x-kom hosting

[BSOD] Prośba o sprawdzenie Logów

Arczi256
utworzono
utworzono

Już parę ładnych dni borykam się z problemem BOSD-a. Bardzo proszę o sprawdzenie i ewentualną pomoc :) BSOD wyskakuję podczas włączania gry "S4League". Nigdy wcześniej nie miałem okazji spotkać się z tym błędem. Dlatego jest to dla mnie totalna nowość i nie wiem co robić

OTL
[log]OTL logfile created on: 2010-11-18 14:08:39 - Run 3
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Artur\Desktop
An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 57,00% Memory free
6,00 Gb Paging File | 4,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 123,65 Gb Total Space | 68,36 Gb Free Space | 55,28% Space Free | Partition Type: NTFS
Drive D: | 166,43 Gb Total Space | 23,29 Gb Free Space | 13,99% Space Free | Partition Type: NTFS
Drive E: | 8,01 Gb Total Space | 7,93 Gb Free Space | 99,04% Space Free | Partition Type: NTFS
Drive H: | 18,78 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: ARTUR-KOMPUTER | User Name: Artur | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-11-16 14:23:02 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Artur\Desktop\OTL.exe
PRC - [2010-11-15 22:08:54 | 000,792,680 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NVXDSYNC.EXE
PRC - [2010-11-15 18:34:52 | 003,416,968 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Emsisoft Anti-Malware\a2guard.exe
PRC - [2010-11-15 18:34:27 | 002,806,000 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe
PRC - [2010-11-03 20:33:59 | 000,114,688 | ---- | M] () -- d:\Program Files\PLAY ONLINE\PLAY ONLINE.exe
PRC - [2010-10-28 15:54:42 | 000,311,744 | ---- | M] () -- C:\Program Files\COMODO\COMODO System-Cleaner\Cleaner_Validator.exe
PRC - [2010-10-16 12:42:46 | 000,600,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe
PRC - [2010-10-08 13:00:10 | 000,836,464 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2010-09-07 16:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010-09-07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010-08-30 13:53:06 | 000,075,064 | ---- | M] () -- C:\Windows\System32\PnkBstrA.exe
PRC - [2010-08-21 06:32:37 | 000,316,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe
PRC - [2010-05-27 21:31:22 | 001,721,640 | ---- | M] (Synaptics Incorporated) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2010-05-27 21:31:22 | 000,103,720 | ---- | M] (Synaptics Incorporated) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
PRC - [2010-05-14 10:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2010-05-08 12:48:36 | 000,229,376 | ---- | M] () -- C:\ProgramData\DatacardService\DCService.exe
PRC - [2010-05-08 12:48:26 | 000,241,664 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
PRC - [2010-03-23 13:53:06 | 000,495,708 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
PRC - [2010-03-23 13:53:06 | 000,229,458 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\stacsv.exe
PRC - [2009-12-01 13:37:48 | 000,322,624 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe
PRC - [2009-12-01 13:37:46 | 000,842,816 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpAgent.exe
PRC - [2009-10-31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009-10-28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe
PRC - [2009-07-14 02:14:50 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exe
PRC - [2009-07-14 02:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
PRC - [2009-07-14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe
PRC - [2009-07-14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 02:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe
PRC - [2009-07-14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe
PRC - [2009-07-14 02:14:35 | 000,428,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe
PRC - [2009-07-14 02:14:27 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\notepad.exe
PRC - [2009-07-14 02:14:23 | 000,261,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe
PRC - [2009-07-14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe
PRC - [2009-07-14 02:14:19 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe
PRC - [2009-07-14 02:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe
PRC - [2009-03-02 17:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\AEstSrv.exe
PRC - [2008-04-27 21:26:44 | 000,599,344 | ---- | M] (Validity Sensors, Inc.) -- C:\Windows\System32\vfsFPService.exe
PRC - [2003-06-19 22:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-11-16 14:23:02 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Artur\Desktop\OTL.exe
MOD - [2010-11-15 18:29:18 | 000,211,432 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Emsisoft Anti-Malware\a2hooks32.dll
MOD - [2010-08-21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
MOD - [2010-07-27 15:03:24 | 012,867,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll
MOD - [2010-06-29 06:02:02 | 001,413,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll
MOD - [2010-03-24 07:37:04 | 001,286,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll
MOD - [2009-12-08 12:33:31 | 000,857,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll
MOD - [2009-12-08 12:32:02 | 000,292,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll
MOD - [2009-12-01 13:37:48 | 000,502,848 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpOFeedb.dll
MOD - [2009-12-01 13:37:48 | 000,363,584 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpOSet.dll
MOD - [2009-07-14 02:16:19 | 000,268,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll
MOD - [2009-07-14 02:16:17 | 001,123,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll
MOD - [2009-07-14 02:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll
MOD - [2009-07-14 02:16:17 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll
MOD - [2009-07-14 02:16:17 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll
MOD - [2009-07-14 02:16:17 | 000,079,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll
MOD - [2009-07-14 02:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll
MOD - [2009-07-14 02:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll
MOD - [2009-07-14 02:16:15 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll
MOD - [2009-07-14 02:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2009-07-14 02:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll
MOD - [2009-07-14 02:16:14 | 001,668,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll
MOD - [2009-07-14 02:16:14 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll
MOD - [2009-07-14 02:16:14 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll
MOD - [2009-07-14 02:16:13 | 000,652,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll
MOD - [2009-07-14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009-07-14 02:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll
MOD - [2009-07-14 02:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
MOD - [2009-07-14 02:16:13 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll
MOD - [2009-07-14 02:16:12 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll
MOD - [2009-07-14 02:16:12 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll
MOD - [2009-07-14 02:16:12 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll
MOD - [2009-07-14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009-07-14 02:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll
MOD - [2009-07-14 02:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll
MOD - [2009-07-14 02:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
MOD - [2009-07-14 02:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll
MOD - [2009-07-14 02:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll
MOD - [2009-07-14 02:15:36 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll
MOD - [2009-07-14 02:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2009-07-14 02:15:32 | 000,118,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll
MOD - [2009-07-14 02:15:22 | 000,304,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll
MOD - [2009-07-14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2009-07-14 02:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009-07-14 02:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll
MOD - [2009-07-14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009-07-14 02:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll
MOD - [2009-07-14 02:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
MOD - [2009-07-14 02:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll
MOD - [2009-07-14 02:14:53 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll
MOD - [2009-07-14 02:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2009-07-14 02:14:08 | 000,319,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2010-11-15 18:34:27 | 002,806,000 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware)
SRV - [2010-11-14 16:54:41 | 003,019,352 | ---- | M] () [Auto | Running] -- C:/Program Files/Common Files/Akamai/netsession_win_4176eef.dll -- (Akamai)
SRV - [2010-10-28 15:54:42 | 000,311,744 | ---- | M] () [Auto | Running] -- C:\Program Files\COMODO\COMODO System-Cleaner\Cleaner_Validator.exe -- (Cleaner_Validator)
SRV - [2010-09-07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010-09-07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010-09-07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010-08-08 18:21:25 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010-05-08 12:48:36 | 000,229,376 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\DCService.exe -- (DCService.exe)
SRV - [2010-03-23 13:53:06 | 000,229,458 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\stacsv.exe -- (STacSV)
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-12-01 13:37:48 | 000,322,624 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe -- (DpHost)
SRV - [2009-07-14 02:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009-07-14 02:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009-07-14 02:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
SRV - [2009-07-14 02:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009-07-14 02:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2009-07-14 02:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009-07-14 02:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009-07-14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009-07-14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
SRV - [2009-07-14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009-07-14 02:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2009-07-14 02:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009-07-14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009-07-14 02:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2009-07-14 02:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009-07-14 02:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2009-07-14 02:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009-07-14 02:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009-07-14 02:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) Instalator formantów ActiveX (AxInstSV)
SRV - [2009-07-14 02:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009-07-14 02:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
SRV - [2009-03-02 17:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\AEstSrv.exe -- (AESTFilters)
SRV - [2008-04-27 21:26:44 | 000,599,344 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\System32\vfsFPService.exe -- (vfsFPService)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\XDva370.sys -- (XDva370)
DRV - File not found [Kernel | Auto | Stopped] -- C:\Windows\System32\Drivers\DgiVecp.sys -- (DgiVecp)
DRV - [2010-11-15 18:33:33 | 000,072,808 | ---- | M] (Emsi Software GmbH) [File_System | On_Demand | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2accx86.sys -- (a2acc)
DRV - [2010-11-15 18:31:38 | 000,041,928 | ---- | M] (Emsi Software GmbH) [File_System | System | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2dix86.sys -- (a2injectiondriver)
DRV - [2010-10-28 15:54:30 | 000,031,696 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | System | Running] -- C:\Windows\System32\drivers\CFRPD.sys -- (CFRPD)
DRV - [2010-10-28 15:54:02 | 000,064,096 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | System | Running] -- C:\Windows\System32\drivers\CFRMD.sys -- (CFRMD)
DRV - [2010-10-16 19:55:00 | 010,084,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010-09-07 21:08:56 | 000,123,496 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2010-09-07 15:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010-09-07 15:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010-09-07 15:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010-09-07 15:47:30 | 000,050,768 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2010-09-07 15:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010-08-25 21:24:02 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010-05-27 21:32:58 | 000,245,936 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2010-05-22 14:48:20 | 000,070,656 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2010-05-05 09:40:32 | 000,011,776 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2util32.sys -- (a2util)
DRV - [2010-04-30 16:52:06 | 000,206,336 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2010-03-25 10:08:38 | 000,105,984 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2010-03-23 13:53:06 | 000,423,424 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2010-03-20 11:56:04 | 000,101,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2010-01-13 15:36:40 | 006,755,840 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5s32.sys -- (NETw5s32) Sterownik karty Intel(R)
DRV - [2009-12-11 08:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
DRV - [2009-07-14 02:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)
DRV - [2009-07-14 02:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)
DRV - [2009-07-14 02:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
DRV - [2009-07-14 02:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
DRV - [2009-07-14 02:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2009-07-14 02:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)
DRV - [2009-07-14 02:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)
DRV - [2009-07-14 02:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)
DRV - [2009-07-14 02:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)
DRV - [2009-07-14 02:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)
DRV - [2009-07-14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)
DRV - [2009-07-14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)
DRV - [2009-07-14 02:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
DRV - [2009-07-14 02:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
DRV - [2009-07-14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
DRV - [2009-07-14 02:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
DRV - [2009-07-14 02:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2009-07-14 02:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
DRV - [2009-07-14 02:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
DRV - [2009-07-14 02:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)
DRV - [2009-07-14 02:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)
DRV - [2009-07-14 02:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
DRV - [2009-07-14 02:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)
DRV - [2009-07-14 02:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
DRV - [2009-07-14 02:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
DRV - [2009-07-14 02:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
DRV - [2009-07-14 02:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
DRV - [2009-07-14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009-07-14 02:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
DRV - [2009-07-14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009-07-14 02:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
DRV - [2009-07-14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
DRV - [2009-07-14 02:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)
DRV - [2009-07-14 02:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)
DRV - [2009-07-14 02:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
DRV - [2009-07-14 02:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
DRV - [2009-07-14 02:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
DRV - [2009-07-14 02:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
DRV - [2009-07-14 02:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
DRV - [2009-07-14 02:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
DRV - [2009-07-14 02:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)
DRV - [2009-07-14 01:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2009-07-14 01:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rdpbus.sys -- (rdpbus)
DRV - [2009-07-14 01:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV - [2009-07-14 00:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV - [2009-07-14 00:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
DRV - [2009-07-14 00:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
DRV - [2009-07-14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009-07-14 00:52:04 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vwififlt.sys -- (vwififlt)
DRV - [2009-07-14 00:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
DRV - [2009-07-14 00:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\1394ohci.sys -- (1394ohci)
DRV - [2009-07-14 00:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)
DRV - [2009-07-14 00:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV - [2009-07-14 00:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
DRV - [2009-07-14 00:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
DRV - [2009-07-14 00:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)
DRV - [2009-07-14 00:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
DRV - [2009-07-14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009-07-14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009-07-14 00:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)
DRV - [2009-07-14 00:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
DRV - [2009-07-14 00:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM)
DRV - [2009-07-13 23:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009-07-13 23:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2009-07-13 23:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2009-07-13 23:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2009-07-13 23:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
DRV - [2009-07-13 23:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
DRV - [2009-07-13 23:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Sterownik karty Intel(R)
DRV - [2009-07-13 23:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2009-07-13 23:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
DRV - [2009-07-13 23:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)
DRV - [2009-03-23 07:58:36 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dc3d.sys -- (dc3d)
DRV - [2009-03-01 22:05:32 | 000,139,776 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rt86win7.sys -- (RTL8167)
DRV - [2008-07-20 18:53:02 | 000,100,184 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2008-04-28 09:54:58 | 000,054,784 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\enecir.sys -- (enecir)
DRV - [2008-04-27 21:27:10 | 000,040,752 | ---- | M] (Validity Sensors, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vfs101x.sys -- (vfs101x)
DRV - [2008-01-03 21:50:22 | 000,005,120 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SSPORT.SYS -- (SSPORT)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]


IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files\DigitalPersona\Bin\FirefoxExt\ [2010-11-17 14:35:41 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2009-06-10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (DigitalPersona Personal Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SKYPEIEPLUGIN.DLL (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [a-squared] C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2guard.exe (Emsi Software GmbH)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\DpAgent.exe (DigitalPersona, Inc.)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKCU..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SKYPEIEPLUGIN.DLL (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SKYPEIEPLUGIN.DLL (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SKYPEIEPLUGIN.DLL (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010-05-10 12:48:36 | 000,126,976 | R--- | M] () - H:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2008-03-07 01:34:52 | 000,000,047 | R--- | M] () - H:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{30ce7deb-b087-11df-972b-002186b24436}\Shell - "" = AutoRun
O33 - MountPoints2\{30ce7deb-b087-11df-972b-002186b24436}\Shell\AutoRun\command - "" = G:\setup.exe -- File not found
O33 - MountPoints2\{6cda2e14-e7a0-11df-93b6-001eeceb08c3}\Shell - "" = AutoRun
O33 - MountPoints2\{6cda2e14-e7a0-11df-93b6-001eeceb08c3}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2010-05-10 12:48:36 | 000,126,976 | R--- | M] ()
O33 - MountPoints2\{6e73b50e-a9d6-11df-acf7-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{6e73b50e-a9d6-11df-acf7-806e6f6e6963}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{6e73b520-a9d6-11df-acf7-001eeceb08c3}\Shell - "" = AutoRun
O33 - MountPoints2\{6e73b520-a9d6-11df-acf7-001eeceb08c3}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2010-05-10 12:48:36 | 000,126,976 | R--- | M] ()
O33 - MountPoints2\{90abe8f6-a456-11df-9a77-001eeceb08c3}\Shell - "" = AutoRun
O33 - MountPoints2\{90abe8f6-a456-11df-9a77-001eeceb08c3}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2010-05-10 12:48:36 | 000,126,976 | R--- | M] ()
O33 - MountPoints2\{943570f2-c939-11df-b9cd-001eeceb08c3}\Shell - "" = AutoRun
O33 - MountPoints2\{943570f2-c939-11df-b9cd-001eeceb08c3}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2010-05-10 12:48:36 | 000,126,976 | R--- | M] ()
O33 - MountPoints2\{94357141-c939-11df-b9cd-001eeceb08c3}\Shell - "" = AutoRun
O33 - MountPoints2\{94357141-c939-11df-b9cd-001eeceb08c3}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2010-05-10 12:48:36 | 000,126,976 | R--- | M] ()
O33 - MountPoints2\{94357145-c939-11df-b9cd-001eeceb08c3}\Shell - "" = AutoRun
O33 - MountPoints2\{94357145-c939-11df-b9cd-001eeceb08c3}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2010-05-10 12:48:36 | 000,126,976 | R--- | M] ()
O33 - MountPoints2\{a083fa6e-a8a2-11df-bb6d-001eeceb08c3}\Shell - "" = AutoRun
O33 - MountPoints2\{a083fa6e-a8a2-11df-bb6d-001eeceb08c3}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2010-05-10 12:48:36 | 000,126,976 | R--- | M] ()
O33 - MountPoints2\{cb848071-d88f-11df-86b8-001eeceb08c3}\Shell - "" = AutoRun
O33 - MountPoints2\{cb848071-d88f-11df-86b8-001eeceb08c3}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2010-05-10 12:48:36 | 000,126,976 | R--- | M] ()
O33 - MountPoints2\{ce81afb7-e811-11df-a2d5-001e101f7f74}\Shell - "" = AutoRun
O33 - MountPoints2\{ce81afb7-e811-11df-a2d5-001e101f7f74}\Shell\AutoRun\command - "" = I:\AutoRun.exe -- File not found
O33 - MountPoints2\{cfb92d32-e780-11df-bf92-001eeceb08c3}\Shell - "" = AutoRun
O33 - MountPoints2\{cfb92d32-e780-11df-bf92-001eeceb08c3}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2010-05-10 12:48:36 | 000,126,976 | R--- | M] ()
O33 - MountPoints2\{cfb92d43-e780-11df-bf92-001eeceb08c3}\Shell - "" = AutoRun
O33 - MountPoints2\{cfb92d43-e780-11df-bf92-001eeceb08c3}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2010-05-10 12:48:36 | 000,126,976 | R--- | M] ()
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2010-05-10 12:48:36 | 000,126,976 | R--- | M] ()
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\AutoRun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-11-18 13:49:02 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010-11-18 13:49:01 | 000,000,000 | ---D | C] -- C:\rsit
[2010-11-17 17:13:29 | 000,000,000 | ---D | C] -- C:\_OTL
[2010-11-17 14:57:55 | 000,000,000 | ---D | C] -- C:\symbols
[2010-11-17 14:53:23 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Windows Performance Toolkit
[2010-11-17 14:52:47 | 000,000,000 | ---D | C] -- C:\Program Files\Debugging Tools for Windows (x86)
[2010-11-17 14:52:30 | 000,000,000 | ---D | C] -- C:\Program Files\Application Verifier
[2010-11-17 14:35:51 | 000,000,000 | ---D | C] -- C:\Windows\System32\tr
[2010-11-17 14:35:51 | 000,000,000 | ---D | C] -- C:\Windows\System32\sv
[2010-11-17 14:35:51 | 000,000,000 | ---D | C] -- C:\Windows\System32\ru
[2010-11-17 14:35:51 | 000,000,000 | ---D | C] -- C:\Windows\System32\no
[2010-11-17 14:35:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\da
[2010-11-17 14:35:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\ko
[2010-11-17 14:35:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\ja
[2010-11-17 14:35:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\it
[2010-11-17 14:35:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\fr
[2010-11-17 14:35:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\es
[2010-11-17 14:35:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\de
[2010-11-17 14:35:41 | 000,000,000 | ---D | C] -- C:\Windows\DPDrv
[2010-11-17 14:34:29 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010-11-17 14:18:50 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SDKs
[2010-11-16 16:35:30 | 000,000,000 | ---D | C] -- C:\Users\Artur\AppData\Roaming\Macrovision
[2010-11-16 16:34:27 | 000,000,000 | ---D | C] -- C:\Users\Artur\AppData\Roaming\DigitalPersona
[2010-11-16 16:34:27 | 000,000,000 | ---D | C] -- C:\Users\Artur\AppData\Local\DigitalPersona
[2010-11-16 16:07:08 | 000,000,000 | ---D | C] -- C:\Users\Artur\AppData\Local\Programs
[2010-11-16 16:04:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Macrovision
[2010-11-16 16:04:52 | 000,000,000 | ---D | C] -- C:\Program Files\DigitalPersona
[2010-11-16 16:02:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations
[2010-11-16 14:21:57 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Artur\Desktop\OTL.exe
[2010-11-15 23:18:21 | 000,000,000 | ---D | C] -- C:\Program Files\sp45082
[2010-11-15 19:15:08 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys
[2010-11-15 18:21:20 | 000,000,000 | ---D | C] -- C:\Program Files\Emsisoft Anti-Malware
[2010-11-15 18:21:20 | 000,000,000 | ---D | C] -- C:\Users\Artur\Documents\Anti-Malware
[2010-11-15 17:36:25 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2010-11-15 17:35:52 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2010-11-14 20:45:27 | 000,000,000 | ---D | C] -- C:\Program Files\alaplaya
[2010-11-14 20:18:31 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010-11-14 16:54:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Akamai
[2010-11-12 13:24:01 | 000,000,000 | ---D | C] -- C:\Program Files\Core Temp
[2010-11-12 00:45:48 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2010-11-11 13:49:25 | 000,000,000 | ---D | C] -- C:\Users\Artur\AppData\Roaming\ImgBurn
[2010-11-10 22:19:10 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2010-11-10 18:49:27 | 000,000,000 | ---D | C] -- C:\Program Files\Simnet
[2010-11-07 02:07:12 | 000,000,000 | ---D | C] -- C:\Users\Artur\AppData\Roaming\skypePM
[2010-11-07 02:04:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010-11-07 02:04:09 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2010-11-07 02:04:06 | 000,000,000 | ---D | C] -- C:\Users\Artur\AppData\Roaming\Skype
[2010-11-07 02:03:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010-11-03 20:34:24 | 000,167,936 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_juwwanecm.sys
[2010-11-03 20:34:24 | 000,070,656 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jubusenum.sys
[2010-11-03 20:34:24 | 000,069,632 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jucdcacm.sys
[2010-11-03 20:34:24 | 000,051,584 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jucdcecm.sys
[2010-11-03 20:34:24 | 000,026,880 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_juextctrl.sys
[2010-11-03 20:34:16 | 000,206,336 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbnet.sys
[2010-11-03 20:34:16 | 000,105,984 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbmdm.sys
[2010-11-03 20:34:16 | 000,027,136 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\Windows\System32\drivers\ewdcsc.sys
[2010-11-03 20:34:16 | 000,011,136 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_usbenumfilter.sys
[2010-11-03 20:34:08 | 000,101,504 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_hwusbdev.sys
[2010-11-03 20:32:27 | 000,000,000 | ---D | C] -- C:\ProgramData\DatacardService
[2010-10-31 12:50:48 | 000,000,000 | ---D | C] -- C:\Users\Artur\Desktop\Nowy folder (6)
[2010-10-28 15:54:30 | 000,031,696 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\System32\drivers\CFRPD.sys
[2010-10-28 15:54:02 | 000,064,096 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\System32\drivers\CFRMD.sys
[2010-10-21 21:58:46 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack
[2010-10-21 21:56:44 | 000,000,000 | ---D | C] -- C:\Program Files\3gp Player
[2010-10-17 11:17:44 | 000,000,000 | ---D | C] -- C:\Users\Artur\Desktop\360 Waves Patcher 1.2.2
[2010-10-16 16:33:13 | 000,000,000 | RH-D | C] -- C:\Users\Artur\AppData\Roaming\SecuROM
[2010-10-14 16:15:27 | 000,000,000 | ---D | C] -- C:\Users\Artur\AppData\Local\MetaGeek,_LLC
[2010-10-14 16:12:41 | 000,000,000 | ---D | C] -- C:\Program Files\MetaGeek
[2010-10-14 09:29:25 | 000,000,000 | ---D | C] -- C:\Users\Artur\Desktop\Nowy folder (5)
[2010-09-30 21:20:13 | 000,204,800 | ---- | C] (SEC) -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvcm.dll
[2010-09-30 21:20:12 | 000,151,552 | ---- | C] (SS) -- C:\Windows\System32\sse1mci.exe
[2010-09-30 21:20:12 | 000,151,552 | ---- | C] (SS) -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\coinst.exe
[2010-09-30 21:20:12 | 000,065,536 | ---- | C] (SS) -- C:\Windows\System32\sse1mci.dll
[2010-09-30 21:20:12 | 000,065,536 | ---- | C] (SS) -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\coinst.dll
[2010-09-30 21:20:12 | 000,005,120 | ---- | C] (Samsung Electronics) -- C:\Windows\System32\drivers\SSPORT.SYS
[2010-09-30 21:20:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series
[2010-09-30 21:20:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\Samsung
[2010-09-30 21:20:10 | 000,000,000 | ---D | C] -- C:\Program Files\Samsung
[2010-09-30 21:20:07 | 000,000,000 | ---D | C] -- C:\Temp
[2010-09-28 14:03:19 | 000,000,000 | ---D | C] -- C:\Program Files\Ubi Soft
[2010-09-28 13:23:13 | 000,000,000 | ---D | C] -- C:\Users\Artur\AppData\Roaming\ubi.com
[2010-09-28 13:23:08 | 000,000,000 | ---D | C] -- C:\Program Files\ubi.com
[2010-09-28 13:23:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PocketSoft
[2010-09-26 20:01:56 | 000,000,000 | ---D | C] -- C:\Program Files\ImgBurn
[2010-09-26 19:48:44 | 000,000,000 | ---D | C] -- C:\Users\Artur\AppData\Roaming\abgx360
[2010-09-26 19:12:42 | 000,000,000 | ---D | C] -- C:\Program Files\abgx360
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-11-18 14:26:29 | 002,097,152 | -HS- | M] () -- C:\Users\Artur\NTUSER.DAT
[2010-11-18 14:24:40 | 000,043,895 | ---- | M] () -- C:\Users\Artur\Desktop\zakładki 2010-10-17.adr
[2010-11-18 13:49:57 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempZN2824.html
[2010-11-18 13:48:50 | 000,339,991 | ---- | M] () -- C:\Users\Artur\Desktop\RSIT.exe
[2010-11-18 13:31:45 | 000,014,976 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010-11-18 13:31:45 | 000,014,976 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010-11-18 13:30:46 | 001,549,696 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010-11-18 13:30:46 | 000,697,912 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2010-11-18 13:30:46 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010-11-18 13:30:46 | 000,134,990 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2010-11-18 13:30:46 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010-11-18 13:24:02 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010-11-18 13:23:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010-11-18 13:23:33 | 2413,522,944 | -HS- | M] () -- C:\hiberfil.sys
[2010-11-17 23:10:55 | 000,024,338 | ---- | M] () -- C:\Windows\cscmondump.bin
[2010-11-17 23:10:46 | 000,703,242 | ---- | M] () -- C:\Windows\CSC_ServiceDump.dat
[2010-11-17 23:10:46 | 000,001,616 | ---- | M] () -- C:\Windows\CSC_ActiveCleanLog.dat
[2010-11-17 23:10:39 | 009,186,233 | -H-- | M] () -- C:\Users\Artur\AppData\Local\IconCache.db
[2010-11-17 22:19:00 | 000,000,450 | ---- | M] () -- C:\Windows\tasks\COMODO Updater.job
[2010-11-17 17:04:05 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempUn2700.html
[2010-11-17 15:21:37 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempWs1704.html
[2010-11-17 15:21:37 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempZj1704.html
[2010-11-17 14:36:48 | 000,000,179 | ---- | M] () -- C:\Windows\{8D4B1164-3935-44B2-9152-D0CB0AFBCCF4}.ini
[2010-11-17 14:36:48 | 000,000,000 | ---- | M] () -- C:\Windows\System32\{8D4B1164-3935-44B2-9152-D0CB0AFBCCF4}.ini
[2010-11-16 23:21:47 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempSP2164.html
[2010-11-16 23:21:47 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempDD2164.html
[2010-11-16 21:59:03 | 312,339,882 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010-11-16 21:45:01 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempKc1936.html
[2010-11-16 21:45:01 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempxf1936.html
[2010-11-16 16:35:35 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempjm2368.html
[2010-11-16 16:35:35 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempMo2368.html
[2010-11-16 15:55:13 | 000,000,125 | ---- | M] () -- C:\Windows\xUninstall.bat
[2010-11-16 14:42:06 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempZv2056.html
[2010-11-16 14:23:02 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Artur\Desktop\OTL.exe
[2010-11-15 19:15:29 | 000,001,118 | ---- | M] () -- C:\Users\Artur\Desktop\EVEREST Ultimate Edition.lnk
[2010-11-15 18:53:11 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TemprcN520.html
[2010-11-15 18:22:25 | 000,000,993 | ---- | M] () -- C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
[2010-11-15 17:59:17 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempHw2120.html
[2010-11-15 17:59:17 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempGE2120.html
[2010-11-15 17:54:23 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempjB2184.html
[2010-11-15 17:54:23 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempEc2184.html
[2010-11-15 17:51:40 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempQK3268.html
[2010-11-15 17:51:40 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempyD3268.html
[2010-11-15 15:03:15 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempOdM404.html
[2010-11-15 15:03:15 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempmmj404.html
[2010-11-14 22:38:43 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempmr1288.html
[2010-11-14 22:38:43 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempgN1288.html
[2010-11-14 21:33:28 | 000,000,428 | ---- | M] () -- C:\Users\Artur\AppData\Roaming\Network Monitor II_Settings.ini
[2010-11-14 21:08:40 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempfw2052.html
[2010-11-14 21:08:40 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempoc2052.html
[2010-11-14 20:49:20 | 000,001,768 | ---- | M] () -- C:\Users\Public\Desktop\S4League.lnk
[2010-11-14 20:40:10 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempPj2308.html
[2010-11-14 20:40:10 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempoF2308.html
[2010-11-14 20:26:12 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempFD1392.html
[2010-11-14 20:20:50 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempxyV604.html
[2010-11-14 20:20:50 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempFSW604.html
[2010-11-14 17:36:16 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempoa2192.html
[2010-11-14 17:11:58 | 000,001,251 | ---- | M] () -- C:\Users\Artur\AppData\Roaming\System Monitor II_Settings.ini
[2010-11-14 17:11:39 | 000,000,363 | ---- | M] () -- C:\Users\Artur\AppData\Roaming\GPU Monitor_Settings.ini
[2010-11-14 16:53:56 | 000,129,521 | ---- | M] () -- C:\Users\Artur\Desktop\S4_Downloader.exe
[2010-11-14 00:02:35 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Temprk2200.html
[2010-11-12 17:53:53 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Templj3136.html
[2010-11-12 17:53:53 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempLP3136.html
[2010-11-12 15:20:19 | 010,211,112 | ---- | M] () -- C:\Users\Artur\Desktop\12. Enrique Iglesias Nicole Scherzinger - Heartbeat.mp3.mp3
[2010-11-12 02:17:43 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempNn2212.html
[2010-11-11 14:44:47 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TemptS2640.html
[2010-11-11 14:44:47 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempCw2640.html
[2010-11-11 00:25:23 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempmW2092.html
[2010-11-11 00:25:23 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempTV2092.html
[2010-11-10 18:58:13 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempNj2936.html
[2010-11-10 18:58:13 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempkQ2936.html
[2010-11-08 23:57:39 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempjt1260.html
[2010-11-08 23:57:39 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempmU1260.html
[2010-11-08 22:35:41 | 000,019,968 | ---- | M] () -- C:\Users\Artur\Desktop\Nowy Dokument programu Microsoft Word (3).doc
[2010-11-07 23:17:16 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Templd2252.html
[2010-11-07 23:17:16 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempiB2252.html
[2010-11-07 14:59:18 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempYo2328.html
[2010-11-07 02:07:26 | 000,000,056 | -H-- | M] () -- C:\Windows\System32\ezsidmv.dat
[2010-11-07 02:06:02 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempGS5436.html
[2010-11-07 00:48:58 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempDe4884.html
[2010-11-06 21:05:48 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempoi3392.html
[2010-11-06 19:14:33 | 000,001,343 | ---- | M] () -- C:\Users\Artur\Desktop\YT2 — skrót.lnk
[2010-11-06 00:43:31 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempIS3156.html
[2010-11-06 00:43:31 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempCb3156.html
[2010-11-05 15:00:43 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempKi1600.html
[2010-11-05 15:00:43 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempdn1600.html
[2010-11-04 22:55:31 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempKn4272.html
[2010-11-04 22:55:31 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempsG4272.html
[2010-11-04 00:20:40 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempaL1992.html
[2010-11-04 00:20:40 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempJT1992.html
[2010-11-04 00:07:00 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempNcI452.html
[2010-11-04 00:07:00 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempBvz452.html
[2010-11-03 20:34:30 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ew_jubusenum_01009.Wdf
[2010-11-03 16:38:37 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempaqS404.html
[2010-11-03 16:38:37 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempjpc404.html
[2010-11-02 22:32:40 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempZe1584.html
[2010-11-02 22:32:40 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempAK1584.html
[2010-11-02 21:49:29 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempFj7360.html
[2010-11-02 21:49:29 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempaG7360.html
[2010-11-02 15:38:35 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempWZ1976.html
[2010-11-01 22:46:19 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempiv1604.html
[2010-11-01 22:46:19 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempGl1604.html
[2010-11-01 10:17:19 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempPK1396.html
[2010-11-01 10:17:19 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempHB1396.html
[2010-11-01 01:15:27 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempkQ5152.html
[2010-11-01 01:15:27 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempyD5152.html
[2010-10-31 22:30:12 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempCfl428.html
[2010-10-31 00:26:22 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempY11140.html
[2010-10-31 00:26:22 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempM11140.html
[2010-10-30 22:14:57 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempKrU364.html
[2010-10-30 22:14:57 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempzHD364.html
[2010-10-29 21:55:35 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempT23260.html
[2010-10-29 21:55:35 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempr23260.html
[2010-10-28 22:01:56 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempr38984.html
[2010-10-28 22:01:56 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempN38984.html
[2010-10-28 15:54:30 | 000,031,696 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\Windows\System32\drivers\CFRPD.sys
[2010-10-28 15:54:02 | 000,064,096 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\Windows\System32\drivers\CFRMD.sys
[2010-10-27 21:38:10 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempM20272.html
[2010-10-26 22:29:18 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempDg2352.html
[2010-10-26 22:29:18 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempaW2352.html
[2010-10-25 21:00:00 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempgL2396.html
[2010-10-25 16:47:54 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempEY1740.html
[2010-10-25 16:47:54 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempRx1740.html
[2010-10-24 21:47:22 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempFs1672.html
[2010-10-23 23:41:07 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempo28316.html
[2010-10-23 23:41:07 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempq28316.html
[2010-10-23 15:51:13 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempwd2992.html
[2010-10-22 22:31:44 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempwV2352.html
[2010-10-22 22:31:44 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempKw2352.html
[2010-10-21 21:56:48 | 000,000,036 | -H-- | M] () -- C:\Windows\System32\swk.ini
[2010-10-21 21:54:40 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempj86412.html
[2010-10-20 23:26:02 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempTz2284.html
[2010-10-20 23:26:02 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempfM2284.html
[2010-10-20 22:07:18 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempCx2952.html
[2010-10-20 22:07:18 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempYi2952.html
[2010-10-19 22:36:40 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempPl6900.html
[2010-10-19 22:36:40 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempRj6900.html
[2010-10-18 22:45:01 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempw20308.html
[2010-10-18 22:45:01 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Temph20308.html
[2010-10-18 16:53:44 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempYK2744.html
[2010-10-17 22:06:15 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempiU2692.html
[2010-10-17 22:06:15 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempJj2692.html
[2010-10-16 22:51:15 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempv26128.html
[2010-10-16 22:51:15 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempA26128.html
[2010-10-16 19:55:00 | 000,057,960 | ---- | M] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2010-10-16 19:55:00 | 000,004,962 | ---- | M] () -- C:\Windows\System32\nvinfo.pb
[2010-10-16 12:55:43 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempKs2856.html
[2010-10-15 23:41:31 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempCy2636.html
[2010-10-15 23:41:31 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempwa2636.html
[2010-10-15 16:56:06 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempQe3144.html
[2010-10-15 16:56:06 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempUf3144.html
[2010-10-14 22:27:50 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempTA3172.html
[2010-10-14 22:27:50 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempPy3172.html
[2010-10-14 09:33:53 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempLP3076.html
[2010-10-14 09:33:53 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempxw3076.html
[2010-10-14 09:26:14 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempZj2984.html
[2010-10-14 09:26:14 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempOk2984.html
[2010-10-13 23:01:29 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempgR3020.html
[2010-10-13 23:01:29 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempTi3020.html
[2010-10-13 22:52:29 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempW14100.html
[2010-10-13 22:52:29 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempL14100.html
[2010-10-13 13:35:43 | 000,409,288 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010-10-13 13:33:50 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Temprt1800.html
[2010-10-13 13:33:50 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempbz1800.html
[2010-10-13 13:05:09 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempfA2460.html
[2010-10-13 12:48:19 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempeh3140.html
[2010-10-13 12:48:19 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempeu3140.html
[2010-10-12 22:22:29 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Templ92180.html
[2010-10-12 22:22:29 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempV92180.html
[2010-10-12 18:33:44 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempJI3184.html
[2010-10-11 22:37:22 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempKe2328.html
[2010-10-11 22:37:22 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempiV2328.html
[2010-10-11 17:17:51 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempJO3208.html
[2010-10-10 20:58:43 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempaU5804.html
[2010-10-10 10:44:39 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempPOY320.html
[2010-10-09 22:33:39 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempUY3492.html
[2010-10-09 14:15:32 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempHd3028.html
[2010-10-09 09:09:10 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempfV3108.html
[2010-10-09 09:09:10 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempeP3108.html
[2010-10-07 21:23:22 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempzz2652.html
[2010-10-07 21:23:22 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempWB2652.html
[2010-10-07 15:11:48 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempoX3204.html
[2010-10-06 21:49:04 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempo18344.html
[2010-10-06 17:04:29 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempud2980.html
[2010-10-05 22:46:45 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempFw3972.html
[2010-10-05 22:46:45 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempdi3972.html
[2010-10-05 18:35:22 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempzx2836.html
[2010-10-05 18:35:22 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempCE2836.html
[2010-10-05 17:50:10 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempYs3208.html
[2010-10-05 17:50:10 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TemplD3208.html
[2010-10-05 15:04:42 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempIc3032.html
[2010-10-05 15:04:41 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempwY3032.html
[2010-10-05 14:34:44 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempLo3140.html
[2010-10-05 07:08:04 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempxO3188.html
[2010-10-05 07:08:04 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Temphb3188.html
[2010-10-04 22:36:02 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempT99548.html
[2010-10-04 22:36:02 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempg99548.html
[2010-10-03 20:51:33 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Temptt2908.html
[2010-10-01 16:22:59 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempjW2960.html
[2010-10-01 16:22:59 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempsp2960.html
[2010-09-30 21:45:03 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempJw2944.html
[2010-09-29 23:33:47 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempp21664.html
[2010-09-29 23:33:47 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempI21664.html
[2010-09-29 22:27:26 | 000,026,112 | ---- | M] () -- C:\Users\Artur\Desktop\Nowy Dokument programu Microsoft Word (2).doc
[2010-09-29 19:17:02 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TemppZ2740.html
[2010-09-28 21:52:37 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempGz3024.html
[2010-09-28 21:52:37 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempLD3024.html
[2010-09-28 13:23:42 | 000,000,000 | ---- | M] () -- C:\Windows\PowerReg.dat
[2010-09-26 21:44:36 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempps3028.html
[2010-09-26 21:44:36 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempdl3028.html
[2010-09-25 23:19:00 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempBv2880.html
[2010-09-25 23:19:00 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempoK2880.html
[2010-09-24 22:25:49 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempIn5208.html
[2010-09-24 22:25:49 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempaB5208.html
[2010-09-24 20:52:35 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempwM2892.html
[2010-09-24 15:10:12 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempZg3052.html
[2010-09-24 15:10:12 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempnV3052.html
[2010-09-23 22:20:34 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Temp143576.html
[2010-09-23 22:20:34 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempa43576.html
[2010-09-23 14:03:32 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempPd3040.html
[2010-09-22 22:30:13 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempce3144.html
[2010-09-22 22:30:13 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempTb3144.html
[2010-09-22 16:47:38 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempDl3004.html
[2010-09-22 16:47:38 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempNi3004.html
[2010-09-21 21:38:52 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempE11968.html
[2010-09-21 21:38:52 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempU11968.html
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-11-18 14:17:14 | 000,043,895 | ---- | C] () -- C:\Users\Artur\Desktop\zakładki 2010-10-17.adr
[2010-11-18 13:48:50 | 000,339,991 | ---- | C] () -- C:\Users\Artur\Desktop\RSIT.exe
[2010-11-18 13:25:10 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempZN2824.html
[2010-11-17 15:24:38 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempUn2700.html
[2010-11-17 14:36:48 | 000,000,179 | ---- | C] () -- C:\Windows\{8D4B1164-3935-44B2-9152-D0CB0AFBCCF4}.ini
[2010-11-17 14:36:48 | 000,000,000 | ---- | C] () -- C:\Windows\System32\{8D4B1164-3935-44B2-9152-D0CB0AFBCCF4}.ini
[2010-11-17 14:07:13 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempWs1704.html
[2010-11-17 14:07:13 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempZj1704.html
[2010-11-16 22:00:43 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempSP2164.html
[2010-11-16 22:00:43 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempDD2164.html
[2010-11-16 21:45:01 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempKc1936.html
[2010-11-16 21:45:01 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempxf1936.html
[2010-11-16 16:35:35 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempjm2368.html
[2010-11-16 16:35:35 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempMo2368.html
[2010-11-16 12:35:14 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempZv2056.html
[2010-11-15 19:15:29 | 000,001,118 | ---- | C] () -- C:\Users\Artur\Desktop\EVEREST Ultimate Edition.lnk
[2010-11-15 18:22:25 | 000,000,993 | ---- | C] () -- C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
[2010-11-15 18:10:31 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TemprcN520.html
[2010-11-15 17:59:17 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempHw2120.html
[2010-11-15 17:59:17 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempGE2120.html
[2010-11-15 17:54:23 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempjB2184.html
[2010-11-15 17:54:23 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempEc2184.html
[2010-11-15 17:35:52 | 000,004,962 | ---- | C] () -- C:\Windows\System32\nvinfo.pb
[2010-11-15 17:11:40 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempQK3268.html
[2010-11-15 17:11:40 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempyD3268.html
[2010-11-15 15:03:15 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempOdM404.html
[2010-11-15 15:03:15 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempmmj404.html
[2010-11-14 21:14:16 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempmr1288.html
[2010-11-14 21:14:16 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempgN1288.html
[2010-11-14 21:08:40 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempfw2052.html
[2010-11-14 21:08:40 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempoc2052.html
[2010-11-14 20:49:20 | 000,001,768 | ---- | C] () -- C:\Users\Public\Desktop\S4League.lnk
[2010-11-14 20:40:10 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempPj2308.html
[2010-11-14 20:40:10 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempoF2308.html
[2010-11-14 20:24:38 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempFD1392.html
[2010-11-14 20:20:16 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempxyV604.html
[2010-11-14 20:20:16 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempFSW604.html
[2010-11-14 20:18:15 | 312,339,882 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010-11-14 17:13:42 | 000,000,428 | ---- | C] () -- C:\Users\Artur\AppData\Roaming\Network Monitor II_Settings.ini
[2010-11-14 16:53:56 | 000,129,521 | ---- | C] () -- C:\Users\Artur\Desktop\S4_Downloader.exe
[2010-11-14 14:40:35 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempoa2192.html
[2010-11-13 23:05:07 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temprk2200.html
[2010-11-12 15:18:04 | 010,211,112 | ---- | C] () -- C:\Users\Artur\Desktop\12. Enrique Iglesias Nicole Scherzinger - Heartbeat.mp3.mp3
[2010-11-12 13:22:40 | 000,000,363 | ---- | C] () -- C:\Users\Artur\AppData\Roaming\GPU Monitor_Settings.ini
[2010-11-12 11:40:16 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Templj3136.html
[2010-11-12 11:40:16 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempLP3136.html
[2010-11-12 00:40:58 | 000,001,251 | ---- | C] () -- C:\Users\Artur\AppData\Roaming\System Monitor II_Settings.ini
[2010-11-12 00:25:10 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempNn2212.html
[2010-11-11 11:21:44 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TemptS2640.html
[2010-11-11 11:21:44 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempCw2640.html
[2010-11-11 00:25:50 | 000,024,338 | ---- | C] () -- C:\Windows\cscmondump.bin
[2010-11-11 00:25:29 | 000,703,242 | ---- | C] () -- C:\Windows\CSC_ServiceDump.dat
[2010-11-11 00:25:29 | 000,001,616 | ---- | C] () -- C:\Windows\CSC_ActiveCleanLog.dat
[2010-11-10 22:19:27 | 000,000,450 | ---- | C] () -- C:\Windows\tasks\COMODO Updater.job
[2010-11-10 21:53:41 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempmW2092.html
[2010-11-10 21:53:41 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempTV2092.html
[2010-11-10 15:05:07 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempNj2936.html
[2010-11-10 15:05:07 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempkQ2936.html
[2010-11-08 22:28:03 | 000,019,968 | ---- | C] () -- C:\Users\Artur\Desktop\Nowy Dokument programu Microsoft Word (3).doc
[2010-11-08 15:10:36 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempjt1260.html
[2010-11-08 15:10:36 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempmU1260.html
[2010-11-07 20:01:52 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Templd2252.html
[2010-11-07 20:01:52 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempiB2252.html
[2010-11-07 11:53:41 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempYo2328.html
[2010-11-07 02:07:26 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2010-11-07 01:35:43 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempGS5436.html
[2010-11-06 22:36:25 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempDe4884.html
[2010-11-06 19:14:33 | 000,001,343 | ---- | C] () -- C:\Users\Artur\Desktop\YT2 — skrót.lnk
[2010-11-06 09:51:01 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempoi3392.html
[2010-11-05 16:02:15 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempIS3156.html
[2010-11-05 16:02:15 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempCb3156.html
[2010-11-05 15:00:43 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempKi1600.html
[2010-11-05 15:00:43 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempdn1600.html
[2010-11-04 21:56:58 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempKn4272.html
[2010-11-04 21:56:58 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempsG4272.html
[2010-11-04 00:17:43 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempaL1992.html
[2010-11-04 00:17:43 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempJT1992.html
[2010-11-03 20:34:30 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ew_jubusenum_01009.Wdf
[2010-11-03 20:31:06 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempNcI452.html
[2010-11-03 20:31:06 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempBvz452.html
[2010-11-03 14:30:55 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempaqS404.html
[2010-11-03 14:30:55 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempjpc404.html
[2010-11-02 22:07:03 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempZe1584.html
[2010-11-02 22:07:03 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempAK1584.html
[2010-11-02 20:27:41 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempFj7360.html
[2010-11-02 20:27:41 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempaG7360.html
[2010-11-02 13:03:36 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempWZ1976.html
[2010-11-01 12:14:09 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempiv1604.html
[2010-11-01 12:14:09 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempGl1604.html
[2010-11-01 08:57:01 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempPK1396.html
[2010-11-01 08:57:01 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempHB1396.html
[2010-11-01 01:15:07 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempkQ5152.html
[2010-11-01 01:15:07 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempyD5152.html
[2010-10-31 12:27:40 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempCfl428.html
[2010-10-31 00:26:08 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempY11140.html
[2010-10-31 00:26:08 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempM11140.html
[2010-10-30 09:29:27 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempKrU364.html
[2010-10-30 09:29:27 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempzHD364.html
[2010-10-29 21:29:07 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempT23260.html
[2010-10-29 21:29:07 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempr23260.html
[2010-10-28 19:57:02 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempr38984.html
[2010-10-28 19:57:02 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempN38984.html
[2010-10-27 20:53:31 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempM20272.html
[2010-10-26 12:14:59 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempDg2352.html
[2010-10-26 12:14:59 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempaW2352.html
[2010-10-25 19:53:21 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempgL2396.html
[2010-10-25 14:20:39 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempEY1740.html
[2010-10-25 14:20:39 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempRx1740.html
[2010-10-24 10:43:54 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempFs1672.html
[2010-10-23 21:48:19 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempo28316.html
[2010-10-23 21:48:19 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempq28316.html
[2010-10-23 12:46:08 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempwd2992.html
[2010-10-22 16:11:42 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempwV2352.html
[2010-10-22 16:11:42 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempKw2352.html
[2010-10-21 21:58:47 | 000,010,752 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010-10-21 21:58:47 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2010-10-21 21:56:48 | 000,000,036 | -H-- | C] () -- C:\Windows\System32\swk.ini
[2010-10-21 19:39:31 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempj86412.html
[2010-10-20 22:29:13 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempTz2284.html
[2010-10-20 22:29:13 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempfM2284.html
[2010-10-20 13:54:09 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempCx2952.html
[2010-10-20 13:54:09 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempYi2952.html
[2010-10-19 19:16:49 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempPl6900.html
[2010-10-19 19:16:49 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempRj6900.html
[2010-10-18 22:42:48 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempw20308.html
[2010-10-18 22:42:48 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temph20308.html
[2010-10-18 14:49:27 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempYK2744.html
[2010-10-17 09:29:23 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempiU2692.html
[2010-10-17 09:29:23 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempJj2692.html
[2010-10-16 17:45:59 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempv26128.html
[2010-10-16 17:45:59 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempA26128.html
[2010-10-16 11:20:43 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempKs2856.html
[2010-10-15 20:10:52 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempCy2636.html
[2010-10-15 20:10:52 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempwa2636.html
[2010-10-15 14:50:26 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempQe3144.html
[2010-10-15 14:50:26 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempUf3144.html
[2010-10-14 13:21:59 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempTA3172.html
[2010-10-14 13:21:59 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempPy3172.html
[2010-10-14 09:28:24 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempLP3076.html
[2010-10-14 09:28:24 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempxw3076.html
[2010-10-14 09:16:20 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempZj2984.html
[2010-10-14 09:16:20 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempOk2984.html
[2010-10-13 22:54:52 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempgR3020.html
[2010-10-13 22:54:52 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempTi3020.html
[2010-10-13 20:17:16 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempW14100.html
[2010-10-13 20:17:16 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempL14100.html
[2010-10-13 13:05:19 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temprt1800.html
[2010-10-13 13:05:19 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempbz1800.html
[2010-10-13 12:57:21 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempfA2460.html
[2010-10-13 12:37:57 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempeh3140.html
[2010-10-13 12:37:57 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempeu3140.html
[2010-10-12 21:05:56 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Templ92180.html
[2010-10-12 21:05:56 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempV92180.html
[2010-10-12 12:37:57 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempJI3184.html
[2010-10-11 21:03:35 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempKe2328.html
[2010-10-11 21:03:35 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempiV2328.html
[2010-10-11 13:45:42 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempJO3208.html
[2010-10-10 15:47:11 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempaU5804.html
[2010-10-10 09:38:11 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempPOY320.html
[2010-10-09 15:41:35 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempUY3492.html
[2010-10-09 12:48:22 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempHd3028.html
[2010-10-09 09:06:48 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempfV3108.html
[2010-10-09 09:06:48 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempeP3108.html
[2010-10-07 17:21:50 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempzz2652.html
[2010-10-07 17:21:50 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempWB2652.html
[2010-10-07 12:12:49 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempoX3204.html
[2010-10-06 20:47:58 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempo18344.html
[2010-10-06 13:12:31 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempud2980.html
[2010-10-05 20:24:36 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempFw3972.html
[2010-10-05 20:24:36 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempdi3972.html
[2010-10-05 18:26:45 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempzx2836.html
[2010-10-05 18:26:45 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempCE2836.html
[2010-10-05 17:47:35 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempYs3208.html
[2010-10-05 17:47:35 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TemplD3208.html
[2010-10-05 15:04:42 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempIc3032.html
[2010-10-05 15:04:41 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempwY3032.html
[2010-10-05 12:04:30 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempLo3140.html
[2010-10-05 07:05:47 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempxO3188.html
[2010-10-05 07:05:47 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temphb3188.html
[2010-10-04 21:26:59 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempT99548.html
[2010-10-04 21:26:59 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempg99548.html
[2010-10-03 14:48:44 | 000,069,632 | R--- | C] () -- C:\Windows\System32\xmltok.dll
[2010-10-03 14:48:44 | 000,036,864 | R--- | C] () -- C:\Windows\System32\xmlparse.dll
[2010-10-03 14:48:44 | 000,035,840 | R--- | C] () -- C:\Windows\System32\comdlg32.oca
[2010-10-03 14:48:44 | 000,029,184 | R--- | C] () -- C:\Windows\System32\MSINET.oca
[2010-10-03 10:01:11 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temptt2908.html
[2010-10-01 14:04:48 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempjW2960.html
[2010-10-01 14:04:48 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempsp2960.html
[2010-09-30 21:20:28 | 000,011,502 | ---- | C] () -- C:\Windows\Dr. Printer Icon.ico
[2010-09-30 21:20:13 | 001,032,192 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvum.dll
[2010-09-30 21:20:13 | 000,929,792 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvu.dll
[2010-09-30 21:20:13 | 000,835,584 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvu2.dll
[2010-09-30 21:20:13 | 000,626,874 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvua.bmp
[2010-09-30 21:20:13 | 000,217,088 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvo.dll
[2010-09-30 21:20:13 | 000,206,278 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvub.bmp
[2010-09-30 21:20:13 | 000,087,134 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvfn.dat
[2010-09-30 21:20:13 | 000,084,076 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvel.dat
[2010-09-30 21:20:13 | 000,083,730 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvgr.dat
[2010-09-30 21:20:13 | 000,082,987 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvsp.dat
[2010-09-30 21:20:13 | 000,082,974 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvpt.dat
[2010-09-30 21:20:13 | 000,082,040 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvit.dat
[2010-09-30 21:20:13 | 000,081,898 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvbp.dat
[2010-09-30 21:20:13 | 000,081,018 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvdt.dat
[2010-09-30 21:20:13 | 000,080,802 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvhu.dat
[2010-09-30 21:20:13 | 000,080,441 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvru.dat
[2010-09-30 21:20:13 | 000,079,600 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvpo.dat
[2010-09-30 21:20:13 | 000,078,768 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvfi.dat
[2010-09-30 21:20:13 | 000,077,879 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvdn.dat
[2010-09-30 21:20:13 | 000,077,734 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvcz.dat
[2010-09-30 21:20:13 | 000,077,604 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvtk.dat
[2010-09-30 21:20:13 | 000,076,959 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvsw.dat
[2010-09-30 21:20:13 | 000,076,904 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvnr.dat
[2010-09-30 21:20:13 | 000,074,785 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrven.dat
[2010-09-30 21:20:13 | 000,071,490 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvkr.dat
[2010-09-30 21:20:13 | 000,069,632 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvlf.dll
[2010-09-30 21:20:13 | 000,064,494 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvcp.dat
[2010-09-30 21:20:13 | 000,064,315 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvct.dat
[2010-09-30 21:20:13 | 000,051,536 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\sse1mu.bmp
[2010-09-30 21:20:13 | 000,049,152 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvIO.DLL
[2010-09-30 21:20:13 | 000,038,192 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvcm.ctd
[2010-09-30 21:20:13 | 000,036,323 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\sse1m.cat
[2010-09-30 21:20:13 | 000,034,625 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvel.chm
[2010-09-30 21:20:13 | 000,034,205 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvhu.chm
[2010-09-30 21:20:13 | 000,034,075 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvpo.chm
[2010-09-30 21:20:13 | 000,033,815 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvgr.chm
[2010-09-30 21:20:13 | 000,033,649 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvru.chm
[2010-09-30 21:20:13 | 000,033,451 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvcz.chm
[2010-09-30 21:20:13 | 000,033,417 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvfn.chm
[2010-09-30 21:20:13 | 000,033,187 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvkr.chm
[2010-09-30 21:20:13 | 000,033,107 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvdt.chm
[2010-09-30 21:20:13 | 000,033,089 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvpt.chm
[2010-09-30 21:20:13 | 000,033,047 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvsp.chm
[2010-09-30 21:20:13 | 000,032,749 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvct.chm
[2010-09-30 21:20:13 | 000,032,741 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvit.chm
[2010-09-30 21:20:13 | 000,032,719 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvcp.chm
[2010-09-30 21:20:13 | 000,032,467 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvbp.chm
[2010-09-30 21:20:13 | 000,032,409 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvdn.chm
[2010-09-30 21:20:13 | 000,032,345 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvtk.chm
[2010-09-30 21:20:13 | 000,032,299 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvfi.chm
[2010-09-30 21:20:13 | 000,032,243 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvsw.chm
[2010-09-30 21:20:13 | 000,031,821 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvnr.chm
[2010-09-30 21:20:13 | 000,031,467 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrven.chm
[2010-09-30 21:20:13 | 000,024,250 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvum.xml
[2010-09-30 21:20:13 | 000,022,723 | ---- | C] () -- C:\Windows\System32\sse1ml3.dll
[2010-09-30 21:20:13 | 000,022,723 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\sse1ml3.dll
[2010-09-30 21:20:13 | 000,015,318 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvpp.dll
[2010-09-30 21:20:13 | 000,008,465 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\sse1m.inf
[2010-09-30 21:20:13 | 000,005,020 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\sse1mu.ini
[2010-09-30 21:20:13 | 000,004,072 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvul.bmp
[2010-09-30 21:20:13 | 000,000,556 | ---- | C] () -- C:\Windows\System32\sse1ml3.smt
[2010-09-30 21:20:13 | 000,000,556 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\sse1ml3.SMT
[2010-09-30 21:20:13 | 000,000,527 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\sse1mpp.ver
[2010-09-30 13:17:42 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempJw2944.html
[2010-09-29 19:58:34 | 000,026,112 | ---- | C] () -- C:\Users\Artur\Desktop\Nowy Dokument programu Microsoft Word (2).doc
[2010-09-29 19:43:57 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempp21664.html
[2010-09-29 19:43:57 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempI21664.html
[2010-09-29 14:07:51 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TemppZ2740.html
[2010-09-28 13:23:42 | 000,000,000 | ---- | C] () -- C:\Windows\PowerReg.dat
[2010-09-28 13:23:13 | 000,185,344 | ---- | C] () -- C:\Windows\patchw32.dll
[2010-09-28 13:15:19 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempGz3024.html
[2010-09-28 13:15:19 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempLD3024.html
[2010-09-26 07:45:37 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempps3028.html
[2010-09-26 07:45:37 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempdl3028.html
[2010-09-25 10:11:05 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempBv2880.html
[2010-09-25 10:11:05 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempoK2880.html
[2010-09-24 21:45:46 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempIn5208.html
[2010-09-24 21:45:46 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempaB5208.html
[2010-09-24 19:32:38 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempwM2892.html
[2010-09-24 14:03:40 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempZg3052.html
[2010-09-24 14:03:40 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempnV3052.html
[2010-09-23 21:09:20 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temp143576.html
[2010-09-23 21:09:20 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempa43576.html
[2010-09-23 13:09:08 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempPd3040.html
[2010-09-22 19:33:04 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempce3144.html
[2010-09-22 19:33:04 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempTb3144.html
[2010-09-22 14:17:12 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempDl3004.html
[2010-09-22 14:17:12 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempNi3004.html
[2010-09-21 20:19:41 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempE11968.html
[2010-09-21 20:19:41 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempU11968.html
[2010-09-18 23:49:43 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempjS3124.html
[2010-09-18 23:49:43 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempPm3124.html
[2010-09-18 18:58:13 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempU21712.html
[2010-09-18 18:58:13 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempd21712.html
[2010-09-18 10:04:32 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempyC2952.html
[2010-09-18 10:04:32 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempAx2952.html
[2010-09-17 19:02:43 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempM96720.html
[2010-09-17 18:04:42 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temp119244.html
[2010-09-17 17:50:59 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temp113764.html
[2010-09-17 17:36:43 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temp110156.html
[2010-09-17 17:16:38 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temp103396.html
[2010-09-17 11:49:58 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempof2712.html
[2010-09-17 11:49:58 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempdX2712.html
[2010-09-16 15:28:56 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempLv1704.html
[2010-09-16 15:28:56 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempgg1704.html
[2010-09-15 18:48:01 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempsy3320.html
[2010-09-15 17:10:36 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempUj6004.html
[2010-09-15 17:10:36 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempgd6004.html
[2010-09-14 15:33:53 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempp57644.html
[2010-09-13 22:58:09 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempyl1560.html
[2010-09-13 22:58:09 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempka1560.html
[2010-09-13 10:05:17 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempOq4016.html
[2010-09-13 10:05:17 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempWL4016.html
[2010-09-12 22:53:36 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempqf6012.html
[2010-09-12 22:53:36 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempPG6012.html
[2010-09-12 19:40:47 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempG75204.html
[2010-09-12 19:40:47 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempH75204.html
[2010-09-12 14:06:55 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempV22244.html
[2010-09-12 12:32:44 | 000,000,412 | ---- | C] () -- C:\Windows\ODBC.INI
[2010-09-11 21:22:20 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temph50740.html
[2010-09-11 21:22:20 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempi50740.html
[2010-09-11 12:15:28 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempn30548.html
[2010-09-11 10:38:11 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempCF3652.html
[2010-09-11 10:38:11 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempJP3652.html
[2010-09-10 13:31:35 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempTO3788.html
[2010-09-10 13:31:35 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempqa3788.html
[2010-09-09 22:59:12 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempCeu508.html
[2010-09-09 22:59:12 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempXrv508.html
[2010-09-09 21:57:44 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempBG2396.html
[2010-09-09 13:23:47 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempwS2184.html
[2010-09-09 13:23:47 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempNu2184.html
[2010-09-08 20:18:21 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempfc5964.html
[2010-09-08 16:38:00 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempqm3104.html
[2010-09-08 16:38:00 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TemprM3104.html
[2010-09-07 15:27:55 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempSO3476.html
[2010-09-07 13:28:51 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempvpt468.html
[2010-09-06 19:26:34 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temprj7908.html
[2010-09-06 19:26:34 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempiQ7908.html
[2010-09-05 20:33:36 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempcW3832.html
[2010-09-05 20:33:36 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempDH3832.html
[2010-09-05 14:00:19 | 000,000,316 | ---- | C] () -- C:\Windows\game.ini
[2010-09-05 11:56:11 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempIr3612.html
[2010-09-05 09:48:41 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempYE3116.html
[2010-09-04 20:49:46 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempUZ3760.html
[2010-09-04 18:41:33 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempsJ4000.html
[2010-09-04 18:41:33 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempAk4000.html
[2010-09-04 08:40:09 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempRl1392.html
[2010-09-04 08:40:09 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempWO1392.html
[2010-09-03 21:23:11 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempgJ2236.html
[2010-09-03 21:23:11 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempVD2236.html
[2010-09-03 16:04:17 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempNT4080.html
[2010-09-03 16:04:17 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempsM4080.html
[2010-09-03 14:37:34 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempJkh932.html
[2010-09-03 14:37:34 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempTIc932.html
[2010-09-02 20:41:11 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempjX2476.html
[2010-09-02 19:55:57 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempKm6264.html
[2010-09-02 19:55:57 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempdp6264.html
[2010-09-01 18:00:30 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempw22280.html
[2010-08-31 22:58:11 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempsI2900.html
[2010-08-31 22:58:11 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempWI2900.html
[2010-08-30 20:51:30 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempeb9828.html
[2010-08-30 13:48:54 | 000,138,664 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010-08-30 13:20:42 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempVo3468.html
[2010-08-30 00:43:29 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempN72660.html
[2010-08-29 19:54:49 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temprf3580.html
[2010-08-28 19:33:01 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temptn3624.html
[2010-08-27 12:28:32 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temptl3676.html
[2010-08-26 19:44:26 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempEp2176.html
[2010-08-26 14:00:16 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempzc3692.html
[2010-08-26 14:00:16 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempWe3692.html
[2010-08-26 02:44:15 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempJh1508.html
[2010-08-25 21:24:02 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2010-08-25 18:44:46 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempmh3564.html
[2010-08-25 18:44:46 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempLM3564.html
[2010-08-25 10:23:50 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempUB2960.html
[2010-08-24 16:43:01 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempQLm604.html
[2010-08-24 11:29:07 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempoMZ716.html
[2010-08-24 11:28:23 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempGk3868.html
[2010-08-24 00:14:43 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temp123388.html
[2010-08-23 20:31:20 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempu48020.html
[2010-08-23 15:32:31 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempn18332.html
[2010-08-23 11:00:44 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempbg2276.html
[2010-08-22 23:32:01 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempfg1052.html
[2010-08-22 23:32:01 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempHF1052.html
[2010-08-22 20:10:04 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempOa1220.html
[2010-08-22 18:38:59 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempcR3444.html
[2010-08-22 18:38:59 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempEX3444.html
[2010-08-20 09:32:11 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempTi3808.html
[2010-08-20 09:32:11 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempYy3808.html
[2010-08-19 09:40:02 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempqs3176.html
[2010-08-19 09:40:02 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempAi3176.html
[2010-08-18 21:23:28 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempGY3588.html
[2010-08-18 21:23:28 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempSE3588.html
[2010-08-17 12:15:46 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempjq2528.html
[2010-08-17 12:15:45 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempYs2528.html
[2010-08-17 09:10:26 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempyM1820.html
[2010-08-17 09:10:26 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempDW1820.html
[2010-08-16 21:07:14 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempyJW964.html
[2010-08-15 23:05:22 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempFQ4064.html
[2010-08-15 21:26:10 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempta3924.html
[2010-08-15 21:25:09 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempkC2304.html
[2010-08-11 21:38:42 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temphco724.html
[2010-08-11 21:38:42 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempfxY724.html
[2010-08-11 09:28:14 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempAr3400.html
[2010-08-10 21:03:30 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temp234128.html
[2010-08-06 16:40:45 | 000,109,608 | ---- | C] () -- C:\Users\Artur\AppData\Local\GDIPFONTCACHEV1.DAT
[2010-08-06 16:13:11 | 009,186,233 | -H-- | C] () -- C:\Users\Artur\AppData\Local\IconCache.db
[2010-08-06 15:26:53 | 001,549,696 | ---- | C] () -- C:\Windows\System32\PerfStringBackup.INI
[2010-02-08 07:33:04 | 000,359,320 | ---- | C] () -- C:\Windows\System32\vfprintpthelper.dll
[2009-07-14 05:41:57 | 000,000,174 | -HS- | C] () -- C:\Program Files\desktop.ini
[2009-07-14 03:04:57 | 000,001,405 | ---- | C] () -- C:\Windows\msdfmap.ini
[2009-07-14 03:04:23 | 000,000,499 | ---- | C] () -- C:\Windows\win.ini
[2009-07-14 03:04:23 | 000,000,219 | ---- | C] () -- C:\Windows\system.ini
[2009-07-14 01:59:08 | 000,011,776 | ---- | C] () -- C:\Windows\System32\SaSegFlt.dll
[2009-07-14 01:58:40 | 000,037,376 | ---- | C] () -- C:\Windows\System32\SaImgFlt.dll
[2009-07-14 01:58:25 | 000,010,240 | ---- | C] () -- C:\Windows\System32\SaErHdlr.dll
[2009-07-14 01:56:53 | 000,159,232 | ---- | C] () -- C:\Windows\System32\SaMinDrv.dll
[2009-07-14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009-07-14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009-07-13 22:40:44 | 000,027,097 | ---- | C] () -- C:\Windows\System32\country.sys
[2009-07-13 22:40:43 | 000,042,809 | ---- | C] () -- C:\Windows\System32\KEY01.SYS
[2009-07-13 22:40:43 | 000,042,537 | ---- | C] () -- C:\Windows\System32\KEYBOARD.SYS
[2009-07-13 22:40:41 | 000,009,029 | ---- | C] () -- C:\Windows\System32\ANSI.SYS
[2009-07-13 22:40:40 | 000,004,768 | ---- | C] () -- C:\Windows\System32\HIMEM.SYS
[2009-07-13 22:40:39 | 000,029,274 | ---- | C] () -- C:\Windows\System32\NTDOS412.SYS
[2009-07-13 22:40:35 | 000,029,370 | ---- | C] () -- C:\Windows\System32\NTDOS411.SYS
[2009-07-13 22:40:31 | 000,029,146 | ---- | C] () -- C:\Windows\System32\NTDOS404.SYS
[2009-07-13 22:40:27 | 000,029,146 | ---- | C] () -- C:\Windows\System32\NTDOS804.SYS
[2009-07-13 22:40:23 | 000,027,866 | ---- | C] () -- C:\Windows\System32\NTDOS.SYS
[2009-07-13 22:40:19 | 000,035,536 | ---- | C] () -- C:\Windows\System32\NTIO412.SYS
[2009-07-13 22:40:17 | 000,035,776 | ---- | C] () -- C:\Windows\System32\NTIO411.SYS
[2009-07-13 22:40:15 | 000,034,672 | ---- | C] () -- C:\Windows\System32\NTIO404.SYS
[2009-07-13 22:40:13 | 000,034,672 | ---- | C] () -- C:\Windows\System32\NTIO804.SYS
[2009-07-13 22:40:11 | 000,033,952 | ---- | C] () -- C:\Windows\System32\NTIO.SYS
[2009-07-13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\System32\msjetoledb40.dll
[2009-07-13 21:29:46 | 000,013,312 | ---- | C] () -- C:\Windows\System32\win87em.dll
[2009-06-10 22:39:59 | 000,060,124 | ---- | C] () -- C:\Windows\System32\tcpmon.ini
[2007-11-14 15:17:34 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CogentBioSDK.dll
[2006-03-09 08:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2003-04-08 10:40:22 | 000,005,679 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI

[color=#E56717]========== LOP Check ==========[/color]

[2010-09-26 19:48:45 | 000,000,000 | ---D | M] -- C:\Users\Artur\AppData\Roaming\abgx360
[2010-08-25 23:33:20 | 000,000,000 | ---D | M] -- C:\Users\Artur\AppData\Roaming\DAEMON Tools Lite
[2010-11-16 16:34:27 | 000,000,000 | ---D | M] -- C:\Users\Artur\AppData\Roaming\DigitalPersona
[2010-11-17 18:35:15 | 000,000,000 | ---D | M] -- C:\Users\Artur\AppData\Roaming\foobar2000
[2010-08-10 22:36:18 | 000,000,000 | ---D | M] -- C:\Users\Artur\AppData\Roaming\Gadu-Gadu 10
[2010-11-11 14:44:27 | 000,000,000 | ---D | M] -- C:\Users\Artur\AppData\Roaming\ImgBurn
[2010-09-11 13:06:16 | 000,000,000 | ---D | M] -- C:\Users\Artur\AppData\Roaming\Opera
[2010-08-22 19:37:33 | 000,000,000 | ---D | M] -- C:\Users\Artur\AppData\Roaming\Soldat
[2010-09-28 13:23:13 | 000,000,000 | ---D | M] -- C:\Users\Artur\AppData\Roaming\ubi.com
[2010-08-06 16:04:15 | 000,000,000 | ---D | M] -- C:\Users\Artur\AppData\Roaming\wargaming.net
[2010-10-15 20:10:15 | 000,032,590 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



< End of report >[/log]

RSIT
[log]Logfile of random's system information tool 1.08 (written by random/random)
Run by Artur at 2010-11-18 13:51:37
Microsoft Windows 7 Professional
System drive C: has 70 GB (55%) free of 127 GB
Total RAM: 3069 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:51:48, on 2010-11-18
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16671)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Emsisoft Anti-Malware\a2guard.exe
C:\Program Files\DigitalPersona\Bin\DpAgent.exe
C:\ProgramData\DatacardService\DCSHelper.exe
d:\Program Files\PLAY ONLINE\PLAY ONLINE.exe
C:\Program Files\Opera\opera.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Users\Artur\Desktop\RSIT.exe
C:\Program Files\trend micro\Artur.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: DigitalPersona Personal Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [a-squared] "C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2guard.exe" /d=60
O4 - HKLM\..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\dpagent.exe
O4 - HKCU\..\Run: [Gadu-Gadu 10] "C:\Program Files\Gadu-Gadu 10\gg.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA SIECIOWA')
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\Microsoft Office\OFFICE11\REFIEBAR.DLL
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{66EA071A-F6F4-42EC-8F82-30BD68E27AF7}: NameServer = 89.108.195.20 89.108.195.21
O17 - HKLM\System\CCS\Services\Tcpip\..\{A472EFFC-64E2-473E-BA61-3D0F0BD48545}: NameServer = 89.108.195.20 217.17.34.10
O17 - HKLM\System\CCS\Services\Tcpip\..\{E1F70F82-028F-4AAD-972C-D1DBB3A81779}: NameServer = 89.108.195.20 217.17.34.10
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll
O23 - Service: Emsisoft Anti-Malware 5.0 - Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\Emsisoft Anti-Malware\a2service.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\aestsrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: COMODO System - Cleaner Service (Cleaner_Validator) - Unknown owner - C:\Program Files\COMODO\COMODO System-Cleaner\Cleaner_Validator.exe
O23 - Service: DCService.exe - Unknown owner - C:\ProgramData\DatacardService\DCService.exe
O23 - Service: @C:\Program Files\DigitalPersona\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\STacSV.exe
O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - c:\Windows\system32\vfsFPService.exe

--
End of file - 6609 bytes

======Scheduled tasks folder======

C:\Windows\tasks\COMODO Updater.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{395610AE-C624-4f58-B89E-23733EA00F9A}]
DigitalPersona Personal Extension - C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll [2009-12-01 1256512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-15 1250696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-27 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-05-27 1721640]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-09-07 2838912]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2010-03-23 495708]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"a-squared"=C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2guard.exe [2010-11-15 3416968]
"DpAgent"=C:\Program Files\DigitalPersona\Bin\dpagent.exe [2009-12-01 842816]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Gadu-Gadu 10"=C:\Program Files\Gadu-Gadu 10\gg.exe [2010-10-07 12661344]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Simple Sticky Notes]
C:\Program Files\Simnet\Simple Sticky Notes\ssn.exe [2010-11-08 1530320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
DPPWDFLT

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 2 months======

2010-11-18 13:49:02 ----D---- C:\Program Files\trend micro
2010-11-18 13:49:01 ----D---- C:\rsit
2010-11-17 17:13:29 ----D---- C:\_OTL
2010-11-17 14:57:55 ----D---- C:\symbols
2010-11-17 14:53:23 ----D---- C:\Program Files\Microsoft Windows Performance Toolkit
2010-11-17 14:52:47 ----D---- C:\Program Files\Debugging Tools for Windows (x86)
2010-11-17 14:52:30 ----D---- C:\Program Files\Application Verifier
2010-11-17 14:36:48 ----A---- C:\Windows\system32\{8D4B1164-3935-44B2-9152-D0CB0AFBCCF4}.ini
2010-11-17 14:36:48 ----A---- C:\Windows\{8D4B1164-3935-44B2-9152-D0CB0AFBCCF4}.ini
2010-11-17 14:35:51 ----D---- C:\Windows\system32\tr
2010-11-17 14:35:51 ----D---- C:\Windows\system32\sv
2010-11-17 14:35:51 ----D---- C:\Windows\system32\ru
2010-11-17 14:35:51 ----D---- C:\Windows\system32\no
2010-11-17 14:35:50 ----D---- C:\Windows\system32\da
2010-11-17 14:35:44 ----D---- C:\Windows\system32\ko
2010-11-17 14:35:44 ----D---- C:\Windows\system32\ja
2010-11-17 14:35:44 ----D---- C:\Windows\system32\it
2010-11-17 14:35:44 ----D---- C:\Windows\system32\fr
2010-11-17 14:35:44 ----D---- C:\Windows\system32\es
2010-11-17 14:35:44 ----D---- C:\Windows\system32\de
2010-11-17 14:35:41 ----D---- C:\Windows\DPDrv
2010-11-17 14:34:29 ----SHD---- C:\Config.Msi
2010-11-17 14:18:50 ----D---- C:\Program Files\Microsoft SDKs
2010-11-16 16:35:30 ----D---- C:\Users\Artur\AppData\Roaming\Macrovision
2010-11-16 16:34:27 ----D---- C:\Users\Artur\AppData\Roaming\DigitalPersona
2010-11-16 16:04:52 ----D---- C:\ProgramData\Macrovision
2010-11-16 16:04:52 ----D---- C:\Program Files\DigitalPersona
2010-11-16 16:02:15 ----D---- C:\ProgramData\Downloaded Installations
2010-11-15 23:18:21 ----D---- C:\Program Files\sp45082
2010-11-15 19:15:08 ----D---- C:\Program Files\Lavalys
2010-11-15 18:21:20 ----D---- C:\Program Files\Emsisoft Anti-Malware
2010-11-15 17:36:25 ----D---- C:\ProgramData\NVIDIA Corporation
2010-11-15 17:35:52 ----A---- C:\Windows\system32\OpenCL.dll
2010-11-15 17:35:52 ----A---- C:\Windows\system32\nvoglv32.dll
2010-11-15 17:35:52 ----A---- C:\Windows\system32\nvhdap32.dll
2010-11-15 17:35:52 ----A---- C:\Windows\system32\nvgenco322030.dll
2010-11-15 17:35:52 ----A---- C:\Windows\system32\nvgenco32.dll
2010-11-15 17:35:52 ----A---- C:\Windows\system32\nvdispco322050.dll
2010-11-15 17:35:52 ----A---- C:\Windows\system32\nvdecodemft.dll
2010-11-15 17:35:52 ----A---- C:\Windows\system32\nvcuvid.dll
2010-11-15 17:35:52 ----A---- C:\Windows\system32\nvcuvenc.dll
2010-11-15 17:35:52 ----A---- C:\Windows\system32\nvcuda.dll
2010-11-15 17:35:52 ----A---- C:\Windows\system32\nvcompiler.dll
2010-11-15 17:35:52 ----A---- C:\Windows\system32\nvapo32v.dll
2010-11-15 17:35:52 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2010-11-15 17:35:52 ----A---- C:\Windows\system32\drivers\nvhda32v.sys
2010-11-15 16:32:36 ----A---- C:\Windows\ntbtlog.txt
2010-11-14 20:45:27 ----D---- C:\Program Files\alaplaya
2010-11-14 20:18:31 ----D---- C:\Windows\Minidump
2010-11-14 17:13:42 ----A---- C:\Users\Artur\AppData\Roaming\Network Monitor II_Settings.ini
2010-11-14 16:54:10 ----D---- C:\Program Files\Common Files\Akamai
2010-11-12 13:24:01 ----D---- C:\Program Files\Core Temp
2010-11-12 13:22:40 ----A---- C:\Users\Artur\AppData\Roaming\GPU Monitor_Settings.ini
2010-11-12 00:45:48 ----D---- C:\Program Files\Defraggler
2010-11-12 00:40:58 ----A---- C:\Users\Artur\AppData\Roaming\System Monitor II_Settings.ini
2010-11-11 13:49:25 ----D---- C:\Users\Artur\AppData\Roaming\ImgBurn
2010-11-10 22:22:49 ----A---- C:\Windows\system32\msdri.dll
2010-11-10 22:22:49 ----A---- C:\Windows\system32\CPFilters.dll
2010-11-10 22:22:12 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2010-11-10 22:19:10 ----D---- C:\Program Files\COMODO
2010-11-10 22:19:01 ----A---- C:\Windows\system32\mfc71.dll
2010-11-10 22:19:01 ----A---- C:\Windows\system32\gdiplus.dll
2010-11-10 18:49:27 ----D---- C:\Program Files\Simnet
2010-11-07 02:07:12 ----D---- C:\Users\Artur\AppData\Roaming\skypePM
2010-11-07 02:04:22 ----D---- C:\Program Files\Common Files\Skype
2010-11-07 02:04:09 ----RD---- C:\Program Files\Skype
2010-11-07 02:04:06 ----D---- C:\Users\Artur\AppData\Roaming\Skype
2010-11-07 02:03:54 ----D---- C:\ProgramData\Skype
2010-11-03 20:34:24 ----A---- C:\Windows\system32\drivers\WdfCoInstaller01009.dll
2010-11-03 20:34:24 ----A---- C:\Windows\system32\drivers\ew_juwwanecm.sys
2010-11-03 20:34:24 ----A---- C:\Windows\system32\drivers\ew_juextctrl.sys
2010-11-03 20:34:24 ----A---- C:\Windows\system32\drivers\ew_jucdcecm.sys
2010-11-03 20:34:24 ----A---- C:\Windows\system32\drivers\ew_jucdcacm.sys
2010-11-03 20:34:24 ----A---- C:\Windows\system32\drivers\ew_jubusenum.sys
2010-11-03 20:34:16 ----A---- C:\Windows\system32\drivers\ewusbnet.sys
2010-11-03 20:34:16 ----A---- C:\Windows\system32\drivers\ewusbmdm.sys
2010-11-03 20:34:16 ----A---- C:\Windows\system32\drivers\ewdcsc.sys
2010-11-03 20:34:16 ----A---- C:\Windows\system32\drivers\ew_usbenumfilter.sys
2010-11-03 20:34:08 ----A---- C:\Windows\system32\drivers\ew_hwusbdev.sys
2010-11-03 20:32:27 ----D---- C:\ProgramData\DatacardService
2010-10-28 15:54:30 ----A---- C:\Windows\system32\drivers\CFRPD.sys
2010-10-28 15:54:02 ----A---- C:\Windows\system32\drivers\CFRMD.sys
2010-10-21 21:58:47 ----A---- C:\Windows\system32\ff_vfw.dll.manifest
2010-10-21 21:58:47 ----A---- C:\Windows\system32\ff_vfw.dll
2010-10-21 21:58:46 ----D---- C:\Program Files\K-Lite Codec Pack
2010-10-21 21:56:48 ----H---- C:\Windows\system32\swk.ini
2010-10-21 21:56:44 ----D---- C:\Program Files\3gp Player
2010-10-16 16:33:13 ----RHD---- C:\Users\Artur\AppData\Roaming\SecuROM
2010-10-16 12:42:46 ----A---- C:\Windows\system32\nvvsvc.exe
2010-10-16 12:42:46 ----A---- C:\Windows\system32\nvsvcr.dll
2010-10-16 12:42:46 ----A---- C:\Windows\system32\nvmctray.dll
2010-10-16 12:42:46 ----A---- C:\Windows\system32\nvhotkey.dll
2010-10-16 12:42:42 ----A---- C:\Windows\system32\nvcpl.dll
2010-10-16 12:42:38 ----A---- C:\Windows\system32\nvsvc.dll
2010-10-14 16:12:41 ----D---- C:\Program Files\MetaGeek
2010-10-13 12:55:23 ----A---- C:\Windows\system32\mshtml.dll
2010-10-13 12:55:23 ----A---- C:\Windows\system32\iertutil.dll
2010-10-13 12:55:22 ----A---- C:\Windows\system32\urlmon.dll
2010-10-13 12:55:22 ----A---- C:\Windows\system32\msfeeds.dll
2010-10-13 12:55:22 ----A---- C:\Windows\system32\ieframe.dll
2010-10-13 12:55:21 ----A---- C:\Windows\system32\wininet.dll
2010-10-13 12:55:21 ----A---- C:\Windows\system32\mstime.dll
2010-10-13 12:55:21 ----A---- C:\Windows\system32\mshtmled.dll
2010-10-13 12:55:21 ----A---- C:\Windows\system32\msfeedssync.exe
2010-10-13 12:55:21 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-10-13 12:55:21 ----A---- C:\Windows\system32\licmgr10.dll
2010-10-13 12:55:21 ----A---- C:\Windows\system32\jsproxy.dll
2010-10-13 12:55:21 ----A---- C:\Windows\system32\ieui.dll
2010-10-13 12:55:21 ----A---- C:\Windows\system32\iepeers.dll
2010-10-13 12:55:21 ----A---- C:\Windows\system32\iedkcs32.dll
2010-10-13 12:55:16 ----A---- C:\Windows\system32\ole32.dll
2010-10-13 12:49:58 ----A---- C:\Windows\system32\t2embed.dll
2010-10-13 12:49:55 ----A---- C:\Windows\system32\schannel.dll
2010-10-13 12:49:54 ----A---- C:\Windows\system32\comctl32.dll
2010-10-13 12:49:52 ----A---- C:\Windows\system32\mfc40u.dll
2010-10-13 12:49:52 ----A---- C:\Windows\system32\mfc40.dll
2010-10-13 12:49:46 ----A---- C:\Windows\system32\wmp.dll
2010-10-13 12:49:45 ----A---- C:\Windows\system32\wmploc.DLL
2010-10-13 12:49:41 ----A---- C:\Windows\system32\win32k.sys
2010-10-13 12:49:39 ----A---- C:\Windows\system32\srvsvc.dll
2010-10-13 12:49:39 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-10-13 12:49:39 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-10-13 12:49:39 ----A---- C:\Windows\system32\drivers\srv.sys
2010-10-13 12:49:25 ----A---- C:\Windows\system32\wmpmde.dll
2010-10-13 12:49:24 ----A---- C:\Windows\system32\StructuredQuery.dll
2010-10-11 14:24:18 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2010-10-11 14:24:18 ----A---- C:\Windows\system32\drivers\ks.sys
2010-10-03 14:48:46 ----RA---- C:\Windows\system32\msxml.dll
2010-10-03 14:48:44 ----RA---- C:\Windows\system32\xmltok.dll
2010-10-03 14:48:44 ----RA---- C:\Windows\system32\xmlparse.dll
2010-10-03 14:48:44 ----RA---- C:\Windows\system32\xmlinst.exe
2010-10-03 14:48:44 ----RA---- C:\Windows\system32\VB5DB.DLL
2010-10-03 14:48:44 ----RA---- C:\Windows\system32\msxmlr.dll
2010-10-03 14:48:44 ----RA---- C:\Windows\system32\msxml3a.dll
2010-09-30 21:20:13 ----A---- C:\Windows\system32\sse1ml3.dll
2010-09-30 21:20:12 ----N---- C:\Windows\system32\drivers\SSPORT.SYS
2010-09-30 21:20:12 ----D---- C:\Windows\system32\drivers\Samsung
2010-09-30 21:20:12 ----A---- C:\Windows\system32\sse1mci.exe
2010-09-30 21:20:12 ----A---- C:\Windows\system32\sse1mci.dll
2010-09-30 21:20:10 ----D---- C:\Program Files\Samsung
2010-09-30 21:20:07 ----D---- C:\Temp
2010-09-29 14:12:05 ----A---- C:\Windows\system32\tzres.dll
2010-09-28 14:03:19 ----D---- C:\Program Files\Ubi Soft
2010-09-28 13:23:13 ----D---- C:\Users\Artur\AppData\Roaming\ubi.com
2010-09-28 13:23:13 ----A---- C:\Windows\patchw32.dll
2010-09-28 13:23:08 ----D---- C:\Program Files\ubi.com
2010-09-28 13:23:08 ----D---- C:\Program Files\Common Files\PocketSoft
2010-09-26 20:01:56 ----D---- C:\Program Files\ImgBurn
2010-09-26 19:48:44 ----D---- C:\Users\Artur\AppData\Roaming\abgx360
2010-09-26 19:12:42 ----D---- C:\Program Files\abgx360

======List of files/folders modified in the last 2 months======

2010-11-18 13:51:45 ----D---- C:\Windows\Temp
2010-11-18 13:49:02 ----RD---- C:\Program Files
2010-11-18 13:37:56 ----D---- C:\Windows\system32\config
2010-11-18 13:30:46 ----D---- C:\Windows\System32
2010-11-18 13:30:46 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-11-18 13:30:45 ----D---- C:\Windows\inf
2010-11-17 18:35:15 ----D---- C:\Users\Artur\AppData\Roaming\foobar2000
2010-11-17 14:53:42 ----SHD---- C:\Windows\Installer
2010-11-17 14:36:48 ----D---- C:\Windows
2010-11-17 14:35:52 ----D---- C:\Windows\system32\pt-PT
2010-11-17 14:35:52 ----D---- C:\Windows\system32\nl-NL
2010-11-17 14:35:47 ----D---- C:\Windows\system32\zh-TW
2010-11-17 14:35:47 ----D---- C:\Windows\system32\zh-CN
2010-11-17 14:35:47 ----D---- C:\Windows\system32\pt-BR
2010-11-17 14:35:47 ----D---- C:\Windows\system32\en-US
2010-11-17 14:33:35 ----SHD---- C:\System Volume Information
2010-11-17 14:18:50 ----D---- C:\Program Files\MSBuild
2010-11-16 22:00:38 ----D---- C:\Windows\Prefetch
2010-11-16 16:06:35 ----D---- C:\Windows\system32\catroot
2010-11-16 16:06:34 ----D---- C:\Windows\system32\DriverStore
2010-11-16 16:04:52 ----HD---- C:\ProgramData
2010-11-16 16:01:47 ----D---- C:\SwSetup
2010-11-16 15:55:13 ----A---- C:\Windows\xUninstall.bat
2010-11-16 15:52:02 ----D---- C:\Windows\JMCR_DIR
2010-11-15 20:11:07 ----D---- C:\Windows\system32\Tasks
2010-11-15 18:18:50 ----SD---- C:\Users\Artur\AppData\Roaming\Microsoft
2010-11-15 18:18:50 ----SD---- C:\ProgramData\Microsoft
2010-11-15 17:37:26 ----D---- C:\Program Files\NVIDIA Corporation
2010-11-15 17:37:16 ----D---- C:\Windows\system32\drivers
2010-11-14 20:45:27 ----HD---- C:\Program Files\InstallShield Installation Information
2010-11-14 20:45:27 ----D---- C:\Windows\system32\catroot2
2010-11-14 19:57:42 ----D---- C:\Windows\Downloaded Program Files
2010-11-14 19:57:42 ----D---- C:\Program Files\Common Files\InstallShield
2010-11-14 17:09:37 ----D---- C:\Windows\winsxs
2010-11-14 16:54:10 ----D---- C:\Program Files\Common Files
2010-11-10 22:57:02 ----D---- C:\Windows\Microsoft.NET
2010-11-10 22:57:00 ----RSD---- C:\Windows\assembly
2010-11-10 22:30:35 ----D---- C:\Windows\ehome
2010-11-10 22:28:48 ----A---- C:\Windows\system32\MRT.exe
2010-11-10 22:28:38 ----D---- C:\Windows\AppPatch
2010-11-10 22:28:04 ----D---- C:\Windows\system32\pl-PL
2010-11-10 22:25:16 ----D---- C:\Users\Artur\AppData\Roaming\Media Player Classic
2010-11-10 22:24:19 ----D---- C:\Program Files\Microsoft.NET
2010-11-10 22:23:28 ----D---- C:\Program Files\Internet Explorer
2010-11-10 22:19:27 ----D---- C:\Windows\Tasks
2010-11-06 00:13:24 ----D---- C:\Windows\system32\wdi
2010-11-03 14:50:52 ----D---- C:\Users\Artur\AppData\Roaming\vlc
2010-10-30 12:36:01 ----D---- C:\Program Files\Common Files\Adobe
2010-10-30 12:36:00 ----D---- C:\ProgramData\Adobe
2010-10-30 12:35:58 ----D---- C:\Program Files\Adobe
2010-10-21 16:33:02 ----D---- C:\Users\Artur\AppData\Roaming\dvdcss
2010-10-19 10:41:44 ----N---- C:\Windows\system32\MpSigStub.exe
2010-10-16 19:55:00 ----A---- C:\Windows\system32\nvwgf2um.dll
2010-10-16 19:55:00 ----A---- C:\Windows\system32\nvd3dum.dll
2010-10-16 19:55:00 ----A---- C:\Windows\system32\nvapi.dll
2010-10-16 16:30:15 ----D---- C:\Windows\system32\NDF
2010-10-15 21:14:35 ----D---- C:\Windows\ModemLogs
2010-10-14 16:00:38 ----D---- C:\Program Files\Opera
2010-10-14 09:26:18 ----D---- C:\Windows\system32\migration
2010-10-13 13:34:00 ----D---- C:\Program Files\Windows Media Player
2010-10-13 12:56:58 ----D---- C:\Program Files\Gadu-Gadu 10
2010-10-03 16:41:39 ----D---- C:\Windows\rescache

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-08-25 691696]
R1 a2injectiondriver;a2injectiondriver; \??\C:\Program Files\Emsisoft Anti-Malware\a2dix86.sys [2010-11-15 41928]
R1 a2util;a-squared Malware-IDS utility driver; \??\C:\Program Files\Emsisoft Anti-Malware\a2util32.sys [2010-05-05 11776]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-09-07 23376]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-09-07 165584]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-09-07 46672]
R1 CFRMD;CFRMD; C:\Windows\system32\DRIVERS\CFRMD.sys [2010-10-28 64096]
R1 CFRPD;CFRPD; C:\Windows\system32\DRIVERS\CFRPD.sys [2010-10-28 31696]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-09-07 17744]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2008-01-03 5120]
R3 a2acc;a2acc; \??\C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys [2010-11-15 72808]
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2008-04-28 54784]
R3 ewusbnet;HUAWEI USB-NDIS miniport; C:\Windows\system32\DRIVERS\ewusbnet.sys [2010-04-30 206336]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2010-05-22 70656]
R3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2010-03-25 105984]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2008-07-20 100184]
R3 NETw5s32;Sterownik karty Intel(R) Wireless WiFi Link dla systemu Windows 7 32 Bit; C:\Windows\system32\DRIVERS\NETw5s32.sys [2010-01-13 6755840]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2010-09-07 123496]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2010-03-23 423424]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-05-27 245936]
R3 vfs101x;vfs101x; C:\Windows\system32\drivers\vfs101x.sys [2008-04-27 40752]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys []
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 a5lvshjr;a5lvshjr; C:\Windows\system32\drivers\a5lvshjr.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BthEnum;Sterownik Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Urządzenie Bluetooth (sieć osobista); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Sterownik portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 BTHUSB;Sterownik USB odbiornika radiowego Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
S3 dc3d;MS Hardware Device Detection Driver; C:\Windows\system32\DRIVERS\dc3d.sys [2009-03-23 16384]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2010-03-20 101504]
S3 netw5v32;Sterownik karty Intel(R) Wireless WiFi Link 5000 Series dla systemu Windows Vista w wersji 32-bitowej; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 NuidFltr;NUID filter driver; C:\Windows\system32\DRIVERS\NuidFltr.sys [2007-08-31 18856]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 RFCOMM;Urządzenie Bluetooth (Protokół TDI RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-10-10 84992]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 usbscan;Sterownik skanera USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 XDva370;XDva370; \??\C:\Windows\system32\XDva370.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 a2AntiMalware;Emsisoft Anti-Malware 5.0 - Service; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [2010-11-15 2806000]
R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\aestsrv.exe [2009-03-02 81920]
R2 Akamai;Akamai NetSession Interface; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 Cleaner_Validator;COMODO System - Cleaner Service; C:\Program Files\COMODO\COMODO System-Cleaner\Cleaner_Validator.exe [2010-10-28 311744]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DCService.exe;DCService.exe; C:\ProgramData\DatacardService\DCService.exe [2010-05-08 229376]
R2 DpHost;@C:\Program Files\DigitalPersona\Bin\DpHostW.exe,-128; C:\Program Files\DigitalPersona\Bin\DpHostW.exe [2009-12-01 322624]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-10-16 600680]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2010-08-30 75064]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\STacSV.exe [2010-03-23 229458]
R2 vfsFPService;Validity Fingerprint Service; c:\Windows\system32\vfsFPService.exe [2008-04-27 599344]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-08-08 1343400]

-----------------EOF-----------------[/log]

Screen BSOD-a
[spoiler]http://img594.imageshack.us/i/20101114059.jpg/[/spoiler]



Komputer to HP Pavilion dv7 1140-ew

System to Win7.

Procek Intel Core2Duo T5800 2.00 Ghz, Grafika Nvidia 9600m GT


P.S Bardzo przepraszam jeśli logi są źle wykonane ale jak już mówiłem jestem w tych sprawach zielony. i gdy wykonywałem Dump w OTL sposobem podanym na forum to OTL się zawieszał i nie analizował dalej (przez parę godzin pokazywał jedno i to samo czyli getting folder structure" czy jakoś tak).


POZDRAWIAM ;)

Sohei
komentarz
komentarz

[code]:Processes
Explorer.exe



:OTL
O33 - MountPoints2\{30ce7deb-b087-11df-972b-002186b24436}\Shell - "" = AutoRun
O33 - MountPoints2\{30ce7deb-b087-11df-972b-002186b24436}\Shell\AutoRun\command - "" = G:\setup.exe -- File not found
O33 - MountPoints2\{6cda2e14-e7a0-11df-93b6-001eeceb08c3}\Shell - "" = AutoRun
O33 - MountPoints2\{6cda2e14-e7a0-11df-93b6-001eeceb08c3}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2010-05-10 12:48:36 | 000,126,976 | R--- | M] ()
O33 - MountPoints2\{6e73b50e-a9d6-11df-acf7-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{6e73b50e-a9d6-11df-acf7-806e6f6e6963}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{6e73b520-a9d6-11df-acf7-001eeceb08c3}\Shell - "" = AutoRun
O33 - MountPoints2\{6e73b520-a9d6-11df-acf7-001eeceb08c3}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2010-05-10 12:48:36 | 000,126,976 | R--- | M] ()
O33 - MountPoints2\{90abe8f6-a456-11df-9a77-001eeceb08c3}\Shell - "" = AutoRun
O33 - MountPoints2\{90abe8f6-a456-11df-9a77-001eeceb08c3}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2010-05-10 12:48:36 | 000,126,976 | R--- | M] ()
O33 - MountPoints2\{943570f2-c939-11df-b9cd-001eeceb08c3}\Shell - "" = AutoRun
O33 - MountPoints2\{943570f2-c939-11df-b9cd-001eeceb08c3}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2010-05-10 12:48:36 | 000,126,976 | R--- | M] ()
O33 - MountPoints2\{94357141-c939-11df-b9cd-001eeceb08c3}\Shell - "" = AutoRun
O33 - MountPoints2\{94357141-c939-11df-b9cd-001eeceb08c3}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2010-05-10 12:48:36 | 000,126,976 | R--- | M] ()
O33 - MountPoints2\{94357145-c939-11df-b9cd-001eeceb08c3}\Shell - "" = AutoRun
O33 - MountPoints2\{94357145-c939-11df-b9cd-001eeceb08c3}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2010-05-10 12:48:36 | 000,126,976 | R--- | M] ()
O33 - MountPoints2\{a083fa6e-a8a2-11df-bb6d-001eeceb08c3}\Shell - "" = AutoRun
O33 - MountPoints2\{a083fa6e-a8a2-11df-bb6d-001eeceb08c3}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2010-05-10 12:48:36 | 000,126,976 | R--- | M] ()
O33 - MountPoints2\{cb848071-d88f-11df-86b8-001eeceb08c3}\Shell - "" = AutoRun
O33 - MountPoints2\{cb848071-d88f-11df-86b8-001eeceb08c3}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2010-05-10 12:48:36 | 000,126,976 | R--- | M] ()
O33 - MountPoints2\{ce81afb7-e811-11df-a2d5-001e101f7f74}\Shell - "" = AutoRun
O33 - MountPoints2\{ce81afb7-e811-11df-a2d5-001e101f7f74}\Shell\AutoRun\command - "" = I:\AutoRun.exe -- File not found
O33 - MountPoints2\{cfb92d32-e780-11df-bf92-001eeceb08c3}\Shell - "" = AutoRun
O33 - MountPoints2\{cfb92d32-e780-11df-bf92-001eeceb08c3}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2010-05-10 12:48:36 | 000,126,976 | R--- | M] ()
O33 - MountPoints2\{cfb92d43-e780-11df-bf92-001eeceb08c3}\Shell - "" = AutoRun
O33 - MountPoints2\{cfb92d43-e780-11df-bf92-001eeceb08c3}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2010-05-10 12:48:36 | 000,126,976 | R--- | M] ()
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2010-05-10 12:48:36 | 000,126,976 | R--- | M] ()
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\AutoRun.exe -- File not found



:files
:\Users\Artur\AppData\Local\Temp*.html

:services


:Commands
[emptytemp]
[start explorer]
[reboot][/code]
Wklejasz to do OTL w białe okienko i klikasz run fix(wykonaj skrypt).
Wykonaj pełny skan [url=http://dobreprogramy.pl/index.php?dz=2&id=1998][b]DR WEB CureIt[/b][/url]
Wykonaj pełny skan[url=http://www.dobreprogramy.pl/Malwarebytes-AntiMalware,Program,Windows,13117.html][b]MBAM[/b][/url]
Co znajda usun po czym daj logi z usuwania + nowy log OTL


Co do BSDOS zajrzyj tutaj http://www.forumpc.pl/index.php?showforum=221 .

Arczi256
komentarz
komentarz

Programy nic nie znalazły mimo iż ustawiałem na "Pełne skanowanie"

mbam LOG[log]Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Wersja bazy: 5144

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

2010-11-18 19:48:33
mbam-log-2010-11-18 (19-48-33).txt

Typ skanowania: Pełne skanowanie (C:\|D:\|E:\|)
Przeskanowano obiektów: 353926
Upłynęło: 1 godzin(y), 31 minut(y), 7 sekund(y)

Zainfekowanych procesów w pamięci: 0
Zainfekowanych modułów w pamięci: 0
Zainfekowanych kluczy rejestru: 0
Zainfekowanych wartości rejestru: 0
Zainfekowane informacje rejestru systemowego: 0
Zainfekowanych folderów: 0
Zainfekowanych plików: 0

Zainfekowanych procesów w pamięci:
(Nie znaleziono zagrożeń)

Zainfekowanych modułów w pamięci:
(Nie znaleziono zagrożeń)

Zainfekowanych kluczy rejestru:
(Nie znaleziono zagrożeń)

Zainfekowanych wartości rejestru:
(Nie znaleziono zagrożeń)

Zainfekowane informacje rejestru systemowego:
(Nie znaleziono zagrożeń)

Zainfekowanych folderów:
(Nie znaleziono zagrożeń)

Zainfekowanych plików:
(Nie znaleziono zagrożeń)
[/log]

Nowe logi z OTL
[log]OTL logfile created on: 2010-11-19 22:21:01 - Run 4
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Artur\Desktop
An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 59,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 75,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 123,65 Gb Total Space | 67,75 Gb Free Space | 54,79% Space Free | Partition Type: NTFS
Drive D: | 166,43 Gb Total Space | 23,29 Gb Free Space | 13,99% Space Free | Partition Type: NTFS
Drive E: | 8,01 Gb Total Space | 7,93 Gb Free Space | 99,04% Space Free | Partition Type: NTFS
Drive H: | 18,78 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: ARTUR-KOMPUTER | User Name: Artur | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-11-16 14:23:02 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Artur\Desktop\OTL.exe
PRC - [2010-11-15 22:08:54 | 000,792,680 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NVXDSYNC.EXE
PRC - [2010-11-15 18:34:52 | 003,416,968 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Emsisoft Anti-Malware\a2guard.exe
PRC - [2010-11-15 18:34:27 | 002,806,000 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe
PRC - [2010-11-03 20:33:59 | 000,114,688 | ---- | M] () -- d:\Program Files\PLAY ONLINE\PLAY ONLINE.exe
PRC - [2010-10-28 15:54:42 | 000,311,744 | ---- | M] () -- C:\Program Files\COMODO\COMODO System-Cleaner\Cleaner_Validator.exe
PRC - [2010-10-16 12:42:46 | 000,600,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe
PRC - [2010-10-08 13:00:10 | 000,836,464 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2010-10-07 09:04:26 | 012,661,344 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe
PRC - [2010-09-07 16:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010-09-07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010-08-30 13:53:06 | 000,075,064 | ---- | M] () -- C:\Windows\System32\PnkBstrA.exe
PRC - [2010-08-21 06:32:37 | 000,316,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe
PRC - [2010-05-27 21:31:22 | 001,721,640 | ---- | M] (Synaptics Incorporated) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2010-05-27 21:31:22 | 000,103,720 | ---- | M] (Synaptics Incorporated) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
PRC - [2010-05-14 10:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2010-05-08 12:48:36 | 000,229,376 | ---- | M] () -- C:\ProgramData\DatacardService\DCService.exe
PRC - [2010-05-08 12:48:26 | 000,241,664 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
PRC - [2010-03-23 13:53:06 | 000,495,708 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
PRC - [2010-03-23 13:53:06 | 000,229,458 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\stacsv.exe
PRC - [2009-12-01 13:37:48 | 000,322,624 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe
PRC - [2009-12-01 13:37:46 | 000,842,816 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpAgent.exe
PRC - [2009-10-31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009-10-28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe
PRC - [2009-07-14 02:14:50 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exe
PRC - [2009-07-14 02:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
PRC - [2009-07-14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe
PRC - [2009-07-14 02:14:43 | 001,025,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\VSSVC.exe
PRC - [2009-07-14 02:14:42 | 000,204,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\servicing\TrustedInstaller.exe
PRC - [2009-07-14 02:14:42 | 000,190,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe
PRC - [2009-07-14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 02:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe
PRC - [2009-07-14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe
PRC - [2009-07-14 02:14:35 | 000,428,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe
PRC - [2009-07-14 02:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sppsvc.exe
PRC - [2009-07-14 02:14:23 | 000,261,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe
PRC - [2009-07-14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe
PRC - [2009-07-14 02:14:19 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe
PRC - [2009-07-14 02:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe
PRC - [2009-03-02 17:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\AEstSrv.exe
PRC - [2008-04-27 21:26:44 | 000,599,344 | ---- | M] (Validity Sensors, Inc.) -- C:\Windows\System32\vfsFPService.exe
PRC - [2003-06-19 22:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-11-16 14:23:02 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Artur\Desktop\OTL.exe
MOD - [2010-11-15 18:29:18 | 000,211,432 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Emsisoft Anti-Malware\a2hooks32.dll
MOD - [2010-08-21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
MOD - [2010-07-27 15:03:24 | 012,867,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll
MOD - [2010-06-29 06:02:02 | 001,413,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll
MOD - [2010-03-24 07:37:04 | 001,286,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll
MOD - [2009-12-08 12:33:31 | 000,857,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll
MOD - [2009-12-08 12:32:02 | 000,292,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll
MOD - [2009-12-01 13:37:48 | 000,502,848 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpOFeedb.dll
MOD - [2009-12-01 13:37:48 | 000,363,584 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpOSet.dll
MOD - [2009-07-14 02:16:19 | 000,268,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll
MOD - [2009-07-14 02:16:17 | 001,123,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll
MOD - [2009-07-14 02:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll
MOD - [2009-07-14 02:16:17 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll
MOD - [2009-07-14 02:16:17 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll
MOD - [2009-07-14 02:16:17 | 000,079,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll
MOD - [2009-07-14 02:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll
MOD - [2009-07-14 02:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll
MOD - [2009-07-14 02:16:15 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll
MOD - [2009-07-14 02:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2009-07-14 02:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll
MOD - [2009-07-14 02:16:14 | 001,668,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll
MOD - [2009-07-14 02:16:14 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll
MOD - [2009-07-14 02:16:14 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll
MOD - [2009-07-14 02:16:13 | 000,652,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll
MOD - [2009-07-14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009-07-14 02:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll
MOD - [2009-07-14 02:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
MOD - [2009-07-14 02:16:13 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll
MOD - [2009-07-14 02:16:12 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll
MOD - [2009-07-14 02:16:12 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll
MOD - [2009-07-14 02:16:12 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll
MOD - [2009-07-14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009-07-14 02:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll
MOD - [2009-07-14 02:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll
MOD - [2009-07-14 02:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
MOD - [2009-07-14 02:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll
MOD - [2009-07-14 02:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll
MOD - [2009-07-14 02:15:36 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll
MOD - [2009-07-14 02:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2009-07-14 02:15:32 | 000,118,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll
MOD - [2009-07-14 02:15:22 | 000,304,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll
MOD - [2009-07-14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2009-07-14 02:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009-07-14 02:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll
MOD - [2009-07-14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009-07-14 02:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll
MOD - [2009-07-14 02:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
MOD - [2009-07-14 02:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll
MOD - [2009-07-14 02:14:53 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll
MOD - [2009-07-14 02:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2009-07-14 02:14:08 | 000,319,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2010-11-15 18:34:27 | 002,806,000 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware)
SRV - [2010-11-14 16:54:41 | 003,019,352 | ---- | M] () [Auto | Running] -- C:/Program Files/Common Files/Akamai/netsession_win_4176eef.dll -- (Akamai)
SRV - [2010-10-28 15:54:42 | 000,311,744 | ---- | M] () [Auto | Running] -- C:\Program Files\COMODO\COMODO System-Cleaner\Cleaner_Validator.exe -- (Cleaner_Validator)
SRV - [2010-09-07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010-09-07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010-09-07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010-08-08 18:21:25 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010-05-08 12:48:36 | 000,229,376 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\DCService.exe -- (DCService.exe)
SRV - [2010-03-23 13:53:06 | 000,229,458 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\stacsv.exe -- (STacSV)
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-12-01 13:37:48 | 000,322,624 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe -- (DpHost)
SRV - [2009-07-14 02:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009-07-14 02:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009-07-14 02:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
SRV - [2009-07-14 02:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009-07-14 02:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2009-07-14 02:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009-07-14 02:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009-07-14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009-07-14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
SRV - [2009-07-14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009-07-14 02:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2009-07-14 02:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009-07-14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009-07-14 02:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2009-07-14 02:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009-07-14 02:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2009-07-14 02:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009-07-14 02:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009-07-14 02:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) Instalator formantów ActiveX (AxInstSV)
SRV - [2009-07-14 02:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009-07-14 02:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
SRV - [2009-03-02 17:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\AEstSrv.exe -- (AESTFilters)
SRV - [2008-04-27 21:26:44 | 000,599,344 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\System32\vfsFPService.exe -- (vfsFPService)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | Auto | Stopped] -- C:\Windows\System32\Drivers\DgiVecp.sys -- (DgiVecp)
DRV - [2010-11-19 15:15:27 | 000,075,592 | ---- | M] (www.wiselogic.co.kr) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\XDva370.sys -- (XDva370)
DRV - [2010-11-15 18:33:33 | 000,072,808 | ---- | M] (Emsi Software GmbH) [File_System | On_Demand | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2accx86.sys -- (a2acc)
DRV - [2010-11-15 18:31:38 | 000,041,928 | ---- | M] (Emsi Software GmbH) [File_System | System | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2dix86.sys -- (a2injectiondriver)
DRV - [2010-10-28 15:54:30 | 000,031,696 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | System | Running] -- C:\Windows\System32\drivers\CFRPD.sys -- (CFRPD)
DRV - [2010-10-28 15:54:02 | 000,064,096 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | System | Running] -- C:\Windows\System32\drivers\CFRMD.sys -- (CFRMD)
DRV - [2010-10-16 19:55:00 | 010,084,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010-09-07 21:08:56 | 000,123,496 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2010-09-07 15:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010-09-07 15:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010-09-07 15:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010-09-07 15:47:30 | 000,050,768 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2010-09-07 15:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010-08-25 21:24:02 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010-05-27 21:32:58 | 000,245,936 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2010-05-22 14:48:20 | 000,070,656 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2010-05-05 09:40:32 | 000,011,776 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2util32.sys -- (a2util)
DRV - [2010-04-30 16:52:06 | 000,206,336 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2010-03-25 10:08:38 | 000,105,984 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2010-03-23 13:53:06 | 000,423,424 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2010-03-20 11:56:04 | 000,101,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2010-01-13 15:36:40 | 006,755,840 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5s32.sys -- (NETw5s32) Sterownik karty Intel(R)
DRV - [2009-12-11 08:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
DRV - [2009-07-14 02:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)
DRV - [2009-07-14 02:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)
DRV - [2009-07-14 02:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
DRV - [2009-07-14 02:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
DRV - [2009-07-14 02:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2009-07-14 02:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)
DRV - [2009-07-14 02:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)
DRV - [2009-07-14 02:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)
DRV - [2009-07-14 02:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)
DRV - [2009-07-14 02:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)
DRV - [2009-07-14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)
DRV - [2009-07-14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)
DRV - [2009-07-14 02:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
DRV - [2009-07-14 02:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
DRV - [2009-07-14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
DRV - [2009-07-14 02:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
DRV - [2009-07-14 02:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2009-07-14 02:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
DRV - [2009-07-14 02:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
DRV - [2009-07-14 02:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)
DRV - [2009-07-14 02:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)
DRV - [2009-07-14 02:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
DRV - [2009-07-14 02:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)
DRV - [2009-07-14 02:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
DRV - [2009-07-14 02:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
DRV - [2009-07-14 02:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
DRV - [2009-07-14 02:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
DRV - [2009-07-14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009-07-14 02:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
DRV - [2009-07-14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009-07-14 02:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
DRV - [2009-07-14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
DRV - [2009-07-14 02:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)
DRV - [2009-07-14 02:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)
DRV - [2009-07-14 02:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
DRV - [2009-07-14 02:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
DRV - [2009-07-14 02:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
DRV - [2009-07-14 02:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
DRV - [2009-07-14 02:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
DRV - [2009-07-14 02:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
DRV - [2009-07-14 02:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)
DRV - [2009-07-14 01:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2009-07-14 01:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rdpbus.sys -- (rdpbus)
DRV - [2009-07-14 01:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV - [2009-07-14 00:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV - [2009-07-14 00:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
DRV - [2009-07-14 00:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
DRV - [2009-07-14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009-07-14 00:52:04 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vwififlt.sys -- (vwififlt)
DRV - [2009-07-14 00:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
DRV - [2009-07-14 00:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\1394ohci.sys -- (1394ohci)
DRV - [2009-07-14 00:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)
DRV - [2009-07-14 00:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV - [2009-07-14 00:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
DRV - [2009-07-14 00:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
DRV - [2009-07-14 00:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)
DRV - [2009-07-14 00:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
DRV - [2009-07-14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009-07-14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009-07-14 00:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)
DRV - [2009-07-14 00:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
DRV - [2009-07-14 00:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM)
DRV - [2009-07-13 23:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009-07-13 23:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2009-07-13 23:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2009-07-13 23:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2009-07-13 23:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
DRV - [2009-07-13 23:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
DRV - [2009-07-13 23:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Sterownik karty Intel(R)
DRV - [2009-07-13 23:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2009-07-13 23:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
DRV - [2009-07-13 23:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)
DRV - [2009-03-23 07:58:36 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dc3d.sys -- (dc3d)
DRV - [2009-03-01 22:05:32 | 000,139,776 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rt86win7.sys -- (RTL8167)
DRV - [2008-07-20 18:53:02 | 000,100,184 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2008-04-28 09:54:58 | 000,054,784 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\enecir.sys -- (enecir)
DRV - [2008-04-27 21:27:10 | 000,040,752 | ---- | M] (Validity Sensors, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vfs101x.sys -- (vfs101x)
DRV - [2008-01-03 21:50:22 | 000,005,120 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SSPORT.SYS -- (SSPORT)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3800391445-3349888462-4249771307-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files\DigitalPersona\Bin\FirefoxExt\ [2010-11-17 14:35:41 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2009-06-10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (DigitalPersona Personal Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SKYPEIEPLUGIN.DLL (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-3800391445-3349888462-4249771307-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [a-squared] C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2guard.exe (Emsi Software GmbH)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\DpAgent.exe (DigitalPersona, Inc.)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKU\S-1-5-21-3800391445-3349888462-4249771307-1000..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SKYPEIEPLUGIN.DLL (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SKYPEIEPLUGIN.DLL (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SKYPEIEPLUGIN.DLL (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010-05-10 12:48:36 | 000,126,976 | R--- | M] () - H:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2008-03-07 01:34:52 | 000,000,047 | R--- | M] () - H:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{cfb92d43-e780-11df-bf92-001eeceb08c3}\Shell - "" = AutoRun
O33 - MountPoints2\{cfb92d43-e780-11df-bf92-001eeceb08c3}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2010-05-10 12:48:36 | 000,126,976 | R--- | M] ()
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2010-05-10 12:48:36 | 000,126,976 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-11-19 15:15:27 | 000,075,592 | ---- | C] (www.wiselogic.co.kr) -- C:\Windows\System32\XDva370.sys
[2010-11-18 19:51:00 | 000,000,000 | ---D | C] -- C:\Users\Artur\DoctorWeb
[2010-11-18 18:05:38 | 000,000,000 | ---D | C] -- C:\Users\Artur\AppData\Roaming\Malwarebytes
[2010-11-18 18:04:52 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010-11-18 18:04:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010-11-18 18:04:27 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010-11-18 18:04:24 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010-11-18 18:01:28 | 006,153,352 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Artur\Desktop\mbam-setup-1.46(dobreprogramy.pl).exe
[2010-11-18 15:37:30 | 000,000,000 | ---D | C] -- C:\Users\Artur\Desktop\BS
[2010-11-18 13:49:02 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010-11-18 13:49:01 | 000,000,000 | ---D | C] -- C:\rsit
[2010-11-17 17:13:29 | 000,000,000 | ---D | C] -- C:\_OTL
[2010-11-17 14:57:55 | 000,000,000 | ---D | C] -- C:\symbols
[2010-11-17 14:53:23 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Windows Performance Toolkit
[2010-11-17 14:52:47 | 000,000,000 | ---D | C] -- C:\Program Files\Debugging Tools for Windows (x86)
[2010-11-17 14:52:30 | 000,000,000 | ---D | C] -- C:\Program Files\Application Verifier
[2010-11-17 14:35:51 | 000,000,000 | ---D | C] -- C:\Windows\System32\tr
[2010-11-17 14:35:51 | 000,000,000 | ---D | C] -- C:\Windows\System32\sv
[2010-11-17 14:35:51 | 000,000,000 | ---D | C] -- C:\Windows\System32\ru
[2010-11-17 14:35:51 | 000,000,000 | ---D | C] -- C:\Windows\System32\no
[2010-11-17 14:35:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\da
[2010-11-17 14:35:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\ko
[2010-11-17 14:35:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\ja
[2010-11-17 14:35:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\it
[2010-11-17 14:35:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\fr
[2010-11-17 14:35:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\es
[2010-11-17 14:35:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\de
[2010-11-17 14:35:41 | 000,000,000 | ---D | C] -- C:\Windows\DPDrv
[2010-11-17 14:18:50 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SDKs
[2010-11-16 16:35:30 | 000,000,000 | ---D | C] -- C:\Users\Artur\AppData\Roaming\Macrovision
[2010-11-16 16:34:27 | 000,000,000 | ---D | C] -- C:\Users\Artur\AppData\Roaming\DigitalPersona
[2010-11-16 16:34:27 | 000,000,000 | ---D | C] -- C:\Users\Artur\AppData\Local\DigitalPersona
[2010-11-16 16:07:08 | 000,000,000 | ---D | C] -- C:\Users\Artur\AppData\Local\Programs
[2010-11-16 16:04:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Macrovision
[2010-11-16 16:04:52 | 000,000,000 | ---D | C] -- C:\Program Files\DigitalPersona
[2010-11-16 16:02:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations
[2010-11-16 14:21:57 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Artur\Desktop\OTL.exe
[2010-11-15 23:18:21 | 000,000,000 | ---D | C] -- C:\Program Files\sp45082
[2010-11-15 19:15:08 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys
[2010-11-15 18:21:20 | 000,000,000 | ---D | C] -- C:\Program Files\Emsisoft Anti-Malware
[2010-11-15 18:21:20 | 000,000,000 | ---D | C] -- C:\Users\Artur\Documents\Anti-Malware
[2010-11-15 17:36:25 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2010-11-15 17:35:52 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2010-11-14 20:45:27 | 000,000,000 | ---D | C] -- C:\Program Files\alaplaya
[2010-11-14 20:18:31 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010-11-14 16:54:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Akamai
[2010-11-12 13:24:01 | 000,000,000 | ---D | C] -- C:\Program Files\Core Temp
[2010-11-12 00:45:48 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2010-11-11 13:49:25 | 000,000,000 | ---D | C] -- C:\Users\Artur\AppData\Roaming\ImgBurn
[2010-11-10 22:19:10 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2010-11-10 18:49:27 | 000,000,000 | ---D | C] -- C:\Program Files\Simnet
[2010-11-07 02:07:12 | 000,000,000 | ---D | C] -- C:\Users\Artur\AppData\Roaming\skypePM
[2010-11-07 02:04:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010-11-07 02:04:09 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2010-11-07 02:04:06 | 000,000,000 | ---D | C] -- C:\Users\Artur\AppData\Roaming\Skype
[2010-11-07 02:03:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010-11-03 20:34:24 | 000,167,936 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_juwwanecm.sys
[2010-11-03 20:34:24 | 000,070,656 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jubusenum.sys
[2010-11-03 20:34:24 | 000,069,632 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jucdcacm.sys
[2010-11-03 20:34:24 | 000,051,584 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jucdcecm.sys
[2010-11-03 20:34:24 | 000,026,880 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_juextctrl.sys
[2010-11-03 20:34:16 | 000,206,336 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbnet.sys
[2010-11-03 20:34:16 | 000,105,984 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbmdm.sys
[2010-11-03 20:34:16 | 000,027,136 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\Windows\System32\drivers\ewdcsc.sys
[2010-11-03 20:34:16 | 000,011,136 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_usbenumfilter.sys
[2010-11-03 20:34:08 | 000,101,504 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_hwusbdev.sys
[2010-11-03 20:32:27 | 000,000,000 | ---D | C] -- C:\ProgramData\DatacardService
[2010-10-31 12:50:48 | 000,000,000 | ---D | C] -- C:\Users\Artur\Desktop\Nowy folder (6)
[2010-10-28 15:54:30 | 000,031,696 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\System32\drivers\CFRPD.sys
[2010-10-28 15:54:02 | 000,064,096 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\System32\drivers\CFRMD.sys
[2010-10-21 21:58:46 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack
[2010-10-21 21:56:44 | 000,000,000 | ---D | C] -- C:\Program Files\3gp Player
[2010-10-17 11:17:44 | 000,000,000 | ---D | C] -- C:\Users\Artur\Desktop\360 Waves Patcher 1.2.2
[2010-10-16 16:33:13 | 000,000,000 | RH-D | C] -- C:\Users\Artur\AppData\Roaming\SecuROM
[2010-10-14 16:15:27 | 000,000,000 | ---D | C] -- C:\Users\Artur\AppData\Local\MetaGeek,_LLC
[2010-10-14 16:12:41 | 000,000,000 | ---D | C] -- C:\Program Files\MetaGeek
[2010-10-14 09:29:25 | 000,000,000 | ---D | C] -- C:\Users\Artur\Desktop\Nowy folder (5)
[2010-09-30 21:20:13 | 000,204,800 | ---- | C] (SEC) -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvcm.dll
[2010-09-30 21:20:12 | 000,151,552 | ---- | C] (SS) -- C:\Windows\System32\sse1mci.exe
[2010-09-30 21:20:12 | 000,151,552 | ---- | C] (SS) -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\coinst.exe
[2010-09-30 21:20:12 | 000,065,536 | ---- | C] (SS) -- C:\Windows\System32\sse1mci.dll
[2010-09-30 21:20:12 | 000,065,536 | ---- | C] (SS) -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\coinst.dll
[2010-09-30 21:20:12 | 000,005,120 | ---- | C] (Samsung Electronics) -- C:\Windows\System32\drivers\SSPORT.SYS
[2010-09-30 21:20:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series
[2010-09-30 21:20:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\Samsung
[2010-09-30 21:20:10 | 000,000,000 | ---D | C] -- C:\Program Files\Samsung
[2010-09-30 21:20:07 | 000,000,000 | ---D | C] -- C:\Temp
[2010-09-28 14:03:19 | 000,000,000 | ---D | C] -- C:\Program Files\Ubi Soft
[2010-09-28 13:23:13 | 000,000,000 | ---D | C] -- C:\Users\Artur\AppData\Roaming\ubi.com
[2010-09-28 13:23:08 | 000,000,000 | ---D | C] -- C:\Program Files\ubi.com
[2010-09-28 13:23:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PocketSoft
[2010-09-26 20:01:56 | 000,000,000 | ---D | C] -- C:\Program Files\ImgBurn
[2010-09-26 19:48:44 | 000,000,000 | ---D | C] -- C:\Users\Artur\AppData\Roaming\abgx360
[2010-09-26 19:12:42 | 000,000,000 | ---D | C] -- C:\Program Files\abgx360

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-11-19 22:27:24 | 002,097,152 | -HS- | M] () -- C:\Users\Artur\NTUSER.DAT
[2010-11-19 22:25:20 | 000,044,299 | ---- | M] () -- C:\Users\Artur\Desktop\zakładki 2010-10-17.adr
[2010-11-19 22:24:25 | 000,014,976 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010-11-19 22:24:25 | 000,014,976 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010-11-19 22:19:33 | 000,000,450 | ---- | M] () -- C:\Windows\tasks\COMODO Updater.job
[2010-11-19 22:11:10 | 001,549,696 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010-11-19 22:11:10 | 000,697,912 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2010-11-19 22:11:10 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010-11-19 22:11:10 | 000,134,990 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2010-11-19 22:11:10 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010-11-19 22:06:06 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempgH2056.html
[2010-11-19 22:06:06 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempNM2056.html
[2010-11-19 22:04:52 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010-11-19 22:04:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010-11-19 22:04:11 | 2413,522,944 | -HS- | M] () -- C:\hiberfil.sys
[2010-11-19 22:00:22 | 000,072,952 | ---- | M] () -- C:\Windows\System32\GDIPFONTCACHEV1.DAT
[2010-11-19 22:00:19 | 000,000,000 | ---- | M] () -- C:\Users\Artur\Desktop\Nowy Obraz — mapa bitowa.bmp
[2010-11-19 15:28:47 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempWs2356.html
[2010-11-19 15:16:29 | 303,799,722 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010-11-19 15:15:27 | 000,075,592 | ---- | M] (www.wiselogic.co.kr) -- C:\Windows\System32\XDva370.sys
[2010-11-18 23:41:15 | 000,024,338 | ---- | M] () -- C:\Windows\cscmondump.bin
[2010-11-18 23:40:54 | 000,455,454 | ---- | M] () -- C:\Windows\CSC_ServiceDump.dat
[2010-11-18 23:40:54 | 000,001,616 | ---- | M] () -- C:\Windows\CSC_ActiveCleanLog.dat
[2010-11-18 23:40:46 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempkL2164.html
[2010-11-18 23:40:46 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempvo2164.html
[2010-11-18 23:40:42 | 009,187,139 | -H-- | M] () -- C:\Users\Artur\AppData\Local\IconCache.db
[2010-11-18 18:15:40 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempMv3220.html
[2010-11-18 18:15:40 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempgv3220.html
[2010-11-18 18:10:29 | 052,129,288 | ---- | M] () -- C:\Users\Artur\Desktop\launch.exe
[2010-11-18 18:05:04 | 000,001,007 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010-11-18 18:02:26 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Artur\Desktop\mbam-setup-1.46(dobreprogramy.pl).exe
[2010-11-18 13:49:57 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempZN2824.html
[2010-11-18 13:48:50 | 000,339,991 | ---- | M] () -- C:\Users\Artur\Desktop\RSIT.exe
[2010-11-17 17:04:05 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempUn2700.html
[2010-11-17 15:21:37 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempWs1704.html
[2010-11-17 15:21:37 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempZj1704.html
[2010-11-17 14:36:48 | 000,000,179 | ---- | M] () -- C:\Windows\{8D4B1164-3935-44B2-9152-D0CB0AFBCCF4}.ini
[2010-11-17 14:36:48 | 000,000,000 | ---- | M] () -- C:\Windows\System32\{8D4B1164-3935-44B2-9152-D0CB0AFBCCF4}.ini
[2010-11-16 23:21:47 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempSP2164.html
[2010-11-16 23:21:47 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempDD2164.html
[2010-11-16 21:45:01 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempKc1936.html
[2010-11-16 21:45:01 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempxf1936.html
[2010-11-16 16:35:35 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempjm2368.html
[2010-11-16 16:35:35 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempMo2368.html
[2010-11-16 15:55:13 | 000,000,125 | ---- | M] () -- C:\Windows\xUninstall.bat
[2010-11-16 14:42:06 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempZv2056.html
[2010-11-16 14:23:02 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Artur\Desktop\OTL.exe
[2010-11-15 19:15:29 | 000,001,118 | ---- | M] () -- C:\Users\Artur\Desktop\EVEREST Ultimate Edition.lnk
[2010-11-15 18:53:11 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TemprcN520.html
[2010-11-15 18:22:25 | 000,000,993 | ---- | M] () -- C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
[2010-11-15 17:59:17 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempHw2120.html
[2010-11-15 17:59:17 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempGE2120.html
[2010-11-15 17:54:23 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempjB2184.html
[2010-11-15 17:54:23 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempEc2184.html
[2010-11-15 17:51:40 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempQK3268.html
[2010-11-15 17:51:40 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempyD3268.html
[2010-11-15 15:03:15 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempOdM404.html
[2010-11-15 15:03:15 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempmmj404.html
[2010-11-14 22:38:43 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempmr1288.html
[2010-11-14 22:38:43 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempgN1288.html
[2010-11-14 21:33:28 | 000,000,428 | ---- | M] () -- C:\Users\Artur\AppData\Roaming\Network Monitor II_Settings.ini
[2010-11-14 21:08:40 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempfw2052.html
[2010-11-14 21:08:40 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempoc2052.html
[2010-11-14 20:49:20 | 000,001,768 | ---- | M] () -- C:\Users\Public\Desktop\S4League.lnk
[2010-11-14 20:40:10 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempPj2308.html
[2010-11-14 20:40:10 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempoF2308.html
[2010-11-14 20:26:12 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempFD1392.html
[2010-11-14 20:20:50 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempxyV604.html
[2010-11-14 20:20:50 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempFSW604.html
[2010-11-14 17:36:16 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempoa2192.html
[2010-11-14 17:11:58 | 000,001,251 | ---- | M] () -- C:\Users\Artur\AppData\Roaming\System Monitor II_Settings.ini
[2010-11-14 17:11:39 | 000,000,363 | ---- | M] () -- C:\Users\Artur\AppData\Roaming\GPU Monitor_Settings.ini
[2010-11-14 16:53:56 | 000,129,521 | ---- | M] () -- C:\Users\Artur\Desktop\S4_Downloader.exe
[2010-11-14 00:02:35 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Temprk2200.html
[2010-11-12 17:53:53 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Templj3136.html
[2010-11-12 17:53:53 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempLP3136.html
[2010-11-12 15:20:19 | 010,211,112 | ---- | M] () -- C:\Users\Artur\Desktop\12. Enrique Iglesias Nicole Scherzinger - Heartbeat.mp3.mp3
[2010-11-12 02:17:43 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempNn2212.html
[2010-11-11 14:44:47 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TemptS2640.html
[2010-11-11 14:44:47 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempCw2640.html
[2010-11-11 00:25:23 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempmW2092.html
[2010-11-11 00:25:23 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempTV2092.html
[2010-11-10 18:58:13 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempNj2936.html
[2010-11-10 18:58:13 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempkQ2936.html
[2010-11-08 23:57:39 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempjt1260.html
[2010-11-08 23:57:39 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempmU1260.html
[2010-11-08 22:35:41 | 000,019,968 | ---- | M] () -- C:\Users\Artur\Desktop\Nowy Dokument programu Microsoft Word (3).doc
[2010-11-07 23:17:16 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Templd2252.html
[2010-11-07 23:17:16 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempiB2252.html
[2010-11-07 14:59:18 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempYo2328.html
[2010-11-07 02:07:26 | 000,000,056 | -H-- | M] () -- C:\Windows\System32\ezsidmv.dat
[2010-11-07 02:06:02 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempGS5436.html
[2010-11-07 00:48:58 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempDe4884.html
[2010-11-06 21:05:48 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempoi3392.html
[2010-11-06 19:14:33 | 000,001,343 | ---- | M] () -- C:\Users\Artur\Desktop\YT2 — skrót.lnk
[2010-11-06 00:43:31 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempIS3156.html
[2010-11-06 00:43:31 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempCb3156.html
[2010-11-05 15:00:43 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempKi1600.html
[2010-11-05 15:00:43 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempdn1600.html
[2010-11-04 22:55:31 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempKn4272.html
[2010-11-04 22:55:31 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempsG4272.html
[2010-11-04 00:20:40 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempaL1992.html
[2010-11-04 00:20:40 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempJT1992.html
[2010-11-04 00:07:00 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempNcI452.html
[2010-11-04 00:07:00 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempBvz452.html
[2010-11-03 20:34:30 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ew_jubusenum_01009.Wdf
[2010-11-03 16:38:37 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempaqS404.html
[2010-11-03 16:38:37 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempjpc404.html
[2010-11-02 22:32:40 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempZe1584.html
[2010-11-02 22:32:40 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempAK1584.html
[2010-11-02 21:49:29 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempFj7360.html
[2010-11-02 21:49:29 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempaG7360.html
[2010-11-02 15:38:35 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempWZ1976.html
[2010-11-01 22:46:19 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempiv1604.html
[2010-11-01 22:46:19 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempGl1604.html
[2010-11-01 10:17:19 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempPK1396.html
[2010-11-01 10:17:19 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempHB1396.html
[2010-11-01 01:15:27 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempkQ5152.html
[2010-11-01 01:15:27 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempyD5152.html
[2010-10-31 22:30:12 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempCfl428.html
[2010-10-31 00:26:22 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempY11140.html
[2010-10-31 00:26:22 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempM11140.html
[2010-10-30 22:14:57 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempKrU364.html
[2010-10-30 22:14:57 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempzHD364.html
[2010-10-29 21:55:35 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempT23260.html
[2010-10-29 21:55:35 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempr23260.html
[2010-10-28 22:01:56 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempr38984.html
[2010-10-28 22:01:56 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempN38984.html
[2010-10-28 15:54:30 | 000,031,696 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\Windows\System32\drivers\CFRPD.sys
[2010-10-28 15:54:02 | 000,064,096 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\Windows\System32\drivers\CFRMD.sys
[2010-10-27 21:38:10 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempM20272.html
[2010-10-26 22:29:18 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempDg2352.html
[2010-10-26 22:29:18 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempaW2352.html
[2010-10-25 21:00:00 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempgL2396.html
[2010-10-25 16:47:54 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempEY1740.html
[2010-10-25 16:47:54 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempRx1740.html
[2010-10-24 21:47:22 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempFs1672.html
[2010-10-23 23:41:07 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempo28316.html
[2010-10-23 23:41:07 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempq28316.html
[2010-10-23 15:51:13 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempwd2992.html
[2010-10-22 22:31:44 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempwV2352.html
[2010-10-22 22:31:44 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempKw2352.html
[2010-10-21 21:56:48 | 000,000,036 | -H-- | M] () -- C:\Windows\System32\swk.ini
[2010-10-21 21:54:40 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempj86412.html
[2010-10-20 23:26:02 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempTz2284.html
[2010-10-20 23:26:02 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempfM2284.html
[2010-10-20 22:07:18 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempCx2952.html
[2010-10-20 22:07:18 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempYi2952.html
[2010-10-19 22:36:40 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempPl6900.html
[2010-10-19 22:36:40 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempRj6900.html
[2010-10-18 22:45:01 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempw20308.html
[2010-10-18 22:45:01 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Temph20308.html
[2010-10-18 16:53:44 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempYK2744.html
[2010-10-17 22:06:15 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempiU2692.html
[2010-10-17 22:06:15 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempJj2692.html
[2010-10-16 22:51:15 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempv26128.html
[2010-10-16 22:51:15 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempA26128.html
[2010-10-16 19:55:00 | 000,057,960 | ---- | M] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2010-10-16 19:55:00 | 000,004,962 | ---- | M] () -- C:\Windows\System32\nvinfo.pb
[2010-10-16 12:55:43 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempKs2856.html
[2010-10-15 23:41:31 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempCy2636.html
[2010-10-15 23:41:31 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempwa2636.html
[2010-10-15 16:56:06 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempQe3144.html
[2010-10-15 16:56:06 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempUf3144.html
[2010-10-14 22:27:50 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempTA3172.html
[2010-10-14 22:27:50 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempPy3172.html
[2010-10-14 09:33:53 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempLP3076.html
[2010-10-14 09:33:53 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempxw3076.html
[2010-10-14 09:26:14 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempZj2984.html
[2010-10-14 09:26:14 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempOk2984.html
[2010-10-13 23:01:29 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempgR3020.html
[2010-10-13 23:01:29 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempTi3020.html
[2010-10-13 22:52:29 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempW14100.html
[2010-10-13 22:52:29 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempL14100.html
[2010-10-13 13:35:43 | 000,409,288 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010-10-13 13:33:50 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Temprt1800.html
[2010-10-13 13:33:50 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempbz1800.html
[2010-10-13 13:05:09 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempfA2460.html
[2010-10-13 12:48:19 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempeh3140.html
[2010-10-13 12:48:19 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempeu3140.html
[2010-10-12 22:22:29 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Templ92180.html
[2010-10-12 22:22:29 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempV92180.html
[2010-10-12 18:33:44 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempJI3184.html
[2010-10-11 22:37:22 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempKe2328.html
[2010-10-11 22:37:22 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempiV2328.html
[2010-10-11 17:17:51 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempJO3208.html
[2010-10-10 20:58:43 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempaU5804.html
[2010-10-10 10:44:39 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempPOY320.html
[2010-10-09 22:33:39 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempUY3492.html
[2010-10-09 14:15:32 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempHd3028.html
[2010-10-09 09:09:10 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempfV3108.html
[2010-10-09 09:09:10 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempeP3108.html
[2010-10-07 21:23:22 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempzz2652.html
[2010-10-07 21:23:22 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempWB2652.html
[2010-10-07 15:11:48 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempoX3204.html
[2010-10-06 21:49:04 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempo18344.html
[2010-10-06 17:04:29 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempud2980.html
[2010-10-05 22:46:45 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempFw3972.html
[2010-10-05 22:46:45 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempdi3972.html
[2010-10-05 18:35:22 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempzx2836.html
[2010-10-05 18:35:22 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempCE2836.html
[2010-10-05 17:50:10 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempYs3208.html
[2010-10-05 17:50:10 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TemplD3208.html
[2010-10-05 15:04:42 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempIc3032.html
[2010-10-05 15:04:41 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempwY3032.html
[2010-10-05 14:34:44 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempLo3140.html
[2010-10-05 07:08:04 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempxO3188.html
[2010-10-05 07:08:04 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Temphb3188.html
[2010-10-04 22:36:02 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempT99548.html
[2010-10-04 22:36:02 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempg99548.html
[2010-10-03 20:51:33 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Temptt2908.html
[2010-10-01 16:22:59 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempjW2960.html
[2010-10-01 16:22:59 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempsp2960.html
[2010-09-30 21:45:03 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempJw2944.html
[2010-09-29 23:33:47 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempp21664.html
[2010-09-29 23:33:47 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempI21664.html
[2010-09-29 22:27:26 | 000,026,112 | ---- | M] () -- C:\Users\Artur\Desktop\Nowy Dokument programu Microsoft Word (2).doc
[2010-09-29 19:17:02 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TemppZ2740.html
[2010-09-28 21:52:37 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempGz3024.html
[2010-09-28 21:52:37 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempLD3024.html
[2010-09-28 13:23:42 | 000,000,000 | ---- | M] () -- C:\Windows\PowerReg.dat
[2010-09-26 21:44:36 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempps3028.html
[2010-09-26 21:44:36 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempdl3028.html
[2010-09-25 23:19:00 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempBv2880.html
[2010-09-25 23:19:00 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempoK2880.html
[2010-09-24 22:25:49 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempIn5208.html
[2010-09-24 22:25:49 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempaB5208.html
[2010-09-24 20:52:35 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempwM2892.html
[2010-09-24 15:10:12 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempZg3052.html
[2010-09-24 15:10:12 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempnV3052.html
[2010-09-23 22:20:34 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Temp143576.html
[2010-09-23 22:20:34 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempa43576.html
[2010-09-23 14:03:32 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempPd3040.html
[2010-09-22 22:30:13 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\Tempce3144.html
[2010-09-22 22:30:13 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempTb3144.html
[2010-09-22 16:47:38 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempDl3004.html
[2010-09-22 16:47:38 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempNi3004.html
[2010-09-21 21:38:52 | 000,002,432 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempE11968.html
[2010-09-21 21:38:52 | 000,002,089 | ---- | M] () -- C:\Users\Artur\AppData\Local\TempU11968.html

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-11-19 22:25:20 | 000,044,299 | ---- | C] () -- C:\Users\Artur\Desktop\zakładki 2010-10-17.adr
[2010-11-19 22:06:06 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempgH2056.html
[2010-11-19 22:06:06 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempNM2056.html
[2010-11-19 22:00:22 | 000,072,952 | ---- | C] () -- C:\Windows\System32\GDIPFONTCACHEV1.DAT
[2010-11-19 22:00:19 | 000,000,000 | ---- | C] () -- C:\Users\Artur\Desktop\Nowy Obraz — mapa bitowa.bmp
[2010-11-19 15:18:09 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempWs2356.html
[2010-11-18 23:06:12 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempkL2164.html
[2010-11-18 23:06:12 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempvo2164.html
[2010-11-18 18:15:40 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempMv3220.html
[2010-11-18 18:15:40 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempgv3220.html
[2010-11-18 18:05:03 | 000,001,007 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010-11-18 18:01:49 | 052,129,288 | ---- | C] () -- C:\Users\Artur\Desktop\launch.exe
[2010-11-18 13:48:50 | 000,339,991 | ---- | C] () -- C:\Users\Artur\Desktop\RSIT.exe
[2010-11-18 13:25:10 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempZN2824.html
[2010-11-17 15:24:38 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempUn2700.html
[2010-11-17 14:36:48 | 000,000,179 | ---- | C] () -- C:\Windows\{8D4B1164-3935-44B2-9152-D0CB0AFBCCF4}.ini
[2010-11-17 14:36:48 | 000,000,000 | ---- | C] () -- C:\Windows\System32\{8D4B1164-3935-44B2-9152-D0CB0AFBCCF4}.ini
[2010-11-17 14:07:13 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempWs1704.html
[2010-11-17 14:07:13 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempZj1704.html
[2010-11-16 22:00:43 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempSP2164.html
[2010-11-16 22:00:43 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempDD2164.html
[2010-11-16 21:45:01 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempKc1936.html
[2010-11-16 21:45:01 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempxf1936.html
[2010-11-16 16:35:35 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempjm2368.html
[2010-11-16 16:35:35 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempMo2368.html
[2010-11-16 12:35:14 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempZv2056.html
[2010-11-15 19:15:29 | 000,001,118 | ---- | C] () -- C:\Users\Artur\Desktop\EVEREST Ultimate Edition.lnk
[2010-11-15 18:22:25 | 000,000,993 | ---- | C] () -- C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
[2010-11-15 18:10:31 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TemprcN520.html
[2010-11-15 17:59:17 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempHw2120.html
[2010-11-15 17:59:17 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempGE2120.html
[2010-11-15 17:54:23 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempjB2184.html
[2010-11-15 17:54:23 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempEc2184.html
[2010-11-15 17:35:52 | 000,004,962 | ---- | C] () -- C:\Windows\System32\nvinfo.pb
[2010-11-15 17:11:40 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempQK3268.html
[2010-11-15 17:11:40 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempyD3268.html
[2010-11-15 15:03:15 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempOdM404.html
[2010-11-15 15:03:15 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempmmj404.html
[2010-11-14 21:14:16 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempmr1288.html
[2010-11-14 21:14:16 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempgN1288.html
[2010-11-14 21:08:40 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempfw2052.html
[2010-11-14 21:08:40 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempoc2052.html
[2010-11-14 20:49:20 | 000,001,768 | ---- | C] () -- C:\Users\Public\Desktop\S4League.lnk
[2010-11-14 20:40:10 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempPj2308.html
[2010-11-14 20:40:10 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempoF2308.html
[2010-11-14 20:24:38 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempFD1392.html
[2010-11-14 20:20:16 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempxyV604.html
[2010-11-14 20:20:16 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempFSW604.html
[2010-11-14 20:18:15 | 303,799,722 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010-11-14 17:13:42 | 000,000,428 | ---- | C] () -- C:\Users\Artur\AppData\Roaming\Network Monitor II_Settings.ini
[2010-11-14 16:53:56 | 000,129,521 | ---- | C] () -- C:\Users\Artur\Desktop\S4_Downloader.exe
[2010-11-14 14:40:35 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempoa2192.html
[2010-11-13 23:05:07 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temprk2200.html
[2010-11-12 15:18:04 | 010,211,112 | ---- | C] () -- C:\Users\Artur\Desktop\12. Enrique Iglesias Nicole Scherzinger - Heartbeat.mp3.mp3
[2010-11-12 13:22:40 | 000,000,363 | ---- | C] () -- C:\Users\Artur\AppData\Roaming\GPU Monitor_Settings.ini
[2010-11-12 11:40:16 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Templj3136.html
[2010-11-12 11:40:16 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempLP3136.html
[2010-11-12 00:40:58 | 000,001,251 | ---- | C] () -- C:\Users\Artur\AppData\Roaming\System Monitor II_Settings.ini
[2010-11-12 00:25:10 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempNn2212.html
[2010-11-11 11:21:44 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TemptS2640.html
[2010-11-11 11:21:44 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempCw2640.html
[2010-11-11 00:25:50 | 000,024,338 | ---- | C] () -- C:\Windows\cscmondump.bin
[2010-11-11 00:25:29 | 000,455,454 | ---- | C] () -- C:\Windows\CSC_ServiceDump.dat
[2010-11-11 00:25:29 | 000,001,616 | ---- | C] () -- C:\Windows\CSC_ActiveCleanLog.dat
[2010-11-10 22:19:27 | 000,000,450 | ---- | C] () -- C:\Windows\tasks\COMODO Updater.job
[2010-11-10 21:53:41 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempmW2092.html
[2010-11-10 21:53:41 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempTV2092.html
[2010-11-10 15:05:07 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempNj2936.html
[2010-11-10 15:05:07 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempkQ2936.html
[2010-11-08 22:28:03 | 000,019,968 | ---- | C] () -- C:\Users\Artur\Desktop\Nowy Dokument programu Microsoft Word (3).doc
[2010-11-08 15:10:36 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempjt1260.html
[2010-11-08 15:10:36 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempmU1260.html
[2010-11-07 20:01:52 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Templd2252.html
[2010-11-07 20:01:52 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempiB2252.html
[2010-11-07 11:53:41 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempYo2328.html
[2010-11-07 02:07:26 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2010-11-07 01:35:43 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempGS5436.html
[2010-11-06 22:36:25 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempDe4884.html
[2010-11-06 19:14:33 | 000,001,343 | ---- | C] () -- C:\Users\Artur\Desktop\YT2 — skrót.lnk
[2010-11-06 09:51:01 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempoi3392.html
[2010-11-05 16:02:15 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempIS3156.html
[2010-11-05 16:02:15 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempCb3156.html
[2010-11-05 15:00:43 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempKi1600.html
[2010-11-05 15:00:43 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempdn1600.html
[2010-11-04 21:56:58 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempKn4272.html
[2010-11-04 21:56:58 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempsG4272.html
[2010-11-04 00:17:43 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempaL1992.html
[2010-11-04 00:17:43 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempJT1992.html
[2010-11-03 20:34:30 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ew_jubusenum_01009.Wdf
[2010-11-03 20:31:06 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempNcI452.html
[2010-11-03 20:31:06 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempBvz452.html
[2010-11-03 14:30:55 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempaqS404.html
[2010-11-03 14:30:55 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempjpc404.html
[2010-11-02 22:07:03 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempZe1584.html
[2010-11-02 22:07:03 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempAK1584.html
[2010-11-02 20:27:41 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempFj7360.html
[2010-11-02 20:27:41 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempaG7360.html
[2010-11-02 13:03:36 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempWZ1976.html
[2010-11-01 12:14:09 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempiv1604.html
[2010-11-01 12:14:09 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempGl1604.html
[2010-11-01 08:57:01 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempPK1396.html
[2010-11-01 08:57:01 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempHB1396.html
[2010-11-01 01:15:07 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempkQ5152.html
[2010-11-01 01:15:07 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempyD5152.html
[2010-10-31 12:27:40 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempCfl428.html
[2010-10-31 00:26:08 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempY11140.html
[2010-10-31 00:26:08 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempM11140.html
[2010-10-30 09:29:27 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempKrU364.html
[2010-10-30 09:29:27 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempzHD364.html
[2010-10-29 21:29:07 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempT23260.html
[2010-10-29 21:29:07 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempr23260.html
[2010-10-28 19:57:02 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempr38984.html
[2010-10-28 19:57:02 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempN38984.html
[2010-10-27 20:53:31 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempM20272.html
[2010-10-26 12:14:59 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempDg2352.html
[2010-10-26 12:14:59 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempaW2352.html
[2010-10-25 19:53:21 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempgL2396.html
[2010-10-25 14:20:39 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempEY1740.html
[2010-10-25 14:20:39 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempRx1740.html
[2010-10-24 10:43:54 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempFs1672.html
[2010-10-23 21:48:19 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempo28316.html
[2010-10-23 21:48:19 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempq28316.html
[2010-10-23 12:46:08 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempwd2992.html
[2010-10-22 16:11:42 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempwV2352.html
[2010-10-22 16:11:42 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempKw2352.html
[2010-10-21 21:58:47 | 000,010,752 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010-10-21 21:58:47 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2010-10-21 21:56:48 | 000,000,036 | -H-- | C] () -- C:\Windows\System32\swk.ini
[2010-10-21 19:39:31 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempj86412.html
[2010-10-20 22:29:13 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempTz2284.html
[2010-10-20 22:29:13 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempfM2284.html
[2010-10-20 13:54:09 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempCx2952.html
[2010-10-20 13:54:09 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempYi2952.html
[2010-10-19 19:16:49 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempPl6900.html
[2010-10-19 19:16:49 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempRj6900.html
[2010-10-18 22:42:48 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempw20308.html
[2010-10-18 22:42:48 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temph20308.html
[2010-10-18 14:49:27 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempYK2744.html
[2010-10-17 09:29:23 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempiU2692.html
[2010-10-17 09:29:23 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempJj2692.html
[2010-10-16 17:45:59 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempv26128.html
[2010-10-16 17:45:59 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempA26128.html
[2010-10-16 11:20:43 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempKs2856.html
[2010-10-15 20:10:52 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempCy2636.html
[2010-10-15 20:10:52 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempwa2636.html
[2010-10-15 14:50:26 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempQe3144.html
[2010-10-15 14:50:26 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempUf3144.html
[2010-10-14 13:21:59 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempTA3172.html
[2010-10-14 13:21:59 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempPy3172.html
[2010-10-14 09:28:24 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempLP3076.html
[2010-10-14 09:28:24 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempxw3076.html
[2010-10-14 09:16:20 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempZj2984.html
[2010-10-14 09:16:20 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempOk2984.html
[2010-10-13 22:54:52 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempgR3020.html
[2010-10-13 22:54:52 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempTi3020.html
[2010-10-13 20:17:16 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempW14100.html
[2010-10-13 20:17:16 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempL14100.html
[2010-10-13 13:05:19 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temprt1800.html
[2010-10-13 13:05:19 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempbz1800.html
[2010-10-13 12:57:21 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempfA2460.html
[2010-10-13 12:37:57 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempeh3140.html
[2010-10-13 12:37:57 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempeu3140.html
[2010-10-12 21:05:56 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Templ92180.html
[2010-10-12 21:05:56 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempV92180.html
[2010-10-12 12:37:57 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempJI3184.html
[2010-10-11 21:03:35 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempKe2328.html
[2010-10-11 21:03:35 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempiV2328.html
[2010-10-11 13:45:42 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempJO3208.html
[2010-10-10 15:47:11 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempaU5804.html
[2010-10-10 09:38:11 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempPOY320.html
[2010-10-09 15:41:35 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempUY3492.html
[2010-10-09 12:48:22 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempHd3028.html
[2010-10-09 09:06:48 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempfV3108.html
[2010-10-09 09:06:48 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempeP3108.html
[2010-10-07 17:21:50 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempzz2652.html
[2010-10-07 17:21:50 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempWB2652.html
[2010-10-07 12:12:49 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempoX3204.html
[2010-10-06 20:47:58 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempo18344.html
[2010-10-06 13:12:31 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempud2980.html
[2010-10-05 20:24:36 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempFw3972.html
[2010-10-05 20:24:36 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempdi3972.html
[2010-10-05 18:26:45 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempzx2836.html
[2010-10-05 18:26:45 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempCE2836.html
[2010-10-05 17:47:35 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempYs3208.html
[2010-10-05 17:47:35 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TemplD3208.html
[2010-10-05 15:04:42 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempIc3032.html
[2010-10-05 15:04:41 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempwY3032.html
[2010-10-05 12:04:30 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempLo3140.html
[2010-10-05 07:05:47 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempxO3188.html
[2010-10-05 07:05:47 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temphb3188.html
[2010-10-04 21:26:59 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempT99548.html
[2010-10-04 21:26:59 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempg99548.html
[2010-10-03 14:48:44 | 000,069,632 | R--- | C] () -- C:\Windows\System32\xmltok.dll
[2010-10-03 14:48:44 | 000,036,864 | R--- | C] () -- C:\Windows\System32\xmlparse.dll
[2010-10-03 14:48:44 | 000,035,840 | R--- | C] () -- C:\Windows\System32\comdlg32.oca
[2010-10-03 14:48:44 | 000,029,184 | R--- | C] () -- C:\Windows\System32\MSINET.oca
[2010-10-03 10:01:11 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temptt2908.html
[2010-10-01 14:04:48 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempjW2960.html
[2010-10-01 14:04:48 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempsp2960.html
[2010-09-30 21:20:28 | 000,011,502 | ---- | C] () -- C:\Windows\Dr. Printer Icon.ico
[2010-09-30 21:20:13 | 001,032,192 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvum.dll
[2010-09-30 21:20:13 | 000,929,792 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvu.dll
[2010-09-30 21:20:13 | 000,835,584 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvu2.dll
[2010-09-30 21:20:13 | 000,626,874 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvua.bmp
[2010-09-30 21:20:13 | 000,217,088 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvo.dll
[2010-09-30 21:20:13 | 000,206,278 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvub.bmp
[2010-09-30 21:20:13 | 000,087,134 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvfn.dat
[2010-09-30 21:20:13 | 000,084,076 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvel.dat
[2010-09-30 21:20:13 | 000,083,730 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvgr.dat
[2010-09-30 21:20:13 | 000,082,987 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvsp.dat
[2010-09-30 21:20:13 | 000,082,974 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvpt.dat
[2010-09-30 21:20:13 | 000,082,040 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvit.dat
[2010-09-30 21:20:13 | 000,081,898 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvbp.dat
[2010-09-30 21:20:13 | 000,081,018 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvdt.dat
[2010-09-30 21:20:13 | 000,080,802 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvhu.dat
[2010-09-30 21:20:13 | 000,080,441 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvru.dat
[2010-09-30 21:20:13 | 000,079,600 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvpo.dat
[2010-09-30 21:20:13 | 000,078,768 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvfi.dat
[2010-09-30 21:20:13 | 000,077,879 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvdn.dat
[2010-09-30 21:20:13 | 000,077,734 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvcz.dat
[2010-09-30 21:20:13 | 000,077,604 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvtk.dat
[2010-09-30 21:20:13 | 000,076,959 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvsw.dat
[2010-09-30 21:20:13 | 000,076,904 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvnr.dat
[2010-09-30 21:20:13 | 000,074,785 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrven.dat
[2010-09-30 21:20:13 | 000,071,490 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvkr.dat
[2010-09-30 21:20:13 | 000,069,632 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvlf.dll
[2010-09-30 21:20:13 | 000,064,494 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvcp.dat
[2010-09-30 21:20:13 | 000,064,315 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvct.dat
[2010-09-30 21:20:13 | 000,051,536 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\sse1mu.bmp
[2010-09-30 21:20:13 | 000,049,152 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvIO.DLL
[2010-09-30 21:20:13 | 000,038,192 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvcm.ctd
[2010-09-30 21:20:13 | 000,036,323 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\sse1m.cat
[2010-09-30 21:20:13 | 000,034,625 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvel.chm
[2010-09-30 21:20:13 | 000,034,205 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvhu.chm
[2010-09-30 21:20:13 | 000,034,075 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvpo.chm
[2010-09-30 21:20:13 | 000,033,815 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvgr.chm
[2010-09-30 21:20:13 | 000,033,649 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvru.chm
[2010-09-30 21:20:13 | 000,033,451 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvcz.chm
[2010-09-30 21:20:13 | 000,033,417 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvfn.chm
[2010-09-30 21:20:13 | 000,033,187 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvkr.chm
[2010-09-30 21:20:13 | 000,033,107 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvdt.chm
[2010-09-30 21:20:13 | 000,033,089 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvpt.chm
[2010-09-30 21:20:13 | 000,033,047 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvsp.chm
[2010-09-30 21:20:13 | 000,032,749 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvct.chm
[2010-09-30 21:20:13 | 000,032,741 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvit.chm
[2010-09-30 21:20:13 | 000,032,719 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvcp.chm
[2010-09-30 21:20:13 | 000,032,467 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvbp.chm
[2010-09-30 21:20:13 | 000,032,409 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvdn.chm
[2010-09-30 21:20:13 | 000,032,345 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvtk.chm
[2010-09-30 21:20:13 | 000,032,299 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvfi.chm
[2010-09-30 21:20:13 | 000,032,243 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvsw.chm
[2010-09-30 21:20:13 | 000,031,821 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvnr.chm
[2010-09-30 21:20:13 | 000,031,467 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrven.chm
[2010-09-30 21:20:13 | 000,024,250 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvum.xml
[2010-09-30 21:20:13 | 000,022,723 | ---- | C] () -- C:\Windows\System32\sse1ml3.dll
[2010-09-30 21:20:13 | 000,022,723 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\sse1ml3.dll
[2010-09-30 21:20:13 | 000,015,318 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvpp.dll
[2010-09-30 21:20:13 | 000,008,465 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\sse1m.inf
[2010-09-30 21:20:13 | 000,005,020 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\sse1mu.ini
[2010-09-30 21:20:13 | 000,004,072 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\itdrvul.bmp
[2010-09-30 21:20:13 | 000,000,556 | ---- | C] () -- C:\Windows\System32\sse1ml3.smt
[2010-09-30 21:20:13 | 000,000,556 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\sse1ml3.SMT
[2010-09-30 21:20:13 | 000,000,527 | ---- | C] () -- C:\Windows\System32\drivers\Samsung\Samsung SCX-4300 Series\sse1mpp.ver
[2010-09-30 13:17:42 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempJw2944.html
[2010-09-29 19:58:34 | 000,026,112 | ---- | C] () -- C:\Users\Artur\Desktop\Nowy Dokument programu Microsoft Word (2).doc
[2010-09-29 19:43:57 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempp21664.html
[2010-09-29 19:43:57 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempI21664.html
[2010-09-29 14:07:51 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TemppZ2740.html
[2010-09-28 13:23:42 | 000,000,000 | ---- | C] () -- C:\Windows\PowerReg.dat
[2010-09-28 13:23:13 | 000,185,344 | ---- | C] () -- C:\Windows\patchw32.dll
[2010-09-28 13:15:19 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempGz3024.html
[2010-09-28 13:15:19 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempLD3024.html
[2010-09-26 07:45:37 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempps3028.html
[2010-09-26 07:45:37 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempdl3028.html
[2010-09-25 10:11:05 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempBv2880.html
[2010-09-25 10:11:05 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempoK2880.html
[2010-09-24 21:45:46 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempIn5208.html
[2010-09-24 21:45:46 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempaB5208.html
[2010-09-24 19:32:38 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempwM2892.html
[2010-09-24 14:03:40 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempZg3052.html
[2010-09-24 14:03:40 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempnV3052.html
[2010-09-23 21:09:20 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temp143576.html
[2010-09-23 21:09:20 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempa43576.html
[2010-09-23 13:09:08 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempPd3040.html
[2010-09-22 19:33:04 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempce3144.html
[2010-09-22 19:33:04 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempTb3144.html
[2010-09-22 14:17:12 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempDl3004.html
[2010-09-22 14:17:12 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempNi3004.html
[2010-09-21 20:19:41 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempE11968.html
[2010-09-21 20:19:41 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempU11968.html
[2010-09-18 23:49:43 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempjS3124.html
[2010-09-18 23:49:43 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempPm3124.html
[2010-09-18 18:58:13 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempU21712.html
[2010-09-18 18:58:13 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempd21712.html
[2010-09-18 10:04:32 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempyC2952.html
[2010-09-18 10:04:32 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempAx2952.html
[2010-09-17 19:02:43 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempM96720.html
[2010-09-17 18:04:42 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temp119244.html
[2010-09-17 17:50:59 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temp113764.html
[2010-09-17 17:36:43 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temp110156.html
[2010-09-17 17:16:38 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temp103396.html
[2010-09-17 11:49:58 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempof2712.html
[2010-09-17 11:49:58 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempdX2712.html
[2010-09-16 15:28:56 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempLv1704.html
[2010-09-16 15:28:56 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempgg1704.html
[2010-09-15 18:48:01 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempsy3320.html
[2010-09-15 17:10:36 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempUj6004.html
[2010-09-15 17:10:36 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempgd6004.html
[2010-09-14 15:33:53 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempp57644.html
[2010-09-13 22:58:09 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempyl1560.html
[2010-09-13 22:58:09 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempka1560.html
[2010-09-13 10:05:17 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempOq4016.html
[2010-09-13 10:05:17 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempWL4016.html
[2010-09-12 22:53:36 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempqf6012.html
[2010-09-12 22:53:36 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempPG6012.html
[2010-09-12 19:40:47 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempG75204.html
[2010-09-12 19:40:47 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempH75204.html
[2010-09-12 14:06:55 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempV22244.html
[2010-09-12 12:32:44 | 000,000,412 | ---- | C] () -- C:\Windows\ODBC.INI
[2010-09-11 21:22:20 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temph50740.html
[2010-09-11 21:22:20 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempi50740.html
[2010-09-11 12:15:28 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempn30548.html
[2010-09-11 10:38:11 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempCF3652.html
[2010-09-11 10:38:11 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempJP3652.html
[2010-09-10 13:31:35 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempTO3788.html
[2010-09-10 13:31:35 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempqa3788.html
[2010-09-09 22:59:12 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempCeu508.html
[2010-09-09 22:59:12 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempXrv508.html
[2010-09-09 21:57:44 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempBG2396.html
[2010-09-09 13:23:47 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempwS2184.html
[2010-09-09 13:23:47 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempNu2184.html
[2010-09-08 20:18:21 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempfc5964.html
[2010-09-08 16:38:00 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempqm3104.html
[2010-09-08 16:38:00 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TemprM3104.html
[2010-09-07 15:27:55 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempSO3476.html
[2010-09-07 13:28:51 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempvpt468.html
[2010-09-06 19:26:34 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temprj7908.html
[2010-09-06 19:26:34 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempiQ7908.html
[2010-09-05 20:33:36 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempcW3832.html
[2010-09-05 20:33:36 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempDH3832.html
[2010-09-05 14:00:19 | 000,000,316 | ---- | C] () -- C:\Windows\game.ini
[2010-09-05 11:56:11 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempIr3612.html
[2010-09-05 09:48:41 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempYE3116.html
[2010-09-04 20:49:46 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempUZ3760.html
[2010-09-04 18:41:33 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempsJ4000.html
[2010-09-04 18:41:33 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempAk4000.html
[2010-09-04 08:40:09 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempRl1392.html
[2010-09-04 08:40:09 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempWO1392.html
[2010-09-03 21:23:11 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempgJ2236.html
[2010-09-03 21:23:11 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempVD2236.html
[2010-09-03 16:04:17 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempNT4080.html
[2010-09-03 16:04:17 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempsM4080.html
[2010-09-03 14:37:34 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempJkh932.html
[2010-09-03 14:37:34 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempTIc932.html
[2010-09-02 20:41:11 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempjX2476.html
[2010-09-02 19:55:57 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempKm6264.html
[2010-09-02 19:55:57 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempdp6264.html
[2010-09-01 18:00:30 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempw22280.html
[2010-08-31 22:58:11 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempsI2900.html
[2010-08-31 22:58:11 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempWI2900.html
[2010-08-30 20:51:30 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempeb9828.html
[2010-08-30 13:48:54 | 000,138,664 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010-08-30 13:20:42 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempVo3468.html
[2010-08-30 00:43:29 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempN72660.html
[2010-08-29 19:54:49 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temprf3580.html
[2010-08-28 19:33:01 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temptn3624.html
[2010-08-27 12:28:32 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temptl3676.html
[2010-08-26 19:44:26 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempEp2176.html
[2010-08-26 14:00:16 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempzc3692.html
[2010-08-26 14:00:16 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempWe3692.html
[2010-08-26 02:44:15 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempJh1508.html
[2010-08-25 21:24:02 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2010-08-25 18:44:46 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempmh3564.html
[2010-08-25 18:44:46 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempLM3564.html
[2010-08-25 10:23:50 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempUB2960.html
[2010-08-24 16:43:01 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempQLm604.html
[2010-08-24 11:29:07 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempoMZ716.html
[2010-08-24 11:28:23 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempGk3868.html
[2010-08-24 00:14:43 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temp123388.html
[2010-08-23 20:31:20 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempu48020.html
[2010-08-23 15:32:31 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempn18332.html
[2010-08-23 11:00:44 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempbg2276.html
[2010-08-22 23:32:01 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempfg1052.html
[2010-08-22 23:32:01 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempHF1052.html
[2010-08-22 20:10:04 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempOa1220.html
[2010-08-22 18:38:59 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempcR3444.html
[2010-08-22 18:38:59 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempEX3444.html
[2010-08-20 09:32:11 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempTi3808.html
[2010-08-20 09:32:11 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempYy3808.html
[2010-08-19 09:40:02 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempqs3176.html
[2010-08-19 09:40:02 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempAi3176.html
[2010-08-18 21:23:28 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempGY3588.html
[2010-08-18 21:23:28 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempSE3588.html
[2010-08-17 12:15:46 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempjq2528.html
[2010-08-17 12:15:45 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempYs2528.html
[2010-08-17 09:10:26 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempyM1820.html
[2010-08-17 09:10:26 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempDW1820.html
[2010-08-16 21:07:14 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempyJW964.html
[2010-08-15 23:05:22 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempFQ4064.html
[2010-08-15 21:26:10 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Tempta3924.html
[2010-08-15 21:25:09 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempkC2304.html
[2010-08-11 21:38:42 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temphco724.html
[2010-08-11 21:38:42 | 000,002,089 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempfxY724.html
[2010-08-11 09:28:14 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\TempAr3400.html
[2010-08-10 21:03:30 | 000,002,432 | ---- | C] () -- C:\Users\Artur\AppData\Local\Temp234128.html
[2010-08-06 16:40:45 | 000,109,608 | ---- | C] () -- C:\Users\Artur\AppData\Local\GDIPFONTCACHEV1.DAT
[2010-08-06 16:13:11 | 009,187,139 | -H-- | C] () -- C:\Users\Artur\AppData\Local\IconCache.db
[2010-08-06 15:26:53 | 001,549,696 | ---- | C] () -- C:\Windows\System32\PerfStringBackup.INI
[2010-02-08 07:33:04 | 000,359,320 | ---- | C] () -- C:\Windows\System32\vfprintpthelper.dll
[2009-07-14 05:41:57 | 000,000,174 | -HS- | C] () -- C:\Program Files\desktop.ini
[2009-07-14 03:04:57 | 000,001,405 | ---- | C] () -- C:\Windows\msdfmap.ini
[2009-07-14 03:04:23 | 000,000,499 | ---- | C] () -- C:\Windows\win.ini
[2009-07-14 03:04:23 | 000,000,219 | ---- | C] () -- C:\Windows\system.ini
[2009-07-14 01:59:08 | 000,011,776 | ---- | C] () -- C:\Windows\System32\SaSegFlt.dll
[2009-07-14 01:58:40 | 000,037,376 | ---- | C] () -- C:\Windows\System32\SaImgFlt.dll
[2009-07-14 01:58:25 | 000,010,240 | ---- | C] () -- C:\Windows\System32\SaErHdlr.dll
[2009-07-14 01:56:53 | 000,159,232 | ---- | C] () -- C:\Windows\System32\SaMinDrv.dll
[2009-07-14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009-07-14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009-07-13 22:40:44 | 000,027,097 | ---- | C] () -- C:\Windows\System32\country.sys
[2009-07-13 22:40:43 | 000,042,809 | ---- | C] () -- C:\Windows\System32\KEY01.SYS
[2009-07-13 22:40:43 | 000,042,537 | ---- | C] () -- C:\Windows\System32\KEYBOARD.SYS
[2009-07-13 22:40:41 | 000,009,029 | ---- | C] () -- C:\Windows\System32\ANSI.SYS
[2009-07-13 22:40:40 | 000,004,768 | ---- | C] () -- C:\Windows\System32\HIMEM.SYS
[2009-07-13 22:40:39 | 000,029,274 | ---- | C] () -- C:\Windows\System32\NTDOS412.SYS
[2009-07-13 22:40:35 | 000,029,370 | ---- | C] () -- C:\Windows\System32\NTDOS411.SYS
[2009-07-13 22:40:31 | 000,029,146 | ---- | C] () -- C:\Windows\System32\NTDOS404.SYS
[2009-07-13 22:40:27 | 000,029,146 | ---- | C] () -- C:\Windows\System32\NTDOS804.SYS
[2009-07-13 22:40:23 | 000,027,866 | ---- | C] () -- C:\Windows\System32\NTDOS.SYS
[2009-07-13 22:40:19 | 000,035,536 | ---- | C] () -- C:\Windows\System32\NTIO412.SYS
[2009-07-13 22:40:17 | 000,035,776 | ---- | C] () -- C:\Windows\System32\NTIO411.SYS
[2009-07-13 22:40:15 | 000,034,672 | ---- | C] () -- C:\Windows\System32\NTIO404.SYS
[2009-07-13 22:40:13 | 000,034,672 | ---- | C] () -- C:\Windows\System32\NTIO804.SYS
[2009-07-13 22:40:11 | 000,033,952 | ---- | C] () -- C:\Windows\System32\NTIO.SYS
[2009-07-13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\System32\msjetoledb40.dll
[2009-07-13 21:29:46 | 000,013,312 | ---- | C] () -- C:\Windows\System32\win87em.dll
[2009-06-10 22:39:59 | 000,060,124 | ---- | C] () -- C:\Windows\System32\tcpmon.ini
[2007-11-14 15:17:34 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CogentBioSDK.dll
[2006-03-09 08:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2003-04-08 10:40:22 | 000,005,679 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI

[color=#E56717]========== LOP Check ==========[/color]

[2010-09-26 19:48:45 | 000,000,000 | ---D | M] -- C:\Users\Artur\AppData\Roaming\abgx360
[2010-08-25 23:33:20 | 000,000,000 | ---D | M] -- C:\Users\Artur\AppData\Roaming\DAEMON Tools Lite
[2010-11-16 16:34:27 | 000,000,000 | ---D | M] -- C:\Users\Artur\AppData\Roaming\DigitalPersona
[2010-11-18 16:35:00 | 000,000,000 | ---D | M] -- C:\Users\Artur\AppData\Roaming\foobar2000
[2010-08-10 22:36:18 | 000,000,000 | ---D | M] -- C:\Users\Artur\AppData\Roaming\Gadu-Gadu 10
[2010-11-11 14:44:27 | 000,000,000 | ---D | M] -- C:\Users\Artur\AppData\Roaming\ImgBurn
[2010-09-11 13:06:16 | 000,000,000 | ---D | M] -- C:\Users\Artur\AppData\Roaming\Opera
[2010-08-22 19:37:33 | 000,000,000 | ---D | M] -- C:\Users\Artur\AppData\Roaming\Soldat
[2010-09-28 13:23:13 | 000,000,000 | ---D | M] -- C:\Users\Artur\AppData\Roaming\ubi.com
[2010-08-06 16:04:15 | 000,000,000 | ---D | M] -- C:\Users\Artur\AppData\Roaming\wargaming.net
[2010-10-15 20:10:15 | 000,032,590 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



< End of report >
O[/log]



Niestety nie udało mi się zapisać LOGA z DR WEB CureIt :(


Pozdrawiam :)

Sohei
komentarz
komentarz

C:\Windows\System32\XDva370.sys przeskanuj to na virustotal.com

Tomek01
komentarz
komentarz

Wrzuć jeszcze log Silent Runners oraz Gmer (wcześniej jednak odinstaluj sterownik sptd.sys oraz programy emulujące napęd: Alcohol, Deamon Tools, jest to niezbędne do wykonania log'u). Ustawienia: http://www.forumpc.pl/index.php?showtopic=116175

Arczi256
komentarz
komentarz (edytowane)

Log z virustotal.com
[log]Antivirus Version Last update Result
AhnLab-V3 2010.10.13.00 2010.10.12 -
AntiVir 7.10.12.193 2010.10.12 -
Antiy-AVL 2.0.3.7 2010.10.13 -
Authentium 5.2.0.5 2010.10.13 -
Avast 4.8.1351.0 2010.10.12 -
Avast5 5.0.594.0 2010.10.12 -
AVG 9.0.0.851 2010.10.12 -
BitDefender 7.2 2010.10.13 -
CAT-QuickHeal 11.00 2010.10.13 -
ClamAV 0.96.2.0-git 2010.10.12 -
Comodo 6372 2010.10.13 -
DrWeb 5.0.2.03300 2010.10.13 -
eSafe 7.0.17.0 2010.10.12 -
eTrust-Vet 36.1.7907 2010.10.12 -
F-Prot 4.6.2.117 2010.10.12 -
F-Secure 9.0.15370.0 2010.10.13 -
Fortinet 4.2.249.0 2010.10.12 -
GData 21 2010.10.13 -
Ikarus T3.1.1.90.0 2010.10.13 -
Jiangmin 13.0.900 2010.10.13 -
K7AntiVirus 9.65.2733 2010.10.12 -
McAfee 5.400.0.1158 2010.10.13 -
McAfee-GW-Edition 2010.1C 2010.10.12 -
Microsoft 1.6201 2010.10.12 -
NOD32 5525 2010.10.12 -
Norman 6.06.07 2010.10.12 -
nProtect 2010-10-12.01 2010.10.12 -
Panda 10.0.2.7 2010.10.12 -
PCTools 7.0.3.5 2010.10.13 -
Prevx 3.0 2010.10.13 -
Rising 22.69.01.04 2010.10.12 -
Sophos 4.58.0 2010.10.13 -
Sunbelt 7047 2010.10.13 -
SUPERAntiSpyware 4.40.0.1006 2010.10.13 -
Symantec 20101.2.0.161 2010.10.13 -
TheHacker 6.7.0.1.056 2010.10.13 -
TrendMicro 9.120.0.1004 2010.10.13 -
TrendMicro-HouseCall 9.120.0.1004 2010.10.13 -
VBA32 3.12.14.1 2010.10.12 -
ViRobot 2010.9.25.4060 2010.10.13 -
VirusBuster 12.67.14.0 2010.10.12 -
MD5: a6f91455c134194e473d5b201ea47e56
SHA1: 3d9483b140636b94d254f5eb5ea8b77079e0e321
SHA256: 61a7f0cbeb7ec0105b7347b6ca76826d7c13a1fbcdd43b73bd18e27bb93a09c4
File size: 75592 bytes
Scan date: 2010-10-13 05:49:26 (UTC)[/log]


Pytanie do Tomek01.[s] Te "Silent Runners oraz Gmer" to są jakieś programy czy pliki?[/s] I jak mam odinstalować sterownik sptd.sys?


Przepraszam za upierdliwość ale naprawdę w tych sprawach jestem totalny nieogar :(

[color="#FF0000"]EDIT[/color]
Już wiem co to ten GMER oraz Silent Runners. Ale jak mam odinstalować ten sterownik?

Sohei
komentarz
komentarz

http://www.jpshortstuff.247fixes.com/Defogger.exe ściagasz to odpalasz i klikasz disable

Arczi256
komentarz
komentarz

GMER
[log]GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2010-11-20 13:53:07
Windows 6.1.7600 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 FUJITSU_MHZ2320BH_G2 rev.8909
Running: nzql9pwo.exe; Driver: C:\Users\Artur\AppData\Local\Temp\awlyakod.sys


---- System - GMER 1.0.15 ----

Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0x90CC3BAE]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateSection [0x90CC39D2]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwLoadDriver [0x90CC3B0C]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) NtCreateSection
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwSaveKeyEx + 13AD 83046599 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 8306AF52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
PAGE ntkrnlpa.exe!ZwLoadDriver 831A4291 7 Bytes JMP 90CC3B10 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ObMakeTemporaryObject 8320BFBF 5 Bytes JMP 90CBF5D4 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ObInsertObject + 27 83225CF3 5 Bytes JMP 90CC1012 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!NtCreateSection 83233D63 7 Bytes JMP 90CC39D6 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ZwCreateProcessEx 832DDEAC 7 Bytes JMP 90CC3BB2 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1984] kernel32.dll!SetUnhandledExceptionFilter 76EA3162 4 Bytes [C2, 04, 00, 90] {RET 0x4; NOP }
.text d:\Program Files\PLAY ONLINE\PLAY ONLINE.exe[2984] USER32.dll!SetScrollRange 7680AE3C 5 Bytes JMP 0045B930 d:\Program Files\PLAY ONLINE\SkinMagicU.dll (SkinMagic Toolkit/Appspeed Inc.)
.text d:\Program Files\PLAY ONLINE\PLAY ONLINE.exe[2984] USER32.dll!GetSysColorBrush 76812949 5 Bytes JMP 0045BA20 d:\Program Files\PLAY ONLINE\SkinMagicU.dll (SkinMagic Toolkit/Appspeed Inc.)
.text d:\Program Files\PLAY ONLINE\PLAY ONLINE.exe[2984] USER32.dll!GetScrollInfo 76815151 7 Bytes JMP 0045B800 d:\Program Files\PLAY ONLINE\SkinMagicU.dll (SkinMagic Toolkit/Appspeed Inc.)
.text d:\Program Files\PLAY ONLINE\PLAY ONLINE.exe[2984] USER32.dll!SetScrollInfo 76816632 7 Bytes JMP 0045B8B0 d:\Program Files\PLAY ONLINE\SkinMagicU.dll (SkinMagic Toolkit/Appspeed Inc.)
.text d:\Program Files\PLAY ONLINE\PLAY ONLINE.exe[2984] USER32.dll!GetSysColor 7681FA99 5 Bytes JMP 0045B9C0 d:\Program Files\PLAY ONLINE\SkinMagicU.dll (SkinMagic Toolkit/Appspeed Inc.)
.text d:\Program Files\PLAY ONLINE\PLAY ONLINE.exe[2984] USER32.dll!GetScrollRange 76831B6C 1 Byte [E9]
.text d:\Program Files\PLAY ONLINE\PLAY ONLINE.exe[2984] USER32.dll!GetScrollRange 76831B6C 5 Bytes JMP 0045B870 d:\Program Files\PLAY ONLINE\SkinMagicU.dll (SkinMagic Toolkit/Appspeed Inc.)
.text d:\Program Files\PLAY ONLINE\PLAY ONLINE.exe[2984] USER32.dll!SetScrollPos 76831BD0 5 Bytes JMP 0045B8F0 d:\Program Files\PLAY ONLINE\SkinMagicU.dll (SkinMagic Toolkit/Appspeed Inc.)
.text d:\Program Files\PLAY ONLINE\PLAY ONLINE.exe[2984] USER32.dll!GetScrollPos 7683252B 5 Bytes JMP 0045B840 d:\Program Files\PLAY ONLINE\SkinMagicU.dll (SkinMagic Toolkit/Appspeed Inc.)
.text d:\Program Files\PLAY ONLINE\PLAY ONLINE.exe[2984] USER32.dll!EnableScrollBar 7683386D 7 Bytes JMP 0045B7C0 d:\Program Files\PLAY ONLINE\SkinMagicU.dll (SkinMagic Toolkit/Appspeed Inc.)
.text d:\Program Files\PLAY ONLINE\PLAY ONLINE.exe[2984] USER32.dll!ShowScrollBar 76835785 5 Bytes JMP 0045B980 d:\Program Files\PLAY ONLINE\SkinMagicU.dll (SkinMagic Toolkit/Appspeed Inc.)

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Windows\Explorer.EXE[1908] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [73AB2494] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1908] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [73A95624] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1908] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [73A956E2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1908] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [73AB250F] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1908] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [73AA8573] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1908] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [73AA4D27] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1908] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [73AA50CE] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1908] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [73AA51A3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1908] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromHBITMAP] [73AA66D0] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1908] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [73AA82CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1908] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [73AA8819] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1908] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [73AA907A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1908] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [73AAE21D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1908] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [73AA4C59] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Opera\opera.exe[3368] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [75095E25] C:\Windows\system32\apphelp.dll (Biblioteka klienta zgodności aplikacji/Microsoft Corporation)
IAT C:\Program Files\Opera\opera.exe[3368] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [75095E25] C:\Windows\system32\apphelp.dll (Biblioteka klienta zgodności aplikacji/Microsoft Corporation)
IAT C:\Program Files\Opera\opera.exe[3368] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [75095E25] C:\Windows\system32\apphelp.dll (Biblioteka klienta zgodności aplikacji/Microsoft Corporation)
IAT C:\Program Files\Opera\opera.exe[3368] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [75095E25] C:\Windows\system32\apphelp.dll (Biblioteka klienta zgodności aplikacji/Microsoft Corporation)
IAT C:\Program Files\Opera\opera.exe[3368] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [75095E25] C:\Windows\system32\apphelp.dll (Biblioteka klienta zgodności aplikacji/Microsoft Corporation)
IAT C:\Program Files\Opera\opera.exe[3368] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [75095E25] C:\Windows\system32\apphelp.dll (Biblioteka klienta zgodności aplikacji/Microsoft Corporation)
IAT C:\Program Files\Opera\opera.exe[3368] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [75095E25] C:\Windows\system32\apphelp.dll (Biblioteka klienta zgodności aplikacji/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (Aparat wykonawczy struktury sterowników trybu jądra/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (Aparat wykonawczy struktury sterowników trybu jądra/Microsoft Corporation)
AttachedDevice \Driver\tdx \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\tdx \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

Device \Driver\ACPI_HAL \Device\0000006c halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\002186b24436
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\002186b24436@0025484a9d1d 0x3C 0x44 0xD8 0x26 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\002186b24436@001fe4a51a74 0x69 0x3D 0x90 0x77 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\002186b24436@a87e3317b736 0x5C 0x36 0x0F 0x37 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\002186b24436@e0a67092ee78 0xB1 0xBA 0x2D 0xC9 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanServer\Linkage@Export ????????????????? ???????,?????????????????????????? ???????I6???????&??????????????????????????????????????{cfb92d42-e780-11df-bf92-001eeceb08c3}????????????? ???????USB?????? ??????????????????????????????N???????00????N?????????????????{8ECC055D-047F-11D1-A537-0000F8753ED1}?ens??? <??????t?????vic??avast! Network Shield Support???????????????????? ???????????????????u?,??????$????? ????????????????????o?????????des???????????3?????????ty ??????????? ???????????????????n????????0???????????????sog???\??\USB#VID_138A&PID_0001#5&106f631a&0&2#{a5dcbf10-6530-11d2-901f-00c04fb951ed}?????????????????????????????????????????????????????????????????????? ?????????????????????1????????????????????? ???????????????????n?1????????????????????????????????????oem4.inf:DeviceList.NTx86.5.1:DriverInstall_XP32:1.3.1.183:usb\vid_138a&pid_0001?????????n??????????????????? ?????????????????????1????????????????????? ?????????????????????1????????????????????????????????????????????????????????????? ?????????????????????1???
Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Linkage@Export ????6????????????????????/?/?/?/????????ewusbmdm.sys????????????????????? ??????????????-R??????????????????????????????????? ???????F??????????????????????????????x??????? ???W?I?????????????????????????????????????????????Z\??????????????FH??????????????FH??????????????NP??????????????VX??????????????????????????????pr??????????????XZ??????????????\^??????????????HJ??????????????bd??????????????bd??????????????@B??????????????HJ??????????????FH??????????????????????????????????????????????tv??????????????????????????????TV??????????????np??????????????02??????????????????????????????xz??????????????HJ??????????????????????????????HJ??????????????DF??????????????xz??????????????RT??????????????PR??????????????ln??????????????DF??????????????FH??????????????BD??????????????NP??????????????FH??????????????FH??????????????ln??????????????HJ??????????????`b??????????????`b??????????????FH??????????????jl??????????????HJ??????????????DF??????????????|~??????????????tv??????????????FH??????????????HJ?????????????
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xCD 0xEA 0xD9 0x63 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\002186b24436 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\002186b24436@0025484a9d1d 0x3C 0x44 0xD8 0x26 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\002186b24436@001fe4a51a74 0x69 0x3D 0x90 0x77 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\002186b24436@a87e3317b736 0x5C 0x36 0x0F 0x37 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\002186b24436@e0a67092ee78 0xB1 0xBA 0x2D 0xC9 ...
Reg HKLM\SYSTEM\ControlSet002\services\LanmanServer\Linkage@Export ???s?s???????e???e??????????????????????????LocalSystem?????????????????ms??System32\Drivers\ksecdd.sys??????????????????????????????????????????v??Samsung?????? ?????????????????????? ????????????t??????????????? ???????s???????????s?????????????? ???????????? ???????o?????t?????t??????????@?????????????"??t?????????e????@keyiso.dll,-100??????@??t????????h?????%SystemRoot%\system32\lsass.exe???????"??t?????????n????@keyiso.dll,-101????? ???s??????????????????????????????????????????????t????????t???????????????t???????????e??RpcSs????????t?t?t?t?t?t?s?t????? ???????t???????????s??????????????????????????????0????????????????????????????????????? ????????????????????????????????????????????????????????????t????? ???????o??????????????????????8???????????????}????????t???t???????l???????????????????r??tO??.NT?p6???????????????t?t?t??%SystemRoot%\system32\srvsvc.dll?????????????????????????????????z??????????71?????t?l???????????????/??????????????? ???????o??????????????????????:????????g?????????????????????
Reg HKLM\SYSTEM\ControlSet002\services\LanmanWorkstation\Linkage@Export ???t?l???????????????/??????????????? ???????o??????????????????????:????????g??????????????????????????g???*6to4mp??|???????????0?????????????????????????????????????????g ????? ??j??????p???????????????????????????????????Extended base?????<??t??????????????????Ne??? ???????o?????t?????t????????@?????????m?????$??t?????????e????@comres.dll,-2946????????t????????h?????%SystemRoot%\System32\svchost.exe -k NetworkServiceAndNoImpersonation?????$??t?????????n????@comres.dll,-2947???? 8??t??????????????NT AUTHORITY\NetworkService??????????????????????????????????????????????t?????????????? ????????????????t???????????e??RPCSS?SamSS???????,??t????????????????????????????????????2??t??????????????????SeChangeNotifyPrivilege?????? F??t???????????????t??? ???????????????????????????????????????????????????t?t?t?t?t?t?t?t?t?t?t?t????? ???????t???????????t????????,?F??? ???????????%systemroot%\system32\msdtckrm.dll????????"??t?????????n????KtmRmServiceMain????????????????????????????? ???????t???????????t?????????????
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xCD 0xEA 0xD9 0x63 ...

---- EOF - GMER 1.0.15 ----
[/log]

Silent Runners
[log]"Silent Runners.vbs", revision 63, http://www.silentrunners.org/
Operating System: Windows 7
Output limited to non-default values, except where indicated by "{++}"


Startup items buried in registry:
---------------------------------

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"Gadu-Gadu 10" = ""C:\Program Files\Gadu-Gadu 10\gg.exe"" ["GG Network S.A."]
"Sidebar" = "C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" [MS]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"SynTPEnh" = "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"avast5" = ""C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui" ["AVAST Software"]
"SysTrayApp" = "C:\Program Files\IDT\WDM\sttray.exe"
"SunJavaUpdateSched" = ""C:\Program Files\Common Files\Java\Java Update\jusched.exe"" ["Sun Microsystems, Inc."]
"Adobe Reader Speed Launcher" = ""C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"" ["Adobe Systems Incorporated"]
"Adobe ARM" = ""C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"" ["Adobe Systems Incorporated"]
"DpAgent" = "C:\Program Files\DigitalPersona\Bin\dpagent.exe" ["DigitalPersona, Inc."]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\(Default) = "AcroIEHelperStub"
-> {HKLM...CLSID} = "Adobe PDF Link Helper"
\InProcServer32\(Default) = "C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll" ["Adobe Systems Incorporated"]

{395610AE-C624-4f58-B89E-23733EA00F9A}\(Default) = "DigitalPersona Personal Extension"
-> {HKLM...CLSID} = "DigitalPersona Personal Extension"
\InProcServer32\(Default) = "C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll" ["DigitalPersona, Inc."]

{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\(Default) = "SkypeIEPluginBHO"
-> {HKLM...CLSID} = "Skype Plug-In"
\InProcServer32\(Default) = "C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll" ["Skype Technologies S.A."]

{DBC80044-A445-435b-BC74-9C25C1C588A9}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Java(tm) Plug-In 2 SSV Helper"
\InProcServer32\(Default) = "C:\Program Files\Java\jre6\bin\jp2ssv.dll" ["Sun Microsystems, Inc."]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\

"{2F603045-309F-11CF-9774-0020AFD0CFF6}" = "Synaptics Control Panel"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\Synaptics\SynTP\SynTPCpl.dll" ["Synaptics Incorporated"]

"{A70C977A-BF00-412C-90B7-034C51DA2439}" = "NvCpl DesktopContext Class"
-> {HKLM...CLSID} = "DesktopContext Class"
\InProcServer32\(Default) = "C:\Program Files\NVIDIA Corporation\Display\nvui.dll" ["NVIDIA Corporation"]

"{3D1975AF-48C6-4f8e-A182-BE0E08FA86A9}" = "NVIDIA Play On My TV Context Menu Extension"
-> {HKLM...CLSID} = "NVIDIA CPL Context Menu Extension"
\InProcServer32\(Default) = "C:\Windows\system32\nvshext.dll" ["NVIDIA Corporation"]

"{472083B0-C522-11CF-8763-00608CC02F24}" = "avast"
-> {HKLM...CLSID} = "avast"
\InProcServer32\(Default) = "C:\Program Files\Alwil Software\Avast5\ashShell.dll" ["AVAST Software"]

"{23170F69-40C1-278A-1000-000100020000}" = "7-Zip Shell Extension"
-> {HKLM...CLSID} = "7-Zip Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\7-Zip\7-zip.dll" ["Igor Pavlov"]

"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "D:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"]

"{00020D75-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Desktop Icon Handler"
-> {HKLM...CLSID} = "Microsoft Office Outlook"
\InProcServer32\(Default) = "C:\PROGRA~1\Microsoft Office\OFFICE11\MLSHEXT.DLL" [MS]

"{0006F045-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Custom Icon Handler"
-> {HKLM...CLSID} = "Rozszerzenie ikon plików programu Outlook"
\InProcServer32\(Default) = "C:\PROGRA~1\Microsoft Office\OFFICE11\OLKFSTUB.DLL" [MS]

"{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\OFFICE11\msohev.dll" [MS]

HKLM\SYSTEM\CurrentControlSet\Control\Lsa\
<<!>> "Notification Packages" = "scecli"|"DPPWDFLT"

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Provider Filters\

{FD2AB138-F9A8-4ab6-9095-EEE7AF8B6C28}\(Default) = "DigitalPersona Credential Provider Filter"
-> {HKLM...CLSID} = "ProvFilter Class"
\InProcServer32\(Default) = "C:\Windows\system32\DPCrProv.dll" ["DigitalPersona, Inc."]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\

{02AA8B83-49C5-482C-915A-B6824F665CCD}\(Default) = "DigitalPersona Kiosk Credential Provider"
-> {HKLM...CLSID} = "KioskProv Class"
\InProcServer32\(Default) = "C:\Windows\system32\DPCrProv.dll" ["DigitalPersona, Inc."]

{2A16DF2F-490B-4F2B-8C68-21EF46FCCC37}\(Default) = "DigitalPersona Password Credential Provider"
-> {HKLM...CLSID} = "PswWrapProv Class"
\InProcServer32\(Default) = "C:\Windows\system32\DPCrProv.dll" ["DigitalPersona, Inc."]

{3ADC7042-51AF-4D0F-BD1D-4D6965A77323}\(Default) = "DigitalPersona Fingerprint Credential Provider"
-> {HKLM...CLSID} = "FingerProv Class"
\InProcServer32\(Default) = "C:\Windows\system32\DPCrProv.dll" ["DigitalPersona, Inc."]

{70099717-17C8-4BD0-B3D4-FAF721AB1A62}\(Default) = "DigitalPersona Smartcard Credential Provider"
-> {HKLM...CLSID} = "SCardWrapProv Class"
\InProcServer32\(Default) = "C:\Windows\system32\DPCrProv.dll" ["DigitalPersona, Inc."]

HKLM\SOFTWARE\Classes\PROTOCOLS\Filter\

<<!>> text/xml\CLSID = "{807553E5-5146-11D5-A672-00B0D022E945}"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL" [MS]

HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\

<<!>> ms-itss\CLSID = "{0A9007C0-4076-11D3-8789-0000F8105754}"
-> {HKLM...CLSID} = "Microsoft Infotech Storage Protocol for IE 4.0"
\InProcServer32\(Default) = "C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL" [MS]

<<!>> mso-offdap\CLSID = "{3D9F03FA-7A94-11D3-BE81-0050048385D1}"
-> {HKLM...CLSID} = "Data Page Pluggable Protocol mso-offdap Handler"
\InProcServer32\(Default) = "C:\PROGRA~1\COMMON~1\MICROS~1\Web Components\10\OWC10.DLL" [MS]

<<!>> mso-offdap11\CLSID = "{32505114-5902-49B2-880A-1F7738E5A384}"
-> {HKLM...CLSID} = "Data Page Plugable Protocal mso-offdap11 Handler"
\InProcServer32\(Default) = "C:\PROGRA~1\COMMON~1\MICROS~1\Web Components\11\OWC11.DLL" [MS]

<<!>> skype-ie-addon-data\CLSID = "{91774881-D725-4E58-B298-07617B9B86A8}"
-> {HKLM...CLSID} = "Skype IE add-on Pluggable Protocol"
\InProcServer32\(Default) = "C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll" ["Skype Technologies S.A."]

<<!>> skype4com\CLSID = "{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}"
-> {HKLM...CLSID} = "IEProtocolHandler Class"
\InProcServer32\(Default) = "C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll" ["Skype Technologies"]

HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\

7-Zip\(Default) = "{23170F69-40C1-278A-1000-000100020000}"
-> {HKLM...CLSID} = "7-Zip Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\7-Zip\7-zip.dll" ["Igor Pavlov"]

avast\(Default) = "{472083B0-C522-11CF-8763-00608CC02F24}"
-> {HKLM...CLSID} = "avast"
\InProcServer32\(Default) = "C:\Program Files\Alwil Software\Avast5\ashShell.dll" ["AVAST Software"]

WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "D:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"]

HKLM\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\

MBAMShlExt\(Default) = "{57CE581A-0CB6-4266-9CA0-19364C90A0B3}"
-> {HKLM...CLSID} = "MBAMShlExt Class"
\InProcServer32\(Default) = "C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll" ["Malwarebytes Corporation"]

HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\

7-Zip\(Default) = "{23170F69-40C1-278A-1000-000100020000}"
-> {HKLM...CLSID} = "7-Zip Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\7-Zip\7-zip.dll" ["Igor Pavlov"]

WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "D:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"]

HKLM\SOFTWARE\Classes\Directory\shellex\DragDropHandlers\

7-Zip\(Default) = "{23170F69-40C1-278A-1000-000100020000}"
-> {HKLM...CLSID} = "7-Zip Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\7-Zip\7-zip.dll" ["Igor Pavlov"]

WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "D:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"]

HKLM\SOFTWARE\Classes\Directory\Background\shellex\ContextMenuHandlers\

NvCplDesktopContext\(Default) = "{3D1975AF-48C6-4f8e-A182-BE0E08FA86A9}"
-> {HKLM...CLSID} = "NVIDIA CPL Context Menu Extension"
\InProcServer32\(Default) = "C:\Windows\system32\nvshext.dll" ["NVIDIA Corporation"]

HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\

{F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = "PDF Column Info"
-> {HKLM...CLSID} = "PDF Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll" ["Adobe Systems, Inc."]

HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\

avast\(Default) = "{472083B0-C522-11CF-8763-00608CC02F24}"
-> {HKLM...CLSID} = "avast"
\InProcServer32\(Default) = "C:\Program Files\Alwil Software\Avast5\ashShell.dll" ["AVAST Software"]

MBAMShlExt\(Default) = "{57CE581A-0CB6-4266-9CA0-19364C90A0B3}"
-> {HKLM...CLSID} = "MBAMShlExt Class"
\InProcServer32\(Default) = "C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll" ["Malwarebytes Corporation"]

WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "D:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"]

HKLM\SOFTWARE\Classes\Folder\shellex\DragDropHandlers\

WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "D:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"]


Group Policies {GPedit.msc branch and setting}:
-----------------------------------------------

Note: detected settings may not have any effect.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\

"ConsentPromptBehaviorAdmin" = (REG_DWORD) dword:0x00000000
{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|
User Account Control: Behavior Of The Elevation Prompt For Administrators In Admin Approval Mode}

"EnableLUA" = (REG_DWORD) dword:0x00000000
{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|
User Account Control: Run All Administrators In Admin Approval Mode}

"PromptOnSecureDesktop" = (REG_DWORD) dword:0x00000000
{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|
User Account Control: Switch to the secure desktop when prompting for elevation}


Active Desktop and Wallpaper:
-----------------------------

Active Desktop may be disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState

Displayed if Active Desktop disabled and wallpaper not set by Group Policy:
HKCU\Control Panel\Desktop\
"Wallpaper" = "C:\Users\Artur\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg"


Windows Portable Device AutoPlay Handlers
-----------------------------------------

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\

ImgBurnBDBurningOnArrival_BuildImage\
"Provider" = "ImgBurn"
"InvokeProgID" = "ImgBurn.AutoPlay.1"
"InvokeVerb" = "HandleBDBurningOnArrival_BuildImage"
HKLM\SOFTWARE\Classes\ImgBurn.AutoPlay.1\shell\HandleBDBurningOnArrival_BuildImage\command\(Default) = ""C:\Program Files\ImgBurn\ImgBurn.exe" /MODE BUILD /OUTPUTMODE DEVICE /DEST "%1"" ["LIGHTNING UK!"]

ImgBurnBDBurningOnArrival_BurnImage\
"Provider" = "ImgBurn"
"InvokeProgID" = "ImgBurn.AutoPlay.1"
"InvokeVerb" = "HandleBDBurningOnArrival_BurnImage"
HKLM\SOFTWARE\Classes\ImgBurn.AutoPlay.1\shell\HandleBDBurningOnArrival_BurnImage\command\(Default) = ""C:\Program Files\ImgBurn\ImgBurn.exe" /MODE WRITE /DEST "%1"" ["LIGHTNING UK!"]

ImgBurnCDBurningOnArrival_BuildImage\
"Provider" = "ImgBurn"
"InvokeProgID" = "ImgBurn.AutoPlay.1"
"InvokeVerb" = "HandleCDBurningOnArrival_BuildImage"
HKLM\SOFTWARE\Classes\ImgBurn.AutoPlay.1\shell\HandleCDBurningOnArrival_BuildImage\command\(Default) = ""C:\Program Files\ImgBurn\ImgBurn.exe" /MODE BUILD /OUTPUTMODE DEVICE /DEST "%1"" ["LIGHTNING UK!"]

ImgBurnCDBurningOnArrival_BurnImage\
"Provider" = "ImgBurn"
"InvokeProgID" = "ImgBurn.AutoPlay.1"
"InvokeVerb" = "HandleCDBurningOnArrival_BurnImage"
HKLM\SOFTWARE\Classes\ImgBurn.AutoPlay.1\shell\HandleCDBurningOnArrival_BurnImage\command\(Default) = ""C:\Program Files\ImgBurn\ImgBurn.exe" /MODE WRITE /DEST "%1"" ["LIGHTNING UK!"]

ImgBurnDVDBurningOnArrival_BuildImage\
"Provider" = "ImgBurn"
"InvokeProgID" = "ImgBurn.AutoPlay.1"
"InvokeVerb" = "HandleDVDBurningOnArrival_BuildImage"
HKLM\SOFTWARE\Classes\ImgBurn.AutoPlay.1\shell\HandleDVDBurningOnArrival_BuildImage\command\(Default) = ""C:\Program Files\ImgBurn\ImgBurn.exe" /MODE BUILD /OUTPUTMODE DEVICE /DEST "%1"" ["LIGHTNING UK!"]

ImgBurnDVDBurningOnArrival_BurnImage\
"Provider" = "ImgBurn"
"InvokeProgID" = "ImgBurn.AutoPlay.1"
"InvokeVerb" = "HandleDVDBurningOnArrival_BurnImage"
HKLM\SOFTWARE\Classes\ImgBurn.AutoPlay.1\shell\HandleDVDBurningOnArrival_BurnImage\command\(Default) = ""C:\Program Files\ImgBurn\ImgBurn.exe" /MODE WRITE /DEST "%1"" ["LIGHTNING UK!"]

ImgBurnHDDVDBurningOnArrival_BuildImage\
"Provider" = "ImgBurn"
"InvokeProgID" = "ImgBurn.AutoPlay.1"
"InvokeVerb" = "HandleHDDVDBurningOnArrival_BuildImage"
HKLM\SOFTWARE\Classes\ImgBurn.AutoPlay.1\shell\HandleHDDVDBurningOnArrival_BuildImage\command\(Default) = ""C:\Program Files\ImgBurn\ImgBurn.exe" /MODE BUILD /OUTPUTMODE DEVICE /DEST "%1"" ["LIGHTNING UK!"]

ImgBurnHDDVDBurningOnArrival_BurnImage\
"Provider" = "ImgBurn"
"InvokeProgID" = "ImgBurn.AutoPlay.1"
"InvokeVerb" = "HandleHDDVDBurningOnArrival_BurnImage"
HKLM\SOFTWARE\Classes\ImgBurn.AutoPlay.1\shell\HandleHDDVDBurningOnArrival_BurnImage\command\(Default) = ""C:\Program Files\ImgBurn\ImgBurn.exe" /MODE WRITE /DEST "%1"" ["LIGHTNING UK!"]

ImgBurnPlayBluRayOnArrival_ReadDisc\
"Provider" = "ImgBurn"
"InvokeProgID" = "ImgBurn.AutoPlay.1"
"InvokeVerb" = "PlayBluRayOnArrival_ReadDisc"
HKLM\SOFTWARE\Classes\ImgBurn.AutoPlay.1\shell\PlayBluRayOnArrival_ReadDisc\command\(Default) = ""C:\Program Files\ImgBurn\ImgBurn.exe" /MODE READ /SRC "%1"" ["LIGHTNING UK!"]

ImgBurnPlayCDAudioOnArrival_ReadDisc\
"Provider" = "ImgBurn"
"InvokeProgID" = "ImgBurn.AutoPlay.1"
"InvokeVerb" = "PlayCDAudioOnArrival_ReadDisc"
HKLM\SOFTWARE\Classes\ImgBurn.AutoPlay.1\shell\PlayCDAudioOnArrival_ReadDisc\command\(Default) = ""C:\Program Files\ImgBurn\ImgBurn.exe" /MODE READ /SRC "%1"" ["LIGHTNING UK!"]

ImgBurnPlayDVDMovieOnArrival_ReadDisc\
"Provider" = "ImgBurn"
"InvokeProgID" = "ImgBurn.AutoPlay.1"
"InvokeVerb" = "PlayDVDMovieOnArrival_ReadDisc"
HKLM\SOFTWARE\Classes\ImgBurn.AutoPlay.1\shell\PlayDVDMovieOnArrival_ReadDisc\command\(Default) = ""C:\Program Files\ImgBurn\ImgBurn.exe" /MODE READ /SRC "%1"" ["LIGHTNING UK!"]

ImgBurnPlayHDDVDOnArrival_ReadDisc\
"Provider" = "ImgBurn"
"InvokeProgID" = "ImgBurn.AutoPlay.1"
"InvokeVerb" = "PlayHDDVDOnArrival_ReadDisc"
HKLM\SOFTWARE\Classes\ImgBurn.AutoPlay.1\shell\PlayHDDVDOnArrival_ReadDisc\command\(Default) = ""C:\Program Files\ImgBurn\ImgBurn.exe" /MODE READ /SRC "%1"" ["LIGHTNING UK!"]

WIA_{2B979F3C-A163-49C0-93D9-C69C9C0AAEEF}\
"Provider" = "Microsoft Office Document Scanning"
"CLSID" = "{A55803CC-4D53-404c-8557-FD63DBA95D24}"
"InitCmdLine" = "/WiaCmd;C:\Program Files\Common Files\Microsoft Shared\MODI\11.0\MSPSCAN.EXE;"
-> {HKLM...CLSID} = "WPDShextAutoplay"
\LocalServer32\(Default) = "C:\Windows\system32\WPDShextAutoplay.exe" [MS]

WIA_{6218E8F6-5B01-4369-BEDC-63BCFD6DF7E9}\
"Provider" = "Microsoft Office Word"
"CLSID" = "{A55803CC-4D53-404c-8557-FD63DBA95D24}"
"InitCmdLine" = "/WiaCmd;C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE /IMG_WIA;"
-> {HKLM...CLSID} = "WPDShextAutoplay"
\LocalServer32\(Default) = "C:\Windows\system32\WPDShextAutoplay.exe" [MS]


Windows Sidebar Gadgets:
------------------------

C:\Users\Artur\AppData\Local\Microsoft\Windows Sidebar\Settings.ini
"C:%5CUsers%5CArtur%5CAppData%5CLocal%5CMicrosoft%5CWindows%20Sidebar%5CGadgets%5CSystemMonitorII.gadget"
"C:%5CUsers%5CArtur%5CAppData%5CLocal%5CMicrosoft%5CWindows%20Sidebar%5CGadgets%5CGPUMonitor.gadget"


Non-disabled Scheduled Tasks:
-----------------------------

C:\Windows\System32\Tasks
"COMODO Updater" -> launches: "C:\Program Files\COMODO\COMODO System-Cleaner\Updater.exe" ["COMODO Security Solutions, Inc."]
"CreateChoiceProcessTask" -> launches: "C:\Windows\System32\browserchoice.exe /launch" [MS]
"SidebarExecute" -> launches: "C:\Program Files\Windows Sidebar\sidebar.exe /stopHidingGadgets" [MS]
"{DC334530-F645-4D39-9CF2-F3892DE07E3D}" -> launches: "C:\Program Files\Skype\\Phone\Skype.exe" ["Skype Technologies S.A."]

C:\Windows\System32\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client
"AD RMS Rights Policy Template Management (Manual)" -> launches: "{BF5CB148-7C77-4d8a-A53E-D81C70CF743C}"
-> {HKLM...CLSID} = "AD RMS Rights Policy Template Management (Manual) Task Handler"
\InProcServer32\(Default) = "C:\Windows\system32\msdrm.dll" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Application Experience
"AitAgent" -> launches: "aitagent" [MS]
"ProgramDataUpdater" -> launches: "%windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Autochk
"Proxy" -> launches: "%windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Bluetooth
"UninstallDeviceTask" -> launches: "BthUdTask.exe $(Arg0)" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\CertificateServicesClient
"SystemTask" -> launches: "{58fb76b9-ac85-4e55-ac04-427593b1d060}"
-> {HKLM...CLSID} = "Certificate Services Client Task Handler"
\InProcServer32\(Default) = "C:\Windows\system32\dimsjob.dll" [MS]
"UserTask" -> launches: "{58fb76b9-ac85-4e55-ac04-427593b1d060}"
-> {HKLM...CLSID} = "Certificate Services Client Task Handler"
\InProcServer32\(Default) = "C:\Windows\system32\dimsjob.dll" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program
"Consolidator" -> launches: "%SystemRoot%\System32\wsqmcons.exe" [MS]
"KernelCeipTask" -> (HIDDEN!) launches: "{e7ed314f-2816-4c26-aeb5-54a34d02404c}"
-> {HKLM...CLSID} = "KernelCeipCustomHandler"
\InProcServer32\(Default) = "C:\Windows\System32\kernelceip.dll" [MS]
"UsbCeip" -> (HIDDEN!) launches: "{c27f6b1d-fe0b-45e4-9257-38799fa69bc8}"
-> {HKLM...CLSID} = "UsbCeip"
\InProcServer32\(Default) = "C:\Windows\System32\usbceip.dll" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Defrag
"ScheduledDefrag" -> launches: "%windir%\system32\defrag.exe -c" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Diagnosis
"Scheduled" -> (HIDDEN!) launches: "{c1f85ef8-bcc2-4606-bb39-70c523715eb3}"
-> {HKLM...CLSID} = "ScheduledDiagnosticCustomHandler"
\InProcServer32\(Default) = "C:\Windows\System32\sdiagschd.dll" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Location
"Notifications" -> launches: "%windir%\System32\LocationNotifications.exe" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Maintenance
"WinSAT" -> launches: "{A9A33436-678B-4C9C-A211-7CC38785E79D}"
-> {HKLM...CLSID} = "WinSAT Task Manger Task"
\InProcServer32\(Default) = "C:\Windows\system32\WinSATAPI.dll" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Media Center
"ActivateWindowsSearch" -> launches: "%SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch" [MS]
"ConfigureInternetTimeService" -> launches: "%SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService" [MS]
"DispatchRecoveryTasks" -> launches: "%SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)" [MS]
"ehDRMInit" -> launches: "%SystemRoot%\ehome\ehPrivJob.exe /DRMInit" [MS]
"InstallPlayReady" -> launches: "%SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)" [MS]
"mcupdate" -> launches: "%SystemRoot%\ehome\mcupdate $(Arg0)" [MS]
"MediaCenterRecoveryTask" -> launches: "%SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask" [MS]
"ObjectStoreRecoveryTask" -> launches: "%SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask" [MS]
"OCURActivate" -> launches: "%SystemRoot%\ehome\ehPrivJob.exe /OCURActivate" [MS]
"OCURDiscovery" -> launches: "%SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)" [MS]
"PBDADiscovery" -> launches: "%SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery" [MS]
"PBDADiscoveryW1" -> launches: "%SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery" [MS]
"PBDADiscoveryW2" -> launches: "%SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery" [MS]
"PvrRecoveryTask" -> launches: "%SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask" [MS]
"PvrScheduleTask" -> launches: "%SystemRoot%\ehome\mcupdate.exe -PvrSchedule" [MS]
"RegisterSearch" -> launches: "%SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)" [MS]
"ReindexSearchRoot" -> launches: "%SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot" [MS]
"SqlLiteRecoveryTask" -> launches: "%SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask" [MS]
"UpdateRecordPath" -> launches: "%SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\MemoryDiagnostic
"CorruptionDetector" -> (HIDDEN!) launches: "{190BA3F6-0205-4f46-B589-95C6822899D2}"
-> {HKLM...CLSID} = "MemoryDiagnosticCustomHandler"
\InProcServer32\(Default) = "C:\Windows\System32\memdiag.dll" [MS]
"DecompressionFailureDetector" -> (HIDDEN!) launches: "{190BA3F6-0205-4f46-B589-95C6822899D2}"
-> {HKLM...CLSID} = "MemoryDiagnosticCustomHandler"
\InProcServer32\(Default) = "C:\Windows\System32\memdiag.dll" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\MobilePC
"HotStart" -> launches: "{06DA0625-9701-43da-BFD7-FBEEA2180A1E}"
-> {HKLM...CLSID} = "HotStart User Agent"
\InProcServer32\(Default) = "C:\Windows\System32\HotStartUserAgent.dll" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\MUI
"LPRemove" -> launches: "%windir%\system32\lpremove.exe" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Multimedia
"SystemSoundsService" -> launches: "{2DEA658F-54C1-4227-AF9B-260AB5FC3543}"
-> {HKLM...CLSID} = "Microsoft PlaySoundService Class"
\InProcServer32\(Default) = "C:\Windows\System32\PlaySndSrv.dll" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\NetTrace
"GatherNetworkInfo" -> launches: "%windir%\system32\gatherNetworkInfo.vbs" [null data]

C:\Windows\System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics
"AnalyzeSystem" -> launches: "%SystemRoot%\System32\powercfg.exe -energy -auto" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\RAC
"RacTask" -> (HIDDEN!) launches: "{42060D27-CA53-41f5-96E4-B1E8169308A6}"
-> {HKLM...CLSID} = "ReliabilityAnalysisCustomHandler"
\InProcServer32\(Default) = "C:\Windows\system32\RacEngn.dll" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Ras
"MobilityManager" -> launches: "{c463a0fc-794f-4fdf-9201-01938ceacafa}"
-> {HKLM...CLSID} = "RasMobilityManager"
\InProcServer32\(Default) = "C:\Windows\system32\rasmbmgr.dll" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Registry
"RegIdleBackup" -> (HIDDEN!) launches: "{ca767aa8-9157-4604-b64b-40747123d5f2}"
-> {HKLM...CLSID} = "RegistryIdleBackupHandler"
\InProcServer32\(Default) = "C:\Windows\System32\regidle.dll" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\RemoteAssistance
"RemoteAssistanceTask" -> (HIDDEN!) launches: "%windir%\system32\RAServer.exe /offerraupdate" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\SideShow
"GadgetManager" -> launches: "{FF87090D-4A9A-4f47-879B-29A80C355D61}"
-> {HKLM...CLSID} = "GadgetsManager Class"
\InProcServer32\(Default) = "C:\Windows\System32\AuxiliaryDisplayServices.dll" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\SystemRestore
"SR" -> launches: "%windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Task Manager
"Interactive" -> (HIDDEN!) launches: "{855fec53-d2e4-4999-9e87-3414e9cf0ff4}"
-> {HKLM...CLSID} = "RunTask"
\InProcServer32\(Default) = "C:\Windows\system32\wdc.dll" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Tcpip
"IpAddressConflict1" -> launches: "%windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem" [MS]
"IpAddressConflict2" -> launches: "%windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\TextServicesFramework
"MsCtfMonitor" -> (HIDDEN!) launches: "{01575cfe-9a55-4003-a5e1-f38d1ebdcbe1}"
-> {HKLM...CLSID} = "MsCtfMonitor task handler"
\InProcServer32\(Default) = "C:\Windows\system32\MsCtfMonitor.dll" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Time Synchronization
"SynchronizeTime" -> launches: "%windir%\system32\sc.exe start w32time task_started" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\UPnP
"UPnPHostConfig" -> launches: "sc.exe config upnphost start= auto" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\WDI
"ResolutionHost" -> (HIDDEN!) launches: "{900be39d-6be8-461a-bc4d-b0fa71f5ecb1}"
-> {HKLM...CLSID} = "DiagnosticInfrastructureCustomHandler"
\InProcServer32\(Default) = "C:\Windows\System32\wdi.dll" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Windows Activation Technologies
"ValidationTask" -> (HIDDEN!) launches: "%SystemRoot%\system32\Wat\WatAdminSvc.exe /run" [MS]
"ValidationTaskDeadline" -> (HIDDEN!) launches: "%SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Windows Error Reporting
"QueueReporting" -> launches: "%windir%\system32\wermgr.exe -queuereporting" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Windows Filtering Platform
"BfeOnServiceStartTypeChange" -> (HIDDEN!) launches: "%windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Windows Media Sharing
"UpdateLibrary" -> launches: ""%ProgramFiles%\Windows Media Player\wmpnscfg.exe"" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\WindowsBackup
"ConfigNotification" -> launches: "%systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows Defender
"MP Scheduled Scan" -> (HIDDEN!) launches: "c:\program files\windows defender\MpCmdRun.exe Scan -ScheduleJob -WinTask -RestrictPrivilegesScan" [MS]
"MpIdleTask" -> (HIDDEN!) launches: "c:\program files\windows defender\MpCmdRun.exe -IdleTask -TaskName MpIdleTask" [MS]

C:\Windows\System32\Tasks\WPD
"SqmUpload_S-1-5-21-3800391445-3349888462-4249771307-1000" -> (HIDDEN!) launches: "%windir%\system32\rundll32.exe portabledeviceapi.dll,#1" [MS]


Winsock2 Service Provider DLLs:
-------------------------------

Namespace Service Providers

HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = "%SystemRoot%\system32\NLAapi.dll" [MS]
000000000002\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000003\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]
000000000004\LibraryPath = "%SystemRoot%\system32\napinsp.dll" [MS]
000000000005\LibraryPath = "%SystemRoot%\system32\pnrpnsp.dll" [MS]
000000000006\LibraryPath = "%SystemRoot%\system32\pnrpnsp.dll" [MS]
000000000007\LibraryPath = "%SystemRoot%\system32\wshbth.dll" [MS]

Transport Service Providers

HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
000000000###\PackedCatalogItem (contains) DLL [Company Name], (at) ### range:
%SystemRoot%\system32\mswsock.dll [MS], 01 - 101


Toolbars, Explorer Bars, Extensions:
------------------------------------

Toolbars

HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\

"{32099AAC-C132-4136-9E9A-4E364A424E17}"
-> {HKLM...CLSID} = "DAEMON Tools Toolbar"
\InProcServer32\(Default) = "C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll" [null data]

HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\
"{32099AAC-C132-4136-9E9A-4E364A424E17}" = (no title provided)
-> {HKLM...CLSID} = "DAEMON Tools Toolbar"
\InProcServer32\(Default) = "C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll" [null data]

Explorer Bars

HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\

HKLM\SOFTWARE\Classes\CLSID\{FF059E31-CC5A-4E2E-BF3B-96E929D65503}\(Default) = "&Badanie"
Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar]
InProcServer32\(Default) = "C:\PROGRA~1\Microsoft Office\OFFICE11\REFIEBAR.DLL" [MS]

Extensions (Tools menu items, main toolbar menu buttons)

HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\
{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\
"ButtonText" = "Skype Plug-In"
"MenuText" = "Skype Plug-In"
"CLSIDExtension" = "{898EA8C8-E7FF-479B-8935-AEC46303B9E5}"
-> {HKLM...CLSID} = "Skype Browser Helper"
\InProcServer32\(Default) = "C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll" ["Skype Technologies S.A."]

{92780B25-18CC-41C8-B9BE-3C9C571A8263}\
"ButtonText" = "Badanie"


Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------

Akamai NetSession Interface, Akamai, "C:\Windows\System32\svchost.exe -k Akamai" {"C:/Program Files/Common Files/Akamai/netsession_win_4176eef.dll" [null data]}
Andrea ST Filters Service, AESTFilters, "C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\aestsrv.exe" ["Andrea Electronics Corporation"]
Audio Service, STacSV, "C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\STacSV.exe" ["IDT, Inc."]
avast! Antivirus, avast! Antivirus, ""C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"" ["AVAST Software"]
avast! Mail Scanner, avast! Mail Scanner, ""C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"" ["AVAST Software"]
avast! Web Scanner, avast! Web Scanner, ""C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"" ["AVAST Software"]
Biometric Authentication Service, DpHost, "C:\Program Files\DigitalPersona\Bin\DpHostW.exe" ["DigitalPersona, Inc."]
COMODO System - Cleaner Service, Cleaner_Validator, "C:\Program Files\COMODO\COMODO System-Cleaner\Cleaner_Validator.exe" [null data]
DCService.exe, DCService.exe, "C:\ProgramData\DatacardService\DCService.exe" [null data]
Machine Debug Manager, MDM, ""C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"" [MS]
NVIDIA Display Driver Service, nvsvc, "C:\Windows\system32\nvvsvc.exe" ["NVIDIA Corporation"]
PnkBstrA, PnkBstrA, "C:\Windows\system32\PnkBstrA.exe" [null data]
Validity Fingerprint Service, vfsFPService, "c:\Windows\system32\vfsFPService.exe" ["Validity Sensors, Inc."]


Print Monitors:
---------------

HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors\
Microsoft Document Imaging Writer Monitor\Driver = "mdimon.dll" [MS]
SSE1M Langmon\Driver = "sse1ml3.dll" [empty string]


---------- (launch time: 2010-11-20 13:54:49)
<<!>>: Suspicious data at a malware launch point.

+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
+ To search all directories of local fixed drives for DESKTOP.INI
DLL launch points, use the -supp parameter or answer "No" at the
first message box and "Yes" at the second message box.
---------- (total run time: 60 seconds, including 10 seconds for message boxes)
[/log]

Da się cokolwiek z tego wywnioskować? :)

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.