[2984] USER32.dll!GetSysColorBrush 76812949 5 Bytes JMP 0045BA20 d:\Program Files\PLAY ONLINE\SkinMagicU.dll (SkinMagic Toolkit/Appspeed Inc.) .text d:\Program Files\PLAY ONLINE\PLAY ONLINE.exe[2984] USER32.dll!GetScrollInfo 76815151 7 Bytes JMP 0045B800 d:\Program Files\PLAY ONLINE\SkinMagicU.dll (SkinMagic Toolkit/Appspeed Inc.) .text d:\Program Files\PLAY ONLINE\PLAY ONLINE.exe[2984] USER32.dll!SetScrollInfo 76816632 7 Bytes JMP 0045B8B0 d:\Program Files\PLAY ONLINE\SkinMagicU.dll (SkinMagic Toolkit/Appspeed Inc.) .text d:\Program Files\PLAY ONLINE\PLAY ONLINE.exe[2984] USER32.dll!GetSysColor 7681FA99 5 Bytes JMP 0045B9C0 d:\Program Files\PLAY ONLINE\SkinMagicU.dll (SkinMagic Toolkit/Appspeed Inc.) .text d:\Program Files\PLAY ONLINE\PLAY ONLINE.exe[2984] USER32.dll!GetScrollRange 76831B6C 1 Byte [E9] .text d:\Program Files\PLAY ONLINE\PLAY ONLINE.exe[2984] USER32.dll!GetScrollRange 76831B6C 5 Bytes JMP 0045B870 d:\Program Files\PLAY ONLINE\SkinMagicU.dll (SkinMagic Toolkit/Appspeed Inc.) .text d:\Program Files\PLAY ONLINE\PLAY ONLINE.exe[2984] USER32.dll!SetScrollPos 76831BD0 5 Bytes JMP 0045B8F0 d:\Program Files\PLAY ONLINE\SkinMagicU.dll (SkinMagic Toolkit/Appspeed Inc.) .text d:\Program Files\PLAY ONLINE\PLAY ONLINE.exe[2984] USER32.dll!GetScrollPos 7683252B 5 Bytes JMP 0045B840 d:\Program Files\PLAY ONLINE\SkinMagicU.dll (SkinMagic Toolkit/Appspeed Inc.) .text d:\Program Files\PLAY ONLINE\PLAY ONLINE.exe[2984] USER32.dll!EnableScrollBar 7683386D 7 Bytes JMP 0045B7C0 d:\Program Files\PLAY ONLINE\SkinMagicU.dll (SkinMagic Toolkit/Appspeed Inc.) .text d:\Program Files\PLAY ONLINE\PLAY ONLINE.exe[2984] USER32.dll!ShowScrollBar 76835785 5 Bytes JMP 0045B980 d:\Program Files\PLAY ONLINE\SkinMagicU.dll (SkinMagic Toolkit/Appspeed Inc.) ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\Windows\Explorer.EXE[1908] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [73AB2494] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1908] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [73A95624] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1908] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [73A956E2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1908] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [73AB250F] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1908] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [73AA8573] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1908] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [73AA4D27] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1908] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [73AA50CE] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1908] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [73AA51A3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1908] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromHBITMAP] [73AA66D0] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1908] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [73AA82CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1908] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [73AA8819] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1908] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [73AA907A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1908] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [73AAE21D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1908] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [73AA4C59] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Program Files\Opera\opera.exe[3368] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [75095E25] C:\Windows\system32\apphelp.dll (Biblioteka klienta zgodności aplikacji/Microsoft Corporation) IAT C:\Program Files\Opera\opera.exe[3368] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [75095E25] C:\Windows\system32\apphelp.dll (Biblioteka klienta zgodności aplikacji/Microsoft Corporation) IAT C:\Program Files\Opera\opera.exe[3368] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [75095E25] C:\Windows\system32\apphelp.dll (Biblioteka klienta zgodności aplikacji/Microsoft Corporation) IAT C:\Program Files\Opera\opera.exe[3368] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [75095E25] C:\Windows\system32\apphelp.dll (Biblioteka klienta zgodności aplikacji/Microsoft Corporation) IAT C:\Program Files\Opera\opera.exe[3368] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [75095E25] C:\Windows\system32\apphelp.dll (Biblioteka klienta zgodności aplikacji/Microsoft Corporation) IAT C:\Program Files\Opera\opera.exe[3368] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [75095E25] C:\Windows\system32\apphelp.dll (Biblioteka klienta zgodności aplikacji/Microsoft Corporation) IAT C:\Program Files\Opera\opera.exe[3368] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [75095E25] C:\Windows\system32\apphelp.dll (Biblioteka klienta zgodności aplikacji/Microsoft Corporation) ---- Devices - GMER 1.0.15 ---- AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (Aparat wykonawczy struktury sterowników trybu jądra/Microsoft Corporation) AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (Aparat wykonawczy struktury sterowników trybu jądra/Microsoft Corporation) AttachedDevice \Driver\tdx \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software) AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) AttachedDevice \Driver\tdx \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software) Device \Driver\ACPI_HAL \Device\0000006c halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\002186b24436 Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\002186b24436@0025484a9d1d 0x3C 0x44 0xD8 0x26 ... Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\002186b24436@001fe4a51a74 0x69 0x3D 0x90 0x77 ... Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\002186b24436@a87e3317b736 0x5C 0x36 0x0F 0x37 ... Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\002186b24436@e0a67092ee78 0xB1 0xBA 0x2D 0xC9 ... Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanServer\Linkage@Export ????????????????? ???????,?????????????????????????? ???????I6???????&??????????????????????????????????????{cfb92d42-e780-11df-bf92-001eeceb08c3}????????????? ???????USB?????? ??????????????????????????????N???????00????N?????????????????{8ECC055D-047F-11D1-A537-0000F8753ED1}?ens??? <??????t?????vic??avast! Network Shield Support???????????????????? ???????????????????u?,??????$????? ????????????????????o?????????des???????????3?????????ty ??????????? ???????????????????n????????0???????????????sog???\??\USB#VID_138A&PID_0001#5&106f631a&0&2#{a5dcbf10-6530-11d2-901f-00c04fb951ed}?????????????????????????????????????????????????????????????????????? ?????????????????????1????????????????????? ???????????????????n?1????????????????????????????????????oem4.inf:DeviceList.NTx86.5.1:DriverInstall_XP32:1.3.1.183:usb\vid_138a&pid_0001?????????n??????????????????? ?????????????????????1????????????????????? ?????????????????????1????????????????????????????????????????????????????????????? ?????????????????????1??? Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Linkage@Export ????6????????????????????/?/?/?/????????ewusbmdm.sys????????????????????? ??????????????-R??????????????????????????????????? ???????F??????????????????????????????x??????? ???W?I?????????????????????????????????????????????Z\??????????????FH??????????????FH??????????????NP??????????????VX??????????????????????????????pr??????????????XZ??????????????\^??????????????HJ??????????????bd??????????????bd??????????????@B??????????????HJ??????????????FH??????????????????????????????????????????????tv??????????????????????????????TV??????????????np??????????????02??????????????????????????????xz??????????????HJ??????????????????????????????HJ??????????????DF??????????????xz??????????????RT??????????????PR??????????????ln??????????????DF??????????????FH??????????????BD??????????????NP??????????????FH??????????????FH??????????????ln??????????????HJ??????????????`b??????????????`b??????????????FH??????????????jl??????????????HJ??????????????DF??????????????|~??????????????tv??????????????FH??????????????HJ????????????? Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xCD 0xEA 0xD9 0x63 ... Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\002186b24436 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\002186b24436@0025484a9d1d 0x3C 0x44 0xD8 0x26 ... Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\002186b24436@001fe4a51a74 0x69 0x3D 0x90 0x77 ... Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\002186b24436@a87e3317b736 0x5C 0x36 0x0F 0x37 ... Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\002186b24436@e0a67092ee78 0xB1 0xBA 0x2D 0xC9 ... Reg HKLM\SYSTEM\ControlSet002\services\LanmanServer\Linkage@Export ???s?s???????e???e??????????????????????????LocalSystem?????????????????ms??System32\Drivers\ksecdd.sys??????????????????????????????????????????v??Samsung?????? ?????????????????????? ????????????t??????????????? ???????s???????????s?????????????? ???????????? ???????o?????t?????t??????????@?????????????"??t?????????e????@keyiso.dll,-100??????@??t????????h?????%SystemRoot%\system32\lsass.exe???????"??t?????????n????@keyiso.dll,-101????? ???s??????????????????????????????????????????????t????????t???????????????t???????????e??RpcSs????????t?t?t?t?t?t?s?t????? ???????t???????????s??????????????????????????????0????????????????????????????????????? ????????????????????????????????????????????????????????????t????? ???????o??????????????????????8???????????????}????????t???t???????l???????????????????r??tO??.NT?p6???????????????t?t?t??%SystemRoot%\system32\srvsvc.dll?????????????????????????????????z??????????71?????t?l???????????????/??????????????? ???????o??????????????????????:????????g????????????????????? Reg HKLM\SYSTEM\ControlSet002\services\LanmanWorkstation\Linkage@Export ???t?l???????????????/??????????????? ???????o??????????????????????:????????g??????????????????????????g???*6to4mp??|???????????0?????????????????????????????????????????g ????? ??j??????p???????????????????????????????????Extended base?????<??t??????????????????Ne??? ???????o?????t?????t????????@?????????m?????$??t?????????e????@comres.dll,-2946????????t????????h?????%SystemRoot%\System32\svchost.exe -k NetworkServiceAndNoImpersonation?????$??t?????????n????@comres.dll,-2947???? 8??t??????????????NT AUTHORITY\NetworkService??????????????????????????????????????????????t?????????????? ????????????????t???????????e??RPCSS?SamSS???????,??t????????????????????????????????????2??t??????????????????SeChangeNotifyPrivilege?????? F??t???????????????t??? ???????????????????????????????????????????????????t?t?t?t?t?t?t?t?t?t?t?t????? ???????t???????????t????????,?F??? ???????????%systemroot%\system32\msdtckrm.dll????????"??t?????????n????KtmRmServiceMain????????????????????????????? ???????t???????????t????????????? Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xCD 0xEA 0xD9 0x63 ... ---- EOF - GMER 1.0.15 ---- [/log] Silent Runners [log]"Silent Runners.vbs", revision 63, http://www.silentrunners.org/ Operating System: Windows 7 Output limited to non-default values, except where indicated by "{++}" Startup items buried in registry: --------------------------------- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++} "Gadu-Gadu 10" = ""C:\Program Files\Gadu-Gadu 10\gg.exe"" ["GG Network S.A."] "Sidebar" = "C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" [MS] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++} "SynTPEnh" = "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "avast5" = ""C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui" ["AVAST Software"] "SysTrayApp" = "C:\Program Files\IDT\WDM\sttray.exe" "SunJavaUpdateSched" = ""C:\Program Files\Common Files\Java\Java Update\jusched.exe"" ["Sun Microsystems, Inc."] "Adobe Reader Speed Launcher" = ""C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"" ["Adobe Systems Incorporated"] "Adobe ARM" = ""C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"" ["Adobe Systems Incorporated"] "DpAgent" = "C:\Program Files\DigitalPersona\Bin\dpagent.exe" ["DigitalPersona, Inc."] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {18DF081C-E8AD-4283-A596-FA578C2EBDC3}\(Default) = "AcroIEHelperStub" -> {HKLM...CLSID} = "Adobe PDF Link Helper" \InProcServer32\(Default) = "C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll" ["Adobe Systems Incorporated"] {395610AE-C624-4f58-B89E-23733EA00F9A}\(Default) = "DigitalPersona Personal Extension" -> {HKLM...CLSID} = "DigitalPersona Personal Extension" \InProcServer32\(Default) = "C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll" ["DigitalPersona, Inc."] {AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\(Default) = "SkypeIEPluginBHO" -> {HKLM...CLSID} = "Skype Plug-In" \InProcServer32\(Default) = "C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll" ["Skype Technologies S.A."] {DBC80044-A445-435b-BC74-9C25C1C588A9}\(Default) = (no title provided) -> {HKLM...CLSID} = "Java(tm) Plug-In 2 SSV Helper" \InProcServer32\(Default) = "C:\Program Files\Java\jre6\bin\jp2ssv.dll" ["Sun Microsystems, Inc."] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ "{2F603045-309F-11CF-9774-0020AFD0CFF6}" = "Synaptics Control Panel" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = "C:\Program Files\Synaptics\SynTP\SynTPCpl.dll" ["Synaptics Incorporated"] "{A70C977A-BF00-412C-90B7-034C51DA2439}" = "NvCpl DesktopContext Class" -> {HKLM...CLSID} = "DesktopContext Class" \InProcServer32\(Default) = "C:\Program Files\NVIDIA Corporation\Display\nvui.dll" ["NVIDIA Corporation"] "{3D1975AF-48C6-4f8e-A182-BE0E08FA86A9}" = "NVIDIA Play On My TV Context Menu Extension" -> {HKLM...CLSID} = "NVIDIA CPL Context Menu Extension" \InProcServer32\(Default) = "C:\Windows\system32\nvshext.dll" ["NVIDIA Corporation"] "{472083B0-C522-11CF-8763-00608CC02F24}" = "avast" -> {HKLM...CLSID} = "avast" \InProcServer32\(Default) = "C:\Program Files\Alwil Software\Avast5\ashShell.dll" ["AVAST Software"] "{23170F69-40C1-278A-1000-000100020000}" = "7-Zip Shell Extension" -> {HKLM...CLSID} = "7-Zip Shell Extension" \InProcServer32\(Default) = "C:\Program Files\7-Zip\7-zip.dll" ["Igor Pavlov"] "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension" -> {HKLM...CLSID} = "WinRAR" \InProcServer32\(Default) = "D:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"] "{00020D75-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Desktop Icon Handler" -> {HKLM...CLSID} = "Microsoft Office Outlook" \InProcServer32\(Default) = "C:\PROGRA~1\Microsoft Office\OFFICE11\MLSHEXT.DLL" [MS] "{0006F045-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Custom Icon Handler" -> {HKLM...CLSID} = "Rozszerzenie ikon plików programu Outlook" \InProcServer32\(Default) = "C:\PROGRA~1\Microsoft Office\OFFICE11\OLKFSTUB.DLL" [MS] "{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = "C:\Program Files\Microsoft Office\OFFICE11\msohev.dll" [MS] HKLM\SYSTEM\CurrentControlSet\Control\Lsa\ <<!>> "Notification Packages" = "scecli"|"DPPWDFLT" HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Provider Filters\ {FD2AB138-F9A8-4ab6-9095-EEE7AF8B6C28}\(Default) = "DigitalPersona Credential Provider Filter" -> {HKLM...CLSID} = "ProvFilter Class" \InProcServer32\(Default) = "C:\Windows\system32\DPCrProv.dll" ["DigitalPersona, Inc."] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\ {02AA8B83-49C5-482C-915A-B6824F665CCD}\(Default) = "DigitalPersona Kiosk Credential Provider" -> {HKLM...CLSID} = "KioskProv Class" \InProcServer32\(Default) = "C:\Windows\system32\DPCrProv.dll" ["DigitalPersona, Inc."] {2A16DF2F-490B-4F2B-8C68-21EF46FCCC37}\(Default) = "DigitalPersona Password Credential Provider" -> {HKLM...CLSID} = "PswWrapProv Class" \InProcServer32\(Default) = "C:\Windows\system32\DPCrProv.dll" ["DigitalPersona, Inc."] {3ADC7042-51AF-4D0F-BD1D-4D6965A77323}\(Default) = "DigitalPersona Fingerprint Credential Provider" -> {HKLM...CLSID} = "FingerProv Class" \InProcServer32\(Default) = "C:\Windows\system32\DPCrProv.dll" ["DigitalPersona, Inc."] {70099717-17C8-4BD0-B3D4-FAF721AB1A62}\(Default) = "DigitalPersona Smartcard Credential Provider" -> {HKLM...CLSID} = "SCardWrapProv Class" \InProcServer32\(Default) = "C:\Windows\system32\DPCrProv.dll" ["DigitalPersona, Inc."] HKLM\SOFTWARE\Classes\PROTOCOLS\Filter\ <<!>> text/xml\CLSID = "{807553E5-5146-11D5-A672-00B0D022E945}" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = "C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL" [MS] HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\ <<!>> ms-itss\CLSID = "{0A9007C0-4076-11D3-8789-0000F8105754}" -> {HKLM...CLSID} = "Microsoft Infotech Storage Protocol for IE 4.0" \InProcServer32\(Default) = "C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL" [MS] <<!>> mso-offdap\CLSID = "{3D9F03FA-7A94-11D3-BE81-0050048385D1}" -> {HKLM...CLSID} = "Data Page Pluggable Protocol mso-offdap Handler" \InProcServer32\(Default) = "C:\PROGRA~1\COMMON~1\MICROS~1\Web Components\10\OWC10.DLL" [MS] <<!>> mso-offdap11\CLSID = "{32505114-5902-49B2-880A-1F7738E5A384}" -> {HKLM...CLSID} = "Data Page Plugable Protocal mso-offdap11 Handler" \InProcServer32\(Default) = "C:\PROGRA~1\COMMON~1\MICROS~1\Web Components\11\OWC11.DLL" [MS] <<!>> skype-ie-addon-data\CLSID = "{91774881-D725-4E58-B298-07617B9B86A8}" -> {HKLM...CLSID} = "Skype IE add-on Pluggable Protocol" \InProcServer32\(Default) = "C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll" ["Skype Technologies S.A."] <<!>> skype4com\CLSID = "{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}" -> {HKLM...CLSID} = "IEProtocolHandler Class" \InProcServer32\(Default) = "C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll" ["Skype Technologies"] HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\ 7-Zip\(Default) = "{23170F69-40C1-278A-1000-000100020000}" -> {HKLM...CLSID} = "7-Zip Shell Extension" \InProcServer32\(Default) = "C:\Program Files\7-Zip\7-zip.dll" ["Igor Pavlov"] avast\(Default) = "{472083B0-C522-11CF-8763-00608CC02F24}" -> {HKLM...CLSID} = "avast" \InProcServer32\(Default) = "C:\Program Files\Alwil Software\Avast5\ashShell.dll" ["AVAST Software"] WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" -> {HKLM...CLSID} = "WinRAR" \InProcServer32\(Default) = "D:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"] HKLM\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\ MBAMShlExt\(Default) = "{57CE581A-0CB6-4266-9CA0-19364C90A0B3}" -> {HKLM...CLSID} = "MBAMShlExt Class" \InProcServer32\(Default) = "C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll" ["Malwarebytes Corporation"] HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\ 7-Zip\(Default) = "{23170F69-40C1-278A-1000-000100020000}" -> {HKLM...CLSID} = "7-Zip Shell Extension" \InProcServer32\(Default) = "C:\Program Files\7-Zip\7-zip.dll" ["Igor Pavlov"] WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" -> {HKLM...CLSID} = "WinRAR" \InProcServer32\(Default) = "D:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"] HKLM\SOFTWARE\Classes\Directory\shellex\DragDropHandlers\ 7-Zip\(Default) = "{23170F69-40C1-278A-1000-000100020000}" -> {HKLM...CLSID} = "7-Zip Shell Extension" \InProcServer32\(Default) = "C:\Program Files\7-Zip\7-zip.dll" ["Igor Pavlov"] WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" -> {HKLM...CLSID} = "WinRAR" \InProcServer32\(Default) = "D:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"] HKLM\SOFTWARE\Classes\Directory\Background\shellex\ContextMenuHandlers\ NvCplDesktopContext\(Default) = "{3D1975AF-48C6-4f8e-A182-BE0E08FA86A9}" -> {HKLM...CLSID} = "NVIDIA CPL Context Menu Extension" \InProcServer32\(Default) = "C:\Windows\system32\nvshext.dll" ["NVIDIA Corporation"] HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\ {F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = "PDF Column Info" -> {HKLM...CLSID} = "PDF Shell Extension" \InProcServer32\(Default) = "C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll" ["Adobe Systems, Inc."] HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\ avast\(Default) = "{472083B0-C522-11CF-8763-00608CC02F24}" -> {HKLM...CLSID} = "avast" \InProcServer32\(Default) = "C:\Program Files\Alwil Software\Avast5\ashShell.dll" ["AVAST Software"] MBAMShlExt\(Default) = "{57CE581A-0CB6-4266-9CA0-19364C90A0B3}" -> {HKLM...CLSID} = "MBAMShlExt Class" \InProcServer32\(Default) = "C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll" ["Malwarebytes Corporation"] WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" -> {HKLM...CLSID} = "WinRAR" \InProcServer32\(Default) = "D:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"] HKLM\SOFTWARE\Classes\Folder\shellex\DragDropHandlers\ WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" -> {HKLM...CLSID} = "WinRAR" \InProcServer32\(Default) = "D:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"] Group Policies {GPedit.msc branch and setting}: ----------------------------------------------- Note: detected settings may not have any effect. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ "ConsentPromptBehaviorAdmin" = (REG_DWORD) dword:0x00000000 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| User Account Control: Behavior Of The Elevation Prompt For Administrators In Admin Approval Mode} "EnableLUA" = (REG_DWORD) dword:0x00000000 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| User Account Control: Run All Administrators In Admin Approval Mode} "PromptOnSecureDesktop" = (REG_DWORD) dword:0x00000000 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| User Account Control: Switch to the secure desktop when prompting for elevation} Active Desktop and Wallpaper: ----------------------------- Active Desktop may be disabled at this entry: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState Displayed if Active Desktop disabled and wallpaper not set by Group Policy: HKCU\Control Panel\Desktop\ "Wallpaper" = "C:\Users\Artur\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg" Windows Portable Device AutoPlay Handlers ----------------------------------------- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ ImgBurnBDBurningOnArrival_BuildImage\ "Provider" = "ImgBurn" "InvokeProgID" = "ImgBurn.AutoPlay.1" "InvokeVerb" = "HandleBDBurningOnArrival_BuildImage" HKLM\SOFTWARE\Classes\ImgBurn.AutoPlay.1\shell\HandleBDBurningOnArrival_BuildImage\command\(Default) = ""C:\Program Files\ImgBurn\ImgBurn.exe" /MODE BUILD /OUTPUTMODE DEVICE /DEST "%1"" ["LIGHTNING UK!"] ImgBurnBDBurningOnArrival_BurnImage\ "Provider" = "ImgBurn" "InvokeProgID" = "ImgBurn.AutoPlay.1" "InvokeVerb" = "HandleBDBurningOnArrival_BurnImage" HKLM\SOFTWARE\Classes\ImgBurn.AutoPlay.1\shell\HandleBDBurningOnArrival_BurnImage\command\(Default) = ""C:\Program Files\ImgBurn\ImgBurn.exe" /MODE WRITE /DEST "%1"" ["LIGHTNING UK!"] ImgBurnCDBurningOnArrival_BuildImage\ "Provider" = "ImgBurn" "InvokeProgID" = "ImgBurn.AutoPlay.1" "InvokeVerb" = "HandleCDBurningOnArrival_BuildImage" HKLM\SOFTWARE\Classes\ImgBurn.AutoPlay.1\shell\HandleCDBurningOnArrival_BuildImage\command\(Default) = ""C:\Program Files\ImgBurn\ImgBurn.exe" /MODE BUILD /OUTPUTMODE DEVICE /DEST "%1"" ["LIGHTNING UK!"] ImgBurnCDBurningOnArrival_BurnImage\ "Provider" = "ImgBurn" "InvokeProgID" = "ImgBurn.AutoPlay.1" "InvokeVerb" = "HandleCDBurningOnArrival_BurnImage" HKLM\SOFTWARE\Classes\ImgBurn.AutoPlay.1\shell\HandleCDBurningOnArrival_BurnImage\command\(Default) = ""C:\Program Files\ImgBurn\ImgBurn.exe" /MODE WRITE /DEST "%1"" ["LIGHTNING UK!"] ImgBurnDVDBurningOnArrival_BuildImage\ "Provider" = "ImgBurn" "InvokeProgID" = "ImgBurn.AutoPlay.1" "InvokeVerb" = "HandleDVDBurningOnArrival_BuildImage" HKLM\SOFTWARE\Classes\ImgBurn.AutoPlay.1\shell\HandleDVDBurningOnArrival_BuildImage\command\(Default) = ""C:\Program Files\ImgBurn\ImgBurn.exe" /MODE BUILD /OUTPUTMODE DEVICE /DEST "%1"" ["LIGHTNING UK!"] ImgBurnDVDBurningOnArrival_BurnImage\ "Provider" = "ImgBurn" "InvokeProgID" = "ImgBurn.AutoPlay.1" "InvokeVerb" = "HandleDVDBurningOnArrival_BurnImage" HKLM\SOFTWARE\Classes\ImgBurn.AutoPlay.1\shell\HandleDVDBurningOnArrival_BurnImage\command\(Default) = ""C:\Program Files\ImgBurn\ImgBurn.exe" /MODE WRITE /DEST "%1"" ["LIGHTNING UK!"] ImgBurnHDDVDBurningOnArrival_BuildImage\ "Provider" = "ImgBurn" "InvokeProgID" = "ImgBurn.AutoPlay.1" "InvokeVerb" = "HandleHDDVDBurningOnArrival_BuildImage" HKLM\SOFTWARE\Classes\ImgBurn.AutoPlay.1\shell\HandleHDDVDBurningOnArrival_BuildImage\command\(Default) = ""C:\Program Files\ImgBurn\ImgBurn.exe" /MODE BUILD /OUTPUTMODE DEVICE /DEST "%1"" ["LIGHTNING UK!"] ImgBurnHDDVDBurningOnArrival_BurnImage\ "Provider" = "ImgBurn" "InvokeProgID" = "ImgBurn.AutoPlay.1" "InvokeVerb" = "HandleHDDVDBurningOnArrival_BurnImage" HKLM\SOFTWARE\Classes\ImgBurn.AutoPlay.1\shell\HandleHDDVDBurningOnArrival_BurnImage\command\(Default) = ""C:\Program Files\ImgBurn\ImgBurn.exe" /MODE WRITE /DEST "%1"" ["LIGHTNING UK!"] ImgBurnPlayBluRayOnArrival_ReadDisc\ "Provider" = "ImgBurn" "InvokeProgID" = "ImgBurn.AutoPlay.1" "InvokeVerb" = "PlayBluRayOnArrival_ReadDisc" HKLM\SOFTWARE\Classes\ImgBurn.AutoPlay.1\shell\PlayBluRayOnArrival_ReadDisc\command\(Default) = ""C:\Program Files\ImgBurn\ImgBurn.exe" /MODE READ /SRC "%1"" ["LIGHTNING UK!"] ImgBurnPlayCDAudioOnArrival_ReadDisc\ "Provider" = "ImgBurn" "InvokeProgID" = "ImgBurn.AutoPlay.1" "InvokeVerb" = "PlayCDAudioOnArrival_ReadDisc" HKLM\SOFTWARE\Classes\ImgBurn.AutoPlay.1\shell\PlayCDAudioOnArrival_ReadDisc\command\(Default) = ""C:\Program Files\ImgBurn\ImgBurn.exe" /MODE READ /SRC "%1"" ["LIGHTNING UK!"] ImgBurnPlayDVDMovieOnArrival_ReadDisc\ "Provider" = "ImgBurn" "InvokeProgID" = "ImgBurn.AutoPlay.1" "InvokeVerb" = "PlayDVDMovieOnArrival_ReadDisc" HKLM\SOFTWARE\Classes\ImgBurn.AutoPlay.1\shell\PlayDVDMovieOnArrival_ReadDisc\command\(Default) = ""C:\Program Files\ImgBurn\ImgBurn.exe" /MODE READ /SRC "%1"" ["LIGHTNING UK!"] ImgBurnPlayHDDVDOnArrival_ReadDisc\ "Provider" = "ImgBurn" "InvokeProgID" = "ImgBurn.AutoPlay.1" "InvokeVerb" = "PlayHDDVDOnArrival_ReadDisc" HKLM\SOFTWARE\Classes\ImgBurn.AutoPlay.1\shell\PlayHDDVDOnArrival_ReadDisc\command\(Default) = ""C:\Program Files\ImgBurn\ImgBurn.exe" /MODE READ /SRC "%1"" ["LIGHTNING UK!"] WIA_{2B979F3C-A163-49C0-93D9-C69C9C0AAEEF}\ "Provider" = "Microsoft Office Document Scanning" "CLSID" = "{A55803CC-4D53-404c-8557-FD63DBA95D24}" "InitCmdLine" = "/WiaCmd;C:\Program Files\Common Files\Microsoft Shared\MODI\11.0\MSPSCAN.EXE;" -> {HKLM...CLSID} = "WPDShextAutoplay" \LocalServer32\(Default) = "C:\Windows\system32\WPDShextAutoplay.exe" [MS] WIA_{6218E8F6-5B01-4369-BEDC-63BCFD6DF7E9}\ "Provider" = "Microsoft Office Word" "CLSID" = "{A55803CC-4D53-404c-8557-FD63DBA95D24}" "InitCmdLine" = "/WiaCmd;C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE /IMG_WIA;" -> {HKLM...CLSID} = "WPDShextAutoplay" \LocalServer32\(Default) = "C:\Windows\system32\WPDShextAutoplay.exe" [MS] Windows Sidebar Gadgets: ------------------------ C:\Users\Artur\AppData\Local\Microsoft\Windows Sidebar\Settings.ini "C:%5CUsers%5CArtur%5CAppData%5CLocal%5CMicrosoft%5CWindows%20Sidebar%5CGadgets%5CSystemMonitorII.gadget" "C:%5CUsers%5CArtur%5CAppData%5CLocal%5CMicrosoft%5CWindows%20Sidebar%5CGadgets%5CGPUMonitor.gadget" Non-disabled Scheduled Tasks: ----------------------------- C:\Windows\System32\Tasks "COMODO Updater" -> launches: "C:\Program Files\COMODO\COMODO System-Cleaner\Updater.exe" ["COMODO Security Solutions, Inc."] "CreateChoiceProcessTask" -> launches: "C:\Windows\System32\browserchoice.exe /launch" [MS] "SidebarExecute" -> launches: "C:\Program Files\Windows Sidebar\sidebar.exe /stopHidingGadgets" [MS] "{DC334530-F645-4D39-9CF2-F3892DE07E3D}" -> launches: "C:\Program Files\Skype\\Phone\Skype.exe" ["Skype Technologies S.A."] C:\Windows\System32\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client "AD RMS Rights Policy Template Management (Manual)" -> launches: "{BF5CB148-7C77-4d8a-A53E-D81C70CF743C}" -> {HKLM...CLSID} = "AD RMS Rights Policy Template Management (Manual) Task Handler" \InProcServer32\(Default) = "C:\Windows\system32\msdrm.dll" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Application Experience "AitAgent" -> launches: "aitagent" [MS] "ProgramDataUpdater" -> launches: "%windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Autochk "Proxy" -> launches: "%windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Bluetooth "UninstallDeviceTask" -> launches: "BthUdTask.exe $(Arg0)" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\CertificateServicesClient "SystemTask" -> launches: "{58fb76b9-ac85-4e55-ac04-427593b1d060}" -> {HKLM...CLSID} = "Certificate Services Client Task Handler" \InProcServer32\(Default) = "C:\Windows\system32\dimsjob.dll" [MS] "UserTask" -> launches: "{58fb76b9-ac85-4e55-ac04-427593b1d060}" -> {HKLM...CLSID} = "Certificate Services Client Task Handler" \InProcServer32\(Default) = "C:\Windows\system32\dimsjob.dll" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program "Consolidator" -> launches: "%SystemRoot%\System32\wsqmcons.exe" [MS] "KernelCeipTask" -> (HIDDEN!) launches: "{e7ed314f-2816-4c26-aeb5-54a34d02404c}" -> {HKLM...CLSID} = "KernelCeipCustomHandler" \InProcServer32\(Default) = "C:\Windows\System32\kernelceip.dll" [MS] "UsbCeip" -> (HIDDEN!) launches: "{c27f6b1d-fe0b-45e4-9257-38799fa69bc8}" -> {HKLM...CLSID} = "UsbCeip" \InProcServer32\(Default) = "C:\Windows\System32\usbceip.dll" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Defrag "ScheduledDefrag" -> launches: "%windir%\system32\defrag.exe -c" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Diagnosis "Scheduled" -> (HIDDEN!) launches: "{c1f85ef8-bcc2-4606-bb39-70c523715eb3}" -> {HKLM...CLSID} = "ScheduledDiagnosticCustomHandler" \InProcServer32\(Default) = "C:\Windows\System32\sdiagschd.dll" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Location "Notifications" -> launches: "%windir%\System32\LocationNotifications.exe" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Maintenance "WinSAT" -> launches: "{A9A33436-678B-4C9C-A211-7CC38785E79D}" -> {HKLM...CLSID} = "WinSAT Task Manger Task" \InProcServer32\(Default) = "C:\Windows\system32\WinSATAPI.dll" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Media Center "ActivateWindowsSearch" -> launches: "%SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch" [MS] "ConfigureInternetTimeService" -> launches: "%SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService" [MS] "DispatchRecoveryTasks" -> launches: "%SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)" [MS] "ehDRMInit" -> launches: "%SystemRoot%\ehome\ehPrivJob.exe /DRMInit" [MS] "InstallPlayReady" -> launches: "%SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)" [MS] "mcupdate" -> launches: "%SystemRoot%\ehome\mcupdate $(Arg0)" [MS] "MediaCenterRecoveryTask" -> launches: "%SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask" [MS] "ObjectStoreRecoveryTask" -> launches: "%SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask" [MS] "OCURActivate" -> launches: "%SystemRoot%\ehome\ehPrivJob.exe /OCURActivate" [MS] "OCURDiscovery" -> launches: "%SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)" [MS] "PBDADiscovery" -> launches: "%SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery" [MS] "PBDADiscoveryW1" -> launches: "%SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery" [MS] "PBDADiscoveryW2" -> launches: "%SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery" [MS] "PvrRecoveryTask" -> launches: "%SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask" [MS] "PvrScheduleTask" -> launches: "%SystemRoot%\ehome\mcupdate.exe -PvrSchedule" [MS] "RegisterSearch" -> launches: "%SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)" [MS] "ReindexSearchRoot" -> launches: "%SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot" [MS] "SqlLiteRecoveryTask" -> launches: "%SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask" [MS] "UpdateRecordPath" -> launches: "%SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\MemoryDiagnostic "CorruptionDetector" -> (HIDDEN!) launches: "{190BA3F6-0205-4f46-B589-95C6822899D2}" -> {HKLM...CLSID} = "MemoryDiagnosticCustomHandler" \InProcServer32\(Default) = "C:\Windows\System32\memdiag.dll" [MS] "DecompressionFailureDetector" -> (HIDDEN!) launches: "{190BA3F6-0205-4f46-B589-95C6822899D2}" -> {HKLM...CLSID} = "MemoryDiagnosticCustomHandler" \InProcServer32\(Default) = "C:\Windows\System32\memdiag.dll" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\MobilePC "HotStart" -> launches: "{06DA0625-9701-43da-BFD7-FBEEA2180A1E}" -> {HKLM...CLSID} = "HotStart User Agent" \InProcServer32\(Default) = "C:\Windows\System32\HotStartUserAgent.dll" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\MUI "LPRemove" -> launches: "%windir%\system32\lpremove.exe" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Multimedia "SystemSoundsService" -> launches: "{2DEA658F-54C1-4227-AF9B-260AB5FC3543}" -> {HKLM...CLSID} = "Microsoft PlaySoundService Class" \InProcServer32\(Default) = "C:\Windows\System32\PlaySndSrv.dll" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\NetTrace "GatherNetworkInfo" -> launches: "%windir%\system32\gatherNetworkInfo.vbs" [null data] C:\Windows\System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics "AnalyzeSystem" -> launches: "%SystemRoot%\System32\powercfg.exe -energy -auto" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\RAC "RacTask" -> (HIDDEN!) launches: "{42060D27-CA53-41f5-96E4-B1E8169308A6}" -> {HKLM...CLSID} = "ReliabilityAnalysisCustomHandler" \InProcServer32\(Default) = "C:\Windows\system32\RacEngn.dll" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Ras "MobilityManager" -> launches: "{c463a0fc-794f-4fdf-9201-01938ceacafa}" -> {HKLM...CLSID} = "RasMobilityManager" \InProcServer32\(Default) = "C:\Windows\system32\rasmbmgr.dll" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Registry "RegIdleBackup" -> (HIDDEN!) launches: "{ca767aa8-9157-4604-b64b-40747123d5f2}" -> {HKLM...CLSID} = "RegistryIdleBackupHandler" \InProcServer32\(Default) = "C:\Windows\System32\regidle.dll" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\RemoteAssistance "RemoteAssistanceTask" -> (HIDDEN!) launches: "%windir%\system32\RAServer.exe /offerraupdate" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\SideShow "GadgetManager" -> launches: "{FF87090D-4A9A-4f47-879B-29A80C355D61}" -> {HKLM...CLSID} = "GadgetsManager Class" \InProcServer32\(Default) = "C:\Windows\System32\AuxiliaryDisplayServices.dll" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\SystemRestore "SR" -> launches: "%windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Task Manager "Interactive" -> (HIDDEN!) launches: "{855fec53-d2e4-4999-9e87-3414e9cf0ff4}" -> {HKLM...CLSID} = "RunTask" \InProcServer32\(Default) = "C:\Windows\system32\wdc.dll" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Tcpip "IpAddressConflict1" -> launches: "%windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem" [MS] "IpAddressConflict2" -> launches: "%windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\TextServicesFramework "MsCtfMonitor" -> (HIDDEN!) launches: "{01575cfe-9a55-4003-a5e1-f38d1ebdcbe1}" -> {HKLM...CLSID} = "MsCtfMonitor task handler" \InProcServer32\(Default) = "C:\Windows\system32\MsCtfMonitor.dll" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Time Synchronization "SynchronizeTime" -> launches: "%windir%\system32\sc.exe start w32time task_started" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\UPnP "UPnPHostConfig" -> launches: "sc.exe config upnphost start= auto" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\WDI "ResolutionHost" -> (HIDDEN!) launches: "{900be39d-6be8-461a-bc4d-b0fa71f5ecb1}" -> {HKLM...CLSID} = "DiagnosticInfrastructureCustomHandler" \InProcServer32\(Default) = "C:\Windows\System32\wdi.dll" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Windows Activation Technologies "ValidationTask" -> (HIDDEN!) launches: "%SystemRoot%\system32\Wat\WatAdminSvc.exe /run" [MS] "ValidationTaskDeadline" -> (HIDDEN!) launches: "%SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Windows Error Reporting "QueueReporting" -> launches: "%windir%\system32\wermgr.exe -queuereporting" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Windows Filtering Platform "BfeOnServiceStartTypeChange" -> (HIDDEN!) launches: "%windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Windows Media Sharing "UpdateLibrary" -> launches: ""%ProgramFiles%\Windows Media Player\wmpnscfg.exe"" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\WindowsBackup "ConfigNotification" -> launches: "%systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION" [MS] C:\Windows\System32\Tasks\Microsoft\Windows Defender "MP Scheduled Scan" -> (HIDDEN!) launches: "c:\program files\windows defender\MpCmdRun.exe Scan -ScheduleJob -WinTask -RestrictPrivilegesScan" [MS] "MpIdleTask" -> (HIDDEN!) launches: "c:\program files\windows defender\MpCmdRun.exe -IdleTask -TaskName MpIdleTask" [MS] C:\Windows\System32\Tasks\WPD "SqmUpload_S-1-5-21-3800391445-3349888462-4249771307-1000" -> (HIDDEN!) launches: "%windir%\system32\rundll32.exe portabledeviceapi.dll,#1" [MS] Winsock2 Service Provider DLLs: ------------------------------- Namespace Service Providers HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++} 000000000001\LibraryPath = "%SystemRoot%\system32\NLAapi.dll" [MS] 000000000002\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS] 000000000003\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS] 000000000004\LibraryPath = "%SystemRoot%\system32\napinsp.dll" [MS] 000000000005\LibraryPath = "%SystemRoot%\system32\pnrpnsp.dll" [MS] 000000000006\LibraryPath = "%SystemRoot%\system32\pnrpnsp.dll" [MS] 000000000007\LibraryPath = "%SystemRoot%\system32\wshbth.dll" [MS] Transport Service Providers HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++} 000000000###\PackedCatalogItem (contains) DLL [Company Name], (at) ### range: %SystemRoot%\system32\mswsock.dll [MS], 01 - 101 Toolbars, Explorer Bars, Extensions: ------------------------------------ Toolbars HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\ "{32099AAC-C132-4136-9E9A-4E364A424E17}" -> {HKLM...CLSID} = "DAEMON Tools Toolbar" \InProcServer32\(Default) = "C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll" [null data] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ "{32099AAC-C132-4136-9E9A-4E364A424E17}" = (no title provided) -> {HKLM...CLSID} = "DAEMON Tools Toolbar" \InProcServer32\(Default) = "C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll" [null data] Explorer Bars HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ HKLM\SOFTWARE\Classes\CLSID\{FF059E31-CC5A-4E2E-BF3B-96E929D65503}\(Default) = "&Badanie" Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar] InProcServer32\(Default) = "C:\PROGRA~1\Microsoft Office\OFFICE11\REFIEBAR.DLL" [MS] Extensions (Tools menu items, main toolbar menu buttons) HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\ {898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ "ButtonText" = "Skype Plug-In" "MenuText" = "Skype Plug-In" "CLSIDExtension" = "{898EA8C8-E7FF-479B-8935-AEC46303B9E5}" -> {HKLM...CLSID} = "Skype Browser Helper" \InProcServer32\(Default) = "C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll" ["Skype Technologies S.A."] {92780B25-18CC-41C8-B9BE-3C9C571A8263}\ "ButtonText" = "Badanie" Running Services (Display Name, Service Name, Path {Service DLL}): ------------------------------------------------------------------ Akamai NetSession Interface, Akamai, "C:\Windows\System32\svchost.exe -k Akamai" {"C:/Program Files/Common Files/Akamai/netsession_win_4176eef.dll" [null data]} Andrea ST Filters Service, AESTFilters, "C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\aestsrv.exe" ["Andrea Electronics Corporation"] Audio Service, STacSV, "C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\STacSV.exe" ["IDT, Inc."] avast! Antivirus, avast! Antivirus, ""C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"" ["AVAST Software"] avast! Mail Scanner, avast! Mail Scanner, ""C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"" ["AVAST Software"] avast! Web Scanner, avast! Web Scanner, ""C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"" ["AVAST Software"] Biometric Authentication Service, DpHost, "C:\Program Files\DigitalPersona\Bin\DpHostW.exe" ["DigitalPersona, Inc."] COMODO System - Cleaner Service, Cleaner_Validator, "C:\Program Files\COMODO\COMODO System-Cleaner\Cleaner_Validator.exe" [null data] DCService.exe, DCService.exe, "C:\ProgramData\DatacardService\DCService.exe" [null data] Machine Debug Manager, MDM, ""C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"" [MS] NVIDIA Display Driver Service, nvsvc, "C:\Windows\system32\nvvsvc.exe" ["NVIDIA Corporation"] PnkBstrA, PnkBstrA, "C:\Windows\system32\PnkBstrA.exe" [null data] Validity Fingerprint Service, vfsFPService, "c:\Windows\system32\vfsFPService.exe" ["Validity Sensors, Inc."] Print Monitors: --------------- HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors\ Microsoft Document Imaging Writer Monitor\Driver = "mdimon.dll" [MS] SSE1M Langmon\Driver = "sse1ml3.dll" [empty string] ---------- (launch time: 2010-11-20 13:54:49) <<!>>: Suspicious data at a malware launch point. + This report excludes default entries except where indicated. + To see *everywhere* the script checks and *everything* it finds, launch it from a command prompt or a shortcut with the -all parameter. + To search all directories of local fixed drives for DESKTOP.INI DLL launch points, use the -supp parameter or answer "No" at the first message box and "Yes" at the second message box. ---------- (total run time: 60 seconds, including 10 seconds for message boxes) [/log] Da się cokolwiek z tego wywnioskować?
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.