hyper1pl utworzono 8 lutego 2011 utworzono 8 lutego 2011 (edytowane) Witam, jakiś czas temu przez nieuwagę zezwoliłem komputerowi zainstalować jakieś dziwne oprogramowanie. Od tamtej pory co 2 sec pojawia mi się komunikat z zapytaniem "595.exe prosi o Twoje pozwolenie", jako że teraz stałem się ostrożniejszy to nie zezwalam. Ale w tym problem, że przy każdym kliknięciu przycisku "Anuluj" (nie zezwalam)pojawia się ponownie okienko z tym zapytaniem. Po godzinie męczenia się z tym kliknąłem zezwalaj i antywirus dopiero w tym momencie wykrył wirusa. Oczywiście skasowałem go, zrestartowałem komputer, zeskanowałem kompa na wszelki wypadek i wszedłem do internetu. Po kliknięciu dwuklikiem w ikonkę Mozilli ponownie zaczęło wyskakiwać mi zapytanie. Jakimś cudem udało mi się to zminimalizować, ale zaczyna mnie drażnić to "migające" okienko. Wie ktoś może co zrobić z tym czymś? Bardzo proszę o pomoc PS. Antywirus - Microsoft Security Essentials, Firewall - Outpost Firewall 2009 PS2. W tej chwili migają mi 3 okienka, o zezwolenie proszą: 595.exe, 914.exe, 7976.exe
Tomek01 komentarz 8 lutego 2011 komentarz 8 lutego 2011 Przeczytaj poniższe info i wstaw zestaw logów OTL i RSIT wklejając je w tagi.[log]
hyper1pl komentarz 10 lutego 2011 Autor komentarz 10 lutego 2011 Przepraszam za nieuwagę, oto one: OTL: [log]OTL logfile created on: 2011-02-10 15:05:34 - Run 3 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\kamil\Documents\52\otl Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 26,00% Memory free 4,00 Gb Paging File | 2,00 Gb Available in Paging File | 56,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 69,05 Gb Total Space | 6,46 Gb Free Space | 9,36% Space Free | Partition Type: NTFS Drive D: | 70,00 Gb Total Space | 10,40 Gb Free Space | 14,85% Space Free | Partition Type: NTFS Drive E: | 64,21 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: KAMIL-DOM | User Name: kamil | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2011-02-10 15:03:13 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\kamil\Documents\52\otl\OTL.exe PRC - [2011-02-01 19:17:14 | 000,110,614 | ---- | M] () -- C:\Users\kamil\AppData\Local\inetserv.exe PRC - [2010-12-10 22:00:19 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe PRC - [2010-12-10 22:00:17 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010-11-30 13:20:36 | 000,997,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe PRC - [2010-11-11 12:26:42 | 000,206,360 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe PRC - [2010-11-11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe PRC - [2010-11-05 01:53:47 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe PRC - [2010-08-17 14:32:33 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe PRC - [2010-05-31 16:47:31 | 000,107,832 | ---- | M] () -- C:\Windows\System32\PnkBstrB.exe PRC - [2010-05-31 16:47:24 | 000,066,872 | ---- | M] () -- C:\Windows\System32\PnkBstrA.exe PRC - [2009-08-07 03:24:04 | 000,053,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuauclt.exe PRC - [2009-06-15 13:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe PRC - [2009-02-25 08:28:20 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe PRC - [2008-11-24 21:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe PRC - [2008-11-24 21:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe PRC - [2008-10-29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008-06-08 23:23:00 | 000,196,608 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe PRC - [2008-05-23 06:11:56 | 000,819,200 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe PRC - [2008-05-23 05:43:52 | 000,466,944 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe PRC - [2008-05-22 09:33:54 | 000,688,128 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe PRC - [2008-05-13 01:13:28 | 000,085,672 | ---- | M] () -- C:\Program Files\Samsung\Samsung Update Plus\SLUTrayNotifier.exe PRC - [2008-04-25 13:31:34 | 000,565,248 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe PRC - [2008-04-17 07:26:46 | 000,352,256 | ---- | M] (SAMSUNG Electronics co., LTD.) -- C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe PRC - [2008-04-17 03:50:00 | 006,111,232 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe PRC - [2008-03-17 10:07:02 | 000,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe PRC - [2008-01-21 03:35:20 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe PRC - [2008-01-21 03:35:20 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe PRC - [2008-01-21 03:34:50 | 002,623,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe PRC - [2008-01-21 03:34:43 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe PRC - [2008-01-21 03:34:38 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe PRC - [2008-01-21 03:34:36 | 000,279,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe PRC - [2008-01-21 03:34:32 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe PRC - [2008-01-21 03:33:52 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe PRC - [2008-01-21 03:33:22 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe PRC - [2008-01-21 03:33:15 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe PRC - [2008-01-21 03:33:13 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:32:57 | 000,302,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe PRC - [2007-10-26 06:39:14 | 000,095,528 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe PRC - [2007-10-26 06:39:04 | 001,029,416 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe PRC - [2007-07-04 23:41:42 | 000,045,056 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe PRC - [2006-12-19 14:23:38 | 000,272,024 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe PRC - [2006-11-02 10:45:37 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rundll32.exe PRC - [2006-10-22 18:48:00 | 000,345,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2011-02-10 15:03:13 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\kamil\Documents\52\otl\OTL.exe MOD - [2010-08-31 16:39:57 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll MOD - [2010-07-26 17:55:26 | 011,581,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll MOD - [2010-06-28 17:15:53 | 001,315,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll MOD - [2010-04-16 17:10:45 | 000,501,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll MOD - [2009-07-17 15:35:11 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll MOD - [2009-06-15 16:24:05 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll MOD - [2009-04-28 10:05:56 | 000,715,264 | ---- | M] (Agnitum Ltd.) -- c:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll MOD - [2009-04-23 13:43:04 | 000,784,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll MOD - [2009-02-13 09:49:05 | 000,888,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll MOD - [2008-10-21 06:25:18 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll MOD - [2008-10-16 05:47:33 | 000,466,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netapi32.dll MOD - [2008-02-29 07:53:38 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll MOD - [2008-01-21 03:34:50 | 001,203,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll MOD - [2008-01-21 03:34:50 | 000,563,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll MOD - [2008-01-21 03:34:46 | 000,806,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll MOD - [2008-01-21 03:34:36 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ws2_32.dll MOD - [2008-01-21 03:34:35 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll MOD - [2008-01-21 03:34:34 | 001,590,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll MOD - [2008-01-21 03:34:22 | 000,450,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll MOD - [2008-01-21 03:34:22 | 000,351,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll MOD - [2008-01-21 03:34:21 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll MOD - [2008-01-21 03:34:21 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx MOD - [2008-01-21 03:34:21 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll MOD - [2008-01-21 03:34:20 | 000,680,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll MOD - [2008-01-21 03:34:11 | 000,798,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll MOD - [2008-01-21 03:34:07 | 001,076,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll MOD - [2008-01-21 03:34:07 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll MOD - [2008-01-21 03:34:05 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll MOD - [2008-01-21 03:34:05 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll MOD - [2008-01-21 03:34:03 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll MOD - [2008-01-21 03:34:03 | 000,079,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authz.dll MOD - [2008-01-21 03:34:02 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll MOD - [2008-01-21 03:33:53 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll MOD - [2008-01-21 03:33:52 | 000,289,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll MOD - [2008-01-21 03:33:52 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll MOD - [2008-01-21 03:33:48 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll MOD - [2008-01-21 03:33:47 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll MOD - [2008-01-21 03:33:46 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll MOD - [2008-01-21 03:33:37 | 000,750,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll MOD - [2008-01-21 03:33:20 | 000,258,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv MOD - [2008-01-21 03:33:15 | 001,067,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll MOD - [2008-01-21 03:33:14 | 000,240,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll MOD - [2008-01-21 03:33:12 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll MOD - [2008-01-21 03:32:53 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll MOD - [2006-11-02 10:46:12 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2010-12-05 13:12:40 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2010-11-11 12:26:42 | 000,206,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv) SRV - [2010-11-11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc) SRV - [2010-06-02 17:31:00 | 003,594,440 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc) SRV - [2009-04-28 10:06:06 | 001,195,008 | ---- | M] (Agnitum Ltd.) [Auto | Running] -- C:\Program Files\Agnitum\Outpost Firewall\acs.exe -- (acssrv) SRV - [2009-02-25 08:28:20 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc) SRV - [2008-05-23 06:11:56 | 000,819,200 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) SRV - [2008-05-23 05:43:52 | 000,466,944 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) SRV - [2008-05-13 00:47:20 | 000,077,480 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe -- (Samsung Update Plus) SRV - [2008-01-21 03:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011-02-10 14:45:57 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{417BE5E3-82B8-488F-AD25-8EBA383DF5DB}\MpKsl7b52f076.sys -- (MpKsl7b52f076) DRV - [2010-10-24 21:25:38 | 000,054,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv) DRV - [2010-10-24 21:25:38 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon) DRV - [2010-09-25 16:49:10 | 000,278,728 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt) DRV - [2010-09-25 16:49:10 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt) DRV - [2010-04-27 16:49:25 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2009-04-06 11:37:12 | 000,704,384 | ---- | M] (Agnitum Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\SandBox.sys -- (SandBox) DRV - [2009-02-18 17:27:54 | 000,029,208 | ---- | M] (Agnitum Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\afw.sys -- (afw) DRV - [2009-02-10 16:12:48 | 000,307,224 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afwcore.sys -- (afwcore) DRV - [2008-06-16 13:38:10 | 000,318,488 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor) DRV - [2008-06-08 23:23:00 | 007,522,624 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2008-04-17 08:31:00 | 002,098,904 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2008-04-05 06:56:26 | 000,242,560 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vmc302.sys -- (VMC302) DRV - [2008-02-14 00:17:10 | 000,080,424 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio) DRV - [2008-01-21 03:32:53 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2008-01-21 03:32:53 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2008-01-21 03:32:52 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR) DRV - [2008-01-21 03:32:52 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2008-01-21 03:32:52 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2008-01-21 03:32:52 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2008-01-21 03:32:51 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2008-01-21 03:32:51 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2008-01-21 03:32:50 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2008-01-21 03:32:50 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R) DRV - [2008-01-21 03:32:50 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2008-01-21 03:32:49 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2008-01-21 03:32:49 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2008-01-21 03:32:49 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2008-01-21 03:32:49 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2008-01-21 03:32:49 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2008-01-21 03:32:48 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2008-01-21 03:32:48 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2008-01-21 03:32:47 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2008-01-21 03:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2008-01-21 03:32:46 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2008-01-21 03:32:45 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R) DRV - [2008-01-21 03:32:45 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2008-01-21 03:32:21 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2008-01-21 03:32:21 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2008-01-21 03:32:21 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2007-12-28 02:51:00 | 000,298,496 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh) DRV - [2007-10-26 06:39:08 | 000,193,456 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP) DRV - [2007-09-13 07:17:58 | 000,755,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2007-07-15 23:20:26 | 000,016,168 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwrchid.sys -- (btwrchid) DRV - [2007-07-15 23:20:24 | 000,080,936 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt) DRV - [2007-07-11 15:51:48 | 000,019,840 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag) DRV - [2007-07-11 10:45:00 | 000,021,632 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem) DRV - [2007-07-11 10:40:18 | 000,012,416 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus) DRV - [2007-05-23 09:13:10 | 000,013,312 | ---- | M] (SAMSUNG ELECTRONICS CO., LTD.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\KMDFMEMIO.sys -- (KMDFMEMIO) DRV - [2007-01-04 12:48:04 | 000,104,344 | ---- | M] (Analog Devices Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e4usbaw.sys -- (e4usbaw) DRV - [2007-01-04 12:47:48 | 000,069,656 | ---- | M] (Analog Deivces) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\e4ldr.sys -- (E4LOADER) General Purpose USB Driver (e4ldr.sys) DRV - [2006-11-28 08:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2006-11-02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006-11-02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006-11-02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006-11-02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006-11-02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006-11-02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006-11-02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006-11-02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006-11-02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006-11-02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006-11-02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006-11-02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006-11-02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006-11-02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006-11-02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006-11-02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006-11-02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006-11-02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006-11-02 08:30:53 | 000,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp) DRV - [2006-10-19 03:10:57 | 001,380,864 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\igdkmd32.sys -- (ialm) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\S-1-5-21-23042342-2651542211-2932212354-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com IE - HKU\S-1-5-21-23042342-2651542211-2932212354-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKU\S-1-5-21-23042342-2651542211-2932212354-1003\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-23042342-2651542211-2932212354-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "google.pl" FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-12-10 22:00:21 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-12-10 22:00:21 | 000,000,000 | ---D | M] [2010-04-10 16:54:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kamil\AppData\Roaming\mozilla\Extensions [2011-02-10 14:30:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kamil\AppData\Roaming\mozilla\Firefox\Profiles\gmr2j1a9.default\extensions [2010-09-18 19:36:09 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\kamil\AppData\Roaming\mozilla\Firefox\Profiles\gmr2j1a9.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-12-29 00:12:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010-12-23 12:54:45 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2010-07-10 16:19:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010-07-10 16:18:34 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2010-09-12 13:23:09 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-09-12 13:23:09 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-09-12 13:23:09 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-09-12 13:23:10 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-09-12 13:23:10 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-09-12 13:23:10 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2006-09-18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe () O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [OutpostFeedBack] C:\Program Files\Agnitum\Outpost Firewall\feedback.exe (Agnitum Ltd.) O4 - HKLM..\Run: [OutpostMonitor] C:\Program Files\Agnitum\Outpost Firewall\op_mon.exe (Agnitum Ltd.) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-23042342-2651542211-2932212354-1003..\Run: [AlcoholAutomount] File not found O4 - HKU\S-1-5-21-23042342-2651542211-2932212354-1003..\Run: [inetserv] C:\Users\kamil\AppData\Local\inetserv.exe () O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-23042342-2651542211-2932212354-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-23042342-2651542211-2932212354-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data] O7 - HKU\S-1-5-21-23042342-2651542211-2932212354-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36 O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O13 - gopher Prefix: missing O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 173.192.105.217 173.193.227.124 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - AppInit_DLLs: (c:\progra~1\agnitum\outpos~1\wl_hook.dll) - c:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Agnitum Ltd.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKU\S-1-5-21-23042342-2651542211-2932212354-1003 Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKU\S-1-5-21-23042342-2651542211-2932212354-1003 Winlogon: Shell - (C:\Users\kamil\AppData\Roaming\juzjf.exe) - C:\Users\kamil\AppData\Roaming\juzjf.exe (Google Inc.) O24 - Desktop WallPaper: C:\Users\kamil\AppData\Roaming\Mozilla\Firefox\Tapeta pulpitu.bmp O24 - Desktop BackupWallPaper: C:\Users\kamil\AppData\Roaming\Mozilla\Firefox\Tapeta pulpitu.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2010-08-28 00:44:42 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010-08-28 00:44:42 | 000,000,000 | RHSD | M] - D:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2009-08-18 20:44:27 | 000,000,051 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ] O33 - MountPoints2\{b6843ec9-a094-11df-a8b2-001377f510d9}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\explore.exe O33 - MountPoints2\{e669bb7b-1639-11df-8b58-001377f510d9}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL H:\copy.exe O33 - MountPoints2\{fd9cf149-1d00-11de-95d8-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{fd9cf149-1d00-11de-95d8-806e6f6e6963}\Shell\AutoRun\command - "" = E:\PrawoJazdy.exe -- [2011-01-04 16:13:26 | 003,387,904 | R--- | M] () O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe - (Adobe Systems Incorporated) MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe - () MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe - (Broadcom Corporation.) MsConfig - StartUpReg: [b]DAEMON Tools Lite[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]Gadu-Gadu 10[/b] - hkey= - key= - C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.) MsConfig - StartUpReg: [b]IPLA![/b] - hkey= - key= - C:\Program Files\ipla\ipla.exe (Redefine Sp z o.o.) MsConfig - StartUpReg: [b]LightScribe Control Panel[/b] - hkey= - key= - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company) MsConfig - StartUpReg: [b]RemoteControl[/b] - hkey= - key= - C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.) MsConfig - StartUpReg: [b]Skype[/b] - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.) MsConfig - StartUpReg: [b]Steam[/b] - hkey= - key= - D:\Gry\Steam\Steam.exe (Valve Corporation) MsConfig - StartUpReg: [b]SunJavaUpdateSched[/b] - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) MsConfig - State: "startup" - 2 MsConfig - State: "services" - 0 SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: MsMpSvc - c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation) SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: MsMpSvc - c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation) SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2011-02-08 18:49:06 | 000,000,000 | ---D | C] -- C:\Program Files\SkanerOnline [2011-02-08 16:06:41 | 000,172,032 | RHS- | C] (Google Inc.) -- C:\Users\kamil\AppData\Roaming\juzjf.exe [2011-02-03 20:22:07 | 000,000,000 | -H-D | C] -- C:\LG3G [2011-02-03 20:19:41 | 000,000,000 | ---D | C] -- C:\lgupload [2011-02-03 17:21:19 | 000,000,000 | ---D | C] -- C:\Users\kamil\AppData\Roaming\LG Electronics [2011-02-03 17:15:06 | 000,000,000 | ---D | C] -- C:\Program Files\LG Electronics [2011-02-03 17:13:26 | 000,000,000 | ---D | C] -- C:\Program Files\LG PC Suite 2 [2011-02-03 17:13:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG PC Suite 2 [2011-01-30 16:35:08 | 000,000,000 | ---D | C] -- C:\Users\kamil\Documents\MP-Manager [2011-01-30 16:35:08 | 000,000,000 | ---D | C] -- C:\Users\kamil\Application Data [2011-01-30 16:34:37 | 000,000,000 | ---D | C] -- C:\Users\kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MP Manager [2011-01-30 16:31:48 | 000,000,000 | ---D | C] -- C:\Users\kamil\AppData\Roaming\MPMAN [2011-01-29 09:36:11 | 000,000,000 | ---D | C] -- C:\Windows\TempAE2F5317-B912-ED87-AA44-48E9B7C3915A-Signatures [2011-01-29 09:35:01 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client [2011-01-25 19:41:36 | 000,000,000 | ---D | C] -- C:\Users\kamil\Documents\Eidos [2011-01-25 18:45:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CAPCOM [2011-01-21 16:26:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra [2011-01-13 19:08:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Resident Evil 4 [2011-01-13 18:04:55 | 000,000,000 | ---D | C] -- C:\Windows\System32\xlive [2011-01-06 18:03:01 | 000,000,000 | ---D | C] -- C:\Users\kamil\AppData\Roaming\Thinstall [2011-01-04 18:45:38 | 000,000,000 | ---D | C] -- C:\Users\kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zegarmistrz [2011-01-04 18:45:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zegarmistrz [2010-12-23 17:55:10 | 000,000,000 | ---D | C] -- C:\Users\kamil\Documents\52 [2010-12-23 15:20:27 | 000,000,000 | ---D | C] -- C:\Users\kamil\AppData\Roaming\Tibia [2010-12-23 15:17:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tibia [2010-12-23 12:52:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2010-12-23 12:52:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2010-12-12 16:25:57 | 000,000,000 | ---D | C] -- C:\Users\kamil\Documents\RohanScreenShot [2006-11-24 06:14:44 | 000,139,264 | ---- | C] ( ) -- C:\Windows\System32\MACSSDK_wiz.dll [2006-11-24 06:14:44 | 000,126,976 | ---- | C] ( ) -- C:\Windows\System32\MACSSDK.dll [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2011-02-10 14:53:04 | 000,001,034 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011-02-10 14:20:29 | 000,137,021 | ---- | M] () -- C:\ProgramData\nvModes.001 [2011-02-10 14:20:26 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{3982A897-C764-48B3-90D3-5CE2FC2D8A19}.job [2011-02-10 14:19:32 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011-02-10 14:19:27 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011-02-10 14:19:23 | 000,137,021 | ---- | M] () -- C:\ProgramData\nvModes.dat [2011-02-10 14:19:18 | 000,001,030 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011-02-10 14:19:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011-02-10 14:19:07 | 2141,831,168 | -HS- | M] () -- C:\hiberfil.sys [2011-02-08 21:20:18 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2011-02-08 21:19:31 | 000,710,920 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2011-02-08 21:19:31 | 000,635,986 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011-02-08 21:19:31 | 000,145,430 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2011-02-08 21:19:31 | 000,119,772 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011-02-08 20:08:05 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempTB3240.html [2011-02-08 20:08:05 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempyV3240.html [2011-02-08 16:47:42 | 000,000,680 | ---- | M] () -- C:\Users\kamil\AppData\Local\d3d9caps.dat [2011-02-07 19:05:24 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempja5624.html [2011-02-03 21:38:10 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempTD3572.html [2011-02-03 21:38:10 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempwF3572.html [2011-02-01 19:17:14 | 000,110,614 | ---- | M] () -- C:\Users\kamil\AppData\Local\inetserv.exe [2011-01-30 14:50:35 | 000,092,160 | ---- | M] () -- C:\Users\kamil\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-01-29 15:32:52 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempAL5364.html [2011-01-29 15:32:52 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempzw5364.html [2011-01-29 09:38:50 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif [2011-01-28 23:17:19 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempYt4272.html [2011-01-28 23:17:19 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempOe4272.html [2011-01-23 22:20:37 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempjD3568.html [2011-01-23 22:20:37 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempMi3568.html [2011-01-22 16:02:58 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempOM2392.html [2011-01-22 16:02:58 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempJS2392.html [2011-01-16 20:04:49 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempjN5168.html [2011-01-16 20:04:49 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Temppe5168.html [2011-01-14 23:24:53 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempND3380.html [2011-01-13 00:04:10 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempNQ3404.html [2011-01-12 19:44:26 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Templg3808.html [2011-01-12 19:44:26 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempOI3808.html [2011-01-12 16:50:39 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempcU3652.html [2011-01-12 16:50:39 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempRj3652.html [2011-01-11 17:58:21 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempFU1664.html [2011-01-11 17:58:21 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempPW1664.html [2011-01-10 18:26:09 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempeO1000.html [2011-01-09 21:07:48 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempGh1992.html [2011-01-09 21:07:48 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempwQ1992.html [2011-01-09 00:59:09 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempqy3528.html [2011-01-07 15:41:18 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempDLO284.html [2011-01-06 19:38:01 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempBi2584.html [2011-01-05 17:14:33 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempms1724.html [2011-01-04 16:29:52 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempUx5904.html [2011-01-04 16:29:52 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Temphb5904.html [2011-01-02 22:01:05 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempRI3908.html [2011-01-02 22:01:05 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempDy3908.html [2010-12-30 01:55:48 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TemplB1848.html [2010-12-30 01:55:48 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempnE1848.html [2010-12-27 22:43:31 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempgO2744.html [2010-12-27 14:32:35 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempHv2724.html [2010-12-27 14:32:35 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempSa2724.html [2010-12-27 01:32:48 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempLp2396.html [2010-12-27 01:32:48 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempNU2396.html [2010-12-26 02:21:40 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempto6032.html [2010-12-26 02:21:40 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempzb6032.html [2010-12-24 02:14:15 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempEW6004.html [2010-12-24 02:14:15 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempBp6004.html [2010-12-23 16:20:12 | 004,687,862 | ---- | M] () -- C:\Users\kamil\Documents\52 Debiec - Gniew.mp3 [2010-12-23 12:52:19 | 000,001,878 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2010-12-22 23:33:36 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Temphx2496.html [2010-12-22 23:33:36 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempYQ2496.html [2010-12-22 18:58:40 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempvy2588.html [2010-12-20 06:55:47 | 000,003,188 | ---- | M] () -- C:\Users\kamil\Documents\Artur Tomalaa.rtf [2010-12-19 22:16:47 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempmO3804.html [2010-12-19 22:16:47 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempWn3804.html [2010-12-19 01:15:43 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempPj1764.html [2010-12-18 15:06:27 | 000,372,632 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010-12-16 17:18:03 | 000,014,585 | ---- | M] () -- C:\Users\kamil\Documents\Artur Tomala.docx [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-02-08 16:47:49 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempTB3240.html [2011-02-08 16:47:49 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempyV3240.html [2011-02-08 16:06:37 | 000,000,000 | -H-- | C] () -- C:\Users\kamil\AppData\Roaming\jbMhE16d0h.txt [2011-02-07 16:14:36 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempja5624.html [2011-02-03 17:05:35 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempTD3572.html [2011-02-03 17:05:35 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempwF3572.html [2011-02-01 19:17:14 | 000,110,614 | ---- | C] () -- C:\Users\kamil\AppData\Local\inetserv.exe [2011-01-29 12:40:37 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempAL5364.html [2011-01-29 12:40:37 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempzw5364.html [2011-01-29 09:38:50 | 000,001,912 | ---- | C] () -- C:\Windows\epplauncher.mif [2011-01-28 16:18:46 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempYt4272.html [2011-01-28 16:18:46 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempOe4272.html [2011-01-23 15:50:50 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempjD3568.html [2011-01-23 15:50:50 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempMi3568.html [2011-01-22 09:55:49 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempOM2392.html [2011-01-22 09:55:49 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempJS2392.html [2011-01-16 17:01:01 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempjN5168.html [2011-01-16 17:01:01 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Temppe5168.html [2011-01-14 21:56:19 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempND3380.html [2011-01-12 21:42:18 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempNQ3404.html [2011-01-12 19:24:05 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Templg3808.html [2011-01-12 19:24:05 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempOI3808.html [2011-01-12 16:10:25 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempcU3652.html [2011-01-12 16:10:25 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempRj3652.html [2011-01-11 17:50:10 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempFU1664.html [2011-01-11 17:50:10 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempPW1664.html [2011-01-10 17:26:40 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempeO1000.html [2011-01-09 13:42:26 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempGh1992.html [2011-01-09 13:42:26 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempwQ1992.html [2011-01-08 18:05:35 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempqy3528.html [2011-01-07 15:14:56 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempDLO284.html [2011-01-06 15:19:49 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempBi2584.html [2011-01-05 15:14:27 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempms1724.html [2011-01-04 15:57:38 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempUx5904.html [2011-01-04 15:57:38 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Temphb5904.html [2011-01-02 21:04:34 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempRI3908.html [2011-01-02 21:04:34 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempDy3908.html [2010-12-29 15:05:43 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TemplB1848.html [2010-12-29 15:05:43 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempnE1848.html [2010-12-29 00:12:28 | 000,001,878 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk [2010-12-27 20:27:45 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempgO2744.html [2010-12-27 13:50:14 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempHv2724.html [2010-12-27 13:50:14 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempSa2724.html [2010-12-26 22:02:40 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempLp2396.html [2010-12-26 22:02:40 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempNU2396.html [2010-12-25 21:00:34 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempto6032.html [2010-12-25 21:00:34 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempzb6032.html [2010-12-23 16:16:11 | 004,687,862 | ---- | C] () -- C:\Users\kamil\Documents\52 Debiec - Gniew.mp3 [2010-12-23 15:14:02 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempEW6004.html [2010-12-23 15:14:02 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempBp6004.html [2010-12-22 20:50:46 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Temphx2496.html [2010-12-22 20:50:46 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempYQ2496.html [2010-12-22 15:40:08 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempvy2588.html [2010-12-20 06:55:47 | 000,003,188 | ---- | C] () -- C:\Users\kamil\Documents\Artur Tomalaa.rtf [2010-12-19 19:32:56 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempmO3804.html [2010-12-19 19:32:56 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempWn3804.html [2010-12-18 16:58:38 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempPj1764.html [2010-12-11 21:34:46 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempiZ1716.html [2010-12-11 21:34:45 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempFx1716.html [2010-12-10 18:49:13 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempma5604.html [2010-12-10 18:49:13 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Templr5604.html [2010-12-09 18:45:41 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempwj5064.html [2010-12-09 18:45:41 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Templk5064.html [2010-12-08 17:30:29 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempXe4052.html [2010-12-08 17:30:29 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempGM4052.html [2010-12-07 16:59:17 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempLF3744.html [2010-12-06 16:21:56 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempqd2380.html [2010-12-06 16:21:56 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempmg2380.html [2010-12-05 12:25:20 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempCN2632.html [2010-12-05 12:25:20 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempdh2632.html [2010-12-05 01:38:07 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempNg3004.html [2010-12-04 13:07:31 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempzP5860.html [2010-12-03 18:14:22 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempoq4100.html [2010-12-03 18:14:22 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempgF4100.html [2010-12-03 15:04:37 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Temptm5244.html [2010-12-03 13:42:54 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempGM5904.html [2010-12-02 21:15:57 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempyd2448.html [2010-12-02 21:15:57 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempYw2448.html [2010-11-29 21:19:34 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempAo3916.html [2010-11-29 21:19:34 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempCB3916.html [2010-11-28 15:52:28 | 000,003,053 | ---- | C] () -- C:\Windows\ARX_RingPol100D.ini [2010-11-21 13:41:08 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TemplB3472.html [2010-11-21 13:41:08 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempbT3472.html [2010-11-19 16:04:14 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempvl3368.html [2010-11-19 16:04:14 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempTq3368.html [2010-11-15 13:04:21 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempOKc992.html [2010-11-15 13:04:21 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TemplwW992.html [2010-11-13 21:34:11 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempQo5968.html [2010-11-13 21:34:11 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempXu5968.html [2010-11-13 15:06:17 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempxm5296.html [2010-11-13 15:06:17 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempeT5296.html [2010-11-13 14:55:53 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempPi5296.html [2010-11-13 14:55:53 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempFs5296.html [2010-11-12 13:18:37 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempNE1856.html [2010-11-12 13:18:37 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempNL1856.html [2010-11-11 17:21:44 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempdF3772.html [2010-11-11 17:21:44 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempMR3772.html [2010-11-10 16:46:26 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempuG4180.html [2010-11-07 12:39:33 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempQh2884.html [2010-11-07 12:39:33 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Templo2884.html [2010-11-06 22:13:56 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempCa2288.html [2010-11-06 22:13:56 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempKN2288.html [2010-11-06 14:03:17 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempyY2656.html [2010-11-05 17:20:56 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempbp4012.html [2010-11-05 17:20:56 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempMq4012.html [2010-11-04 12:05:38 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempSf3852.html [2010-11-04 12:05:38 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempPF3852.html [2010-10-31 16:28:51 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempql5236.html [2010-10-31 16:28:51 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempep5236.html [2010-10-31 13:09:26 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempBt5980.html [2010-10-31 12:59:15 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempqB5308.html [2010-10-31 12:59:15 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempOB5308.html [2010-10-19 15:33:33 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempiH3396.html [2010-10-19 15:33:33 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempJV3396.html [2010-10-14 18:05:02 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempXp2552.html [2010-10-14 18:05:02 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempzI2552.html [2010-10-12 12:51:30 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempeF2884.html [2010-10-12 12:51:30 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempDN2884.html [2010-10-08 13:21:37 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TemplD1276.html [2010-10-08 13:21:37 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempsr1276.html [2010-10-04 13:54:25 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempUR1588.html [2010-10-04 13:54:25 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempru1588.html [2010-10-03 11:58:08 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempBB2360.html [2010-10-03 11:58:08 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempYC2360.html [2010-10-02 19:58:14 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempMtO304.html [2010-10-02 19:58:14 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempKPC304.html [2010-10-01 22:36:00 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempYY2608.html [2010-09-25 16:49:10 | 000,278,728 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys [2010-09-25 16:49:10 | 000,025,416 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys [2010-09-24 17:08:34 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempOw2044.html [2010-09-24 17:08:34 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempiK2044.html [2010-09-23 14:47:43 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempGt1832.html [2010-09-22 17:51:15 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempTu3460.html [2010-09-22 17:51:15 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempgm3460.html [2010-09-20 17:02:33 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempdL3572.html [2010-09-20 17:02:33 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempkn3572.html [2010-09-19 09:45:51 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempGT1476.html [2010-09-19 09:45:51 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TemplG1476.html [2010-09-18 16:23:09 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempWd5560.html [2010-09-18 16:23:09 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempaD5560.html [2010-09-18 11:45:44 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempEz2260.html [2010-09-17 18:49:34 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempaT1744.html [2010-09-12 19:28:59 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempyF4324.html [2010-09-12 19:28:59 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempxV4324.html [2010-09-12 13:25:50 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempaf4024.html [2010-09-12 13:25:50 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempUc4024.html [2010-09-11 13:45:01 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempxZB508.html [2010-09-11 13:45:01 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempcvr508.html [2010-09-10 18:55:05 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempdH2036.html [2010-09-02 18:22:11 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempfU5496.html [2010-09-02 18:22:11 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempWW5496.html [2010-09-02 16:44:18 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempJZ2264.html [2010-09-02 16:44:18 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempCv2264.html [2010-09-02 14:54:03 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempyM3488.html [2010-09-01 17:16:20 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempKp4024.html [2010-09-01 17:16:20 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempmw4024.html [2010-08-31 16:56:15 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TemppB3920.html [2010-08-31 16:56:15 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempsC3920.html [2010-08-30 16:20:11 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempHx5276.html [2010-08-30 16:20:11 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempfo5276.html [2010-08-29 11:53:58 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempha2992.html [2010-08-29 11:53:58 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempeU2992.html [2010-08-28 10:13:14 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempww1700.html [2010-08-28 10:13:14 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempLf1700.html [2010-08-27 22:56:29 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempUD4940.html [2010-08-27 22:56:29 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempod4940.html [2010-08-03 15:20:29 | 000,000,680 | ---- | C] () -- C:\Users\kamil\AppData\Local\d3d9caps.dat [2010-07-09 20:04:40 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll [2010-06-28 09:40:02 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempwV1564.html [2010-06-28 09:40:02 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempyC1564.html [2010-06-28 08:52:51 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TemppM3176.html [2010-05-31 16:47:42 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2010-05-31 16:47:42 | 000,022,328 | ---- | C] () -- C:\Users\kamil\AppData\Roaming\PnkBstrK.sys [2010-05-18 15:48:30 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll [2010-05-18 15:48:30 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll [2010-05-18 15:48:30 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll [2010-04-27 16:49:25 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys [2010-04-24 12:56:50 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempYg3044.html [2010-04-23 19:28:00 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Temppy1876.html [2010-04-23 19:28:00 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempEY1876.html [2010-04-20 10:26:23 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempLW3776.html [2010-04-20 10:26:23 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Templd3776.html [2010-04-18 19:08:03 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempqv2896.html [2010-04-18 19:08:03 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempkK2896.html [2010-04-18 10:26:35 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempdk2792.html [2010-04-18 10:26:35 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempZh2792.html [2010-04-17 16:35:08 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempJH3920.html [2010-04-17 16:35:08 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempuz3920.html [2010-04-17 08:52:07 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempXK2252.html [2010-04-16 18:24:53 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempqgU376.html [2010-04-16 18:24:53 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempvBC376.html [2010-04-16 15:36:09 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempgR4068.html [2010-04-13 18:51:04 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempoR3468.html [2010-04-13 18:51:04 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempSP3468.html [2010-04-12 15:11:00 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempXQ2732.html [2010-04-12 15:11:00 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempxv2732.html [2010-04-11 18:42:23 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempEZ2156.html [2010-04-11 18:42:23 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempfu2156.html [2010-04-11 09:09:31 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempAZ2624.html [2010-04-11 09:09:31 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Templn2624.html [2010-04-10 21:03:24 | 000,092,160 | ---- | C] () -- C:\Users\kamil\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-04-10 17:49:16 | 000,000,169 | ---- | C] () -- C:\Windows\adidsl.ini [2010-04-10 17:49:16 | 000,000,021 | ---- | C] () -- C:\Windows\Fast800.ini [2010-04-10 17:48:14 | 000,000,990 | ---- | C] () -- C:\Windows\adiras.ini [2010-04-10 17:48:10 | 000,046,892 | ---- | C] () -- C:\Windows\System32\ADADIX16.DLL [2010-04-10 17:07:10 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempHh2412.html [2010-04-10 17:07:10 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempKy2412.html [2010-04-10 17:06:26 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010-02-10 13:03:16 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll [2008-07-25 12:51:28 | 000,000,684 | ---- | C] () -- C:\Windows\HotFixList.ini [2008-07-25 12:38:07 | 000,137,021 | ---- | C] () -- C:\ProgramData\nvModes.001 [2008-07-25 12:37:47 | 000,137,021 | ---- | C] () -- C:\ProgramData\nvModes.dat [2008-07-25 12:19:47 | 000,000,135 | R--- | C] () -- C:\Windows\System32\lngEng.ini [2008-07-25 12:19:47 | 000,000,117 | ---- | C] () -- C:\Windows\System32\lngKor.ini [2008-07-25 10:38:24 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2007-10-12 23:20:06 | 000,151,417 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2007-07-23 08:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll [2007-07-23 08:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll [2007-07-23 08:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll [2007-07-23 08:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll [2007-07-23 08:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll [2007-07-23 08:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll [2007-07-23 08:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll [2007-07-23 08:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll [2007-07-23 08:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll [2007-02-15 08:51:02 | 000,274,432 | ---- | C] () -- C:\Windows\System32\NDADLL.dll [2006-11-29 09:00:28 | 000,307,200 | ---- | C] () -- C:\Windows\System32\LDBGenWizView.dll [2006-11-02 11:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll [2006-11-02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006-10-09 02:01:28 | 000,061,440 | ---- | C] () -- C:\Windows\System32\AVSAudioWideStereoDMO.dll [2001-11-14 04:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll [color=#E56717]========== LOP Check ==========[/color] [2010-04-27 16:54:19 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\DAEMON Tools Lite [2010-04-24 10:07:41 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\fretsonfire [2010-11-13 15:06:16 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\Gadu-Gadu 10 [2010-07-12 12:24:19 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\GetRightToGo [2010-08-31 17:01:59 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\gtk-2.0 [2010-04-10 17:03:59 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\ipla [2011-02-03 17:21:19 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\LG Electronics [2011-01-30 16:31:48 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\MPMAN [2010-07-13 20:07:15 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\OpenFM [2010-08-30 21:52:13 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\PhotoFiltre [2010-09-13 17:00:29 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\runic games [2010-04-25 09:32:47 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\Sudeki [2011-01-06 18:03:01 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\Thinstall [2010-12-31 06:25:27 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\Tibia [2010-11-19 17:44:05 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\TS3Client [2010-08-29 12:52:02 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\uTorrent [2011-02-08 21:20:19 | 000,032,592 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2011-02-10 14:20:26 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{3982A897-C764-48B3-90D3-5CE2FC2D8A19}.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2008-01-21 03:34:29 | 000,333,203 | RHS- | M] () -- C:\bootmgr [2008-02-09 03:52:13 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK [2006-09-18 22:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys [2011-02-10 14:19:07 | 2141,831,168 | -HS- | M] () -- C:\hiberfil.sys [2009-03-30 07:32:41 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2011-02-08 19:25:50 | 000,007,566 | ---- | M] () -- C:\mksbasel.cpp.log [2009-03-30 07:32:41 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2011-02-10 14:19:05 | 2455,633,920 | -HS- | M] () -- C:\pagefile.sys [2008-07-25 12:03:42 | 000,000,366 | ---- | M] () -- C:\RHDSetup.log [2009-06-05 15:20:18 | 000,000,086 | ---- | M] () -- C:\Setup.log [2011-02-03 17:20:17 | 000,000,000 | ---- | M] () -- C:\Tech_Vista.log [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2008-01-21 03:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys [2008-01-21 03:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys [2008-01-21 03:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys [2008-01-21 03:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys [2006-11-02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009-04-11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys [2009-04-11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\SoftwareDistribution\Download\3bd8fe73c6fda64a95e9e60ac46184d4\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys [2008-01-21 03:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys [2008-01-21 03:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys [2008-01-21 03:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys [2006-11-02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2008-01-21 03:33:14 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\System32\drivers\beep.sys [2008-01-21 03:33:14 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6001.18000_none_c420a153079d485b\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2008-01-21 03:32:23 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\drivers\cdrom.sys [2008-01-21 03:32:23 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys [2008-01-21 03:32:23 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys [2009-04-11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys [2009-04-11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\SoftwareDistribution\Download\3bd8fe73c6fda64a95e9e60ac46184d4\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys [2006-11-02 09:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2009-04-11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys [2009-04-11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\SoftwareDistribution\Download\3bd8fe73c6fda64a95e9e60ac46184d4\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys [2008-01-21 03:33:22 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\System32\drivers\ndis.sys [2008-01-21 03:33:22 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2009-04-11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [2009-04-11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SoftwareDistribution\Download\3bd8fe73c6fda64a95e9e60ac46184d4\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [2008-01-21 03:34:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\System32\winlogon.exe [2008-01-21 03:34:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe < End of report >[/log] RSIT: [log]Logfile of random's system information tool 1.08 (written by random/random) Run by kamil at 2011-02-10 15:22:02 Microsoft® Windows Vista™ Home Basic Service Pack 1 System drive C: has 7 GB (9%) free of 71 GB Total RAM: 2042 MB (18% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:22:46, on 2011-02-10 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18542) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe C:\Windows\Explorer.EXE C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe C:\Windows\System32\rundll32.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\conime.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Users\kamil\AppData\Local\inetserv.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Samsung\Samsung Update Plus\SLUTrayNotifier.exe C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe C:\Windows\system32\wuauclt.exe C:\Users\kamil\Documents\52\otl\OTL.exe C:\Windows\notepad.exe C:\Windows\notepad.exe C:\Users\kamil\Documents\52\rsit\RSIT.exe C:\Program Files\trend micro\kamil.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [OutpostMonitor] C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe /tray /noservice O4 - HKLM\..\Run: [OutpostFeedBack] "C:\Program Files\Agnitum\Outpost Firewall\feedback.exe" /dump:os_startup O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKCU\..\Run: [inetserv] C:\Users\kamil\AppData\Local\inetserv.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'USŁUGA SIECIOWA') O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: c:\progra~1\agnitum\outpos~1\wl_hook.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: Usługa Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Samsung Update Plus - Unknown owner - C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe -- End of file - 6472 bytes ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\User_Feed_Synchronization-{3982A897-C764-48B3-90D3-5CE2FC2D8A19}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-07-10 41760] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184] "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-06-08 13543968] "NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-06-08 92704] "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-04-17 6111232] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-10-26 1029416] "LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2007-01-08 52256] "OutpostMonitor"=C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe [2009-04-28 2374464] "OutpostFeedBack"=C:\Program Files\Agnitum\Outpost Firewall\feedback.exe [2009-04-28 428032] "MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2010-11-30 997408] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe /automount [] "inetserv"=C:\Users\kamil\AppData\Local\inetserv.exe [2011-02-01 110614] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe [2010-10-07 12661344] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IPLA!] C:\Program Files\ipla\ipla.exe [2010-02-02 14252952] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-03-17 2289664] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2007-03-14 71216] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] C:\Program Files\Skype\Phone\Skype.exe [2010-12-03 14944136] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam] D:\Gry\Steam\Steam.exe [2010-12-05 1242448] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk] C:\PROGRA~1\Adobe\READER~1.0\Reader\READER~1.EXE [2006-10-22 40048] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk] C:\PROGRA~1\Adobe\READER~1.0\Reader\ADOBEC~1.EXE [2006-10-22 734872] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk] C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2008-02-12 723496] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="c:\progra~1\agnitum\outpos~1\wl_hook.dll" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveAutoRun"=0xFFFFFFFF "NoDriveTypeAutoRun"=36 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======List of files/folders created in the last 1 months====== 2011-02-08 18:49:06 ----D---- C:\Program Files\SkanerOnline 2011-02-08 16:06:41 ----RSH---- C:\Users\kamil\AppData\Roaming\juzjf.exe 2011-02-08 16:06:37 ----AH---- C:\Users\kamil\AppData\Roaming\jbMhE16d0h.txt 2011-02-03 20:22:07 ----HD---- C:\LG3G 2011-02-03 20:19:41 ----D---- C:\lgupload 2011-02-03 17:21:19 ----D---- C:\Users\kamil\AppData\Roaming\LG Electronics 2011-02-03 17:15:07 ----A---- C:\Windows\system32\drivers\lgusbmodem.sys 2011-02-03 17:15:07 ----A---- C:\Windows\system32\drivers\lgusbdiag.sys 2011-02-03 17:15:07 ----A---- C:\Windows\system32\drivers\lgusbbus.sys 2011-02-03 17:15:06 ----D---- C:\Program Files\LG Electronics 2011-02-03 17:13:26 ----D---- C:\Program Files\LG PC Suite 2 2011-01-30 16:31:48 ----D---- C:\Users\kamil\AppData\Roaming\MPMAN 2011-01-29 09:36:11 ----D---- C:\Windows\TempAE2F5317-B912-ED87-AA44-48E9B7C3915A-Signatures 2011-01-29 09:35:01 ----D---- C:\Program Files\Microsoft Security Client 2011-01-25 19:01:06 ----A---- C:\Windows\system32\XAudio2_7.dll 2011-01-25 19:01:06 ----A---- C:\Windows\system32\XAPOFX1_5.dll 2011-01-25 19:01:06 ----A---- C:\Windows\system32\xactengine3_7.dll 2011-01-25 19:01:05 ----A---- C:\Windows\system32\D3DCompiler_43.dll 2011-01-25 19:01:04 ----A---- C:\Windows\system32\d3dx11_43.dll 2011-01-25 19:01:04 ----A---- C:\Windows\system32\d3dcsx_43.dll 2011-01-25 19:01:03 ----A---- C:\Windows\system32\D3DX9_43.dll 2011-01-25 19:01:03 ----A---- C:\Windows\system32\d3dx10_43.dll 2011-01-25 19:01:02 ----A---- C:\Windows\system32\XAudio2_6.dll 2011-01-25 19:01:02 ----A---- C:\Windows\system32\XAPOFX1_4.dll 2011-01-25 19:01:01 ----A---- C:\Windows\system32\xactengine3_6.dll 2011-01-25 19:01:01 ----A---- C:\Windows\system32\X3DAudio1_7.dll 2011-01-25 19:01:00 ----A---- C:\Windows\system32\XAudio2_5.dll 2011-01-25 19:01:00 ----A---- C:\Windows\system32\xactengine3_5.dll 2011-01-25 19:00:59 ----A---- C:\Windows\system32\D3DCompiler_42.dll 2011-01-25 19:00:58 ----A---- C:\Windows\system32\d3dx11_42.dll 2011-01-25 19:00:58 ----A---- C:\Windows\system32\d3dcsx_42.dll 2011-01-25 19:00:57 ----A---- C:\Windows\system32\D3DX9_42.dll 2011-01-25 19:00:57 ----A---- C:\Windows\system32\d3dx10_42.dll 2011-01-25 19:00:56 ----A---- C:\Windows\system32\d3dx10_41.dll 2011-01-25 19:00:56 ----A---- C:\Windows\system32\D3DCompiler_41.dll 2011-01-25 19:00:55 ----A---- C:\Windows\system32\D3DX9_41.dll 2011-01-25 19:00:54 ----A---- C:\Windows\system32\XAudio2_4.dll 2011-01-25 19:00:54 ----A---- C:\Windows\system32\XAPOFX1_3.dll 2011-01-25 19:00:54 ----A---- C:\Windows\system32\xactengine3_4.dll 2011-01-25 19:00:53 ----A---- C:\Windows\system32\X3DAudio1_6.dll 2011-01-25 19:00:53 ----A---- C:\Windows\system32\d3dx10_40.dll 2011-01-25 19:00:53 ----A---- C:\Windows\system32\D3DCompiler_40.dll 2011-01-25 19:00:49 ----A---- C:\Windows\system32\D3DX9_40.dll 2011-01-25 19:00:48 ----A---- C:\Windows\system32\XAudio2_3.dll 2011-01-25 19:00:48 ----A---- C:\Windows\system32\XAPOFX1_2.dll 2011-01-25 19:00:48 ----A---- C:\Windows\system32\xactengine3_3.dll 2011-01-25 19:00:48 ----A---- C:\Windows\system32\X3DAudio1_5.dll 2011-01-25 19:00:47 ----A---- C:\Windows\system32\XAudio2_2.dll 2011-01-25 19:00:47 ----A---- C:\Windows\system32\XAPOFX1_1.dll 2011-01-25 19:00:47 ----A---- C:\Windows\system32\xactengine3_2.dll 2011-01-25 19:00:46 ----A---- C:\Windows\system32\d3dx10_39.dll 2011-01-25 19:00:46 ----A---- C:\Windows\system32\D3DCompiler_39.dll 2011-01-25 19:00:45 ----A---- C:\Windows\system32\D3DX9_39.dll 2011-01-25 19:00:44 ----A---- C:\Windows\system32\XAudio2_1.dll 2011-01-25 19:00:44 ----A---- C:\Windows\system32\XAPOFX1_0.dll 2011-01-25 19:00:44 ----A---- C:\Windows\system32\xactengine3_1.dll 2011-01-25 19:00:44 ----A---- C:\Windows\system32\X3DAudio1_4.dll 2011-01-25 19:00:43 ----A---- C:\Windows\system32\d3dx10_38.dll 2011-01-25 19:00:43 ----A---- C:\Windows\system32\D3DCompiler_38.dll 2011-01-25 19:00:42 ----A---- C:\Windows\system32\XAudio2_0.dll 2011-01-25 19:00:42 ----A---- C:\Windows\system32\D3DX9_38.dll 2011-01-25 19:00:41 ----A---- C:\Windows\system32\xactengine3_0.dll 2011-01-25 19:00:41 ----A---- C:\Windows\system32\X3DAudio1_3.dll 2011-01-25 19:00:40 ----A---- C:\Windows\system32\d3dx10_37.dll 2011-01-25 19:00:40 ----A---- C:\Windows\system32\D3DCompiler_37.dll 2011-01-25 19:00:39 ----A---- C:\Windows\system32\D3DX9_37.dll 2011-01-25 19:00:38 ----A---- C:\Windows\system32\xactengine2_10.dll 2011-01-25 19:00:37 ----A---- C:\Windows\system32\d3dx10_36.dll 2011-01-25 19:00:37 ----A---- C:\Windows\system32\D3DCompiler_36.dll 2011-01-25 19:00:36 ----A---- C:\Windows\system32\xactengine2_9.dll 2011-01-25 19:00:36 ----A---- C:\Windows\system32\d3dx9_36.dll 2011-01-25 19:00:35 ----A---- C:\Windows\system32\d3dx10_35.dll 2011-01-25 19:00:35 ----A---- C:\Windows\system32\D3DCompiler_35.dll 2011-01-25 19:00:33 ----A---- C:\Windows\system32\xactengine2_8.dll 2011-01-25 19:00:33 ----A---- C:\Windows\system32\X3DAudio1_2.dll 2011-01-25 19:00:33 ----A---- C:\Windows\system32\d3dx9_35.dll 2011-01-25 19:00:32 ----A---- C:\Windows\system32\d3dx10_34.dll 2011-01-25 19:00:32 ----A---- C:\Windows\system32\D3DCompiler_34.dll 2011-01-25 19:00:31 ----A---- C:\Windows\system32\d3dx9_34.dll 2011-01-25 19:00:30 ----A---- C:\Windows\system32\xactengine2_7.dll 2011-01-25 19:00:28 ----A---- C:\Windows\system32\xactengine2_6.dll 2011-01-25 19:00:27 ----A---- C:\Windows\system32\xactengine2_5.dll 2011-01-25 19:00:27 ----A---- C:\Windows\system32\d3dx10.dll 2011-01-25 19:00:26 ----A---- C:\Windows\system32\d3dx9_32.dll 2011-01-25 19:00:25 ----A---- C:\Windows\system32\xactengine2_4.dll 2011-01-25 19:00:25 ----A---- C:\Windows\system32\x3daudio1_1.dll 2011-01-25 19:00:25 ----A---- C:\Windows\system32\d3dx9_31.dll 2011-01-25 19:00:24 ----A---- C:\Windows\system32\xinput1_2.dll 2011-01-25 19:00:24 ----A---- C:\Windows\system32\xactengine2_3.dll 2011-01-25 19:00:24 ----A---- C:\Windows\system32\xactengine2_2.dll 2011-01-25 19:00:23 ----A---- C:\Windows\system32\xinput1_1.dll 2011-01-25 19:00:23 ----A---- C:\Windows\system32\xactengine2_1.dll 2011-01-25 19:00:11 ----A---- C:\Windows\system32\xactengine2_0.dll 2011-01-25 19:00:11 ----A---- C:\Windows\system32\x3daudio1_0.dll 2011-01-25 19:00:11 ----A---- C:\Windows\system32\d3dx9_30.dll 2011-01-25 19:00:10 ----A---- C:\Windows\system32\d3dx9_29.dll 2011-01-25 19:00:09 ----A---- C:\Windows\system32\d3dx9_28.dll 2011-01-25 19:00:08 ----A---- C:\Windows\system32\d3dx9_27.dll 2011-01-25 19:00:08 ----A---- C:\Windows\system32\d3dx9_26.dll 2011-01-25 19:00:07 ----A---- C:\Windows\system32\d3dx9_25.dll 2011-01-25 19:00:06 ----A---- C:\Windows\system32\d3dx9_24.dll 2011-01-13 18:05:07 ----A---- C:\Windows\system32\xinput1_3.dll 2011-01-13 18:05:06 ----A---- C:\Windows\system32\d3dx10_33.dll 2011-01-13 18:05:06 ----A---- C:\Windows\system32\D3DCompiler_33.dll 2011-01-13 18:05:05 ----A---- C:\Windows\system32\d3dx9_33.dll 2011-01-13 18:04:55 ----D---- C:\Windows\system32\xlive 2011-01-12 21:50:49 ----A---- C:\Windows\system32\odbc32.dll 2011-01-12 21:49:42 ----A---- C:\Windows\system32\sdclt.exe ======List of files/folders modified in the last 1 months====== 2011-02-10 15:22:41 ----D---- C:\Windows\Prefetch 2011-02-10 15:22:32 ----D---- C:\Program Files\trend micro 2011-02-10 15:21:50 ----D---- C:\Windows\Temp 2011-02-10 14:44:27 ----SHD---- C:\System Volume Information 2011-02-10 14:40:55 ----D---- C:\Windows\system32\catroot2 2011-02-10 14:40:55 ----D---- C:\Windows\system32\catroot 2011-02-10 14:40:53 ----D---- C:\Windows\winsxs 2011-02-08 21:19:31 ----D---- C:\Windows\System32 2011-02-08 21:19:31 ----D---- C:\Windows\inf 2011-02-08 21:19:31 ----A---- C:\Windows\system32\PerfStringBackup.INI 2011-02-08 19:04:32 ----D---- C:\Users\kamil\AppData\Roaming\Skype 2011-02-08 19:01:09 ----D---- C:\Users\kamil\AppData\Roaming\skypePM 2011-02-08 18:49:06 ----SD---- C:\Windows\Downloaded Program Files 2011-02-08 18:49:06 ----RD---- C:\Program Files 2011-02-08 16:34:17 ----D---- C:\Windows\system32\drivers 2011-02-07 18:57:09 ----D---- C:\Windows\system32\WDI 2011-02-04 07:57:12 ----D---- C:\Windows 2011-02-03 17:15:04 ----HD---- C:\Program Files\InstallShield Installation Information 2011-01-30 16:35:03 ----SHD---- C:\Windows\Installer 2011-01-29 09:34:51 ----SD---- C:\ProgramData\Microsoft 2011-01-25 19:00:23 ----RSD---- C:\Windows\assembly 2011-01-22 03:01:21 ----D---- C:\Windows\system32\config 2011-01-22 03:01:17 ----D---- C:\Windows\WinClon 2011-01-22 03:01:17 ----D---- C:\Windows\VMC302 2011-01-22 03:01:17 ----D---- C:\Windows\Tasks 2011-01-22 03:01:17 ----D---- C:\Windows\system32\Tasks 2011-01-22 03:01:17 ----D---- C:\Windows\system32\spool 2011-01-22 03:01:17 ----D---- C:\Windows\system32\Msdtc 2011-01-22 03:01:17 ----D---- C:\Windows\system32\CodeIntegrity 2011-01-22 03:01:16 ----D---- C:\Windows\system32\wbem 2011-01-22 03:01:16 ----D---- C:\Windows\registration 2011-01-15 12:15:41 ----D---- C:\Windows\system32\LogFiles 2011-01-13 16:23:10 ----D---- C:\ProgramData\Microsoft Help ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2008-06-16 318488] R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-04-27 691696] R1 afw;Agnitum Firewall Driver; C:\Windows\system32\DRIVERS\afw.sys [2009-02-18 29208] R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2010-10-24 165264] R1 MpKsl7b52f076;MpKsl7b52f076; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{417BE5E3-82B8-488F-AD25-8EBA383DF5DB}\MpKsl7b52f076.sys [2011-02-10 28752] R1 SandBox;SandBox; \??\C:\Windows\system32\drivers\SandBox.sys [2009-04-06 704384] R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-09-25 278728] R2 KMDFMEMIO;SAMSUNG Kernel Driver; C:\Windows\system32\DRIVERS\kmdfmemio.sys [2007-05-23 13312] R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-09-25 25416] R3 afwcore;afwcore; C:\Windows\system32\drivers\afwcore.sys [2009-02-10 307224] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2007-09-13 755712] R3 HdAudAddService;Sterownik funkcji Microsoft 1.1 UAA dla usługi standardu High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-04-17 2098904] R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2010-10-24 43392] R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2010-10-24 54144] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-06-08 7522624] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-10-26 193456] R3 VMC302;Vimicro Camera Service VMC302; C:\Windows\System32\Drivers\VMC302.sys [2008-04-05 242560] R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2007-12-28 298496] S2 E4LOADER;General Purpose USB Driver (e4ldr.sys); C:\Windows\System32\Drivers\e4ldr.sys [2007-01-04 69656] S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888] S3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\Windows\system32\DRIVERS\bcm4sbxp.sys [2006-11-02 45056] S3 BthEnum;Sterownik Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-01-21 19456] S3 BthPan;Urządzenie Bluetooth (sieć osobista); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160] S3 BTHPORT;Sterownik portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2008-01-21 219648] S3 BTHUSB;Sterownik USB odbiornika radiowego Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2008-01-21 29184] S3 btwaudio;Urz1dzenie dYwiekowe Bluetooth; C:\Windows\system32\drivers\btwaudio.sys [2008-02-14 80424] S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2007-07-15 80936] S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-07-15 16168] S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632] S3 e4usbaw;USB ADSL2 WAN Adapter; C:\Windows\system32\DRIVERS\e4usbaw.sys [2007-01-04 104344] S3 EagleNT;EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys [] S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [] S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-10-19 1380864] S3 LLRING0;LLRING0; \??\D:\Gry\Zypher\zhypermu small r3\MuGuard\llck2.sys [] S3 MSKSSRV;Serwer proxy usługi Microsoft Streaming; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192] S3 MSPCLOCK;Serwer proxy zegara Microsoft Streaming; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888] S3 MSPQM;Serwer proxy menedżera jakości Microsoft Streaming; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504] S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016] S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2008-01-21 2225664] S3 RFCOMM;Urządzenie Bluetooth (Protokół TDI RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys [2008-02-21 50688] S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys [2007-07-11 12416] S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys [2007-07-11 19840] S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys [2007-07-11 21632] S3 usbvideo;Urządzenie wideo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328] S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656] S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616] S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 acssrv;Agnitum Client Security Service; C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe [2009-04-28 1195008] R2 BcmSqlStartupSvc;Usługa startowa serwera SQL dodatku Business Contact Manager; C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2009-02-25 30312] R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504] R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2008-05-23 819200] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-03-17 73728] R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2010-11-11 11736] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-06-08 196608] R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2010-05-31 66872] R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2010-05-31 107832] R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2008-05-23 466944] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2006-12-19 272024] R2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-11-24 239968] R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-24 87904] R3 NisSrv;@c:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 206360] S2 gupdate;Usługa Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-08-17 136176] S2 Samsung Update Plus;Samsung Update Plus; C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe [2008-05-13 77480] S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2009-05-27 29262680] S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2010-06-02 3594440] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2010-12-05 403240] S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-11-24 45408] -----------------EOF----------------- [/log]
Tomek01 komentarz 10 lutego 2011 komentarz 10 lutego 2011 Zastosuj [b][color=#0000CD][url=http://download.bleepingcomputer.com//sUBs/Flash_Disinfector.exe]Flash Disinfector[/url][/color][/b], najlepiej z podpiętym pendrive'm czy innymi pamięciami USB. W trybie awaryjnym w OTL, w oknie Custom scan/fixes wklej: [code]:OTL PRC - [2011-02-01 19:17:14 | 000,110,614 | ---- | M] () -- C:\Users\kamil\AppData\Local\inetserv.exeDRV - [2011-02-10 14:45:57 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{417BE5E3-82B8-488F-AD25-8EBA383DF5DB}\MpKsl7b52f076.sys -- (MpKsl7b52f076) O4 - HKU\S-1-5-21-23042342-2651542211-2932212354-1003..\Run: [inetserv] C:\Users\kamil\AppData\Local\inetserv.exe () O20 - HKU\S-1-5-21-23042342-2651542211-2932212354-1003 Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKU\S-1-5-21-23042342-2651542211-2932212354-1003 Winlogon: Shell - (C:\Users\kamil\AppData\Roaming\juzjf.exe) - C:\Users\kamil\AppData\Roaming\juzjf.exe (Google Inc.) O32 - AutoRun File - [2009-08-18 20:44:27 | 000,000,051 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ] O33 - MountPoints2\{b6843ec9-a094-11df-a8b2-001377f510d9}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\explore.exe O33 - MountPoints2\{e669bb7b-1639-11df-8b58-001377f510d9}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL H:\copy.exe :Files C:\Users\kamil\AppData\Roaming\juzjf.exe C:\Users\kamil\AppData\Local\Temp*.html C:\Windows\tasks\User_Feed_Synchronization-{3982A897-C764-48B3-90D3-5CE2FC2D8A19}.job C:\Users\kamil\AppData\Roaming\jbMhE16d0h.txt :Commands [emptytemp][/code] Klikasz run fix, komputer uruchamia się ponownie. Wrzuć log z usuwania oraz nowe logi: OTL i RSIT
hyper1pl komentarz 17 lutego 2011 Autor komentarz 17 lutego 2011 log z usuwania: [log]OTL logfile created on: 2011-02-17 09:36:00 - Run 4 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\kamil\Documents\52\otl Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19019) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 69,00% Memory free 4,00 Gb Paging File | 4,00 Gb Available in Paging File | 89,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 69,05 Gb Total Space | 8,35 Gb Free Space | 12,09% Space Free | Partition Type: NTFS Drive D: | 70,00 Gb Total Space | 15,31 Gb Free Space | 21,87% Space Free | Partition Type: NTFS Drive E: | 64,21 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive F: | 959,09 Mb Total Space | 651,86 Mb Free Space | 67,97% Space Free | Partition Type: FAT32 Computer Name: KAMIL-DOM | User Name: kamil | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2011-02-10 15:03:13 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\kamil\Documents\52\otl\OTL.exe PRC - [2010-12-10 22:00:19 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe PRC - [2010-12-10 22:00:17 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010-11-11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe PRC - [2009-06-15 13:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe PRC - [2009-04-11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe PRC - [2009-04-11 07:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe PRC - [2009-04-11 07:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe PRC - [2009-04-11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008-01-21 03:34:43 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe PRC - [2008-01-21 03:33:15 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe PRC - [2008-01-21 03:33:13 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] [color=#E56717]========== Modules (All) ==========[/color] MOD - [2011-02-10 15:03:13 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\kamil\Documents\52\otl\OTL.exe MOD - [2011-01-21 17:35:22 | 011,586,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll MOD - [2011-01-21 17:35:22 | 000,353,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll MOD - [2010-10-15 14:48:59 | 001,205,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll MOD - [2010-08-31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll MOD - [2010-06-28 18:00:21 | 001,316,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll MOD - [2010-04-16 17:46:48 | 000,502,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll MOD - [2009-07-17 14:54:43 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll MOD - [2009-06-15 15:53:43 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll MOD - [2009-06-15 15:52:42 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll MOD - [2009-04-23 13:15:07 | 000,784,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll MOD - [2009-04-11 07:28:25 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll MOD - [2009-04-11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll MOD - [2009-04-11 07:28:25 | 000,287,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll MOD - [2009-04-11 07:28:25 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll MOD - [2009-04-11 07:28:25 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll MOD - [2009-04-11 07:28:24 | 001,591,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll MOD - [2009-04-11 07:28:24 | 001,068,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll MOD - [2009-04-11 07:28:24 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll MOD - [2009-04-11 07:28:24 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll MOD - [2009-04-11 07:28:23 | 000,754,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll MOD - [2009-04-11 07:28:23 | 000,563,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll MOD - [2009-04-11 07:28:23 | 000,467,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netapi32.dll MOD - [2009-04-11 07:28:23 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll MOD - [2009-04-11 07:28:23 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll MOD - [2009-04-11 07:28:22 | 000,679,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll MOD - [2009-04-11 07:28:20 | 000,891,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll MOD - [2009-04-11 07:28:20 | 000,807,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll MOD - [2009-04-11 07:28:20 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll MOD - [2009-04-11 07:28:20 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll MOD - [2009-04-11 07:28:19 | 000,297,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll MOD - [2009-04-11 07:28:18 | 000,450,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll MOD - [2009-04-11 07:28:18 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authz.dll MOD - [2009-04-11 07:28:17 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll MOD - [2009-04-11 07:28:17 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll MOD - [2009-04-11 07:27:12 | 000,258,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv MOD - [2008-01-21 03:35:19 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll MOD - [2008-01-21 03:34:36 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ws2_32.dll MOD - [2008-01-21 03:34:35 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll MOD - [2008-01-21 03:34:21 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll MOD - [2008-01-21 03:34:21 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx MOD - [2008-01-21 03:34:07 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll MOD - [2008-01-21 03:34:05 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll MOD - [2008-01-21 03:33:14 | 000,240,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll MOD - [2006-11-02 10:46:12 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2010-12-05 13:12:40 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2010-11-11 12:26:42 | 000,206,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv) SRV - [2010-11-11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc) SRV - [2010-06-02 17:31:00 | 003,594,440 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc) SRV - [2009-04-28 10:06:06 | 001,195,008 | ---- | M] (Agnitum Ltd.) [Auto | Stopped] -- C:\Program Files\Agnitum\Outpost Firewall\acs.exe -- (acssrv) SRV - [2009-02-25 08:28:20 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc) SRV - [2008-05-23 06:11:56 | 000,819,200 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) SRV - [2008-05-23 05:43:52 | 000,466,944 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) SRV - [2008-05-13 00:47:20 | 000,077,480 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe -- (Samsung Update Plus) SRV - [2008-01-21 03:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011-02-16 22:06:40 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{22BD70D6-B9F4-465C-BD92-BA7D3DBE1E81}\MpKsl557c75e5.sys -- (MpKsl557c75e5) DRV - [2010-10-24 21:25:38 | 000,054,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv) DRV - [2010-10-24 21:25:38 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon) DRV - [2010-09-25 16:49:10 | 000,278,728 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt) DRV - [2010-09-25 16:49:10 | 000,025,416 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt) DRV - [2010-04-27 16:49:25 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2009-04-06 11:37:12 | 000,704,384 | ---- | M] (Agnitum Ltd.) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\SandBox.sys -- (SandBox) DRV - [2009-02-18 17:27:54 | 000,029,208 | ---- | M] (Agnitum Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\afw.sys -- (afw) DRV - [2009-02-10 16:12:48 | 000,307,224 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\afwcore.sys -- (afwcore) DRV - [2008-06-16 13:38:10 | 000,318,488 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor) DRV - [2008-06-08 23:23:00 | 007,522,624 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2008-04-17 08:31:00 | 002,098,904 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2008-04-05 06:56:26 | 000,242,560 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmc302.sys -- (VMC302) DRV - [2008-02-14 00:17:10 | 000,080,424 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio) DRV - [2008-01-21 03:32:53 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2008-01-21 03:32:53 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2008-01-21 03:32:52 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR) DRV - [2008-01-21 03:32:52 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2008-01-21 03:32:52 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2008-01-21 03:32:52 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2008-01-21 03:32:51 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2008-01-21 03:32:51 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2008-01-21 03:32:50 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2008-01-21 03:32:50 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R) DRV - [2008-01-21 03:32:50 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2008-01-21 03:32:49 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2008-01-21 03:32:49 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2008-01-21 03:32:49 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2008-01-21 03:32:49 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2008-01-21 03:32:49 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2008-01-21 03:32:48 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2008-01-21 03:32:48 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2008-01-21 03:32:47 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2008-01-21 03:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2008-01-21 03:32:46 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2008-01-21 03:32:45 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R) DRV - [2008-01-21 03:32:45 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2008-01-21 03:32:21 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2008-01-21 03:32:21 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2008-01-21 03:32:21 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2007-12-28 02:51:00 | 000,298,496 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh) DRV - [2007-10-26 06:39:08 | 000,193,456 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP) DRV - [2007-09-13 07:17:58 | 000,755,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2007-07-15 23:20:26 | 000,016,168 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwrchid.sys -- (btwrchid) DRV - [2007-07-15 23:20:24 | 000,080,936 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt) DRV - [2007-07-11 15:51:48 | 000,019,840 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag) DRV - [2007-07-11 10:45:00 | 000,021,632 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem) DRV - [2007-07-11 10:40:18 | 000,012,416 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus) DRV - [2007-05-23 09:13:10 | 000,013,312 | ---- | M] (SAMSUNG ELECTRONICS CO., LTD.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\KMDFMEMIO.sys -- (KMDFMEMIO) DRV - [2007-01-04 12:48:04 | 000,104,344 | ---- | M] (Analog Devices Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e4usbaw.sys -- (e4usbaw) DRV - [2007-01-04 12:47:48 | 000,069,656 | ---- | M] (Analog Deivces) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\e4ldr.sys -- (E4LOADER) General Purpose USB Driver (e4ldr.sys) DRV - [2006-11-28 08:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2006-11-02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006-11-02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006-11-02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006-11-02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006-11-02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006-11-02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006-11-02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006-11-02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006-11-02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006-11-02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006-11-02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006-11-02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006-11-02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006-11-02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006-11-02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006-11-02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006-11-02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006-11-02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006-11-02 08:30:53 | 000,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp) DRV - [2006-10-19 03:10:57 | 001,380,864 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\igdkmd32.sys -- (ialm) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com IE - HKU\S-1-5-21-23042342-2651542211-2932212354-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com IE - HKU\S-1-5-21-23042342-2651542211-2932212354-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKU\S-1-5-21-23042342-2651542211-2932212354-1003\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-23042342-2651542211-2932212354-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "google.pl" FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-12-10 22:00:21 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-12-10 22:00:21 | 000,000,000 | ---D | M] [2010-04-10 16:54:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kamil\AppData\Roaming\mozilla\Extensions [2011-02-16 22:20:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kamil\AppData\Roaming\mozilla\Firefox\Profiles\gmr2j1a9.default\extensions [2010-09-18 19:36:09 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\kamil\AppData\Roaming\mozilla\Firefox\Profiles\gmr2j1a9.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-12-29 00:12:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010-12-23 12:54:45 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2010-07-10 16:19:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010-07-10 16:18:34 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2010-09-12 13:23:09 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-09-12 13:23:09 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-09-12 13:23:09 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-09-12 13:23:10 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-09-12 13:23:10 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-09-12 13:23:10 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2006-09-18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe () O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [OutpostFeedBack] C:\Program Files\Agnitum\Outpost Firewall\feedback.exe (Agnitum Ltd.) O4 - HKLM..\Run: [OutpostMonitor] C:\Program Files\Agnitum\Outpost Firewall\op_mon.exe (Agnitum Ltd.) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-23042342-2651542211-2932212354-1003..\Run: [AlcoholAutomount] File not found O4 - HKU\S-1-5-21-23042342-2651542211-2932212354-1003..\Run: [inetserv] C:\Users\kamil\AppData\Local\inetserv.exe () O4 - HKU\S-1-5-21-23042342-2651542211-2932212354-1003..\Run: [Microsoft Security Essentials] C:\Users\kamil\AppData\Roaming\winlogon_105.exe () O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-23042342-2651542211-2932212354-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-23042342-2651542211-2932212354-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data] O7 - HKU\S-1-5-21-23042342-2651542211-2932212354-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36 O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O13 - gopher Prefix: missing O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 173.192.105.217 173.193.227.124 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - AppInit_DLLs: (c:\progra~1\agnitum\outpos~1\wl_hook.dll) - c:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Agnitum Ltd.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: TaskMan - (C:\Users\kamil\AppData\Roaming\juzjf.exe) - C:\Users\kamil\AppData\Roaming\juzjf.exe (Google Inc.) O20 - HKU\S-1-5-21-23042342-2651542211-2932212354-1003 Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKU\S-1-5-21-23042342-2651542211-2932212354-1003 Winlogon: Shell - (C:\Users\kamil\AppData\Roaming\juzjf.exe) - C:\Users\kamil\AppData\Roaming\juzjf.exe (Google Inc.) O24 - Desktop WallPaper: C:\Users\kamil\AppData\Roaming\Mozilla\Firefox\Tapeta pulpitu.bmp O24 - Desktop BackupWallPaper: C:\Users\kamil\AppData\Roaming\Mozilla\Firefox\Tapeta pulpitu.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2010-08-28 00:44:42 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010-08-28 00:44:42 | 000,000,000 | RHSD | M] - D:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2009-08-18 20:44:27 | 000,000,051 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ] O33 - MountPoints2\{b6843ec9-a094-11df-a8b2-001377f510d9}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\explore.exe O33 - MountPoints2\{e669bb7b-1639-11df-8b58-001377f510d9}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL H:\copy.exe O33 - MountPoints2\{fd9cf149-1d00-11de-95d8-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{fd9cf149-1d00-11de-95d8-806e6f6e6963}\Shell\AutoRun\command - "" = E:\PrawoJazdy.exe -- [2011-01-04 16:13:26 | 003,387,904 | R--- | M] () O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2011-02-16 08:46:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\eu-ES [2011-02-16 08:46:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\ca-ES [2011-02-16 08:46:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\vi-VN [2011-02-16 08:23:22 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders [2011-02-14 16:30:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Media Center Programs [2011-02-08 18:49:06 | 000,000,000 | ---D | C] -- C:\Program Files\SkanerOnline [2011-02-08 16:06:41 | 000,172,032 | RHS- | C] (Google Inc.) -- C:\Users\kamil\AppData\Roaming\juzjf.exe [2011-02-03 20:22:07 | 000,000,000 | -H-D | C] -- C:\LG3G [2011-02-03 20:19:41 | 000,000,000 | ---D | C] -- C:\lgupload [2011-02-03 17:21:19 | 000,000,000 | ---D | C] -- C:\Users\kamil\AppData\Roaming\LG Electronics [2011-02-03 17:15:06 | 000,000,000 | ---D | C] -- C:\Program Files\LG Electronics [2011-02-03 17:13:26 | 000,000,000 | ---D | C] -- C:\Program Files\LG PC Suite 2 [2011-02-03 17:13:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG PC Suite 2 [2011-01-30 16:35:08 | 000,000,000 | ---D | C] -- C:\Users\kamil\Documents\MP-Manager [2011-01-30 16:35:08 | 000,000,000 | ---D | C] -- C:\Users\kamil\Application Data [2011-01-30 16:34:37 | 000,000,000 | ---D | C] -- C:\Users\kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MP Manager [2011-01-30 16:31:48 | 000,000,000 | ---D | C] -- C:\Users\kamil\AppData\Roaming\MPMAN [2011-01-29 09:36:11 | 000,000,000 | ---D | C] -- C:\Windows\TempAE2F5317-B912-ED87-AA44-48E9B7C3915A-Signatures [2011-01-29 09:35:01 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client [2011-01-25 19:41:36 | 000,000,000 | ---D | C] -- C:\Users\kamil\Documents\Eidos [2011-01-25 18:45:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CAPCOM [2011-01-21 16:26:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra [2011-01-13 18:04:55 | 000,000,000 | ---D | C] -- C:\Windows\System32\xlive [2011-01-06 18:03:01 | 000,000,000 | ---D | C] -- C:\Users\kamil\AppData\Roaming\Thinstall [2011-01-04 18:45:38 | 000,000,000 | ---D | C] -- C:\Users\kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zegarmistrz [2011-01-04 18:45:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zegarmistrz [2010-12-23 17:55:10 | 000,000,000 | ---D | C] -- C:\Users\kamil\Documents\52 [2010-12-23 15:20:27 | 000,000,000 | ---D | C] -- C:\Users\kamil\AppData\Roaming\Tibia [2010-12-23 15:17:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tibia [2010-12-23 12:52:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2010-12-23 12:52:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2006-11-24 06:14:44 | 000,139,264 | ---- | C] ( ) -- C:\Windows\System32\MACSSDK_wiz.dll [2006-11-24 06:14:44 | 000,126,976 | ---- | C] ( ) -- C:\Windows\System32\MACSSDK.dll [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2011-02-17 09:38:29 | 000,709,878 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2011-02-17 09:38:29 | 000,635,376 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011-02-17 09:38:29 | 000,144,846 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2011-02-17 09:38:29 | 000,119,162 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011-02-17 09:17:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011-02-16 22:32:18 | 095,948,386 | ---- | M] () -- C:\Windows\MEMORY.DMP [2011-02-16 22:03:38 | 000,137,021 | ---- | M] () -- C:\ProgramData\nvModes.dat [2011-02-16 22:03:37 | 000,137,021 | ---- | M] () -- C:\ProgramData\nvModes.001 [2011-02-16 21:51:04 | 000,001,034 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011-02-16 21:29:44 | 000,001,030 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011-02-16 21:18:17 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011-02-16 21:18:17 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011-02-16 09:21:33 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2011-02-16 08:52:24 | 000,372,632 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011-02-16 08:06:01 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempnC2684.html [2011-02-16 08:06:01 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempon2684.html [2011-02-16 07:56:52 | 000,098,318 | ---- | M] () -- C:\Users\kamil\AppData\Roaming\eli_127.exe [2011-02-16 07:55:54 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{3982A897-C764-48B3-90D3-5CE2FC2D8A19}.job [2011-02-15 23:43:20 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempfA4004.html [2011-02-15 22:25:16 | 000,098,318 | ---- | M] () -- C:\Users\kamil\AppData\Roaming\eli_118.exe [2011-02-15 22:24:16 | 000,045,056 | RHS- | M] () -- C:\Users\kamil\AppData\Roaming\winlogon_105.exe [2011-02-08 20:08:05 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempTB3240.html [2011-02-08 20:08:05 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempyV3240.html [2011-02-08 16:47:42 | 000,000,680 | ---- | M] () -- C:\Users\kamil\AppData\Local\d3d9caps.dat [2011-02-07 19:05:24 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempja5624.html [2011-02-03 21:38:10 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempTD3572.html [2011-02-03 21:38:10 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempwF3572.html [2011-02-01 19:17:14 | 000,110,614 | ---- | M] () -- C:\Users\kamil\AppData\Local\inetserv.exe [2011-01-30 14:50:35 | 000,092,160 | ---- | M] () -- C:\Users\kamil\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-01-29 15:32:52 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempAL5364.html [2011-01-29 15:32:52 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempzw5364.html [2011-01-29 09:38:50 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif [2011-01-28 23:17:19 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempYt4272.html [2011-01-28 23:17:19 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempOe4272.html [2011-01-23 22:20:37 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempjD3568.html [2011-01-23 22:20:37 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempMi3568.html [2011-01-22 16:02:58 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempOM2392.html [2011-01-22 16:02:58 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempJS2392.html [2011-01-16 20:04:49 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempjN5168.html [2011-01-16 20:04:49 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Temppe5168.html [2011-01-14 23:24:53 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempND3380.html [2011-01-13 00:04:10 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempNQ3404.html [2011-01-12 19:44:26 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Templg3808.html [2011-01-12 19:44:26 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempOI3808.html [2011-01-12 16:50:39 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempcU3652.html [2011-01-12 16:50:39 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempRj3652.html [2011-01-11 17:58:21 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempFU1664.html [2011-01-11 17:58:21 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempPW1664.html [2011-01-10 18:26:09 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempeO1000.html [2011-01-09 21:07:48 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempGh1992.html [2011-01-09 21:07:48 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempwQ1992.html [2011-01-09 00:59:09 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempqy3528.html [2011-01-07 15:41:18 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempDLO284.html [2011-01-06 19:38:01 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempBi2584.html [2011-01-05 17:14:33 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempms1724.html [2011-01-04 16:29:52 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempUx5904.html [2011-01-04 16:29:52 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Temphb5904.html [2011-01-02 22:01:05 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempRI3908.html [2011-01-02 22:01:05 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempDy3908.html [2010-12-30 01:55:48 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TemplB1848.html [2010-12-30 01:55:48 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempnE1848.html [2010-12-27 22:43:31 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempgO2744.html [2010-12-27 14:32:35 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempHv2724.html [2010-12-27 14:32:35 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempSa2724.html [2010-12-27 01:32:48 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempLp2396.html [2010-12-27 01:32:48 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempNU2396.html [2010-12-26 02:21:40 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempto6032.html [2010-12-26 02:21:40 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempzb6032.html [2010-12-24 02:14:15 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempEW6004.html [2010-12-24 02:14:15 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempBp6004.html [2010-12-23 16:20:12 | 004,687,862 | ---- | M] () -- C:\Users\kamil\Documents\52 Debiec - Gniew.mp3 [2010-12-23 12:52:19 | 000,001,878 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2010-12-22 23:33:36 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Temphx2496.html [2010-12-22 23:33:36 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempYQ2496.html [2010-12-22 18:58:40 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempvy2588.html [2010-12-20 06:55:47 | 000,003,188 | ---- | M] () -- C:\Users\kamil\Documents\Artur Tomalaa.rtf [2010-12-19 22:16:47 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempmO3804.html [2010-12-19 22:16:47 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempWn3804.html [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-02-16 08:02:29 | 000,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf [2011-02-16 07:56:51 | 000,098,318 | ---- | C] () -- C:\Users\kamil\AppData\Roaming\eli_127.exe [2011-02-16 07:56:24 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempnC2684.html [2011-02-16 07:56:24 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempon2684.html [2011-02-15 22:45:35 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempfA4004.html [2011-02-15 22:25:13 | 000,098,318 | ---- | C] () -- C:\Users\kamil\AppData\Roaming\eli_118.exe [2011-02-15 22:25:08 | 000,045,056 | RHS- | C] () -- C:\Users\kamil\AppData\Roaming\winlogon_105.exe [2011-02-08 16:47:49 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempTB3240.html [2011-02-08 16:47:49 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempyV3240.html [2011-02-08 16:06:37 | 000,000,000 | -H-- | C] () -- C:\Users\kamil\AppData\Roaming\jbMhE16d0h.txt [2011-02-07 16:14:36 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempja5624.html [2011-02-03 17:05:35 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempTD3572.html [2011-02-03 17:05:35 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempwF3572.html [2011-02-01 19:17:14 | 000,110,614 | ---- | C] () -- C:\Users\kamil\AppData\Local\inetserv.exe [2011-01-29 12:40:37 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempAL5364.html [2011-01-29 12:40:37 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempzw5364.html [2011-01-29 09:38:50 | 000,001,912 | ---- | C] () -- C:\Windows\epplauncher.mif [2011-01-28 16:18:46 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempYt4272.html [2011-01-28 16:18:46 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempOe4272.html [2011-01-23 15:50:50 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempjD3568.html [2011-01-23 15:50:50 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempMi3568.html [2011-01-22 09:55:49 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempOM2392.html [2011-01-22 09:55:49 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempJS2392.html [2011-01-16 17:01:01 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempjN5168.html [2011-01-16 17:01:01 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Temppe5168.html [2011-01-14 21:56:19 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempND3380.html [2011-01-12 21:42:18 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempNQ3404.html [2011-01-12 19:24:05 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Templg3808.html [2011-01-12 19:24:05 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempOI3808.html [2011-01-12 16:10:25 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempcU3652.html [2011-01-12 16:10:25 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempRj3652.html [2011-01-11 17:50:10 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempFU1664.html [2011-01-11 17:50:10 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempPW1664.html [2011-01-10 17:26:40 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempeO1000.html [2011-01-09 13:42:26 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempGh1992.html [2011-01-09 13:42:26 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempwQ1992.html [2011-01-08 18:05:35 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempqy3528.html [2011-01-07 15:14:56 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempDLO284.html [2011-01-06 15:19:49 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempBi2584.html [2011-01-05 15:14:27 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempms1724.html [2011-01-04 15:57:38 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempUx5904.html [2011-01-04 15:57:38 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Temphb5904.html [2011-01-02 21:04:34 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempRI3908.html [2011-01-02 21:04:34 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempDy3908.html [2010-12-29 15:05:43 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TemplB1848.html [2010-12-29 15:05:43 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempnE1848.html [2010-12-29 00:12:28 | 000,001,878 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk [2010-12-27 20:27:45 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempgO2744.html [2010-12-27 13:50:14 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempHv2724.html [2010-12-27 13:50:14 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempSa2724.html [2010-12-26 22:02:40 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempLp2396.html [2010-12-26 22:02:40 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempNU2396.html [2010-12-25 21:00:34 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempto6032.html [2010-12-25 21:00:34 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempzb6032.html [2010-12-23 16:16:11 | 004,687,862 | ---- | C] () -- C:\Users\kamil\Documents\52 Debiec - Gniew.mp3 [2010-12-23 15:14:02 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempEW6004.html [2010-12-23 15:14:02 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempBp6004.html [2010-12-22 20:50:46 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Temphx2496.html [2010-12-22 20:50:46 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempYQ2496.html [2010-12-22 15:40:08 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempvy2588.html [2010-12-20 06:55:47 | 000,003,188 | ---- | C] () -- C:\Users\kamil\Documents\Artur Tomalaa.rtf [2010-12-19 19:32:56 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempmO3804.html [2010-12-19 19:32:56 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempWn3804.html [2010-12-18 16:58:38 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempPj1764.html [2010-12-11 21:34:46 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempiZ1716.html [2010-12-11 21:34:45 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempFx1716.html [2010-12-10 18:49:13 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempma5604.html [2010-12-10 18:49:13 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Templr5604.html [2010-12-09 18:45:41 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempwj5064.html [2010-12-09 18:45:41 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Templk5064.html [2010-12-08 17:30:29 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempXe4052.html [2010-12-08 17:30:29 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempGM4052.html [2010-12-07 16:59:17 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempLF3744.html [2010-12-06 16:21:56 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempqd2380.html [2010-12-06 16:21:56 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempmg2380.html [2010-12-05 12:25:20 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempCN2632.html [2010-12-05 12:25:20 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempdh2632.html [2010-12-05 01:38:07 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempNg3004.html [2010-12-04 13:07:31 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempzP5860.html [2010-12-03 18:14:22 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempoq4100.html [2010-12-03 18:14:22 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempgF4100.html [2010-12-03 15:04:37 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Temptm5244.html [2010-12-03 13:42:54 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempGM5904.html [2010-12-02 21:15:57 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempyd2448.html [2010-12-02 21:15:57 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempYw2448.html [2010-11-29 21:19:34 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempAo3916.html [2010-11-29 21:19:34 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempCB3916.html [2010-11-28 15:52:28 | 000,003,053 | ---- | C] () -- C:\Windows\ARX_RingPol100D.ini [2010-11-21 13:41:08 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TemplB3472.html [2010-11-21 13:41:08 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempbT3472.html [2010-11-19 16:04:14 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempvl3368.html [2010-11-19 16:04:14 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempTq3368.html [2010-11-15 13:04:21 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempOKc992.html [2010-11-15 13:04:21 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TemplwW992.html [2010-11-13 21:34:11 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempQo5968.html [2010-11-13 21:34:11 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempXu5968.html [2010-11-13 15:06:17 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempxm5296.html [2010-11-13 15:06:17 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempeT5296.html [2010-11-13 14:55:53 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempPi5296.html [2010-11-13 14:55:53 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempFs5296.html [2010-11-12 13:18:37 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempNE1856.html [2010-11-12 13:18:37 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempNL1856.html [2010-11-11 17:21:44 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempdF3772.html [2010-11-11 17:21:44 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempMR3772.html [2010-11-10 16:46:26 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempuG4180.html [2010-11-07 12:39:33 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempQh2884.html [2010-11-07 12:39:33 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Templo2884.html [2010-11-06 22:13:56 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempCa2288.html [2010-11-06 22:13:56 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempKN2288.html [2010-11-06 14:03:17 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempyY2656.html [2010-11-05 17:20:56 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempbp4012.html [2010-11-05 17:20:56 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempMq4012.html [2010-11-04 12:05:38 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempSf3852.html [2010-11-04 12:05:38 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempPF3852.html [2010-10-31 16:28:51 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempql5236.html [2010-10-31 16:28:51 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempep5236.html [2010-10-31 13:09:26 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempBt5980.html [2010-10-31 12:59:15 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempqB5308.html [2010-10-31 12:59:15 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempOB5308.html [2010-10-19 15:33:33 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempiH3396.html [2010-10-19 15:33:33 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempJV3396.html [2010-10-14 18:05:02 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempXp2552.html [2010-10-14 18:05:02 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempzI2552.html [2010-10-12 12:51:30 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempeF2884.html [2010-10-12 12:51:30 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempDN2884.html [2010-10-08 13:21:37 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TemplD1276.html [2010-10-08 13:21:37 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempsr1276.html [2010-10-04 13:54:25 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempUR1588.html [2010-10-04 13:54:25 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempru1588.html [2010-10-03 11:58:08 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempBB2360.html [2010-10-03 11:58:08 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempYC2360.html [2010-10-02 19:58:14 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempMtO304.html [2010-10-02 19:58:14 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempKPC304.html [2010-10-01 22:36:00 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempYY2608.html [2010-09-25 16:49:10 | 000,278,728 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys [2010-09-25 16:49:10 | 000,025,416 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys [2010-09-24 17:08:34 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempOw2044.html [2010-09-24 17:08:34 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempiK2044.html [2010-09-23 14:47:43 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempGt1832.html [2010-09-22 17:51:15 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempTu3460.html [2010-09-22 17:51:15 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempgm3460.html [2010-09-20 17:02:33 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempdL3572.html [2010-09-20 17:02:33 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempkn3572.html [2010-09-19 09:45:51 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempGT1476.html [2010-09-19 09:45:51 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TemplG1476.html [2010-09-18 16:23:09 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempWd5560.html [2010-09-18 16:23:09 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempaD5560.html [2010-09-18 11:45:44 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempEz2260.html [2010-09-17 18:49:34 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempaT1744.html [2010-09-12 19:28:59 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempyF4324.html [2010-09-12 19:28:59 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempxV4324.html [2010-09-12 13:25:50 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempaf4024.html [2010-09-12 13:25:50 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempUc4024.html [2010-09-11 13:45:01 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempxZB508.html [2010-09-11 13:45:01 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempcvr508.html [2010-09-10 18:55:05 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempdH2036.html [2010-09-02 18:22:11 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempfU5496.html [2010-09-02 18:22:11 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempWW5496.html [2010-09-02 16:44:18 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempJZ2264.html [2010-09-02 16:44:18 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempCv2264.html [2010-09-02 14:54:03 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempyM3488.html [2010-09-01 17:16:20 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempKp4024.html [2010-09-01 17:16:20 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempmw4024.html [2010-08-31 16:56:15 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TemppB3920.html [2010-08-31 16:56:15 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempsC3920.html [2010-08-30 16:20:11 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempHx5276.html [2010-08-30 16:20:11 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempfo5276.html [2010-08-29 11:53:58 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempha2992.html [2010-08-29 11:53:58 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempeU2992.html [2010-08-28 10:24:38 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2010-08-28 10:13:14 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempww1700.html [2010-08-28 10:13:14 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempLf1700.html [2010-08-27 22:56:29 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempUD4940.html [2010-08-27 22:56:29 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempod4940.html [2010-08-03 15:20:29 | 000,000,680 | ---- | C] () -- C:\Users\kamil\AppData\Local\d3d9caps.dat [2010-07-09 20:04:40 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll [2010-06-28 09:40:02 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempwV1564.html [2010-06-28 09:40:02 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempyC1564.html [2010-06-28 08:52:51 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TemppM3176.html [2010-05-31 16:47:42 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2010-05-31 16:47:42 | 000,022,328 | ---- | C] () -- C:\Users\kamil\AppData\Roaming\PnkBstrK.sys [2010-05-18 15:48:30 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll [2010-05-18 15:48:30 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll [2010-05-18 15:48:30 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll [2010-04-24 12:56:50 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempYg3044.html [2010-04-23 19:28:00 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Temppy1876.html [2010-04-23 19:28:00 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempEY1876.html [2010-04-20 10:26:23 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempLW3776.html [2010-04-20 10:26:23 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Templd3776.html [2010-04-18 19:08:03 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempqv2896.html [2010-04-18 19:08:03 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempkK2896.html [2010-04-18 10:26:35 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempdk2792.html [2010-04-18 10:26:35 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempZh2792.html [2010-04-17 16:35:08 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempJH3920.html [2010-04-17 16:35:08 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempuz3920.html [2010-04-17 08:52:07 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempXK2252.html [2010-04-16 18:24:53 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempqgU376.html [2010-04-16 18:24:53 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempvBC376.html [2010-04-16 15:36:09 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempgR4068.html [2010-04-13 18:51:04 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempoR3468.html [2010-04-13 18:51:04 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempSP3468.html [2010-04-12 15:11:00 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempXQ2732.html [2010-04-12 15:11:00 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempxv2732.html [2010-04-11 18:42:23 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempEZ2156.html [2010-04-11 18:42:23 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempfu2156.html [2010-04-11 09:09:31 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempAZ2624.html [2010-04-11 09:09:31 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Templn2624.html [2010-04-10 21:03:24 | 000,092,160 | ---- | C] () -- C:\Users\kamil\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-04-10 17:49:16 | 000,000,169 | ---- | C] () -- C:\Windows\adidsl.ini [2010-04-10 17:49:16 | 000,000,021 | ---- | C] () -- C:\Windows\Fast800.ini [2010-04-10 17:48:14 | 000,000,990 | ---- | C] () -- C:\Windows\adiras.ini [2010-04-10 17:48:10 | 000,046,892 | ---- | C] () -- C:\Windows\System32\ADADIX16.DLL [2010-04-10 17:07:10 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempHh2412.html [2010-04-10 17:07:10 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempKy2412.html [2010-04-10 17:06:26 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010-02-10 13:03:16 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll [2008-07-25 12:51:28 | 000,000,684 | ---- | C] () -- C:\Windows\HotFixList.ini [2008-07-25 12:38:07 | 000,137,021 | ---- | C] () -- C:\ProgramData\nvModes.001 [2008-07-25 12:37:47 | 000,137,021 | ---- | C] () -- C:\ProgramData\nvModes.dat [2008-07-25 12:19:47 | 000,000,135 | R--- | C] () -- C:\Windows\System32\lngEng.ini [2008-07-25 12:19:47 | 000,000,117 | ---- | C] () -- C:\Windows\System32\lngKor.ini [2008-07-25 10:38:24 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2007-10-12 23:20:06 | 000,151,417 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2007-07-23 08:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll [2007-07-23 08:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll [2007-07-23 08:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll [2007-07-23 08:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll [2007-07-23 08:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll [2007-07-23 08:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll [2007-07-23 08:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll [2007-07-23 08:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll [2007-07-23 08:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll [2007-02-15 08:51:02 | 000,274,432 | ---- | C] () -- C:\Windows\System32\NDADLL.dll [2006-11-29 09:00:28 | 000,307,200 | ---- | C] () -- C:\Windows\System32\LDBGenWizView.dll [2006-11-02 11:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll [2006-11-02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006-10-09 02:01:28 | 000,061,440 | ---- | C] () -- C:\Windows\System32\AVSAudioWideStereoDMO.dll [2001-11-14 04:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll [color=#E56717]========== LOP Check ==========[/color] [2010-04-27 16:54:19 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\DAEMON Tools Lite [2010-04-24 10:07:41 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\fretsonfire [2010-11-13 15:06:16 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\Gadu-Gadu 10 [2010-07-12 12:24:19 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\GetRightToGo [2010-08-31 17:01:59 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\gtk-2.0 [2010-04-10 17:03:59 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\ipla [2011-02-03 17:21:19 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\LG Electronics [2011-01-30 16:31:48 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\MPMAN [2010-07-13 20:07:15 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\OpenFM [2010-08-30 21:52:13 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\PhotoFiltre [2010-09-13 17:00:29 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\runic games [2010-04-25 09:32:47 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\Sudeki [2011-01-06 18:03:01 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\Thinstall [2010-12-31 06:25:27 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\Tibia [2010-11-19 17:44:05 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\TS3Client [2010-08-29 12:52:02 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\uTorrent [2011-02-16 09:21:33 | 000,032,592 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2011-02-16 07:55:54 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{3982A897-C764-48B3-90D3-5CE2FC2D8A19}.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< :OTL >[/color] [color=#A23BEC]< PRC - [2011-02-01 19:17:14 | 000,110,614 | ---- | M] () -- C:\Users\kamil\AppData\Local\inetserv.exeDRV - [2011-02-10 14:45:57 | 000,028,752 | ---- | M] (Microsoft Corporation) >[/color] [color=#A23BEC]< [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{417BE5E3-82B8-488F-AD25-8EBA383DF5DB}\MpKsl7b52f076.sys -- (MpKsl7b52f076) >[/color] [color=#A23BEC]< O4 - HKU\S-1-5-21-23042342-2651542211-2932212354-1003..\Run: [inetserv] C:\Users\kamil\AppData\Local\inetserv.exe () >[/color] [color=#A23BEC]< O20 - HKU\S-1-5-21-23042342-2651542211-2932212354-1003 Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) >[/color] [color=#A23BEC]< O20 - HKU\S-1-5-21-23042342-2651542211-2932212354-1003 Winlogon: Shell - (C:\Users\kamil\AppData\Roaming\juzjf.exe) - C:\Users\kamil\AppData\Roaming\juzjf.exe (Google Inc.) >[/color] [color=#A23BEC]< O32 - AutoRun File - [2009-08-18 20:44:27 | 000,000,051 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ] >[/color] [color=#A23BEC]< O33 - MountPoints2\{b6843ec9-a094-11df-a8b2-001377f510d9}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\explore.exe >[/color] [color=#A23BEC]< O33 - MountPoints2\{e669bb7b-1639-11df-8b58-001377f510d9}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL H:\copy.exe >[/color] [color=#A23BEC]< >[/color] [color=#A23BEC]< :Files >[/color] [color=#A23BEC]< C:\Users\kamil\AppData\Roaming\juzjf.exe >[/color] [2011-02-08 16:06:29 | 000,172,032 | RHS- | M] (Google Inc.) -- C:\Users\kamil\AppData\Roaming\juzjf.exe [color=#A23BEC]< C:\Users\kamil\AppData\Local\Temp*.html >[/color] [2010-09-19 01:51:11 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempaD5560.html [2010-09-12 16:13:12 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempaf4024.html [2011-01-29 15:32:52 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempAL5364.html [2010-11-29 22:31:01 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempAo3916.html [2010-09-17 23:38:31 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempaT1744.html [2010-04-11 11:25:14 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempAZ2624.html [2010-10-03 17:13:08 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempBB2360.html [2011-01-06 19:38:01 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempBi2584.html [2010-11-05 20:27:20 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempbp4012.html [2010-12-24 02:14:15 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempBp6004.html [2010-11-21 21:00:45 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempbT3472.html [2010-10-31 15:06:33 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempBt5980.html [2010-11-06 23:45:05 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempCa2288.html [2010-11-29 22:31:01 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempCB3916.html [2010-12-05 14:12:34 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempCN2632.html [2011-01-12 16:50:39 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempcU3652.html [2010-09-02 16:57:22 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempCv2264.html [2010-09-12 01:03:21 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempcvr508.html [2010-11-11 20:43:49 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempdF3772.html [2010-09-10 19:03:19 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempdH2036.html [2010-12-05 14:12:34 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempdh2632.html [2010-04-18 10:31:15 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempdk2792.html [2010-09-20 20:05:06 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempdL3572.html [2011-01-07 15:41:18 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempDLO284.html [2010-10-13 01:56:09 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempDN2884.html [2011-01-02 22:01:05 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempDy3908.html [2010-10-13 01:56:09 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempeF2884.html [2011-01-10 18:26:09 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempeO1000.html [2010-10-31 19:24:18 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempep5236.html [2010-11-13 15:06:17 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempeT5296.html [2010-08-29 22:19:38 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempeU2992.html [2010-12-24 02:14:15 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempEW6004.html [2010-04-24 02:04:26 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempEY1876.html [2010-04-11 21:05:04 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempEZ2156.html [2010-09-18 14:35:00 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempEz2260.html [2011-02-15 23:43:20 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempfA4004.html [2010-08-31 00:44:40 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempfo5276.html [2010-11-13 14:55:53 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempFs5296.html [2011-01-11 17:58:21 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempFU1664.html [2010-04-11 21:05:04 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempfu2156.html [2010-09-02 20:03:15 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempfU5496.html [2010-12-12 01:11:10 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempFx1716.html [2010-12-03 18:14:22 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempgF4100.html [2011-01-09 21:07:48 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempGh1992.html [2010-09-22 20:31:35 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempgm3460.html [2010-12-08 21:38:27 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempGM4052.html [2010-12-03 13:43:48 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempGM5904.html [2010-12-27 22:43:31 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempgO2744.html [2010-04-16 15:42:43 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempgR4068.html [2010-09-19 19:22:34 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempGT1476.html [2010-09-23 19:56:10 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempGt1832.html [2010-08-29 22:19:38 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempha2992.html [2011-01-04 16:29:52 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Temphb5904.html [2010-04-11 00:52:41 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempHh2412.html [2010-12-27 14:32:35 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempHv2724.html [2010-12-22 23:33:36 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Temphx2496.html [2010-08-31 00:44:40 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempHx5276.html [2010-10-19 16:41:42 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempiH3396.html [2010-09-24 19:58:54 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempiK2044.html [2010-12-12 01:11:10 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempiZ1716.html [2011-02-07 19:05:24 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempja5624.html [2011-01-23 22:20:37 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempjD3568.html [2010-04-18 02:05:41 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempJH3920.html [2011-01-16 20:04:49 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempjN5168.html [2011-01-22 16:02:58 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempJS2392.html [2010-10-19 16:41:40 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempJV3396.html [2010-09-02 16:57:22 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempJZ2264.html [2010-04-18 22:55:45 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempkK2896.html [2010-11-06 23:45:05 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempKN2288.html [2010-09-20 20:05:06 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempkn3572.html [2010-09-01 21:00:22 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempKp4024.html [2010-10-03 01:09:22 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempKPC304.html [2010-04-11 00:52:41 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempKy2412.html [2010-12-30 01:55:48 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TemplB1848.html [2010-11-21 21:00:45 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TemplB3472.html [2010-10-08 15:10:04 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TemplD1276.html [2010-04-20 12:46:25 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Templd3776.html [2010-08-29 02:08:58 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempLf1700.html [2010-12-07 19:27:09 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempLF3744.html [2010-09-19 19:22:34 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TemplG1476.html [2011-01-12 19:44:26 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Templg3808.html [2010-12-09 20:41:58 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Templk5064.html [2010-04-11 11:25:14 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Templn2624.html [2010-11-07 20:59:29 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Templo2884.html [2010-12-27 01:32:48 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempLp2396.html [2010-12-11 01:17:12 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Templr5604.html [2010-04-20 12:46:25 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempLW3776.html [2010-11-15 15:37:37 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TemplwW992.html [2010-12-11 01:17:12 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempma5604.html [2010-12-06 21:09:23 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempmg2380.html [2011-01-23 22:20:37 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempMi3568.html [2010-12-19 22:16:47 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempmO3804.html [2010-11-05 20:27:20 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempMq4012.html [2010-11-11 20:43:49 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempMR3772.html [2011-01-05 17:14:33 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempms1724.html [2010-10-03 01:09:22 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempMtO304.html [2010-09-01 21:00:22 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempmw4024.html [2011-02-16 08:06:01 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempnC2684.html [2011-01-14 23:24:53 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempND3380.html [2010-12-30 01:55:48 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempnE1848.html [2010-11-12 14:18:04 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempNE1856.html [2010-12-05 01:39:52 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempNg3004.html [2010-11-12 14:18:04 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempNL1856.html [2011-01-13 00:04:10 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempNQ3404.html [2010-12-27 01:32:48 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempNU2396.html [2010-10-31 13:02:20 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempOB5308.html [2010-08-28 00:48:25 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempod4940.html [2011-01-28 23:17:19 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempOe4272.html [2011-01-12 19:44:26 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempOI3808.html [2010-11-15 15:37:37 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempOKc992.html [2011-01-22 16:02:58 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempOM2392.html [2011-02-16 08:06:01 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempon2684.html [2010-12-03 18:14:22 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempoq4100.html [2010-04-13 19:15:04 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempoR3468.html [2010-09-24 19:58:54 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempOw2044.html [2010-08-31 22:08:49 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TemppB3920.html [2011-01-16 20:04:49 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Temppe5168.html [2010-11-04 14:06:23 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempPF3852.html [2010-11-13 14:55:53 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempPi5296.html [2010-12-19 01:15:43 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempPj1764.html [2010-06-28 08:53:48 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TemppM3176.html [2011-01-11 17:58:21 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempPW1664.html [2010-04-24 02:04:26 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Temppy1876.html [2010-10-31 13:02:20 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempqB5308.html [2010-12-06 21:09:23 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempqd2380.html [2010-04-17 01:26:56 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempqgU376.html [2010-11-07 20:59:29 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempQh2884.html [2010-10-31 19:24:18 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempql5236.html [2010-11-13 21:59:30 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempQo5968.html [2010-04-18 22:55:45 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempqv2896.html [2011-01-09 00:59:09 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempqy3528.html [2011-01-02 22:01:05 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempRI3908.html [2011-01-12 16:50:39 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempRj3652.html [2010-10-04 14:10:06 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempru1588.html [2010-12-27 14:32:35 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempSa2724.html [2010-08-31 22:08:49 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempsC3920.html [2010-11-04 14:06:23 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempSf3852.html [2010-04-13 19:15:04 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempSP3468.html [2010-10-08 15:10:04 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempsr1276.html [2011-02-08 20:08:05 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempTB3240.html [2011-02-03 21:38:10 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempTD3572.html [2010-12-03 16:20:07 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Temptm5244.html [2010-12-26 02:21:40 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempto6032.html [2010-11-20 02:11:03 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempTq3368.html [2010-09-22 20:31:35 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempTu3460.html [2010-09-12 16:13:12 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempUc4024.html [2010-08-28 00:48:25 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempUD4940.html [2010-11-11 01:20:37 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempuG4180.html [2010-10-04 14:10:06 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempUR1588.html [2011-01-04 16:29:52 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempUx5904.html [2010-04-18 02:05:41 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempuz3920.html [2010-04-17 01:26:56 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempvBC376.html [2010-11-20 02:11:03 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempvl3368.html [2010-12-22 18:58:40 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempvy2588.html [2010-09-19 01:51:11 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempWd5560.html [2011-02-03 21:38:10 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempwF3572.html [2010-12-09 20:41:58 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempwj5064.html [2010-12-19 22:16:47 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempWn3804.html [2011-01-09 21:07:48 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempwQ1992.html [2010-06-28 20:23:17 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempwV1564.html [2010-08-29 02:08:58 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempww1700.html [2010-09-02 20:03:15 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempWW5496.html [2010-12-08 21:38:27 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempXe4052.html [2010-04-17 13:33:00 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempXK2252.html [2010-11-13 15:06:17 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempxm5296.html [2010-10-14 19:25:14 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempXp2552.html [2010-04-12 16:55:09 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempXQ2732.html [2010-11-13 21:59:30 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempXu5968.html [2010-04-12 16:55:09 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempxv2732.html [2010-09-12 20:12:15 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempxV4324.html [2010-09-12 01:03:21 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempxZB508.html [2010-06-28 20:23:17 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempyC1564.html [2010-10-03 17:13:08 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempYC2360.html [2010-12-02 23:15:01 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempyd2448.html [2010-09-12 20:12:15 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempyF4324.html [2010-04-24 12:57:20 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempYg3044.html [2010-09-02 15:45:00 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempyM3488.html [2010-12-22 23:33:36 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempYQ2496.html [2011-01-28 23:17:19 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempYt4272.html [2011-02-08 20:08:05 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempyV3240.html [2010-12-02 23:15:01 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempYw2448.html [2010-10-01 23:14:51 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempYY2608.html [2010-11-06 16:15:31 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempyY2656.html [2010-12-26 02:21:40 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempzb6032.html [2010-04-18 10:31:15 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempZh2792.html [2010-10-14 19:25:14 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempzI2552.html [2010-12-04 14:56:27 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempzP5860.html [2011-01-29 15:32:52 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempzw5364.html [color=#A23BEC]< C:\Windows\tasks\User_Feed_Synchronization-{3982A897-C764-48B3-90D3-5CE2FC2D8A19}.job >[/color] [2011-02-16 07:55:54 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{3982A897-C764-48B3-90D3-5CE2FC2D8A19}.job [color=#A23BEC]< C:\Users\kamil\AppData\Roaming\jbMhE16d0h.txt >[/color] [2011-02-08 16:06:37 | 000,000,000 | -H-- | M] () -- C:\Users\kamil\AppData\Roaming\jbMhE16d0h.txt [color=#A23BEC]< >[/color] [color=#A23BEC]< :Commands >[/color] [color=#A23BEC]< [emptytemp] >[/color] < End of report > [/log] OTL: [log]OTL logfile created on: 2011-02-17 09:56:13 - Run 4 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\kamil\Documents\52\otl Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19019) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 41,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 68,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 69,05 Gb Total Space | 5,80 Gb Free Space | 8,41% Space Free | Partition Type: NTFS Drive D: | 70,00 Gb Total Space | 15,31 Gb Free Space | 21,87% Space Free | Partition Type: NTFS Drive E: | 64,21 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive F: | 959,09 Mb Total Space | 651,86 Mb Free Space | 67,97% Space Free | Partition Type: FAT32 Computer Name: KAMIL-DOM | User Name: kamil | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2011-02-10 15:03:13 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\kamil\Documents\52\otl\OTL.exe PRC - [2011-02-01 19:17:14 | 000,110,614 | ---- | M] () -- C:\Users\kamil\AppData\Local\inetserv.exe PRC - [2010-12-10 22:00:19 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe PRC - [2010-12-10 22:00:17 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010-11-30 13:20:36 | 000,997,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe PRC - [2010-11-11 12:26:42 | 000,226,984 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe PRC - [2010-11-11 12:26:42 | 000,206,360 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe PRC - [2010-11-11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe PRC - [2010-11-04 17:34:06 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe PRC - [2010-09-13 14:56:02 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmplayer.exe PRC - [2010-08-17 15:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe PRC - [2010-05-31 16:47:31 | 000,107,832 | ---- | M] () -- C:\Windows\System32\PnkBstrB.exe PRC - [2010-05-31 16:47:24 | 000,066,872 | ---- | M] () -- C:\Windows\System32\PnkBstrA.exe PRC - [2009-08-07 03:24:04 | 000,053,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuauclt.exe PRC - [2009-06-15 13:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe PRC - [2009-04-11 07:28:15 | 000,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe PRC - [2009-04-11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe PRC - [2009-04-11 07:28:07 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\servicing\TrustedInstaller.exe PRC - [2009-04-11 07:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe PRC - [2009-04-11 07:27:59 | 000,441,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe PRC - [2009-04-11 07:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe PRC - [2009-04-11 07:27:59 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchProtocolHost.exe PRC - [2009-04-11 07:27:58 | 000,087,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchFilterHost.exe PRC - [2009-04-11 07:27:49 | 003,408,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe PRC - [2009-04-11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009-04-11 07:27:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe PRC - [2009-03-30 05:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe PRC - [2009-02-25 08:28:20 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe PRC - [2008-11-24 21:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe PRC - [2008-11-24 21:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe PRC - [2008-06-08 23:23:00 | 000,196,608 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe PRC - [2008-05-23 06:11:56 | 000,819,200 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe PRC - [2008-05-23 05:43:52 | 000,466,944 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe PRC - [2008-05-22 09:33:54 | 000,688,128 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe PRC - [2008-05-13 01:13:28 | 000,085,672 | ---- | M] () -- C:\Program Files\Samsung\Samsung Update Plus\SLUTrayNotifier.exe PRC - [2008-04-25 13:31:34 | 000,565,248 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe PRC - [2008-04-17 07:26:46 | 000,352,256 | ---- | M] (SAMSUNG Electronics co., LTD.) -- C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe PRC - [2008-04-17 03:50:00 | 006,111,232 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe PRC - [2008-03-17 10:07:02 | 000,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe PRC - [2008-01-21 03:35:20 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe PRC - [2008-01-21 03:35:20 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe PRC - [2008-01-21 03:34:48 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exe PRC - [2008-01-21 03:34:43 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe PRC - [2008-01-21 03:33:15 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe PRC - [2008-01-21 03:33:13 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:32:59 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mobsync.exe PRC - [2007-10-26 06:39:14 | 000,095,528 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe PRC - [2007-10-26 06:39:04 | 001,029,416 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe PRC - [2007-07-04 23:41:42 | 000,045,056 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe PRC - [2006-12-19 14:23:38 | 000,272,024 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe PRC - [2006-11-02 10:45:37 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rundll32.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2011-02-10 15:03:13 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\kamil\Documents\52\otl\OTL.exe MOD - [2011-01-21 17:35:22 | 011,586,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll MOD - [2011-01-21 17:35:22 | 000,353,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll MOD - [2010-10-15 14:48:59 | 001,205,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll MOD - [2010-08-31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll MOD - [2010-06-28 18:00:21 | 001,316,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll MOD - [2010-04-16 17:46:48 | 000,502,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll MOD - [2009-07-17 14:54:43 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll MOD - [2009-06-15 15:53:43 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll MOD - [2009-06-15 15:52:42 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll MOD - [2009-04-28 10:05:56 | 000,715,264 | ---- | M] (Agnitum Ltd.) -- c:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll MOD - [2009-04-23 13:15:07 | 000,784,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll MOD - [2009-04-11 07:28:25 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll MOD - [2009-04-11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll MOD - [2009-04-11 07:28:25 | 000,287,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll MOD - [2009-04-11 07:28:25 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll MOD - [2009-04-11 07:28:25 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll MOD - [2009-04-11 07:28:24 | 001,591,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll MOD - [2009-04-11 07:28:24 | 001,068,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll MOD - [2009-04-11 07:28:24 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll MOD - [2009-04-11 07:28:24 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll MOD - [2009-04-11 07:28:23 | 000,754,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll MOD - [2009-04-11 07:28:23 | 000,563,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll MOD - [2009-04-11 07:28:23 | 000,467,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netapi32.dll MOD - [2009-04-11 07:28:23 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll MOD - [2009-04-11 07:28:23 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll MOD - [2009-04-11 07:28:22 | 000,679,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll MOD - [2009-04-11 07:28:20 | 000,891,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll MOD - [2009-04-11 07:28:20 | 000,807,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll MOD - [2009-04-11 07:28:20 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll MOD - [2009-04-11 07:28:20 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll MOD - [2009-04-11 07:28:19 | 000,297,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll MOD - [2009-04-11 07:28:18 | 000,450,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll MOD - [2009-04-11 07:28:18 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authz.dll MOD - [2009-04-11 07:28:17 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll MOD - [2009-04-11 07:28:17 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll MOD - [2009-04-11 07:27:12 | 000,258,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv MOD - [2008-01-21 03:35:19 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll MOD - [2008-01-21 03:34:36 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ws2_32.dll MOD - [2008-01-21 03:34:35 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll MOD - [2008-01-21 03:34:21 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll MOD - [2008-01-21 03:34:21 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx MOD - [2008-01-21 03:34:07 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll MOD - [2008-01-21 03:34:05 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll MOD - [2008-01-21 03:33:14 | 000,240,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll MOD - [2006-11-02 10:46:12 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2010-12-05 13:12:40 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2010-11-11 12:26:42 | 000,206,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv) SRV - [2010-11-11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc) SRV - [2010-06-02 17:31:00 | 003,594,440 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc) SRV - [2009-04-28 10:06:06 | 001,195,008 | ---- | M] (Agnitum Ltd.) [Auto | Running] -- C:\Program Files\Agnitum\Outpost Firewall\acs.exe -- (acssrv) SRV - [2009-02-25 08:28:20 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc) SRV - [2008-05-23 06:11:56 | 000,819,200 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) SRV - [2008-05-23 05:43:52 | 000,466,944 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) SRV - [2008-05-13 00:47:20 | 000,077,480 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe -- (Samsung Update Plus) SRV - [2008-01-21 03:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011-02-17 09:45:30 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{22BD70D6-B9F4-465C-BD92-BA7D3DBE1E81}\MpKsl7c08295e.sys -- (MpKsl7c08295e) DRV - [2010-10-24 21:25:38 | 000,054,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv) DRV - [2010-10-24 21:25:38 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon) DRV - [2010-09-25 16:49:10 | 000,278,728 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt) DRV - [2010-09-25 16:49:10 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt) DRV - [2010-04-27 16:49:25 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2009-04-06 11:37:12 | 000,704,384 | ---- | M] (Agnitum Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\SandBox.sys -- (SandBox) DRV - [2009-02-18 17:27:54 | 000,029,208 | ---- | M] (Agnitum Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\afw.sys -- (afw) DRV - [2009-02-10 16:12:48 | 000,307,224 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afwcore.sys -- (afwcore) DRV - [2008-06-16 13:38:10 | 000,318,488 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor) DRV - [2008-06-08 23:23:00 | 007,522,624 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2008-04-17 08:31:00 | 002,098,904 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2008-04-05 06:56:26 | 000,242,560 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vmc302.sys -- (VMC302) DRV - [2008-02-14 00:17:10 | 000,080,424 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio) DRV - [2008-01-21 03:32:53 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2008-01-21 03:32:53 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2008-01-21 03:32:52 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR) DRV - [2008-01-21 03:32:52 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2008-01-21 03:32:52 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2008-01-21 03:32:52 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2008-01-21 03:32:51 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2008-01-21 03:32:51 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2008-01-21 03:32:50 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2008-01-21 03:32:50 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R) DRV - [2008-01-21 03:32:50 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2008-01-21 03:32:49 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2008-01-21 03:32:49 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2008-01-21 03:32:49 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2008-01-21 03:32:49 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2008-01-21 03:32:49 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2008-01-21 03:32:48 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2008-01-21 03:32:48 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2008-01-21 03:32:47 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2008-01-21 03:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2008-01-21 03:32:46 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2008-01-21 03:32:45 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R) DRV - [2008-01-21 03:32:45 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2008-01-21 03:32:21 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2008-01-21 03:32:21 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2008-01-21 03:32:21 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2007-12-28 02:51:00 | 000,298,496 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh) DRV - [2007-10-26 06:39:08 | 000,193,456 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP) DRV - [2007-09-13 07:17:58 | 000,755,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2007-07-15 23:20:26 | 000,016,168 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwrchid.sys -- (btwrchid) DRV - [2007-07-15 23:20:24 | 000,080,936 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt) DRV - [2007-07-11 15:51:48 | 000,019,840 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag) DRV - [2007-07-11 10:45:00 | 000,021,632 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem) DRV - [2007-07-11 10:40:18 | 000,012,416 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus) DRV - [2007-05-23 09:13:10 | 000,013,312 | ---- | M] (SAMSUNG ELECTRONICS CO., LTD.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\KMDFMEMIO.sys -- (KMDFMEMIO) DRV - [2007-01-04 12:48:04 | 000,104,344 | ---- | M] (Analog Devices Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e4usbaw.sys -- (e4usbaw) DRV - [2007-01-04 12:47:48 | 000,069,656 | ---- | M] (Analog Deivces) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\e4ldr.sys -- (E4LOADER) General Purpose USB Driver (e4ldr.sys) DRV - [2006-11-28 08:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2006-11-02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006-11-02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006-11-02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006-11-02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006-11-02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006-11-02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006-11-02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006-11-02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006-11-02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006-11-02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006-11-02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006-11-02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006-11-02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006-11-02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006-11-02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006-11-02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006-11-02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006-11-02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006-11-02 08:30:53 | 000,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp) DRV - [2006-10-19 03:10:57 | 001,380,864 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\igdkmd32.sys -- (ialm) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com IE - HKU\S-1-5-21-23042342-2651542211-2932212354-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com IE - HKU\S-1-5-21-23042342-2651542211-2932212354-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKU\S-1-5-21-23042342-2651542211-2932212354-1003\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-23042342-2651542211-2932212354-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "google.pl" FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-12-10 22:00:21 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-12-10 22:00:21 | 000,000,000 | ---D | M] [2010-04-10 16:54:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kamil\AppData\Roaming\mozilla\Extensions [2011-02-17 09:58:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kamil\AppData\Roaming\mozilla\Firefox\Profiles\gmr2j1a9.default\extensions [2010-09-18 19:36:09 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\kamil\AppData\Roaming\mozilla\Firefox\Profiles\gmr2j1a9.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-12-29 00:12:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010-12-23 12:54:45 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2010-07-10 16:19:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010-07-10 16:18:34 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2010-09-12 13:23:09 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-09-12 13:23:09 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-09-12 13:23:09 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-09-12 13:23:10 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-09-12 13:23:10 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-09-12 13:23:10 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2006-09-18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe () O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [OutpostFeedBack] C:\Program Files\Agnitum\Outpost Firewall\feedback.exe (Agnitum Ltd.) O4 - HKLM..\Run: [OutpostMonitor] C:\Program Files\Agnitum\Outpost Firewall\op_mon.exe (Agnitum Ltd.) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-23042342-2651542211-2932212354-1003..\Run: [AlcoholAutomount] File not found O4 - HKU\S-1-5-21-23042342-2651542211-2932212354-1003..\Run: [inetserv] C:\Users\kamil\AppData\Local\inetserv.exe () O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-23042342-2651542211-2932212354-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-23042342-2651542211-2932212354-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data] O7 - HKU\S-1-5-21-23042342-2651542211-2932212354-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36 O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O13 - gopher Prefix: missing O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 173.192.105.217 173.193.227.124 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - AppInit_DLLs: (c:\progra~1\agnitum\outpos~1\wl_hook.dll) - c:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Agnitum Ltd.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: TaskMan - (C:\Users\kamil\AppData\Roaming\juzjf.exe) - C:\Users\kamil\AppData\Roaming\juzjf.exe () O20 - HKU\S-1-5-21-23042342-2651542211-2932212354-1003 Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKU\S-1-5-21-23042342-2651542211-2932212354-1003 Winlogon: Shell - (C:\Users\kamil\AppData\Roaming\juzjf.exe) - C:\Users\kamil\AppData\Roaming\juzjf.exe () O24 - Desktop WallPaper: C:\Users\kamil\AppData\Roaming\Mozilla\Firefox\Tapeta pulpitu.bmp O24 - Desktop BackupWallPaper: C:\Users\kamil\AppData\Roaming\Mozilla\Firefox\Tapeta pulpitu.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2010-08-28 00:44:42 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010-08-28 00:44:42 | 000,000,000 | RHSD | M] - D:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2009-08-18 20:44:27 | 000,000,051 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ] O33 - MountPoints2\{b6843ec9-a094-11df-a8b2-001377f510d9}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\explore.exe O33 - MountPoints2\{e669bb7b-1639-11df-8b58-001377f510d9}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL H:\copy.exe O33 - MountPoints2\{fd9cf149-1d00-11de-95d8-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{fd9cf149-1d00-11de-95d8-806e6f6e6963}\Shell\AutoRun\command - "" = E:\PrawoJazdy.exe -- [2011-01-04 16:13:26 | 003,387,904 | R--- | M] () O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe - (Adobe Systems Incorporated) MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe - () MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe - (Broadcom Corporation.) MsConfig - StartUpReg: [b]DAEMON Tools Lite[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]Gadu-Gadu 10[/b] - hkey= - key= - C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.) MsConfig - StartUpReg: [b]IPLA![/b] - hkey= - key= - C:\Program Files\ipla\ipla.exe (Redefine Sp z o.o.) MsConfig - StartUpReg: [b]LightScribe Control Panel[/b] - hkey= - key= - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company) MsConfig - StartUpReg: [b]RemoteControl[/b] - hkey= - key= - C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.) MsConfig - StartUpReg: [b]Skype[/b] - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.) MsConfig - StartUpReg: [b]Steam[/b] - hkey= - key= - D:\Gry\Steam\Steam.exe (Valve Corporation) MsConfig - StartUpReg: [b]SunJavaUpdateSched[/b] - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) MsConfig - State: "startup" - 2 MsConfig - State: "services" - 0 SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: MsMpSvc - c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation) SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: MsMpSvc - c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation) SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet: WudfPf - Driver SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2011-02-16 08:46:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\eu-ES [2011-02-16 08:46:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\ca-ES [2011-02-16 08:46:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\vi-VN [2011-02-16 08:23:22 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders [2011-02-14 16:30:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Media Center Programs [2011-02-08 18:49:06 | 000,000,000 | ---D | C] -- C:\Program Files\SkanerOnline [2011-02-03 20:22:07 | 000,000,000 | -H-D | C] -- C:\LG3G [2011-02-03 20:19:41 | 000,000,000 | ---D | C] -- C:\lgupload [2011-02-03 17:21:19 | 000,000,000 | ---D | C] -- C:\Users\kamil\AppData\Roaming\LG Electronics [2011-02-03 17:15:06 | 000,000,000 | ---D | C] -- C:\Program Files\LG Electronics [2011-02-03 17:13:26 | 000,000,000 | ---D | C] -- C:\Program Files\LG PC Suite 2 [2011-02-03 17:13:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG PC Suite 2 [2011-01-30 16:35:08 | 000,000,000 | ---D | C] -- C:\Users\kamil\Documents\MP-Manager [2011-01-30 16:35:08 | 000,000,000 | ---D | C] -- C:\Users\kamil\Application Data [2011-01-30 16:34:37 | 000,000,000 | ---D | C] -- C:\Users\kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MP Manager [2011-01-30 16:31:48 | 000,000,000 | ---D | C] -- C:\Users\kamil\AppData\Roaming\MPMAN [2011-01-29 09:36:11 | 000,000,000 | ---D | C] -- C:\Windows\TempAE2F5317-B912-ED87-AA44-48E9B7C3915A-Signatures [2011-01-29 09:35:01 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client [2011-01-25 19:41:36 | 000,000,000 | ---D | C] -- C:\Users\kamil\Documents\Eidos [2011-01-25 18:45:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CAPCOM [2011-01-21 16:26:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra [2011-01-13 18:04:55 | 000,000,000 | ---D | C] -- C:\Windows\System32\xlive [2011-01-06 18:03:01 | 000,000,000 | ---D | C] -- C:\Users\kamil\AppData\Roaming\Thinstall [2011-01-04 18:45:38 | 000,000,000 | ---D | C] -- C:\Users\kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zegarmistrz [2011-01-04 18:45:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zegarmistrz [2010-12-23 17:55:10 | 000,000,000 | ---D | C] -- C:\Users\kamil\Documents\52 [2010-12-23 15:20:27 | 000,000,000 | ---D | C] -- C:\Users\kamil\AppData\Roaming\Tibia [2010-12-23 15:17:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tibia [2010-12-23 12:52:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2010-12-23 12:52:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2006-11-24 06:14:44 | 000,139,264 | ---- | C] ( ) -- C:\Windows\System32\MACSSDK_wiz.dll [2006-11-24 06:14:44 | 000,126,976 | ---- | C] ( ) -- C:\Windows\System32\MACSSDK.dll [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2011-02-17 09:52:34 | 000,710,864 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2011-02-17 09:52:34 | 000,635,986 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011-02-17 09:52:34 | 000,145,430 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2011-02-17 09:52:33 | 000,119,772 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011-02-17 09:51:05 | 000,001,034 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011-02-17 09:46:23 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{3982A897-C764-48B3-90D3-5CE2FC2D8A19}.job [2011-02-17 09:46:12 | 000,137,021 | ---- | M] () -- C:\ProgramData\nvModes.001 [2011-02-17 09:45:07 | 000,137,021 | ---- | M] () -- C:\ProgramData\nvModes.dat [2011-02-17 09:45:04 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011-02-17 09:45:04 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011-02-17 09:45:03 | 000,001,030 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011-02-17 09:44:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011-02-17 09:44:44 | 2141,831,168 | -HS- | M] () -- C:\hiberfil.sys [2011-02-17 09:43:55 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2011-02-16 22:32:18 | 095,948,386 | ---- | M] () -- C:\Windows\MEMORY.DMP [2011-02-16 08:52:24 | 000,372,632 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011-02-16 08:06:01 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempnC2684.html [2011-02-16 08:06:01 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempon2684.html [2011-02-15 23:43:20 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempfA4004.html [2011-02-08 20:08:05 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempTB3240.html [2011-02-08 20:08:05 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempyV3240.html [2011-02-08 16:47:42 | 000,000,680 | ---- | M] () -- C:\Users\kamil\AppData\Local\d3d9caps.dat [2011-02-07 19:05:24 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempja5624.html [2011-02-03 21:38:10 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempTD3572.html [2011-02-03 21:38:10 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempwF3572.html [2011-02-01 19:17:14 | 000,110,614 | ---- | M] () -- C:\Users\kamil\AppData\Local\inetserv.exe [2011-01-30 14:50:35 | 000,092,160 | ---- | M] () -- C:\Users\kamil\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-01-29 15:32:52 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempAL5364.html [2011-01-29 15:32:52 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempzw5364.html [2011-01-29 09:38:50 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif [2011-01-28 23:17:19 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempYt4272.html [2011-01-28 23:17:19 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempOe4272.html [2011-01-23 22:20:37 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempjD3568.html [2011-01-23 22:20:37 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempMi3568.html [2011-01-22 16:02:58 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempOM2392.html [2011-01-22 16:02:58 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempJS2392.html [2011-01-16 20:04:49 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempjN5168.html [2011-01-16 20:04:49 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Temppe5168.html [2011-01-14 23:24:53 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempND3380.html [2011-01-13 00:04:10 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempNQ3404.html [2011-01-12 19:44:26 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Templg3808.html [2011-01-12 19:44:26 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempOI3808.html [2011-01-12 16:50:39 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempcU3652.html [2011-01-12 16:50:39 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempRj3652.html [2011-01-11 17:58:21 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempFU1664.html [2011-01-11 17:58:21 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempPW1664.html [2011-01-10 18:26:09 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempeO1000.html [2011-01-09 21:07:48 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempGh1992.html [2011-01-09 21:07:48 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempwQ1992.html [2011-01-09 00:59:09 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempqy3528.html [2011-01-07 15:41:18 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempDLO284.html [2011-01-06 19:38:01 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempBi2584.html [2011-01-05 17:14:33 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempms1724.html [2011-01-04 16:29:52 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempUx5904.html [2011-01-04 16:29:52 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Temphb5904.html [2011-01-02 22:01:05 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempRI3908.html [2011-01-02 22:01:05 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempDy3908.html [2010-12-30 01:55:48 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TemplB1848.html [2010-12-30 01:55:48 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempnE1848.html [2010-12-27 22:43:31 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempgO2744.html [2010-12-27 14:32:35 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempHv2724.html [2010-12-27 14:32:35 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempSa2724.html [2010-12-27 01:32:48 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempLp2396.html [2010-12-27 01:32:48 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempNU2396.html [2010-12-26 02:21:40 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempto6032.html [2010-12-26 02:21:40 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempzb6032.html [2010-12-24 02:14:15 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempEW6004.html [2010-12-24 02:14:15 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempBp6004.html [2010-12-23 16:20:12 | 004,687,862 | ---- | M] () -- C:\Users\kamil\Documents\52 Debiec - Gniew.mp3 [2010-12-23 12:52:19 | 000,001,878 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2010-12-22 23:33:36 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Temphx2496.html [2010-12-22 23:33:36 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempYQ2496.html [2010-12-22 18:58:40 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempvy2588.html [2010-12-20 06:55:47 | 000,003,188 | ---- | M] () -- C:\Users\kamil\Documents\Artur Tomalaa.rtf [2010-12-19 22:16:47 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempmO3804.html [2010-12-19 22:16:47 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempWn3804.html [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-02-17 09:40:44 | 2141,831,168 | -HS- | C] () -- C:\hiberfil.sys [2011-02-16 08:02:29 | 000,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf [2011-02-16 07:56:51 | 000,098,318 | ---- | C] () -- C:\Users\kamil\AppData\Roaming\eli_127.exe [2011-02-16 07:56:24 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempnC2684.html [2011-02-16 07:56:24 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempon2684.html [2011-02-15 22:45:35 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempfA4004.html [2011-02-15 22:25:13 | 000,098,318 | ---- | C] () -- C:\Users\kamil\AppData\Roaming\eli_118.exe [2011-02-08 16:47:49 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempTB3240.html [2011-02-08 16:47:49 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempyV3240.html [2011-02-08 16:06:37 | 000,000,000 | -H-- | C] () -- C:\Users\kamil\AppData\Roaming\jbMhE16d0h.txt [2011-02-07 16:14:36 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempja5624.html [2011-02-03 17:05:35 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempTD3572.html [2011-02-03 17:05:35 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempwF3572.html [2011-02-01 19:17:14 | 000,110,614 | ---- | C] () -- C:\Users\kamil\AppData\Local\inetserv.exe [2011-01-29 12:40:37 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempAL5364.html [2011-01-29 12:40:37 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempzw5364.html [2011-01-29 09:38:50 | 000,001,912 | ---- | C] () -- C:\Windows\epplauncher.mif [2011-01-28 16:18:46 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempYt4272.html [2011-01-28 16:18:46 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempOe4272.html [2011-01-23 15:50:50 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempjD3568.html [2011-01-23 15:50:50 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempMi3568.html [2011-01-22 09:55:49 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempOM2392.html [2011-01-22 09:55:49 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempJS2392.html [2011-01-16 17:01:01 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempjN5168.html [2011-01-16 17:01:01 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Temppe5168.html [2011-01-14 21:56:19 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempND3380.html [2011-01-12 21:42:18 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempNQ3404.html [2011-01-12 19:24:05 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Templg3808.html [2011-01-12 19:24:05 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempOI3808.html [2011-01-12 16:10:25 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempcU3652.html [2011-01-12 16:10:25 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempRj3652.html [2011-01-11 17:50:10 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempFU1664.html [2011-01-11 17:50:10 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempPW1664.html [2011-01-10 17:26:40 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempeO1000.html [2011-01-09 13:42:26 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempGh1992.html [2011-01-09 13:42:26 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempwQ1992.html [2011-01-08 18:05:35 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempqy3528.html [2011-01-07 15:14:56 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempDLO284.html [2011-01-06 15:19:49 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempBi2584.html [2011-01-05 15:14:27 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempms1724.html [2011-01-04 15:57:38 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempUx5904.html [2011-01-04 15:57:38 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Temphb5904.html [2011-01-02 21:04:34 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempRI3908.html [2011-01-02 21:04:34 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempDy3908.html [2010-12-29 15:05:43 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TemplB1848.html [2010-12-29 15:05:43 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempnE1848.html [2010-12-29 00:12:28 | 000,001,878 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk [2010-12-27 20:27:45 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempgO2744.html [2010-12-27 13:50:14 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempHv2724.html [2010-12-27 13:50:14 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempSa2724.html [2010-12-26 22:02:40 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempLp2396.html [2010-12-26 22:02:40 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempNU2396.html [2010-12-25 21:00:34 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempto6032.html [2010-12-25 21:00:34 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempzb6032.html [2010-12-23 16:16:11 | 004,687,862 | ---- | C] () -- C:\Users\kamil\Documents\52 Debiec - Gniew.mp3 [2010-12-23 15:14:02 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempEW6004.html [2010-12-23 15:14:02 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempBp6004.html [2010-12-22 20:50:46 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Temphx2496.html [2010-12-22 20:50:46 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempYQ2496.html [2010-12-22 15:40:08 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempvy2588.html [2010-12-20 06:55:47 | 000,003,188 | ---- | C] () -- C:\Users\kamil\Documents\Artur Tomalaa.rtf [2010-12-19 19:32:56 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempmO3804.html [2010-12-19 19:32:56 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempWn3804.html [2010-12-18 16:58:38 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempPj1764.html [2010-12-11 21:34:46 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempiZ1716.html [2010-12-11 21:34:45 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempFx1716.html [2010-12-10 18:49:13 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempma5604.html [2010-12-10 18:49:13 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Templr5604.html [2010-12-09 18:45:41 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempwj5064.html [2010-12-09 18:45:41 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Templk5064.html [2010-12-08 17:30:29 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempXe4052.html [2010-12-08 17:30:29 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempGM4052.html [2010-12-07 16:59:17 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempLF3744.html [2010-12-06 16:21:56 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempqd2380.html [2010-12-06 16:21:56 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempmg2380.html [2010-12-05 12:25:20 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempCN2632.html [2010-12-05 12:25:20 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempdh2632.html [2010-12-05 01:38:07 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempNg3004.html [2010-12-04 13:07:31 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempzP5860.html [2010-12-03 18:14:22 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempoq4100.html [2010-12-03 18:14:22 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempgF4100.html [2010-12-03 15:04:37 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Temptm5244.html [2010-12-03 13:42:54 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempGM5904.html [2010-12-02 21:15:57 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempyd2448.html [2010-12-02 21:15:57 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempYw2448.html [2010-11-29 21:19:34 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempAo3916.html [2010-11-29 21:19:34 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempCB3916.html [2010-11-28 15:52:28 | 000,003,053 | ---- | C] () -- C:\Windows\ARX_RingPol100D.ini [2010-11-21 13:41:08 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TemplB3472.html [2010-11-21 13:41:08 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempbT3472.html [2010-11-19 16:04:14 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempvl3368.html [2010-11-19 16:04:14 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempTq3368.html [2010-11-15 13:04:21 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempOKc992.html [2010-11-15 13:04:21 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TemplwW992.html [2010-11-13 21:34:11 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempQo5968.html [2010-11-13 21:34:11 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempXu5968.html [2010-11-13 15:06:17 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempxm5296.html [2010-11-13 15:06:17 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempeT5296.html [2010-11-13 14:55:53 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempPi5296.html [2010-11-13 14:55:53 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempFs5296.html [2010-11-12 13:18:37 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempNE1856.html [2010-11-12 13:18:37 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempNL1856.html [2010-11-11 17:21:44 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempdF3772.html [2010-11-11 17:21:44 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempMR3772.html [2010-11-10 16:46:26 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempuG4180.html [2010-11-07 12:39:33 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempQh2884.html [2010-11-07 12:39:33 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Templo2884.html [2010-11-06 22:13:56 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempCa2288.html [2010-11-06 22:13:56 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempKN2288.html [2010-11-06 14:03:17 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempyY2656.html [2010-11-05 17:20:56 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempbp4012.html [2010-11-05 17:20:56 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempMq4012.html [2010-11-04 12:05:38 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempSf3852.html [2010-11-04 12:05:38 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempPF3852.html [2010-10-31 16:28:51 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempql5236.html [2010-10-31 16:28:51 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempep5236.html [2010-10-31 13:09:26 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempBt5980.html [2010-10-31 12:59:15 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempqB5308.html [2010-10-31 12:59:15 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempOB5308.html [2010-10-19 15:33:33 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempiH3396.html [2010-10-19 15:33:33 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempJV3396.html [2010-10-14 18:05:02 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempXp2552.html [2010-10-14 18:05:02 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempzI2552.html [2010-10-12 12:51:30 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempeF2884.html [2010-10-12 12:51:30 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempDN2884.html [2010-10-08 13:21:37 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TemplD1276.html [2010-10-08 13:21:37 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempsr1276.html [2010-10-04 13:54:25 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempUR1588.html [2010-10-04 13:54:25 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempru1588.html [2010-10-03 11:58:08 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempBB2360.html [2010-10-03 11:58:08 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempYC2360.html [2010-10-02 19:58:14 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempMtO304.html [2010-10-02 19:58:14 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempKPC304.html [2010-10-01 22:36:00 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempYY2608.html [2010-09-25 16:49:10 | 000,278,728 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys [2010-09-25 16:49:10 | 000,025,416 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys [2010-09-24 17:08:34 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempOw2044.html [2010-09-24 17:08:34 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempiK2044.html [2010-09-23 14:47:43 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempGt1832.html [2010-09-22 17:51:15 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempTu3460.html [2010-09-22 17:51:15 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempgm3460.html [2010-09-20 17:02:33 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempdL3572.html [2010-09-20 17:02:33 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempkn3572.html [2010-09-19 09:45:51 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempGT1476.html [2010-09-19 09:45:51 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TemplG1476.html [2010-09-18 16:23:09 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempWd5560.html [2010-09-18 16:23:09 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempaD5560.html [2010-09-18 11:45:44 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempEz2260.html [2010-09-17 18:49:34 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempaT1744.html [2010-09-12 19:28:59 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempyF4324.html [2010-09-12 19:28:59 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempxV4324.html [2010-09-12 13:25:50 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempaf4024.html [2010-09-12 13:25:50 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempUc4024.html [2010-09-11 13:45:01 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempxZB508.html [2010-09-11 13:45:01 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempcvr508.html [2010-09-10 18:55:05 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempdH2036.html [2010-09-02 18:22:11 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempfU5496.html [2010-09-02 18:22:11 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempWW5496.html [2010-09-02 16:44:18 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempJZ2264.html [2010-09-02 16:44:18 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempCv2264.html [2010-09-02 14:54:03 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempyM3488.html [2010-09-01 17:16:20 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempKp4024.html [2010-09-01 17:16:20 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempmw4024.html [2010-08-31 16:56:15 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TemppB3920.html [2010-08-31 16:56:15 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempsC3920.html [2010-08-30 16:20:11 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempHx5276.html [2010-08-30 16:20:11 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempfo5276.html [2010-08-29 11:53:58 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempha2992.html [2010-08-29 11:53:58 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempeU2992.html [2010-08-28 10:24:38 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2010-08-28 10:13:14 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempww1700.html [2010-08-28 10:13:14 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempLf1700.html [2010-08-27 22:56:29 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempUD4940.html [2010-08-27 22:56:29 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempod4940.html [2010-08-03 15:20:29 | 000,000,680 | ---- | C] () -- C:\Users\kamil\AppData\Local\d3d9caps.dat [2010-07-09 20:04:40 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll [2010-06-28 09:40:02 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempwV1564.html [2010-06-28 09:40:02 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempyC1564.html [2010-06-28 08:52:51 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TemppM3176.html [2010-05-31 16:47:42 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2010-05-31 16:47:42 | 000,022,328 | ---- | C] () -- C:\Users\kamil\AppData\Roaming\PnkBstrK.sys [2010-05-18 15:48:30 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll [2010-05-18 15:48:30 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll [2010-05-18 15:48:30 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll [2010-04-27 16:49:25 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys [2010-04-24 12:56:50 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempYg3044.html [2010-04-23 19:28:00 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Temppy1876.html [2010-04-23 19:28:00 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempEY1876.html [2010-04-20 10:26:23 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempLW3776.html [2010-04-20 10:26:23 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Templd3776.html [2010-04-18 19:08:03 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempqv2896.html [2010-04-18 19:08:03 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempkK2896.html [2010-04-18 10:26:35 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempdk2792.html [2010-04-18 10:26:35 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempZh2792.html [2010-04-17 16:35:08 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempJH3920.html [2010-04-17 16:35:08 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempuz3920.html [2010-04-17 08:52:07 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempXK2252.html [2010-04-16 18:24:53 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempqgU376.html [2010-04-16 18:24:53 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempvBC376.html [2010-04-16 15:36:09 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempgR4068.html [2010-04-13 18:51:04 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempoR3468.html [2010-04-13 18:51:04 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempSP3468.html [2010-04-12 15:11:00 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempXQ2732.html [2010-04-12 15:11:00 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempxv2732.html [2010-04-11 18:42:23 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempEZ2156.html [2010-04-11 18:42:23 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempfu2156.html [2010-04-11 09:09:31 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempAZ2624.html [2010-04-11 09:09:31 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Templn2624.html [2010-04-10 21:03:24 | 000,092,160 | ---- | C] () -- C:\Users\kamil\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-04-10 17:49:16 | 000,000,169 | ---- | C] () -- C:\Windows\adidsl.ini [2010-04-10 17:49:16 | 000,000,021 | ---- | C] () -- C:\Windows\Fast800.ini [2010-04-10 17:48:14 | 000,000,990 | ---- | C] () -- C:\Windows\adiras.ini [2010-04-10 17:48:10 | 000,046,892 | ---- | C] () -- C:\Windows\System32\ADADIX16.DLL [2010-04-10 17:07:10 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempHh2412.html [2010-04-10 17:07:10 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempKy2412.html [2010-04-10 17:06:26 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010-02-10 13:03:16 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll [2008-07-25 12:51:28 | 000,000,684 | ---- | C] () -- C:\Windows\HotFixList.ini [2008-07-25 12:38:07 | 000,137,021 | ---- | C] () -- C:\ProgramData\nvModes.001 [2008-07-25 12:37:47 | 000,137,021 | ---- | C] () -- C:\ProgramData\nvModes.dat [2008-07-25 12:19:47 | 000,000,135 | R--- | C] () -- C:\Windows\System32\lngEng.ini [2008-07-25 12:19:47 | 000,000,117 | ---- | C] () -- C:\Windows\System32\lngKor.ini [2008-07-25 10:38:24 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2007-10-12 23:20:06 | 000,151,417 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2007-07-23 08:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll [2007-07-23 08:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll [2007-07-23 08:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll [2007-07-23 08:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll [2007-07-23 08:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll [2007-07-23 08:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll [2007-07-23 08:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll [2007-07-23 08:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll [2007-07-23 08:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll [2007-02-15 08:51:02 | 000,274,432 | ---- | C] () -- C:\Windows\System32\NDADLL.dll [2006-11-29 09:00:28 | 000,307,200 | ---- | C] () -- C:\Windows\System32\LDBGenWizView.dll [2006-11-02 11:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll [2006-11-02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006-10-09 02:01:28 | 000,061,440 | ---- | C] () -- C:\Windows\System32\AVSAudioWideStereoDMO.dll [2001-11-14 04:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll [color=#E56717]========== LOP Check ==========[/color] [2010-04-27 16:54:19 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\DAEMON Tools Lite [2010-04-24 10:07:41 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\fretsonfire [2010-11-13 15:06:16 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\Gadu-Gadu 10 [2010-07-12 12:24:19 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\GetRightToGo [2010-08-31 17:01:59 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\gtk-2.0 [2010-04-10 17:03:59 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\ipla [2011-02-03 17:21:19 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\LG Electronics [2011-01-30 16:31:48 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\MPMAN [2010-07-13 20:07:15 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\OpenFM [2010-08-30 21:52:13 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\PhotoFiltre [2010-09-13 17:00:29 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\runic games [2010-04-25 09:32:47 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\Sudeki [2011-01-06 18:03:01 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\Thinstall [2010-12-31 06:25:27 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\Tibia [2010-11-19 17:44:05 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\TS3Client [2010-08-29 12:52:02 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\uTorrent [2011-02-17 09:43:55 | 000,032,592 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2011-02-17 09:46:23 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{3982A897-C764-48B3-90D3-5CE2FC2D8A19}.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2009-04-11 07:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr [2008-02-09 03:52:13 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK [2006-09-18 22:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys [2011-02-17 09:44:44 | 2141,831,168 | -HS- | M] () -- C:\hiberfil.sys [2009-03-30 07:32:41 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2011-02-08 19:25:50 | 000,007,566 | ---- | M] () -- C:\mksbasel.cpp.log [2009-03-30 07:32:41 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2011-02-17 09:44:42 | 2455,633,920 | -HS- | M] () -- C:\pagefile.sys [2008-07-25 12:03:42 | 000,000,366 | ---- | M] () -- C:\RHDSetup.log [2009-06-05 15:20:18 | 000,000,086 | ---- | M] () -- C:\Setup.log [2011-02-03 17:20:17 | 000,000,000 | ---- | M] () -- C:\Tech_Vista.log [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2008-01-21 03:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys [2008-01-21 03:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys [2008-01-21 03:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys [2008-01-21 03:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys [2008-01-21 03:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys [2006-11-02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009-04-11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys [2009-04-11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys [2009-04-11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys [2008-01-21 03:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys [2008-01-21 03:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys [2008-01-21 03:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys [2006-11-02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2008-01-21 03:33:14 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\System32\drivers\beep.sys [2008-01-21 03:33:14 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6001.18000_none_c420a153079d485b\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2008-01-21 03:32:23 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys [2008-01-21 03:32:23 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys [2009-04-11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys [2009-04-11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys [2009-04-11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys [2009-04-11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys [2006-11-02 09:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2009-04-11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys [2009-04-11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys [2009-04-11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys [2008-01-21 03:33:22 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2009-04-11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [2009-04-11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe [2009-04-11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [2008-01-21 03:34:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 494 bytes -> C:\Windows\System32\drivers\nhcinfbl.sys:changelist < End of report > [/log] RSIT: [log]Logfile of random's system information tool 1.08 (written by random/random) Run by kamil at 2011-02-17 10:11:25 Microsoft® Windows Vista™ Home Basic Service Pack 2 System drive C: has 6 GB (8%) free of 71 GB Total RAM: 2042 MB (45% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:11:37, on 2011-02-17 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.19019) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe C:\Windows\System32\rundll32.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Windows\System32\mobsync.exe C:\Program Files\Windows Media Player\wmplayer.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Users\kamil\AppData\Local\inetserv.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Samsung\Samsung Update Plus\SLUTrayNotifier.exe C:\Windows\system32\wuauclt.exe C:\Windows\explorer.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\kamil\Documents\52\rsit\RSIT.exe C:\Program Files\trend micro\kamil.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [OutpostMonitor] C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe /tray /noservice O4 - HKLM\..\Run: [OutpostFeedBack] "C:\Program Files\Agnitum\Outpost Firewall\feedback.exe" /dump:os_startup O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKCU\..\Run: [inetserv] C:\Users\kamil\AppData\Local\inetserv.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'USŁUGA SIECIOWA') O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: c:\progra~1\agnitum\outpos~1\wl_hook.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: Usługa Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Samsung Update Plus - Unknown owner - C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe -- End of file - 6423 bytes ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\User_Feed_Synchronization-{3982A897-C764-48B3-90D3-5CE2FC2D8A19}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-07-10 41760] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184] "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-06-08 13543968] "NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-06-08 92704] "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-04-17 6111232] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-10-26 1029416] "LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2007-01-08 52256] "OutpostMonitor"=C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe [2009-04-28 2374464] "OutpostFeedBack"=C:\Program Files\Agnitum\Outpost Firewall\feedback.exe [2009-04-28 428032] "MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2010-11-30 997408] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe /automount [] "inetserv"=C:\Users\kamil\AppData\Local\inetserv.exe [2011-02-01 110614] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe [2010-10-07 12661344] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IPLA!] C:\Program Files\ipla\ipla.exe [2010-02-02 14252952] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-03-17 2289664] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2007-03-14 71216] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] C:\Program Files\Skype\Phone\Skype.exe [2010-12-03 14944136] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam] D:\Gry\Steam\Steam.exe [2010-12-05 1242448] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk] C:\PROGRA~1\Adobe\READER~1.0\Reader\READER~1.EXE [2006-10-22 40048] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk] C:\PROGRA~1\Adobe\READER~1.0\Reader\ADOBEC~1.EXE [2006-10-22 734872] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk] C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2008-02-12 723496] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="c:\progra~1\agnitum\outpos~1\wl_hook.dll" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveAutoRun"=0xFFFFFFFF "NoDriveTypeAutoRun"=36 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "BindDirectlyToPropertySetStorage"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 months====== 2011-02-17 10:00:19 ----A---- C:\Windows\system32\drivers\nhcinfbl.sys 2011-02-17 09:40:44 ----ASH---- C:\hiberfil.sys 2011-02-16 22:28:30 ----A---- C:\Windows\ntbtlog.txt 2011-02-16 08:46:45 ----D---- C:\Windows\system32\eu-ES 2011-02-16 08:46:45 ----D---- C:\Windows\system32\ca-ES 2011-02-16 08:46:44 ----D---- C:\Windows\system32\vi-VN 2011-02-16 08:23:22 ----D---- C:\Windows\system32\EventProviders 2011-02-16 08:02:31 ----A---- C:\Windows\system32\occache.dll 2011-02-16 08:02:31 ----A---- C:\Windows\system32\mstime.dll 2011-02-16 08:02:31 ----A---- C:\Windows\system32\mshtmled.dll 2011-02-16 08:02:31 ----A---- C:\Windows\system32\licmgr10.dll 2011-02-16 08:02:31 ----A---- C:\Windows\system32\jsproxy.dll 2011-02-16 08:02:30 ----A---- C:\Windows\system32\msfeedsbs.dll 2011-02-16 08:02:30 ----A---- C:\Windows\system32\msfeeds.dll 2011-02-16 08:02:30 ----A---- C:\Windows\system32\ieui.dll 2011-02-16 08:02:30 ----A---- C:\Windows\system32\iesetup.dll 2011-02-16 08:02:30 ----A---- C:\Windows\system32\iepeers.dll 2011-02-16 08:02:29 ----A---- C:\Windows\system32\wininet.dll 2011-02-16 08:02:29 ----A---- C:\Windows\system32\iernonce.dll 2011-02-16 08:02:29 ----A---- C:\Windows\system32\iedkcs32.dll 2011-02-16 08:02:28 ----A---- C:\Windows\system32\msfeedssync.exe 2011-02-16 08:02:28 ----A---- C:\Windows\system32\iertutil.dll 2011-02-16 08:02:28 ----A---- C:\Windows\system32\ie4uinit.exe 2011-02-16 08:02:27 ----A---- C:\Windows\system32\urlmon.dll 2011-02-16 08:02:27 ----A---- C:\Windows\system32\ieUnatt.exe 2011-02-16 08:02:27 ----A---- C:\Windows\system32\iesysprep.dll 2011-02-16 08:02:26 ----A---- C:\Windows\system32\ieframe.dll 2011-02-16 08:02:25 ----A---- C:\Windows\system32\mshtml.dll 2011-02-16 08:00:39 ----A---- C:\Windows\system32\mshtmler.dll 2011-02-16 08:00:39 ----A---- C:\Windows\system32\icardie.dll 2011-02-16 08:00:39 ----A---- C:\Windows\system32\admparse.dll 2011-02-16 08:00:38 ----A---- C:\Windows\system32\msls31.dll 2011-02-16 08:00:38 ----A---- C:\Windows\system32\imgutil.dll 2011-02-16 08:00:38 ----A---- C:\Windows\system32\ieakeng.dll 2011-02-16 08:00:38 ----A---- C:\Windows\system32\dxtrans.dll 2011-02-16 08:00:38 ----A---- C:\Windows\system32\dxtmsft.dll 2011-02-16 08:00:38 ----A---- C:\Windows\system32\corpol.dll 2011-02-16 08:00:37 ----A---- C:\Windows\system32\webcheck.dll 2011-02-16 08:00:37 ----A---- C:\Windows\system32\msrating.dll 2011-02-16 08:00:37 ----A---- C:\Windows\system32\inseng.dll 2011-02-16 08:00:37 ----A---- C:\Windows\system32\ieaksie.dll 2011-02-16 08:00:36 ----A---- C:\Windows\system32\WinFXDocObj.exe 2011-02-16 08:00:36 ----A---- C:\Windows\system32\wextract.exe 2011-02-16 08:00:36 ----A---- C:\Windows\system32\ieakui.dll 2011-02-16 08:00:36 ----A---- C:\Windows\system32\advpack.dll 2011-02-16 08:00:35 ----A---- C:\Windows\system32\pngfilt.dll 2011-02-16 08:00:35 ----A---- C:\Windows\system32\ieapfltr.dll 2011-02-16 08:00:34 ----A---- C:\Windows\system32\vbscript.dll 2011-02-16 08:00:34 ----A---- C:\Windows\system32\url.dll 2011-02-16 08:00:34 ----A---- C:\Windows\system32\jscript.dll 2011-02-16 08:00:33 ----A---- C:\Windows\system32\mshta.exe 2011-02-16 08:00:33 ----A---- C:\Windows\system32\iexpress.exe 2011-02-16 08:00:32 ----A---- C:\Windows\system32\SetIEInstalledDate.exe 2011-02-16 08:00:32 ----A---- C:\Windows\system32\SetDepNx.exe 2011-02-16 08:00:32 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe 2011-02-16 08:00:32 ----A---- C:\Windows\system32\PDMSetup.exe 2011-02-14 16:30:18 ----D---- C:\ProgramData\Media Center Programs 2011-02-10 14:49:51 ----A---- C:\Windows\system32\win32k.sys 2011-02-10 14:49:45 ----A---- C:\Windows\system32\ntdll.dll 2011-02-10 14:49:43 ----A---- C:\Windows\system32\ntkrnlpa.exe 2011-02-10 14:49:42 ----A---- C:\Windows\system32\ntoskrnl.exe 2011-02-10 14:49:20 ----A---- C:\Windows\system32\shell32.dll 2011-02-10 14:49:16 ----A---- C:\Windows\system32\shlwapi.dll 2011-02-10 14:44:25 ----A---- C:\Windows\system32\atmfd.dll 2011-02-10 14:44:24 ----A---- C:\Windows\system32\atmlib.dll 2011-02-08 18:49:06 ----D---- C:\Program Files\SkanerOnline 2011-02-08 16:06:37 ----AH---- C:\Users\kamil\AppData\Roaming\jbMhE16d0h.txt 2011-02-03 20:22:07 ----HD---- C:\LG3G 2011-02-03 20:19:41 ----D---- C:\lgupload 2011-02-03 17:21:19 ----D---- C:\Users\kamil\AppData\Roaming\LG Electronics 2011-02-03 17:15:07 ----A---- C:\Windows\system32\drivers\lgusbmodem.sys 2011-02-03 17:15:07 ----A---- C:\Windows\system32\drivers\lgusbdiag.sys 2011-02-03 17:15:07 ----A---- C:\Windows\system32\drivers\lgusbbus.sys 2011-02-03 17:15:06 ----D---- C:\Program Files\LG Electronics 2011-02-03 17:13:26 ----D---- C:\Program Files\LG PC Suite 2 2011-01-30 16:31:48 ----D---- C:\Users\kamil\AppData\Roaming\MPMAN 2011-01-29 09:36:11 ----D---- C:\Windows\TempAE2F5317-B912-ED87-AA44-48E9B7C3915A-Signatures 2011-01-29 09:35:01 ----D---- C:\Program Files\Microsoft Security Client 2011-01-29 09:33:46 ----A---- C:\Windows\system32\drivers\netio.sys 2011-01-25 19:01:06 ----A---- C:\Windows\system32\XAudio2_7.dll 2011-01-25 19:01:06 ----A---- C:\Windows\system32\XAPOFX1_5.dll 2011-01-25 19:01:06 ----A---- C:\Windows\system32\xactengine3_7.dll 2011-01-25 19:01:05 ----A---- C:\Windows\system32\D3DCompiler_43.dll 2011-01-25 19:01:04 ----A---- C:\Windows\system32\d3dx11_43.dll 2011-01-25 19:01:04 ----A---- C:\Windows\system32\d3dcsx_43.dll 2011-01-25 19:01:03 ----A---- C:\Windows\system32\D3DX9_43.dll 2011-01-25 19:01:03 ----A---- C:\Windows\system32\d3dx10_43.dll 2011-01-25 19:01:02 ----A---- C:\Windows\system32\XAudio2_6.dll 2011-01-25 19:01:02 ----A---- C:\Windows\system32\XAPOFX1_4.dll 2011-01-25 19:01:01 ----A---- C:\Windows\system32\xactengine3_6.dll 2011-01-25 19:01:01 ----A---- C:\Windows\system32\X3DAudio1_7.dll 2011-01-25 19:01:00 ----A---- C:\Windows\system32\XAudio2_5.dll 2011-01-25 19:01:00 ----A---- C:\Windows\system32\xactengine3_5.dll 2011-01-25 19:00:59 ----A---- C:\Windows\system32\D3DCompiler_42.dll 2011-01-25 19:00:58 ----A---- C:\Windows\system32\d3dx11_42.dll 2011-01-25 19:00:58 ----A---- C:\Windows\system32\d3dcsx_42.dll 2011-01-25 19:00:57 ----A---- C:\Windows\system32\D3DX9_42.dll 2011-01-25 19:00:57 ----A---- C:\Windows\system32\d3dx10_42.dll 2011-01-25 19:00:56 ----A---- C:\Windows\system32\d3dx10_41.dll 2011-01-25 19:00:56 ----A---- C:\Windows\system32\D3DCompiler_41.dll 2011-01-25 19:00:55 ----A---- C:\Windows\system32\D3DX9_41.dll 2011-01-25 19:00:54 ----A---- C:\Windows\system32\XAudio2_4.dll 2011-01-25 19:00:54 ----A---- C:\Windows\system32\XAPOFX1_3.dll 2011-01-25 19:00:54 ----A---- C:\Windows\system32\xactengine3_4.dll 2011-01-25 19:00:53 ----A---- C:\Windows\system32\X3DAudio1_6.dll 2011-01-25 19:00:53 ----A---- C:\Windows\system32\d3dx10_40.dll 2011-01-25 19:00:53 ----A---- C:\Windows\system32\D3DCompiler_40.dll 2011-01-25 19:00:49 ----A---- C:\Windows\system32\D3DX9_40.dll 2011-01-25 19:00:48 ----A---- C:\Windows\system32\XAudio2_3.dll 2011-01-25 19:00:48 ----A---- C:\Windows\system32\XAPOFX1_2.dll 2011-01-25 19:00:48 ----A---- C:\Windows\system32\xactengine3_3.dll 2011-01-25 19:00:48 ----A---- C:\Windows\system32\X3DAudio1_5.dll 2011-01-25 19:00:47 ----A---- C:\Windows\system32\XAudio2_2.dll 2011-01-25 19:00:47 ----A---- C:\Windows\system32\XAPOFX1_1.dll 2011-01-25 19:00:47 ----A---- C:\Windows\system32\xactengine3_2.dll 2011-01-25 19:00:46 ----A---- C:\Windows\system32\d3dx10_39.dll 2011-01-25 19:00:46 ----A---- C:\Windows\system32\D3DCompiler_39.dll 2011-01-25 19:00:45 ----A---- C:\Windows\system32\D3DX9_39.dll 2011-01-25 19:00:44 ----A---- C:\Windows\system32\XAudio2_1.dll 2011-01-25 19:00:44 ----A---- C:\Windows\system32\XAPOFX1_0.dll 2011-01-25 19:00:44 ----A---- C:\Windows\system32\xactengine3_1.dll 2011-01-25 19:00:44 ----A---- C:\Windows\system32\X3DAudio1_4.dll 2011-01-25 19:00:43 ----A---- C:\Windows\system32\d3dx10_38.dll 2011-01-25 19:00:43 ----A---- C:\Windows\system32\D3DCompiler_38.dll 2011-01-25 19:00:42 ----A---- C:\Windows\system32\XAudio2_0.dll 2011-01-25 19:00:42 ----A---- C:\Windows\system32\D3DX9_38.dll 2011-01-25 19:00:41 ----A---- C:\Windows\system32\xactengine3_0.dll 2011-01-25 19:00:41 ----A---- C:\Windows\system32\X3DAudio1_3.dll 2011-01-25 19:00:40 ----A---- C:\Windows\system32\d3dx10_37.dll 2011-01-25 19:00:40 ----A---- C:\Windows\system32\D3DCompiler_37.dll 2011-01-25 19:00:39 ----A---- C:\Windows\system32\D3DX9_37.dll 2011-01-25 19:00:38 ----A---- C:\Windows\system32\xactengine2_10.dll 2011-01-25 19:00:37 ----A---- C:\Windows\system32\d3dx10_36.dll 2011-01-25 19:00:37 ----A---- C:\Windows\system32\D3DCompiler_36.dll 2011-01-25 19:00:36 ----A---- C:\Windows\system32\xactengine2_9.dll 2011-01-25 19:00:36 ----A---- C:\Windows\system32\d3dx9_36.dll 2011-01-25 19:00:35 ----A---- C:\Windows\system32\d3dx10_35.dll 2011-01-25 19:00:35 ----A---- C:\Windows\system32\D3DCompiler_35.dll 2011-01-25 19:00:33 ----A---- C:\Windows\system32\xactengine2_8.dll 2011-01-25 19:00:33 ----A---- C:\Windows\system32\X3DAudio1_2.dll 2011-01-25 19:00:33 ----A---- C:\Windows\system32\d3dx9_35.dll 2011-01-25 19:00:32 ----A---- C:\Windows\system32\d3dx10_34.dll 2011-01-25 19:00:32 ----A---- C:\Windows\system32\D3DCompiler_34.dll 2011-01-25 19:00:31 ----A---- C:\Windows\system32\d3dx9_34.dll 2011-01-25 19:00:30 ----A---- C:\Windows\system32\xactengine2_7.dll 2011-01-25 19:00:28 ----A---- C:\Windows\system32\xactengine2_6.dll 2011-01-25 19:00:27 ----A---- C:\Windows\system32\xactengine2_5.dll 2011-01-25 19:00:27 ----A---- C:\Windows\system32\d3dx10.dll 2011-01-25 19:00:26 ----A---- C:\Windows\system32\d3dx9_32.dll 2011-01-25 19:00:25 ----A---- C:\Windows\system32\xactengine2_4.dll 2011-01-25 19:00:25 ----A---- C:\Windows\system32\x3daudio1_1.dll 2011-01-25 19:00:25 ----A---- C:\Windows\system32\d3dx9_31.dll 2011-01-25 19:00:24 ----A---- C:\Windows\system32\xinput1_2.dll 2011-01-25 19:00:24 ----A---- C:\Windows\system32\xactengine2_3.dll 2011-01-25 19:00:24 ----A---- C:\Windows\system32\xactengine2_2.dll 2011-01-25 19:00:23 ----A---- C:\Windows\system32\xinput1_1.dll 2011-01-25 19:00:23 ----A---- C:\Windows\system32\xactengine2_1.dll 2011-01-25 19:00:11 ----A---- C:\Windows\system32\xactengine2_0.dll 2011-01-25 19:00:11 ----A---- C:\Windows\system32\x3daudio1_0.dll 2011-01-25 19:00:11 ----A---- C:\Windows\system32\d3dx9_30.dll 2011-01-25 19:00:10 ----A---- C:\Windows\system32\d3dx9_29.dll 2011-01-25 19:00:09 ----A---- C:\Windows\system32\d3dx9_28.dll 2011-01-25 19:00:08 ----A---- C:\Windows\system32\d3dx9_27.dll 2011-01-25 19:00:08 ----A---- C:\Windows\system32\d3dx9_26.dll 2011-01-25 19:00:07 ----A---- C:\Windows\system32\d3dx9_25.dll 2011-01-25 19:00:06 ----A---- C:\Windows\system32\d3dx9_24.dll ======List of files/folders modified in the last 1 months====== 2011-02-17 10:11:34 ----D---- C:\Program Files\trend micro 2011-02-17 10:11:20 ----D---- C:\Windows\Temp 2011-02-17 10:00:19 ----D---- C:\Windows\system32\drivers 2011-02-17 09:55:02 ----D---- C:\Windows\Microsoft.NET 2011-02-17 09:55:00 ----RSD---- C:\Windows\assembly 2011-02-17 09:52:52 ----D---- C:\Windows\winsxs 2011-02-17 09:52:33 ----D---- C:\Windows\System32 2011-02-17 09:52:33 ----D---- C:\Windows\inf 2011-02-17 09:52:33 ----A---- C:\Windows\system32\PerfStringBackup.INI 2011-02-17 09:51:04 ----D---- C:\Windows\system32\wbem 2011-02-17 09:48:57 ----SHD---- C:\System Volume Information 2011-02-16 22:33:01 ----D---- C:\Windows\Minidump 2011-02-16 22:32:18 ----D---- C:\Windows 2011-02-16 21:28:35 ----D---- C:\Windows\system32\catroot 2011-02-16 21:27:39 ----D---- C:\Windows\system32\catroot2 2011-02-16 09:13:08 ----D---- C:\Windows\rescache 2011-02-16 08:58:09 ----SHD---- C:\Boot 2011-02-16 08:47:18 ----D---- C:\Program Files\Windows Sidebar 2011-02-16 08:47:18 ----D---- C:\Program Files\Windows Media Player 2011-02-16 08:47:18 ----D---- C:\Program Files\Windows Mail 2011-02-16 08:47:18 ----D---- C:\Program Files\Windows Collaboration 2011-02-16 08:47:18 ----D---- C:\Program Files\Windows Calendar 2011-02-16 08:47:18 ----D---- C:\Program Files\Movie Maker 2011-02-16 08:47:18 ----D---- C:\Program Files\Internet Explorer 2011-02-16 08:47:17 ----D---- C:\Program Files\Windows Photo Gallery 2011-02-16 08:47:16 ----D---- C:\Program Files\Windows Defender 2011-02-16 08:47:16 ----D---- C:\Program Files\Common Files\System 2011-02-16 08:47:15 ----D---- C:\Windows\servicing 2011-02-16 08:47:11 ----D---- C:\Windows\system32\XPSViewer 2011-02-16 08:47:11 ----D---- C:\Windows\system32\sk-SK 2011-02-16 08:47:11 ----D---- C:\Windows\system32\oobe 2011-02-16 08:47:11 ----D---- C:\Windows\system32\lv-LV 2011-02-16 08:47:11 ----D---- C:\Windows\system32\ko-KR 2011-02-16 08:47:11 ----D---- C:\Windows\system32\it-IT 2011-02-16 08:47:11 ----D---- C:\Windows\system32\hr-HR 2011-02-16 08:47:11 ----D---- C:\Windows\system32\et-EE 2011-02-16 08:47:11 ----D---- C:\Windows\system32\en-US 2011-02-16 08:47:11 ----D---- C:\Windows\system32\el-GR 2011-02-16 08:47:11 ----D---- C:\Windows\system32\de-DE 2011-02-16 08:47:11 ----D---- C:\Windows\system32\da-DK 2011-02-16 08:47:11 ----D---- C:\Windows\IME 2011-02-16 08:47:10 ----D---- C:\Windows\system32\migration 2011-02-16 08:47:09 ----D---- C:\Windows\system32\sv-SE 2011-02-16 08:47:09 ----D---- C:\Windows\system32\SLUI 2011-02-16 08:47:09 ----D---- C:\Windows\system32\setup 2011-02-16 08:47:09 ----D---- C:\Windows\system32\ru-RU 2011-02-16 08:47:09 ----D---- C:\Windows\system32\pt-PT 2011-02-16 08:47:09 ----D---- C:\Windows\system32\hu-HU 2011-02-16 08:47:09 ----D---- C:\Windows\system32\he-IL 2011-02-16 08:47:09 ----D---- C:\Windows\system32\fr-FR 2011-02-16 08:47:09 ----D---- C:\Windows\system32\fi-FI 2011-02-16 08:47:09 ----D---- C:\Windows\system32\cs-CZ 2011-02-16 08:47:09 ----D---- C:\Windows\system32\AdvancedInstallers 2011-02-16 08:47:08 ----D---- C:\Windows\system32\zh-TW 2011-02-16 08:47:08 ----D---- C:\Windows\system32\zh-CN 2011-02-16 08:47:08 ----D---- C:\Windows\system32\uk-UA 2011-02-16 08:47:08 ----D---- C:\Windows\system32\sr-Latn-CS 2011-02-16 08:47:08 ----D---- C:\Windows\system32\sl-SI 2011-02-16 08:47:08 ----D---- C:\Windows\system32\manifeststore 2011-02-16 08:47:08 ----D---- C:\Windows\system32\es-ES 2011-02-16 08:47:07 ----D---- C:\Windows\system32\pl-PL 2011-02-16 08:47:06 ----D---- C:\Windows\system32\ro-RO 2011-02-16 08:47:06 ----D---- C:\Windows\system32\ja-JP 2011-02-16 08:47:06 ----D---- C:\Windows\system32\bg-BG 2011-02-16 08:47:05 ----D---- C:\Windows\system32\tr-TR 2011-02-16 08:47:05 ----D---- C:\Windows\system32\th-TH 2011-02-16 08:47:05 ----D---- C:\Windows\system32\drivers\pl-PL 2011-02-16 08:47:04 ----D---- C:\Windows\system32\nl-NL 2011-02-16 08:47:04 ----D---- C:\Windows\system32\nb-NO 2011-02-16 08:47:04 ----D---- C:\Windows\system32\lt-LT 2011-02-16 08:47:04 ----D---- C:\Windows\system32\ar-SA 2011-02-16 08:47:03 ----D---- C:\Windows\system32\pt-BR 2011-02-16 08:47:03 ----D---- C:\Windows\system32\migwiz 2011-02-16 08:46:50 ----RSD---- C:\Windows\Fonts 2011-02-16 08:46:50 ----D---- C:\Windows\AppPatch 2011-02-16 08:46:44 ----D---- C:\Windows\system32\Boot 2011-02-16 08:45:35 ----D---- C:\Windows\system32\drivers\UMDF 2011-02-16 08:35:56 ----D---- C:\Program Files\Common Files 2011-02-16 08:35:10 ----A---- C:\Windows\fonts\GlobalUserInterface.CompositeFont 2011-02-16 08:10:11 ----D---- C:\Windows\Prefetch 2011-02-16 08:06:36 ----D---- C:\Windows\PolicyDefinitions 2011-02-16 08:03:20 ----D---- C:\Windows\Debug 2011-02-14 17:35:13 ----SHD---- C:\Windows\Installer 2011-02-14 16:30:18 ----HD---- C:\ProgramData 2011-02-14 15:43:10 ----D---- C:\ProgramData\Microsoft Help 2011-02-08 19:04:32 ----D---- C:\Users\kamil\AppData\Roaming\Skype 2011-02-08 19:01:09 ----D---- C:\Users\kamil\AppData\Roaming\skypePM 2011-02-08 18:49:06 ----SD---- C:\Windows\Downloaded Program Files 2011-02-08 18:49:06 ----RD---- C:\Program Files 2011-02-07 18:57:09 ----D---- C:\Windows\system32\WDI 2011-02-04 17:34:02 ----A---- C:\Windows\system32\mrt.exe 2011-02-03 17:15:04 ----HD---- C:\Program Files\InstallShield Installation Information 2011-01-29 09:34:51 ----SD---- C:\ProgramData\Microsoft 2011-01-22 03:01:21 ----D---- C:\Windows\system32\config 2011-01-22 03:01:17 ----D---- C:\Windows\WinClon 2011-01-22 03:01:17 ----D---- C:\Windows\VMC302 2011-01-22 03:01:17 ----D---- C:\Windows\Tasks 2011-01-22 03:01:17 ----D---- C:\Windows\system32\Tasks 2011-01-22 03:01:17 ----D---- C:\Windows\system32\spool 2011-01-22 03:01:17 ----D---- C:\Windows\system32\Msdtc 2011-01-22 03:01:17 ----D---- C:\Windows\system32\CodeIntegrity 2011-01-22 03:01:16 ----D---- C:\Windows\registration ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2008-06-16 318488] R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-04-27 691696] R1 afw;Agnitum Firewall Driver; C:\Windows\system32\DRIVERS\afw.sys [2009-02-18 29208] R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2010-10-24 165264] R1 MpKsl7c08295e;MpKsl7c08295e; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{22BD70D6-B9F4-465C-BD92-BA7D3DBE1E81}\MpKsl7c08295e.sys [2011-02-17 28752] R1 SandBox;SandBox; \??\C:\Windows\system32\drivers\SandBox.sys [2009-04-06 704384] R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-09-25 278728] R2 KMDFMEMIO;SAMSUNG Kernel Driver; C:\Windows\system32\DRIVERS\kmdfmemio.sys [2007-05-23 13312] R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-09-25 25416] R3 afwcore;afwcore; C:\Windows\system32\drivers\afwcore.sys [2009-02-10 307224] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2007-09-13 755712] R3 HdAudAddService;Sterownik funkcji Microsoft 1.1 UAA dla usługi standardu High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-04-17 2098904] R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2010-10-24 43392] R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2010-10-24 54144] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-06-08 7522624] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-10-26 193456] R3 VMC302;Vimicro Camera Service VMC302; C:\Windows\System32\Drivers\VMC302.sys [2008-04-05 242560] R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328] R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2007-12-28 298496] S1 nhcinfbl;nhcinfbl; \??\C:\Windows\system32\drivers\nhcinfbl.sys [2011-02-17 41680] S2 E4LOADER;General Purpose USB Driver (e4ldr.sys); C:\Windows\System32\Drivers\e4ldr.sys [2007-01-04 69656] S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888] S3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\Windows\system32\DRIVERS\bcm4sbxp.sys [2006-11-02 45056] S3 BthEnum;Sterownik Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-01-21 19456] S3 BthPan;Urządzenie Bluetooth (sieć osobista); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160] S3 BTHPORT;Sterownik portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2008-01-21 219648] S3 BTHUSB;Sterownik USB odbiornika radiowego Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2008-01-21 29184] S3 btwaudio;Urz1dzenie dYwiekowe Bluetooth; C:\Windows\system32\drivers\btwaudio.sys [2008-02-14 80424] S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2007-07-15 80936] S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-07-15 16168] S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632] S3 e4usbaw;USB ADSL2 WAN Adapter; C:\Windows\system32\DRIVERS\e4usbaw.sys [2007-01-04 104344] S3 EagleNT;EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys [] S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [] S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-10-19 1380864] S3 LLRING0;LLRING0; \??\D:\Gry\Zypher\zhypermu small r3\MuGuard\llck2.sys [] S3 MSKSSRV;Serwer proxy usługi Microsoft Streaming; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192] S3 MSPCLOCK;Serwer proxy zegara Microsoft Streaming; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888] S3 MSPQM;Serwer proxy menedżera jakości Microsoft Streaming; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504] S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016] S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2008-01-21 2225664] S3 RFCOMM;Urządzenie Bluetooth (Protokół TDI RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys [2008-02-21 50688] S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys [2007-07-11 12416] S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys [2007-07-11 19840] S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys [2007-07-11 21632] S3 usbvideo;Urządzenie wideo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016] S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656] S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616] S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 acssrv;Agnitum Client Security Service; C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe [2009-04-28 1195008] R2 BcmSqlStartupSvc;Usługa startowa serwera SQL dodatku Business Contact Manager; C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2009-02-25 30312] R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504] R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2008-05-23 819200] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-03-17 73728] R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2010-11-11 11736] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-06-08 196608] R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2010-05-31 66872] R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2010-05-31 107832] R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2008-05-23 466944] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2006-12-19 272024] R2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-11-24 239968] R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-24 87904] R3 NisSrv;@c:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 206360] S2 gupdate;Usługa Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-08-17 136176] S2 Samsung Update Plus;Samsung Update Plus; C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe [2008-05-13 77480] S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2009-05-27 29262680] S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2010-06-02 3594440] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2010-12-05 403240] S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-11-24 45408] -----------------EOF----------------- [/log]Jakimś sposobem zaczęły mi się pojawiać w niektórych miejscach pliki o nazwie "desktop.ini". Czy jest jakiś sposób, żeby je ukryć?
Tomek01 komentarz 17 lutego 2011 komentarz 17 lutego 2011 Pokaż log z usuwania. [code] :OTL PRC - [2011-02-01 19:17:14 | 000,110,614 | ---- | M] () -- C:\Users\kamil\AppData\Local\inetserv.exeO4 - HKU\S-1-5-21-23042342-2651542211-2932212354-1003..\Run: [inetserv] C:\Users\kamil\AppData\Local\inetserv.exe () O33 - MountPoints2\{b6843ec9-a094-11df-a8b2-001377f510d9}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\explore.exe O33 - MountPoints2\{e669bb7b-1639-11df-8b58-001377f510d9}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL H:\copy.exe C:\Users\kamil\AppData\Local\Temp@Alternate Data Stream - 494 bytes -> C:\Windows\System32\drivers\nhcinfbl.sys:changelist :Commands [emptytemp][/code] Klikasz run fix, komputer uruchamia się ponownie. Wrzuć log z usuwania oraz nowe logi: OTL i RSIT
hyper1pl komentarz 18 lutego 2011 Autor komentarz 18 lutego 2011 (edytowane) Log z usuwania: [log]OTL logfile created on: 2011-02-18 17:48:09 - Run 5 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\kamil\Documents\52\otl Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19019) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 47,00% Memory free 4,00 Gb Paging File | 2,00 Gb Available in Paging File | 59,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 69,05 Gb Total Space | 8,00 Gb Free Space | 11,58% Space Free | Partition Type: NTFS Drive D: | 70,00 Gb Total Space | 15,10 Gb Free Space | 21,58% Space Free | Partition Type: NTFS Drive E: | 405,60 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: KAMIL-DOM | User Name: kamil | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2011-02-10 15:03:13 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\kamil\Documents\52\otl\OTL.exe PRC - [2011-02-01 19:17:14 | 000,110,614 | ---- | M] () -- C:\Users\kamil\AppData\Local\inetserv.exe PRC - [2010-12-10 22:00:19 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe PRC - [2010-12-10 22:00:17 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010-12-03 16:46:34 | 014,944,136 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe PRC - [2010-12-03 16:46:34 | 000,080,256 | R--- | M] (Skype Technologies) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe PRC - [2010-11-30 13:20:36 | 000,997,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe PRC - [2010-11-11 12:26:42 | 000,206,360 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe PRC - [2010-11-11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe PRC - [2010-11-04 17:34:06 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe PRC - [2010-08-17 15:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe PRC - [2010-05-31 16:47:31 | 000,107,832 | ---- | M] () -- C:\Windows\System32\PnkBstrB.exe PRC - [2010-05-31 16:47:24 | 000,066,872 | ---- | M] () -- C:\Windows\System32\PnkBstrA.exe PRC - [2009-08-27 19:33:26 | 000,266,240 | R--- | M] () -- E:\cdstart.exe PRC - [2009-06-15 13:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe PRC - [2009-04-11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe PRC - [2009-04-11 07:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe PRC - [2009-04-11 07:27:59 | 000,441,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe PRC - [2009-04-11 07:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe PRC - [2009-04-11 07:27:49 | 003,408,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe PRC - [2009-04-11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009-04-11 07:27:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe PRC - [2009-02-25 08:28:20 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe PRC - [2008-11-24 21:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe PRC - [2008-11-24 21:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe PRC - [2008-06-08 23:23:00 | 000,196,608 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe PRC - [2008-05-23 06:11:56 | 000,819,200 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe PRC - [2008-05-23 05:43:52 | 000,466,944 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe PRC - [2008-05-22 09:33:54 | 000,688,128 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe PRC - [2008-05-13 01:13:28 | 000,085,672 | ---- | M] () -- C:\Program Files\Samsung\Samsung Update Plus\SLUTrayNotifier.exe PRC - [2008-04-25 13:31:34 | 000,565,248 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe PRC - [2008-04-17 07:26:46 | 000,352,256 | ---- | M] (SAMSUNG Electronics co., LTD.) -- C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe PRC - [2008-04-17 03:50:00 | 006,111,232 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe PRC - [2008-03-17 10:07:02 | 000,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe PRC - [2008-01-21 03:35:20 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe PRC - [2008-01-21 03:35:20 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe PRC - [2008-01-21 03:34:43 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe PRC - [2008-01-21 03:33:15 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe PRC - [2008-01-21 03:33:13 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2007-10-26 06:39:14 | 000,095,528 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe PRC - [2007-10-26 06:39:04 | 001,029,416 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe PRC - [2007-07-04 23:41:42 | 000,045,056 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe PRC - [2006-12-19 14:23:38 | 000,272,024 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe PRC - [2006-11-02 10:45:37 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rundll32.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2011-02-10 15:03:13 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\kamil\Documents\52\otl\OTL.exe MOD - [2011-01-21 17:35:22 | 011,586,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll MOD - [2011-01-21 17:35:22 | 000,353,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll MOD - [2010-10-15 14:48:59 | 001,205,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll MOD - [2010-08-31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll MOD - [2010-06-28 18:00:21 | 001,316,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll MOD - [2010-04-16 17:46:48 | 000,502,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll MOD - [2009-07-17 14:54:43 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll MOD - [2009-06-15 15:53:43 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll MOD - [2009-06-15 15:52:42 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll MOD - [2009-04-28 10:05:56 | 000,715,264 | ---- | M] (Agnitum Ltd.) -- c:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll MOD - [2009-04-23 13:15:07 | 000,784,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll MOD - [2009-04-11 07:28:25 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll MOD - [2009-04-11 07:28:25 | 000,712,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll MOD - [2009-04-11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll MOD - [2009-04-11 07:28:25 | 000,287,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll MOD - [2009-04-11 07:28:25 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll MOD - [2009-04-11 07:28:25 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll MOD - [2009-04-11 07:28:24 | 001,591,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll MOD - [2009-04-11 07:28:24 | 001,068,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll MOD - [2009-04-11 07:28:24 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll MOD - [2009-04-11 07:28:24 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll MOD - [2009-04-11 07:28:23 | 000,754,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll MOD - [2009-04-11 07:28:23 | 000,563,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll MOD - [2009-04-11 07:28:23 | 000,467,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netapi32.dll MOD - [2009-04-11 07:28:23 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll MOD - [2009-04-11 07:28:23 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll MOD - [2009-04-11 07:28:22 | 000,679,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll MOD - [2009-04-11 07:28:20 | 000,891,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll MOD - [2009-04-11 07:28:20 | 000,807,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll MOD - [2009-04-11 07:28:20 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll MOD - [2009-04-11 07:28:20 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll MOD - [2009-04-11 07:28:19 | 000,297,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll MOD - [2009-04-11 07:28:19 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\EhStorShell.dll MOD - [2009-04-11 07:28:18 | 000,450,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll MOD - [2009-04-11 07:28:18 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authz.dll MOD - [2009-04-11 07:28:17 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll MOD - [2009-04-11 07:28:17 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll MOD - [2009-04-11 07:27:12 | 000,258,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv MOD - [2008-01-21 03:35:19 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll MOD - [2008-01-21 03:34:36 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ws2_32.dll MOD - [2008-01-21 03:34:35 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll MOD - [2008-01-21 03:34:21 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll MOD - [2008-01-21 03:34:21 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx MOD - [2008-01-21 03:34:07 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll MOD - [2008-01-21 03:34:05 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll MOD - [2008-01-21 03:33:14 | 000,240,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll MOD - [2006-11-02 10:46:12 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2010-12-05 13:12:40 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2010-11-11 12:26:42 | 000,206,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv) SRV - [2010-11-11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc) SRV - [2010-06-02 17:31:00 | 003,594,440 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc) SRV - [2009-04-28 10:06:06 | 001,195,008 | ---- | M] (Agnitum Ltd.) [Auto | Running] -- C:\Program Files\Agnitum\Outpost Firewall\acs.exe -- (acssrv) SRV - [2009-02-25 08:28:20 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc) SRV - [2008-05-23 06:11:56 | 000,819,200 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) SRV - [2008-05-23 05:43:52 | 000,466,944 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) SRV - [2008-05-13 00:47:20 | 000,077,480 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe -- (Samsung Update Plus) SRV - [2008-01-21 03:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011-02-18 14:55:05 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F3756088-6E54-45E8-846C-DFADC10BF652}\MpKsl3b685fcb.sys -- (MpKsl3b685fcb) DRV - [2011-02-17 22:56:34 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F3756088-6E54-45E8-846C-DFADC10BF652}\MpKsld37a6168.sys -- (MpKsld37a6168) DRV - [2010-10-24 21:25:38 | 000,054,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv) DRV - [2010-10-24 21:25:38 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon) DRV - [2010-09-25 16:49:10 | 000,278,728 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt) DRV - [2010-09-25 16:49:10 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt) DRV - [2010-04-27 16:49:25 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2009-04-06 11:37:12 | 000,704,384 | ---- | M] (Agnitum Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\SandBox.sys -- (SandBox) DRV - [2009-02-18 17:27:54 | 000,029,208 | ---- | M] (Agnitum Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\afw.sys -- (afw) DRV - [2009-02-10 16:12:48 | 000,307,224 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afwcore.sys -- (afwcore) DRV - [2008-06-16 13:38:10 | 000,318,488 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor) DRV - [2008-06-08 23:23:00 | 007,522,624 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2008-04-17 08:31:00 | 002,098,904 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2008-04-05 06:56:26 | 000,242,560 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vmc302.sys -- (VMC302) DRV - [2008-02-14 00:17:10 | 000,080,424 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio) DRV - [2008-01-21 03:32:53 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2008-01-21 03:32:53 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2008-01-21 03:32:52 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR) DRV - [2008-01-21 03:32:52 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2008-01-21 03:32:52 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2008-01-21 03:32:52 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2008-01-21 03:32:51 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2008-01-21 03:32:51 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2008-01-21 03:32:50 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2008-01-21 03:32:50 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R) DRV - [2008-01-21 03:32:50 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2008-01-21 03:32:49 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2008-01-21 03:32:49 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2008-01-21 03:32:49 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2008-01-21 03:32:49 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2008-01-21 03:32:49 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2008-01-21 03:32:48 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2008-01-21 03:32:48 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2008-01-21 03:32:47 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2008-01-21 03:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2008-01-21 03:32:46 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2008-01-21 03:32:45 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R) DRV - [2008-01-21 03:32:45 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2008-01-21 03:32:21 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2008-01-21 03:32:21 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2008-01-21 03:32:21 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2007-12-28 02:51:00 | 000,298,496 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh) DRV - [2007-10-26 06:39:08 | 000,193,456 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP) DRV - [2007-09-13 07:17:58 | 000,755,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2007-07-15 23:20:26 | 000,016,168 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwrchid.sys -- (btwrchid) DRV - [2007-07-15 23:20:24 | 000,080,936 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt) DRV - [2007-07-11 15:51:48 | 000,019,840 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag) DRV - [2007-07-11 10:45:00 | 000,021,632 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem) DRV - [2007-07-11 10:40:18 | 000,012,416 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus) DRV - [2007-05-23 09:13:10 | 000,013,312 | ---- | M] (SAMSUNG ELECTRONICS CO., LTD.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\KMDFMEMIO.sys -- (KMDFMEMIO) DRV - [2007-01-04 12:48:04 | 000,104,344 | ---- | M] (Analog Devices Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e4usbaw.sys -- (e4usbaw) DRV - [2007-01-04 12:47:48 | 000,069,656 | ---- | M] (Analog Deivces) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\e4ldr.sys -- (E4LOADER) General Purpose USB Driver (e4ldr.sys) DRV - [2006-11-28 08:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2006-11-02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006-11-02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006-11-02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006-11-02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006-11-02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006-11-02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006-11-02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006-11-02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006-11-02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006-11-02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006-11-02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006-11-02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006-11-02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006-11-02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006-11-02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006-11-02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006-11-02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006-11-02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006-11-02 08:30:53 | 000,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp) DRV - [2006-10-19 03:10:57 | 001,380,864 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\igdkmd32.sys -- (ialm) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "google.pl" FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-12-10 22:00:21 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-12-10 22:00:21 | 000,000,000 | ---D | M] [2010-04-10 16:54:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kamil\AppData\Roaming\mozilla\Extensions [2011-02-18 16:15:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kamil\AppData\Roaming\mozilla\Firefox\Profiles\gmr2j1a9.default\extensions [2010-09-18 19:36:09 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\kamil\AppData\Roaming\mozilla\Firefox\Profiles\gmr2j1a9.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-12-29 00:12:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010-12-23 12:54:45 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2010-07-10 16:19:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010-07-10 16:18:34 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2010-09-12 13:23:09 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-09-12 13:23:09 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-09-12 13:23:09 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-09-12 13:23:10 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-09-12 13:23:10 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-09-12 13:23:10 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2006-09-18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe () O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [OutpostFeedBack] C:\Program Files\Agnitum\Outpost Firewall\feedback.exe (Agnitum Ltd.) O4 - HKLM..\Run: [OutpostMonitor] C:\Program Files\Agnitum\Outpost Firewall\op_mon.exe (Agnitum Ltd.) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [AlcoholAutomount] File not found O4 - HKCU..\Run: [inetserv] C:\Users\kamil\AppData\Local\inetserv.exe () O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data] O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36 O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O13 - gopher Prefix: missing O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 173.192.105.217 173.193.227.124 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - AppInit_DLLs: (c:\progra~1\agnitum\outpos~1\wl_hook.dll) - c:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Agnitum Ltd.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\kamil\AppData\Roaming\Mozilla\Firefox\Tapeta pulpitu.bmp O24 - Desktop BackupWallPaper: C:\Users\kamil\AppData\Roaming\Mozilla\Firefox\Tapeta pulpitu.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2010-08-28 00:44:42 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010-08-28 00:44:42 | 000,000,000 | RHSD | M] - D:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2008-03-27 18:55:30 | 000,000,047 | R--- | M] () - E:\autorun.inf -- [ CDFS ] O32 - AutoRun File - [2009-08-27 19:33:44 | 000,000,380 | R--- | M] () - E:\autorun.xml -- [ CDFS ] O32 - AutoRun File - [2009-08-27 19:33:44 | 000,003,290 | R--- | M] () - E:\autorun_de.css -- [ CDFS ] O32 - AutoRun File - [2009-08-27 19:33:44 | 000,003,300 | R--- | M] () - E:\autorun_en.css -- [ CDFS ] O32 - AutoRun File - [2009-08-27 19:33:44 | 000,003,300 | R--- | M] () - E:\autorun_pl.css -- [ CDFS ] O33 - MountPoints2\{b6843ec9-a094-11df-a8b2-001377f510d9}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\explore.exe O33 - MountPoints2\{e669bb7b-1639-11df-8b58-001377f510d9}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL H:\copy.exe O33 - MountPoints2\{fd9cf149-1d00-11de-95d8-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{fd9cf149-1d00-11de-95d8-806e6f6e6963}\Shell\AutoRun\command - "" = E:\cdstart.exe -- [2009-08-27 19:33:26 | 000,266,240 | R--- | M] () O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2011-02-18 16:36:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Farming-Simulator 2009 [2011-02-16 08:46:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\eu-ES [2011-02-16 08:46:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\ca-ES [2011-02-16 08:46:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\vi-VN [2011-02-16 08:23:22 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders [2011-02-14 16:30:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Media Center Programs [2011-02-08 18:49:06 | 000,000,000 | ---D | C] -- C:\Program Files\SkanerOnline [2011-02-03 20:22:07 | 000,000,000 | -H-D | C] -- C:\LG3G [2011-02-03 20:19:41 | 000,000,000 | ---D | C] -- C:\lgupload [2011-02-03 17:21:19 | 000,000,000 | ---D | C] -- C:\Users\kamil\AppData\Roaming\LG Electronics [2011-02-03 17:15:06 | 000,000,000 | ---D | C] -- C:\Program Files\LG Electronics [2011-02-03 17:13:26 | 000,000,000 | ---D | C] -- C:\Program Files\LG PC Suite 2 [2011-02-03 17:13:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG PC Suite 2 [2011-01-30 16:35:08 | 000,000,000 | ---D | C] -- C:\Users\kamil\Documents\MP-Manager [2011-01-30 16:35:08 | 000,000,000 | ---D | C] -- C:\Users\kamil\Application Data [2011-01-30 16:34:37 | 000,000,000 | ---D | C] -- C:\Users\kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MP Manager [2011-01-30 16:31:48 | 000,000,000 | ---D | C] -- C:\Users\kamil\AppData\Roaming\MPMAN [2011-01-29 09:36:11 | 000,000,000 | ---D | C] -- C:\Windows\TempAE2F5317-B912-ED87-AA44-48E9B7C3915A-Signatures [2011-01-29 09:35:01 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client [2011-01-25 19:41:36 | 000,000,000 | ---D | C] -- C:\Users\kamil\Documents\Eidos [2011-01-25 18:45:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CAPCOM [2011-01-21 16:26:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra [2011-01-13 18:04:55 | 000,000,000 | ---D | C] -- C:\Windows\System32\xlive [2011-01-06 18:03:01 | 000,000,000 | ---D | C] -- C:\Users\kamil\AppData\Roaming\Thinstall [2011-01-04 18:45:38 | 000,000,000 | ---D | C] -- C:\Users\kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zegarmistrz [2011-01-04 18:45:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zegarmistrz [2010-12-23 17:55:10 | 000,000,000 | ---D | C] -- C:\Users\kamil\Documents\52 [2010-12-23 15:20:27 | 000,000,000 | ---D | C] -- C:\Users\kamil\AppData\Roaming\Tibia [2010-12-23 15:17:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tibia [2010-12-23 12:52:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2010-12-23 12:52:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2006-11-24 06:14:44 | 000,139,264 | ---- | C] ( ) -- C:\Windows\System32\MACSSDK_wiz.dll [2006-11-24 06:14:44 | 000,126,976 | ---- | C] ( ) -- C:\Windows\System32\MACSSDK.dll [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2011-02-18 17:51:02 | 000,001,034 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011-02-18 17:47:36 | 000,137,021 | ---- | M] () -- C:\ProgramData\nvModes.dat [2011-02-18 17:47:36 | 000,137,021 | ---- | M] () -- C:\ProgramData\nvModes.001 [2011-02-18 16:54:27 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011-02-18 16:54:27 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011-02-18 16:36:19 | 000,000,722 | ---- | M] () -- C:\Users\kamil\Desktop\Symulator-Farmy 2009.lnk [2011-02-18 15:13:28 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{3982A897-C764-48B3-90D3-5CE2FC2D8A19}.job [2011-02-18 15:02:09 | 000,710,864 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2011-02-18 15:02:09 | 000,635,986 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011-02-18 15:02:09 | 000,145,430 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2011-02-18 15:02:09 | 000,119,772 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011-02-18 14:54:31 | 000,001,030 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011-02-18 14:54:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011-02-18 14:54:18 | 2141,831,168 | -HS- | M] () -- C:\hiberfil.sys [2011-02-17 22:57:34 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2011-02-16 22:32:18 | 095,948,386 | ---- | M] () -- C:\Windows\MEMORY.DMP [2011-02-16 08:52:24 | 000,372,632 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011-02-16 08:06:01 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempnC2684.html [2011-02-16 08:06:01 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempon2684.html [2011-02-15 23:43:20 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempfA4004.html [2011-02-08 20:08:05 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempTB3240.html [2011-02-08 20:08:05 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempyV3240.html [2011-02-08 16:47:42 | 000,000,680 | ---- | M] () -- C:\Users\kamil\AppData\Local\d3d9caps.dat [2011-02-07 19:05:24 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempja5624.html [2011-02-03 21:38:10 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempTD3572.html [2011-02-03 21:38:10 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempwF3572.html [2011-02-01 19:17:14 | 000,110,614 | ---- | M] () -- C:\Users\kamil\AppData\Local\inetserv.exe [2011-01-30 14:50:35 | 000,092,160 | ---- | M] () -- C:\Users\kamil\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-01-29 15:32:52 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempAL5364.html [2011-01-29 15:32:52 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempzw5364.html [2011-01-29 09:38:50 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif [2011-01-28 23:17:19 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempYt4272.html [2011-01-28 23:17:19 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempOe4272.html [2011-01-23 22:20:37 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempjD3568.html [2011-01-23 22:20:37 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempMi3568.html [2011-01-22 16:02:58 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempOM2392.html [2011-01-22 16:02:58 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempJS2392.html [2011-01-16 20:04:49 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempjN5168.html [2011-01-16 20:04:49 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Temppe5168.html [2011-01-14 23:24:53 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempND3380.html [2011-01-13 00:04:10 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempNQ3404.html [2011-01-12 19:44:26 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Templg3808.html [2011-01-12 19:44:26 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempOI3808.html [2011-01-12 16:50:39 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempcU3652.html [2011-01-12 16:50:39 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempRj3652.html [2011-01-11 17:58:21 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempFU1664.html [2011-01-11 17:58:21 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempPW1664.html [2011-01-10 18:26:09 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempeO1000.html [2011-01-09 21:07:48 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempGh1992.html [2011-01-09 21:07:48 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempwQ1992.html [2011-01-09 00:59:09 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempqy3528.html [2011-01-07 15:41:18 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempDLO284.html [2011-01-06 19:38:01 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempBi2584.html [2011-01-05 17:14:33 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempms1724.html [2011-01-04 16:29:52 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempUx5904.html [2011-01-04 16:29:52 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Temphb5904.html [2011-01-02 22:01:05 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempRI3908.html [2011-01-02 22:01:05 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempDy3908.html [2010-12-30 01:55:48 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TemplB1848.html [2010-12-30 01:55:48 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempnE1848.html [2010-12-27 22:43:31 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempgO2744.html [2010-12-27 14:32:35 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempHv2724.html [2010-12-27 14:32:35 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempSa2724.html [2010-12-27 01:32:48 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempLp2396.html [2010-12-27 01:32:48 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempNU2396.html [2010-12-26 02:21:40 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempto6032.html [2010-12-26 02:21:40 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempzb6032.html [2010-12-24 02:14:15 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempEW6004.html [2010-12-24 02:14:15 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempBp6004.html [2010-12-23 16:20:12 | 004,687,862 | ---- | M] () -- C:\Users\kamil\Documents\52 Debiec - Gniew.mp3 [2010-12-23 12:52:19 | 000,001,878 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2010-12-22 23:33:36 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Temphx2496.html [2010-12-22 23:33:36 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempYQ2496.html [2010-12-22 18:58:40 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempvy2588.html [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-02-18 16:36:19 | 000,000,722 | ---- | C] () -- C:\Users\kamil\Desktop\Symulator-Farmy 2009.lnk [2011-02-17 09:40:44 | 2141,831,168 | -HS- | C] () -- C:\hiberfil.sys [2011-02-16 08:02:29 | 000,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf [2011-02-16 07:56:24 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempnC2684.html [2011-02-16 07:56:24 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempon2684.html [2011-02-15 22:45:35 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempfA4004.html [2011-02-08 16:47:49 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempTB3240.html [2011-02-08 16:47:49 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempyV3240.html [2011-02-08 16:06:37 | 000,000,000 | -H-- | C] () -- C:\Users\kamil\AppData\Roaming\jbMhE16d0h.txt [2011-02-07 16:14:36 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempja5624.html [2011-02-03 17:05:35 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempTD3572.html [2011-02-03 17:05:35 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempwF3572.html [2011-02-01 19:17:14 | 000,110,614 | ---- | C] () -- C:\Users\kamil\AppData\Local\inetserv.exe [2011-01-29 12:40:37 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempAL5364.html [2011-01-29 12:40:37 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempzw5364.html [2011-01-29 09:38:50 | 000,001,912 | ---- | C] () -- C:\Windows\epplauncher.mif [2011-01-28 16:18:46 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempYt4272.html [2011-01-28 16:18:46 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempOe4272.html [2011-01-23 15:50:50 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempjD3568.html [2011-01-23 15:50:50 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempMi3568.html [2011-01-22 09:55:49 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempOM2392.html [2011-01-22 09:55:49 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempJS2392.html [2011-01-16 17:01:01 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempjN5168.html [2011-01-16 17:01:01 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Temppe5168.html [2011-01-14 21:56:19 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempND3380.html [2011-01-12 21:42:18 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempNQ3404.html [2011-01-12 19:24:05 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Templg3808.html [2011-01-12 19:24:05 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempOI3808.html [2011-01-12 16:10:25 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempcU3652.html [2011-01-12 16:10:25 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempRj3652.html [2011-01-11 17:50:10 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempFU1664.html [2011-01-11 17:50:10 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempPW1664.html [2011-01-10 17:26:40 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempeO1000.html [2011-01-09 13:42:26 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempGh1992.html [2011-01-09 13:42:26 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempwQ1992.html [2011-01-08 18:05:35 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempqy3528.html [2011-01-07 15:14:56 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempDLO284.html [2011-01-06 15:19:49 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempBi2584.html [2011-01-05 15:14:27 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempms1724.html [2011-01-04 15:57:38 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempUx5904.html [2011-01-04 15:57:38 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Temphb5904.html [2011-01-02 21:04:34 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempRI3908.html [2011-01-02 21:04:34 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempDy3908.html [2010-12-29 15:05:43 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TemplB1848.html [2010-12-29 15:05:43 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempnE1848.html [2010-12-29 00:12:28 | 000,001,878 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk [2010-12-27 20:27:45 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempgO2744.html [2010-12-27 13:50:14 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempHv2724.html [2010-12-27 13:50:14 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempSa2724.html [2010-12-26 22:02:40 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempLp2396.html [2010-12-26 22:02:40 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempNU2396.html [2010-12-25 21:00:34 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempto6032.html [2010-12-25 21:00:34 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempzb6032.html [2010-12-23 16:16:11 | 004,687,862 | ---- | C] () -- C:\Users\kamil\Documents\52 Debiec - Gniew.mp3 [2010-12-23 15:14:02 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempEW6004.html [2010-12-23 15:14:02 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempBp6004.html [2010-12-22 20:50:46 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Temphx2496.html [2010-12-22 20:50:46 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempYQ2496.html [2010-12-22 15:40:08 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempvy2588.html [2010-12-19 19:32:56 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempmO3804.html [2010-12-19 19:32:56 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempWn3804.html [2010-12-18 16:58:38 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempPj1764.html [2010-12-11 21:34:46 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempiZ1716.html [2010-12-11 21:34:45 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempFx1716.html [2010-12-10 18:49:13 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempma5604.html [2010-12-10 18:49:13 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Templr5604.html [2010-12-09 18:45:41 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempwj5064.html [2010-12-09 18:45:41 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Templk5064.html [2010-12-08 17:30:29 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempXe4052.html [2010-12-08 17:30:29 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempGM4052.html [2010-12-07 16:59:17 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempLF3744.html [2010-12-06 16:21:56 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempqd2380.html [2010-12-06 16:21:56 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempmg2380.html [2010-12-05 12:25:20 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempCN2632.html [2010-12-05 12:25:20 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempdh2632.html [2010-12-05 01:38:07 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempNg3004.html [2010-12-04 13:07:31 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempzP5860.html [2010-12-03 18:14:22 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempoq4100.html [2010-12-03 18:14:22 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempgF4100.html [2010-12-03 15:04:37 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Temptm5244.html [2010-12-03 13:42:54 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempGM5904.html [2010-12-02 21:15:57 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempyd2448.html [2010-12-02 21:15:57 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempYw2448.html [2010-11-29 21:19:34 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempAo3916.html [2010-11-29 21:19:34 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempCB3916.html [2010-11-28 15:52:28 | 000,003,053 | ---- | C] () -- C:\Windows\ARX_RingPol100D.ini [2010-11-21 13:41:08 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TemplB3472.html [2010-11-21 13:41:08 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempbT3472.html [2010-11-19 16:04:14 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempvl3368.html [2010-11-19 16:04:14 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempTq3368.html [2010-11-15 13:04:21 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempOKc992.html [2010-11-15 13:04:21 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TemplwW992.html [2010-11-13 21:34:11 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempQo5968.html [2010-11-13 21:34:11 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempXu5968.html [2010-11-13 15:06:17 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempxm5296.html [2010-11-13 15:06:17 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempeT5296.html [2010-11-13 14:55:53 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempPi5296.html [2010-11-13 14:55:53 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempFs5296.html [2010-11-12 13:18:37 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempNE1856.html [2010-11-12 13:18:37 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempNL1856.html [2010-11-11 17:21:44 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempdF3772.html [2010-11-11 17:21:44 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempMR3772.html [2010-11-10 16:46:26 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempuG4180.html [2010-11-07 12:39:33 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempQh2884.html [2010-11-07 12:39:33 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Templo2884.html [2010-11-06 22:13:56 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempCa2288.html [2010-11-06 22:13:56 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempKN2288.html [2010-11-06 14:03:17 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempyY2656.html [2010-11-05 17:20:56 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempbp4012.html [2010-11-05 17:20:56 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempMq4012.html [2010-11-04 12:05:38 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempSf3852.html [2010-11-04 12:05:38 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempPF3852.html [2010-10-31 16:28:51 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempql5236.html [2010-10-31 16:28:51 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempep5236.html [2010-10-31 13:09:26 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempBt5980.html [2010-10-31 12:59:15 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempqB5308.html [2010-10-31 12:59:15 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempOB5308.html [2010-10-19 15:33:33 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempiH3396.html [2010-10-19 15:33:33 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempJV3396.html [2010-10-14 18:05:02 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempXp2552.html [2010-10-14 18:05:02 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempzI2552.html [2010-10-12 12:51:30 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempeF2884.html [2010-10-12 12:51:30 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempDN2884.html [2010-10-08 13:21:37 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TemplD1276.html [2010-10-08 13:21:37 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempsr1276.html [2010-10-04 13:54:25 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempUR1588.html [2010-10-04 13:54:25 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempru1588.html [2010-10-03 11:58:08 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempBB2360.html [2010-10-03 11:58:08 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempYC2360.html [2010-10-02 19:58:14 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempMtO304.html [2010-10-02 19:58:14 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempKPC304.html [2010-10-01 22:36:00 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempYY2608.html [2010-09-25 16:49:10 | 000,278,728 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys [2010-09-25 16:49:10 | 000,025,416 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys [2010-09-24 17:08:34 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempOw2044.html [2010-09-24 17:08:34 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempiK2044.html [2010-09-23 14:47:43 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempGt1832.html [2010-09-22 17:51:15 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempTu3460.html [2010-09-22 17:51:15 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempgm3460.html [2010-09-20 17:02:33 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempdL3572.html [2010-09-20 17:02:33 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempkn3572.html [2010-09-19 09:45:51 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempGT1476.html [2010-09-19 09:45:51 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TemplG1476.html [2010-09-18 16:23:09 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempWd5560.html [2010-09-18 16:23:09 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempaD5560.html [2010-09-18 11:45:44 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempEz2260.html [2010-09-17 18:49:34 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempaT1744.html [2010-09-12 19:28:59 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempyF4324.html [2010-09-12 19:28:59 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempxV4324.html [2010-09-12 13:25:50 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempaf4024.html [2010-09-12 13:25:50 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempUc4024.html [2010-09-11 13:45:01 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempxZB508.html [2010-09-11 13:45:01 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempcvr508.html [2010-09-10 18:55:05 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempdH2036.html [2010-09-02 18:22:11 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempfU5496.html [2010-09-02 18:22:11 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempWW5496.html [2010-09-02 16:44:18 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempJZ2264.html [2010-09-02 16:44:18 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempCv2264.html [2010-09-02 14:54:03 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempyM3488.html [2010-09-01 17:16:20 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempKp4024.html [2010-09-01 17:16:20 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempmw4024.html [2010-08-31 16:56:15 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TemppB3920.html [2010-08-31 16:56:15 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempsC3920.html [2010-08-30 16:20:11 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempHx5276.html [2010-08-30 16:20:11 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempfo5276.html [2010-08-29 11:53:58 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempha2992.html [2010-08-29 11:53:58 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempeU2992.html [2010-08-28 10:24:38 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2010-08-28 10:13:14 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempww1700.html [2010-08-28 10:13:14 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempLf1700.html [2010-08-27 22:56:29 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempUD4940.html [2010-08-27 22:56:29 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempod4940.html [2010-08-03 15:20:29 | 000,000,680 | ---- | C] () -- C:\Users\kamil\AppData\Local\d3d9caps.dat [2010-07-09 20:04:40 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll [2010-06-28 09:40:02 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempwV1564.html [2010-06-28 09:40:02 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempyC1564.html [2010-06-28 08:52:51 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TemppM3176.html [2010-05-31 16:47:42 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2010-05-31 16:47:42 | 000,022,328 | ---- | C] () -- C:\Users\kamil\AppData\Roaming\PnkBstrK.sys [2010-05-18 15:48:30 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll [2010-05-18 15:48:30 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll [2010-05-18 15:48:30 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll [2010-04-27 16:49:25 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys [2010-04-24 12:56:50 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempYg3044.html [2010-04-23 19:28:00 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Temppy1876.html [2010-04-23 19:28:00 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempEY1876.html [2010-04-20 10:26:23 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempLW3776.html [2010-04-20 10:26:23 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Templd3776.html [2010-04-18 19:08:03 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempqv2896.html [2010-04-18 19:08:03 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempkK2896.html [2010-04-18 10:26:35 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempdk2792.html [2010-04-18 10:26:35 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempZh2792.html [2010-04-17 16:35:08 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempJH3920.html [2010-04-17 16:35:08 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempuz3920.html [2010-04-17 08:52:07 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempXK2252.html [2010-04-16 18:24:53 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempqgU376.html [2010-04-16 18:24:53 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempvBC376.html [2010-04-16 15:36:09 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempgR4068.html [2010-04-13 18:51:04 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempoR3468.html [2010-04-13 18:51:04 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempSP3468.html [2010-04-12 15:11:00 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempXQ2732.html [2010-04-12 15:11:00 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempxv2732.html [2010-04-11 18:42:23 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempEZ2156.html [2010-04-11 18:42:23 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempfu2156.html [2010-04-11 09:09:31 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempAZ2624.html [2010-04-11 09:09:31 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Templn2624.html [2010-04-10 21:03:24 | 000,092,160 | ---- | C] () -- C:\Users\kamil\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-04-10 17:49:16 | 000,000,169 | ---- | C] () -- C:\Windows\adidsl.ini [2010-04-10 17:49:16 | 000,000,021 | ---- | C] () -- C:\Windows\Fast800.ini [2010-04-10 17:48:14 | 000,000,990 | ---- | C] () -- C:\Windows\adiras.ini [2010-04-10 17:48:10 | 000,046,892 | ---- | C] () -- C:\Windows\System32\ADADIX16.DLL [2010-04-10 17:07:10 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempHh2412.html [2010-04-10 17:07:10 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempKy2412.html [2010-04-10 17:06:26 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010-02-10 13:03:16 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll [2008-07-25 12:51:28 | 000,000,684 | ---- | C] () -- C:\Windows\HotFixList.ini [2008-07-25 12:38:07 | 000,137,021 | ---- | C] () -- C:\ProgramData\nvModes.001 [2008-07-25 12:37:47 | 000,137,021 | ---- | C] () -- C:\ProgramData\nvModes.dat [2008-07-25 12:19:47 | 000,000,135 | R--- | C] () -- C:\Windows\System32\lngEng.ini [2008-07-25 12:19:47 | 000,000,117 | ---- | C] () -- C:\Windows\System32\lngKor.ini [2008-07-25 10:38:24 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2007-10-12 23:20:06 | 000,151,417 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2007-07-23 08:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll [2007-07-23 08:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll [2007-07-23 08:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll [2007-07-23 08:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll [2007-07-23 08:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll [2007-07-23 08:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll [2007-07-23 08:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll [2007-07-23 08:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll [2007-07-23 08:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll [2007-02-15 08:51:02 | 000,274,432 | ---- | C] () -- C:\Windows\System32\NDADLL.dll [2006-11-29 09:00:28 | 000,307,200 | ---- | C] () -- C:\Windows\System32\LDBGenWizView.dll [2006-11-02 11:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll [2006-11-02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006-10-09 02:01:28 | 000,061,440 | ---- | C] () -- C:\Windows\System32\AVSAudioWideStereoDMO.dll [2001-11-14 04:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll [color=#E56717]========== LOP Check ==========[/color] [2010-04-27 16:54:19 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\DAEMON Tools Lite [2010-04-24 10:07:41 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\fretsonfire [2010-11-13 15:06:16 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\Gadu-Gadu 10 [2010-07-12 12:24:19 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\GetRightToGo [2010-08-31 17:01:59 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\gtk-2.0 [2010-04-10 17:03:59 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\ipla [2011-02-03 17:21:19 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\LG Electronics [2011-01-30 16:31:48 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\MPMAN [2010-07-13 20:07:15 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\OpenFM [2010-08-30 21:52:13 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\PhotoFiltre [2010-09-13 17:00:29 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\runic games [2010-04-25 09:32:47 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\Sudeki [2011-01-06 18:03:01 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\Thinstall [2010-12-31 06:25:27 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\Tibia [2010-11-19 17:44:05 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\TS3Client [2010-08-29 12:52:02 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\uTorrent [2011-02-17 22:57:43 | 000,032,578 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2011-02-18 15:13:28 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{3982A897-C764-48B3-90D3-5CE2FC2D8A19}.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< :OTL >[/color] [color=#A23BEC]< PRC - [2011-02-01 19:17:14 | 000,110,614 | ---- | M] () -- C:\Users\kamil\AppData\Local\inetserv.exeO4 - HKU\S-1-5-21-23042342-2651542211-2932212354-1003..\Run: [inetserv] C:\Users\kamil\AppData\Local\inetserv.exe () >[/color] [color=#A23BEC]< O33 - MountPoints2\{b6843ec9-a094-11df-a8b2-001377f510d9}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\explore.exe >[/color] [color=#A23BEC]< O33 - MountPoints2\{e669bb7b-1639-11df-8b58-001377f510d9}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL H:\copy.exe >[/color] [color=#A23BEC]< C:\Users\kamil\AppData\Local\Temp@Alternate Data Stream - 494 bytes -> C:\Windows\System32\drivers\nhcinfbl.sys:changelist >[/color] [color=#A23BEC]< >[/color] [color=#A23BEC]< :Commands >[/color] [color=#A23BEC]< [emptytemp] >[/color] < End of report > [/log] OTL: [log]OTL logfile created on: 2011-02-18 18:01:42 - Run 6 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\kamil\Documents\52\otl Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19019) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 43,00% Memory free 4,00 Gb Paging File | 2,00 Gb Available in Paging File | 58,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 69,05 Gb Total Space | 8,00 Gb Free Space | 11,58% Space Free | Partition Type: NTFS Drive D: | 70,00 Gb Total Space | 15,10 Gb Free Space | 21,58% Space Free | Partition Type: NTFS Drive E: | 405,60 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: KAMIL-DOM | User Name: kamil | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2011-02-10 15:03:13 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\kamil\Documents\52\otl\OTL.exe PRC - [2011-02-01 19:17:14 | 000,110,614 | ---- | M] () -- C:\Users\kamil\AppData\Local\inetserv.exe PRC - [2010-12-10 22:00:19 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe PRC - [2010-12-10 22:00:17 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010-12-03 16:46:34 | 014,944,136 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe PRC - [2010-12-03 16:46:34 | 000,080,256 | R--- | M] (Skype Technologies) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe PRC - [2010-11-30 13:20:36 | 000,997,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe PRC - [2010-11-11 12:26:42 | 000,206,360 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe PRC - [2010-11-11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe PRC - [2010-11-04 17:34:06 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe PRC - [2010-08-17 15:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe PRC - [2010-05-31 16:47:31 | 000,107,832 | ---- | M] () -- C:\Windows\System32\PnkBstrB.exe PRC - [2010-05-31 16:47:24 | 000,066,872 | ---- | M] () -- C:\Windows\System32\PnkBstrA.exe PRC - [2009-08-27 19:33:26 | 000,266,240 | R--- | M] () -- E:\cdstart.exe PRC - [2009-06-15 13:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe PRC - [2009-04-11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe PRC - [2009-04-11 07:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe PRC - [2009-04-11 07:27:59 | 000,441,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe PRC - [2009-04-11 07:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe PRC - [2009-04-11 07:27:49 | 003,408,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe PRC - [2009-04-11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009-04-11 07:27:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe PRC - [2009-02-25 08:28:20 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe PRC - [2008-11-24 21:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe PRC - [2008-11-24 21:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe PRC - [2008-06-08 23:23:00 | 000,196,608 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe PRC - [2008-05-23 06:11:56 | 000,819,200 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe PRC - [2008-05-23 05:43:52 | 000,466,944 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe PRC - [2008-05-22 09:33:54 | 000,688,128 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe PRC - [2008-05-13 01:13:28 | 000,085,672 | ---- | M] () -- C:\Program Files\Samsung\Samsung Update Plus\SLUTrayNotifier.exe PRC - [2008-04-25 13:31:34 | 000,565,248 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe PRC - [2008-04-17 07:26:46 | 000,352,256 | ---- | M] (SAMSUNG Electronics co., LTD.) -- C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe PRC - [2008-04-17 03:50:00 | 006,111,232 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe PRC - [2008-03-17 10:07:02 | 000,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe PRC - [2008-01-21 03:35:20 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe PRC - [2008-01-21 03:35:20 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe PRC - [2008-01-21 03:34:43 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe PRC - [2008-01-21 03:33:15 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe PRC - [2008-01-21 03:33:13 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2007-10-26 06:39:14 | 000,095,528 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe PRC - [2007-10-26 06:39:04 | 001,029,416 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe PRC - [2007-07-04 23:41:42 | 000,045,056 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe PRC - [2006-12-19 14:23:38 | 000,272,024 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe PRC - [2006-11-02 10:45:37 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rundll32.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2011-02-10 15:03:13 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\kamil\Documents\52\otl\OTL.exe MOD - [2011-01-21 17:35:22 | 011,586,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll MOD - [2011-01-21 17:35:22 | 000,353,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll MOD - [2010-10-15 14:48:59 | 001,205,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll MOD - [2010-08-31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll MOD - [2010-06-28 18:00:21 | 001,316,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll MOD - [2010-04-16 17:46:48 | 000,502,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll MOD - [2009-07-17 14:54:43 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll MOD - [2009-06-15 15:53:43 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll MOD - [2009-06-15 15:52:42 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll MOD - [2009-04-28 10:05:56 | 000,715,264 | ---- | M] (Agnitum Ltd.) -- c:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll MOD - [2009-04-23 13:15:07 | 000,784,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll MOD - [2009-04-11 07:28:25 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll MOD - [2009-04-11 07:28:25 | 000,712,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll MOD - [2009-04-11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll MOD - [2009-04-11 07:28:25 | 000,287,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll MOD - [2009-04-11 07:28:25 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll MOD - [2009-04-11 07:28:25 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll MOD - [2009-04-11 07:28:24 | 001,591,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll MOD - [2009-04-11 07:28:24 | 001,068,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll MOD - [2009-04-11 07:28:24 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll MOD - [2009-04-11 07:28:24 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll MOD - [2009-04-11 07:28:23 | 000,754,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll MOD - [2009-04-11 07:28:23 | 000,563,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll MOD - [2009-04-11 07:28:23 | 000,467,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netapi32.dll MOD - [2009-04-11 07:28:23 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll MOD - [2009-04-11 07:28:23 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll MOD - [2009-04-11 07:28:22 | 000,679,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll MOD - [2009-04-11 07:28:20 | 000,891,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll MOD - [2009-04-11 07:28:20 | 000,807,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll MOD - [2009-04-11 07:28:20 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll MOD - [2009-04-11 07:28:20 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll MOD - [2009-04-11 07:28:19 | 000,297,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll MOD - [2009-04-11 07:28:19 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\EhStorShell.dll MOD - [2009-04-11 07:28:18 | 000,450,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll MOD - [2009-04-11 07:28:18 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authz.dll MOD - [2009-04-11 07:28:17 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll MOD - [2009-04-11 07:28:17 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll MOD - [2009-04-11 07:27:12 | 000,258,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv MOD - [2008-01-21 03:35:19 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll MOD - [2008-01-21 03:34:36 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ws2_32.dll MOD - [2008-01-21 03:34:35 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll MOD - [2008-01-21 03:34:21 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll MOD - [2008-01-21 03:34:21 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx MOD - [2008-01-21 03:34:07 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll MOD - [2008-01-21 03:34:05 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll MOD - [2008-01-21 03:33:14 | 000,240,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll MOD - [2006-11-02 10:46:12 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2010-12-05 13:12:40 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2010-11-11 12:26:42 | 000,206,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv) SRV - [2010-11-11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc) SRV - [2010-06-02 17:31:00 | 003,594,440 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc) SRV - [2009-04-28 10:06:06 | 001,195,008 | ---- | M] (Agnitum Ltd.) [Auto | Running] -- C:\Program Files\Agnitum\Outpost Firewall\acs.exe -- (acssrv) SRV - [2009-02-25 08:28:20 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc) SRV - [2008-05-23 06:11:56 | 000,819,200 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) SRV - [2008-05-23 05:43:52 | 000,466,944 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) SRV - [2008-05-13 00:47:20 | 000,077,480 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe -- (Samsung Update Plus) SRV - [2008-01-21 03:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011-02-18 14:55:05 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F3756088-6E54-45E8-846C-DFADC10BF652}\MpKsl3b685fcb.sys -- (MpKsl3b685fcb) DRV - [2011-02-17 22:56:34 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F3756088-6E54-45E8-846C-DFADC10BF652}\MpKsld37a6168.sys -- (MpKsld37a6168) DRV - [2010-10-24 21:25:38 | 000,054,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv) DRV - [2010-10-24 21:25:38 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon) DRV - [2010-09-25 16:49:10 | 000,278,728 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt) DRV - [2010-09-25 16:49:10 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt) DRV - [2010-04-27 16:49:25 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2009-04-06 11:37:12 | 000,704,384 | ---- | M] (Agnitum Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\SandBox.sys -- (SandBox) DRV - [2009-02-18 17:27:54 | 000,029,208 | ---- | M] (Agnitum Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\afw.sys -- (afw) DRV - [2009-02-10 16:12:48 | 000,307,224 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afwcore.sys -- (afwcore) DRV - [2008-06-16 13:38:10 | 000,318,488 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor) DRV - [2008-06-08 23:23:00 | 007,522,624 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2008-04-17 08:31:00 | 002,098,904 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2008-04-05 06:56:26 | 000,242,560 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vmc302.sys -- (VMC302) DRV - [2008-02-14 00:17:10 | 000,080,424 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio) DRV - [2008-01-21 03:32:53 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2008-01-21 03:32:53 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2008-01-21 03:32:52 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR) DRV - [2008-01-21 03:32:52 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2008-01-21 03:32:52 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2008-01-21 03:32:52 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2008-01-21 03:32:51 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2008-01-21 03:32:51 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2008-01-21 03:32:50 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2008-01-21 03:32:50 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R) DRV - [2008-01-21 03:32:50 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2008-01-21 03:32:49 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2008-01-21 03:32:49 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2008-01-21 03:32:49 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2008-01-21 03:32:49 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2008-01-21 03:32:49 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2008-01-21 03:32:48 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2008-01-21 03:32:48 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2008-01-21 03:32:47 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2008-01-21 03:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2008-01-21 03:32:46 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2008-01-21 03:32:45 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R) DRV - [2008-01-21 03:32:45 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2008-01-21 03:32:21 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2008-01-21 03:32:21 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2008-01-21 03:32:21 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2007-12-28 02:51:00 | 000,298,496 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh) DRV - [2007-10-26 06:39:08 | 000,193,456 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP) DRV - [2007-09-13 07:17:58 | 000,755,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2007-07-15 23:20:26 | 000,016,168 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwrchid.sys -- (btwrchid) DRV - [2007-07-15 23:20:24 | 000,080,936 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt) DRV - [2007-07-11 15:51:48 | 000,019,840 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag) DRV - [2007-07-11 10:45:00 | 000,021,632 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem) DRV - [2007-07-11 10:40:18 | 000,012,416 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus) DRV - [2007-05-23 09:13:10 | 000,013,312 | ---- | M] (SAMSUNG ELECTRONICS CO., LTD.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\KMDFMEMIO.sys -- (KMDFMEMIO) DRV - [2007-01-04 12:48:04 | 000,104,344 | ---- | M] (Analog Devices Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e4usbaw.sys -- (e4usbaw) DRV - [2007-01-04 12:47:48 | 000,069,656 | ---- | M] (Analog Deivces) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\e4ldr.sys -- (E4LOADER) General Purpose USB Driver (e4ldr.sys) DRV - [2006-11-28 08:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2006-11-02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006-11-02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006-11-02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006-11-02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006-11-02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006-11-02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006-11-02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006-11-02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006-11-02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006-11-02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006-11-02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006-11-02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006-11-02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006-11-02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006-11-02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006-11-02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006-11-02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006-11-02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006-11-02 08:30:53 | 000,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp) DRV - [2006-10-19 03:10:57 | 001,380,864 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\igdkmd32.sys -- (ialm) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com IE - HKU\S-1-5-21-23042342-2651542211-2932212354-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com IE - HKU\S-1-5-21-23042342-2651542211-2932212354-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKU\S-1-5-21-23042342-2651542211-2932212354-1003\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-23042342-2651542211-2932212354-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "google.pl" FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-12-10 22:00:21 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-12-10 22:00:21 | 000,000,000 | ---D | M] [2010-04-10 16:54:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kamil\AppData\Roaming\mozilla\Extensions [2011-02-18 16:15:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kamil\AppData\Roaming\mozilla\Firefox\Profiles\gmr2j1a9.default\extensions [2010-09-18 19:36:09 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\kamil\AppData\Roaming\mozilla\Firefox\Profiles\gmr2j1a9.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-12-29 00:12:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010-12-23 12:54:45 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2010-07-10 16:19:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010-07-10 16:18:34 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2010-09-12 13:23:09 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-09-12 13:23:09 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-09-12 13:23:09 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-09-12 13:23:10 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-09-12 13:23:10 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-09-12 13:23:10 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2006-09-18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe () O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [OutpostFeedBack] C:\Program Files\Agnitum\Outpost Firewall\feedback.exe (Agnitum Ltd.) O4 - HKLM..\Run: [OutpostMonitor] C:\Program Files\Agnitum\Outpost Firewall\op_mon.exe (Agnitum Ltd.) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-23042342-2651542211-2932212354-1003..\Run: [AlcoholAutomount] File not found O4 - HKU\S-1-5-21-23042342-2651542211-2932212354-1003..\Run: [inetserv] C:\Users\kamil\AppData\Local\inetserv.exe () O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-23042342-2651542211-2932212354-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-23042342-2651542211-2932212354-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data] O7 - HKU\S-1-5-21-23042342-2651542211-2932212354-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36 O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O13 - gopher Prefix: missing O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 173.192.105.217 173.193.227.124 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - AppInit_DLLs: (c:\progra~1\agnitum\outpos~1\wl_hook.dll) - c:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Agnitum Ltd.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKU\S-1-5-21-23042342-2651542211-2932212354-1003 Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\kamil\AppData\Roaming\Mozilla\Firefox\Tapeta pulpitu.bmp O24 - Desktop BackupWallPaper: C:\Users\kamil\AppData\Roaming\Mozilla\Firefox\Tapeta pulpitu.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2010-08-28 00:44:42 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010-08-28 00:44:42 | 000,000,000 | RHSD | M] - D:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2008-03-27 18:55:30 | 000,000,047 | R--- | M] () - E:\autorun.inf -- [ CDFS ] O32 - AutoRun File - [2009-08-27 19:33:44 | 000,000,380 | R--- | M] () - E:\autorun.xml -- [ CDFS ] O32 - AutoRun File - [2009-08-27 19:33:44 | 000,003,290 | R--- | M] () - E:\autorun_de.css -- [ CDFS ] O32 - AutoRun File - [2009-08-27 19:33:44 | 000,003,300 | R--- | M] () - E:\autorun_en.css -- [ CDFS ] O32 - AutoRun File - [2009-08-27 19:33:44 | 000,003,300 | R--- | M] () - E:\autorun_pl.css -- [ CDFS ] O33 - MountPoints2\{b6843ec9-a094-11df-a8b2-001377f510d9}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\explore.exe O33 - MountPoints2\{e669bb7b-1639-11df-8b58-001377f510d9}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL H:\copy.exe O33 - MountPoints2\{fd9cf149-1d00-11de-95d8-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{fd9cf149-1d00-11de-95d8-806e6f6e6963}\Shell\AutoRun\command - "" = E:\cdstart.exe -- [2009-08-27 19:33:26 | 000,266,240 | R--- | M] () O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2011-02-18 16:36:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Farming-Simulator 2009 [2011-02-16 08:46:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\eu-ES [2011-02-16 08:46:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\ca-ES [2011-02-16 08:46:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\vi-VN [2011-02-16 08:23:22 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders [2011-02-14 16:30:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Media Center Programs [2011-02-08 18:49:06 | 000,000,000 | ---D | C] -- C:\Program Files\SkanerOnline [2011-02-03 20:22:07 | 000,000,000 | -H-D | C] -- C:\LG3G [2011-02-03 20:19:41 | 000,000,000 | ---D | C] -- C:\lgupload [2011-02-03 17:21:19 | 000,000,000 | ---D | C] -- C:\Users\kamil\AppData\Roaming\LG Electronics [2011-02-03 17:15:06 | 000,000,000 | ---D | C] -- C:\Program Files\LG Electronics [2011-02-03 17:13:26 | 000,000,000 | ---D | C] -- C:\Program Files\LG PC Suite 2 [2011-02-03 17:13:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG PC Suite 2 [2011-01-30 16:35:08 | 000,000,000 | ---D | C] -- C:\Users\kamil\Documents\MP-Manager [2011-01-30 16:35:08 | 000,000,000 | ---D | C] -- C:\Users\kamil\Application Data [2011-01-30 16:34:37 | 000,000,000 | ---D | C] -- C:\Users\kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MP Manager [2011-01-30 16:31:48 | 000,000,000 | ---D | C] -- C:\Users\kamil\AppData\Roaming\MPMAN [2011-01-29 09:36:11 | 000,000,000 | ---D | C] -- C:\Windows\TempAE2F5317-B912-ED87-AA44-48E9B7C3915A-Signatures [2011-01-29 09:35:01 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client [2011-01-25 19:41:36 | 000,000,000 | ---D | C] -- C:\Users\kamil\Documents\Eidos [2011-01-25 18:45:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CAPCOM [2011-01-21 16:26:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra [2011-01-13 18:04:55 | 000,000,000 | ---D | C] -- C:\Windows\System32\xlive [2011-01-06 18:03:01 | 000,000,000 | ---D | C] -- C:\Users\kamil\AppData\Roaming\Thinstall [2011-01-04 18:45:38 | 000,000,000 | ---D | C] -- C:\Users\kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zegarmistrz [2011-01-04 18:45:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zegarmistrz [2010-12-23 17:55:10 | 000,000,000 | ---D | C] -- C:\Users\kamil\Documents\52 [2010-12-23 15:20:27 | 000,000,000 | ---D | C] -- C:\Users\kamil\AppData\Roaming\Tibia [2010-12-23 15:17:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tibia [2010-12-23 12:52:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2010-12-23 12:52:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2006-11-24 06:14:44 | 000,139,264 | ---- | C] ( ) -- C:\Windows\System32\MACSSDK_wiz.dll [2006-11-24 06:14:44 | 000,126,976 | ---- | C] ( ) -- C:\Windows\System32\MACSSDK.dll [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2011-02-18 17:51:02 | 000,001,034 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011-02-18 17:47:36 | 000,137,021 | ---- | M] () -- C:\ProgramData\nvModes.dat [2011-02-18 17:47:36 | 000,137,021 | ---- | M] () -- C:\ProgramData\nvModes.001 [2011-02-18 16:54:27 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011-02-18 16:54:27 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011-02-18 16:36:19 | 000,000,722 | ---- | M] () -- C:\Users\kamil\Desktop\Symulator-Farmy 2009.lnk [2011-02-18 15:13:28 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{3982A897-C764-48B3-90D3-5CE2FC2D8A19}.job [2011-02-18 15:02:09 | 000,710,864 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2011-02-18 15:02:09 | 000,635,986 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011-02-18 15:02:09 | 000,145,430 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2011-02-18 15:02:09 | 000,119,772 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011-02-18 14:54:31 | 000,001,030 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011-02-18 14:54:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011-02-18 14:54:18 | 2141,831,168 | -HS- | M] () -- C:\hiberfil.sys [2011-02-17 22:57:34 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2011-02-16 22:32:18 | 095,948,386 | ---- | M] () -- C:\Windows\MEMORY.DMP [2011-02-16 08:52:24 | 000,372,632 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011-02-16 08:06:01 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempnC2684.html [2011-02-16 08:06:01 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempon2684.html [2011-02-15 23:43:20 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempfA4004.html [2011-02-08 20:08:05 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempTB3240.html [2011-02-08 20:08:05 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempyV3240.html [2011-02-08 16:47:42 | 000,000,680 | ---- | M] () -- C:\Users\kamil\AppData\Local\d3d9caps.dat [2011-02-07 19:05:24 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempja5624.html [2011-02-03 21:38:10 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempTD3572.html [2011-02-03 21:38:10 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempwF3572.html [2011-02-01 19:17:14 | 000,110,614 | ---- | M] () -- C:\Users\kamil\AppData\Local\inetserv.exe [2011-01-30 14:50:35 | 000,092,160 | ---- | M] () -- C:\Users\kamil\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-01-29 15:32:52 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempAL5364.html [2011-01-29 15:32:52 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempzw5364.html [2011-01-29 09:38:50 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif [2011-01-28 23:17:19 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempYt4272.html [2011-01-28 23:17:19 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempOe4272.html [2011-01-23 22:20:37 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempjD3568.html [2011-01-23 22:20:37 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempMi3568.html [2011-01-22 16:02:58 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempOM2392.html [2011-01-22 16:02:58 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempJS2392.html [2011-01-16 20:04:49 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempjN5168.html [2011-01-16 20:04:49 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Temppe5168.html [2011-01-14 23:24:53 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempND3380.html [2011-01-13 00:04:10 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempNQ3404.html [2011-01-12 19:44:26 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Templg3808.html [2011-01-12 19:44:26 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempOI3808.html [2011-01-12 16:50:39 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempcU3652.html [2011-01-12 16:50:39 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempRj3652.html [2011-01-11 17:58:21 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempFU1664.html [2011-01-11 17:58:21 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempPW1664.html [2011-01-10 18:26:09 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempeO1000.html [2011-01-09 21:07:48 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempGh1992.html [2011-01-09 21:07:48 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempwQ1992.html [2011-01-09 00:59:09 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempqy3528.html [2011-01-07 15:41:18 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempDLO284.html [2011-01-06 19:38:01 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempBi2584.html [2011-01-05 17:14:33 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempms1724.html [2011-01-04 16:29:52 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempUx5904.html [2011-01-04 16:29:52 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Temphb5904.html [2011-01-02 22:01:05 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempRI3908.html [2011-01-02 22:01:05 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempDy3908.html [2010-12-30 01:55:48 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TemplB1848.html [2010-12-30 01:55:48 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempnE1848.html [2010-12-27 22:43:31 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempgO2744.html [2010-12-27 14:32:35 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempHv2724.html [2010-12-27 14:32:35 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempSa2724.html [2010-12-27 01:32:48 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempLp2396.html [2010-12-27 01:32:48 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempNU2396.html [2010-12-26 02:21:40 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempto6032.html [2010-12-26 02:21:40 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempzb6032.html [2010-12-24 02:14:15 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempEW6004.html [2010-12-24 02:14:15 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempBp6004.html [2010-12-23 16:20:12 | 004,687,862 | ---- | M] () -- C:\Users\kamil\Documents\52 Debiec - Gniew.mp3 [2010-12-23 12:52:19 | 000,001,878 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2010-12-22 23:33:36 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Temphx2496.html [2010-12-22 23:33:36 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempYQ2496.html [2010-12-22 18:58:40 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempvy2588.html [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-02-18 16:36:19 | 000,000,722 | ---- | C] () -- C:\Users\kamil\Desktop\Symulator-Farmy 2009.lnk [2011-02-17 09:40:44 | 2141,831,168 | -HS- | C] () -- C:\hiberfil.sys [2011-02-16 08:02:29 | 000,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf [2011-02-16 07:56:24 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempnC2684.html [2011-02-16 07:56:24 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempon2684.html [2011-02-15 22:45:35 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempfA4004.html [2011-02-08 16:47:49 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempTB3240.html [2011-02-08 16:47:49 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempyV3240.html [2011-02-08 16:06:37 | 000,000,000 | -H-- | C] () -- C:\Users\kamil\AppData\Roaming\jbMhE16d0h.txt [2011-02-07 16:14:36 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempja5624.html [2011-02-03 17:05:35 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempTD3572.html [2011-02-03 17:05:35 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempwF3572.html [2011-02-01 19:17:14 | 000,110,614 | ---- | C] () -- C:\Users\kamil\AppData\Local\inetserv.exe [2011-01-29 12:40:37 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempAL5364.html [2011-01-29 12:40:37 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempzw5364.html [2011-01-29 09:38:50 | 000,001,912 | ---- | C] () -- C:\Windows\epplauncher.mif [2011-01-28 16:18:46 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempYt4272.html [2011-01-28 16:18:46 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempOe4272.html [2011-01-23 15:50:50 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempjD3568.html [2011-01-23 15:50:50 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempMi3568.html [2011-01-22 09:55:49 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempOM2392.html [2011-01-22 09:55:49 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempJS2392.html [2011-01-16 17:01:01 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempjN5168.html [2011-01-16 17:01:01 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Temppe5168.html [2011-01-14 21:56:19 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempND3380.html [2011-01-12 21:42:18 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempNQ3404.html [2011-01-12 19:24:05 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Templg3808.html [2011-01-12 19:24:05 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempOI3808.html [2011-01-12 16:10:25 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempcU3652.html [2011-01-12 16:10:25 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempRj3652.html [2011-01-11 17:50:10 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempFU1664.html [2011-01-11 17:50:10 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempPW1664.html [2011-01-10 17:26:40 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempeO1000.html [2011-01-09 13:42:26 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempGh1992.html [2011-01-09 13:42:26 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempwQ1992.html [2011-01-08 18:05:35 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempqy3528.html [2011-01-07 15:14:56 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempDLO284.html [2011-01-06 15:19:49 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempBi2584.html [2011-01-05 15:14:27 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempms1724.html [2011-01-04 15:57:38 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempUx5904.html [2011-01-04 15:57:38 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Temphb5904.html [2011-01-02 21:04:34 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempRI3908.html [2011-01-02 21:04:34 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempDy3908.html [2010-12-29 15:05:43 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TemplB1848.html [2010-12-29 15:05:43 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempnE1848.html [2010-12-29 00:12:28 | 000,001,878 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk [2010-12-27 20:27:45 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempgO2744.html [2010-12-27 13:50:14 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempHv2724.html [2010-12-27 13:50:14 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempSa2724.html [2010-12-26 22:02:40 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempLp2396.html [2010-12-26 22:02:40 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempNU2396.html [2010-12-25 21:00:34 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempto6032.html [2010-12-25 21:00:34 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempzb6032.html [2010-12-23 16:16:11 | 004,687,862 | ---- | C] () -- C:\Users\kamil\Documents\52 Debiec - Gniew.mp3 [2010-12-23 15:14:02 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempEW6004.html [2010-12-23 15:14:02 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempBp6004.html [2010-12-22 20:50:46 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Temphx2496.html [2010-12-22 20:50:46 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempYQ2496.html [2010-12-22 15:40:08 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempvy2588.html [2010-12-19 19:32:56 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempmO3804.html [2010-12-19 19:32:56 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempWn3804.html [2010-12-18 16:58:38 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempPj1764.html [2010-12-11 21:34:46 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempiZ1716.html [2010-12-11 21:34:45 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempFx1716.html [2010-12-10 18:49:13 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempma5604.html [2010-12-10 18:49:13 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Templr5604.html [2010-12-09 18:45:41 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempwj5064.html [2010-12-09 18:45:41 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Templk5064.html [2010-12-08 17:30:29 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempXe4052.html [2010-12-08 17:30:29 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempGM4052.html [2010-12-07 16:59:17 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempLF3744.html [2010-12-06 16:21:56 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempqd2380.html [2010-12-06 16:21:56 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempmg2380.html [2010-12-05 12:25:20 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempCN2632.html [2010-12-05 12:25:20 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempdh2632.html [2010-12-05 01:38:07 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempNg3004.html [2010-12-04 13:07:31 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempzP5860.html [2010-12-03 18:14:22 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempoq4100.html [2010-12-03 18:14:22 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempgF4100.html [2010-12-03 15:04:37 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Temptm5244.html [2010-12-03 13:42:54 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempGM5904.html [2010-12-02 21:15:57 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempyd2448.html [2010-12-02 21:15:57 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempYw2448.html [2010-11-29 21:19:34 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempAo3916.html [2010-11-29 21:19:34 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempCB3916.html [2010-11-28 15:52:28 | 000,003,053 | ---- | C] () -- C:\Windows\ARX_RingPol100D.ini [2010-11-21 13:41:08 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TemplB3472.html [2010-11-21 13:41:08 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempbT3472.html [2010-11-19 16:04:14 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempvl3368.html [2010-11-19 16:04:14 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempTq3368.html [2010-11-15 13:04:21 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempOKc992.html [2010-11-15 13:04:21 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TemplwW992.html [2010-11-13 21:34:11 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempQo5968.html [2010-11-13 21:34:11 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempXu5968.html [2010-11-13 15:06:17 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempxm5296.html [2010-11-13 15:06:17 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempeT5296.html [2010-11-13 14:55:53 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempPi5296.html [2010-11-13 14:55:53 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempFs5296.html [2010-11-12 13:18:37 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempNE1856.html [2010-11-12 13:18:37 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempNL1856.html [2010-11-11 17:21:44 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempdF3772.html [2010-11-11 17:21:44 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempMR3772.html [2010-11-10 16:46:26 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempuG4180.html [2010-11-07 12:39:33 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempQh2884.html [2010-11-07 12:39:33 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Templo2884.html [2010-11-06 22:13:56 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempCa2288.html [2010-11-06 22:13:56 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempKN2288.html [2010-11-06 14:03:17 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempyY2656.html [2010-11-05 17:20:56 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempbp4012.html [2010-11-05 17:20:56 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempMq4012.html [2010-11-04 12:05:38 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempSf3852.html [2010-11-04 12:05:38 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempPF3852.html [2010-10-31 16:28:51 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempql5236.html [2010-10-31 16:28:51 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempep5236.html [2010-10-31 13:09:26 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempBt5980.html [2010-10-31 12:59:15 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempqB5308.html [2010-10-31 12:59:15 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempOB5308.html [2010-10-19 15:33:33 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempiH3396.html [2010-10-19 15:33:33 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempJV3396.html [2010-10-14 18:05:02 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempXp2552.html [2010-10-14 18:05:02 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempzI2552.html [2010-10-12 12:51:30 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempeF2884.html [2010-10-12 12:51:30 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempDN2884.html [2010-10-08 13:21:37 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TemplD1276.html [2010-10-08 13:21:37 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempsr1276.html [2010-10-04 13:54:25 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempUR1588.html [2010-10-04 13:54:25 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempru1588.html [2010-10-03 11:58:08 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempBB2360.html [2010-10-03 11:58:08 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempYC2360.html [2010-10-02 19:58:14 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempMtO304.html [2010-10-02 19:58:14 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempKPC304.html [2010-10-01 22:36:00 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempYY2608.html [2010-09-25 16:49:10 | 000,278,728 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys [2010-09-25 16:49:10 | 000,025,416 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys [2010-09-24 17:08:34 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempOw2044.html [2010-09-24 17:08:34 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempiK2044.html [2010-09-23 14:47:43 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempGt1832.html [2010-09-22 17:51:15 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempTu3460.html [2010-09-22 17:51:15 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempgm3460.html [2010-09-20 17:02:33 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempdL3572.html [2010-09-20 17:02:33 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempkn3572.html [2010-09-19 09:45:51 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempGT1476.html [2010-09-19 09:45:51 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TemplG1476.html [2010-09-18 16:23:09 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempWd5560.html [2010-09-18 16:23:09 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempaD5560.html [2010-09-18 11:45:44 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempEz2260.html [2010-09-17 18:49:34 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempaT1744.html [2010-09-12 19:28:59 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempyF4324.html [2010-09-12 19:28:59 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempxV4324.html [2010-09-12 13:25:50 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempaf4024.html [2010-09-12 13:25:50 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempUc4024.html [2010-09-11 13:45:01 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempxZB508.html [2010-09-11 13:45:01 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempcvr508.html [2010-09-10 18:55:05 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempdH2036.html [2010-09-02 18:22:11 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempfU5496.html [2010-09-02 18:22:11 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempWW5496.html [2010-09-02 16:44:18 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempJZ2264.html [2010-09-02 16:44:18 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempCv2264.html [2010-09-02 14:54:03 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempyM3488.html [2010-09-01 17:16:20 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempKp4024.html [2010-09-01 17:16:20 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempmw4024.html [2010-08-31 16:56:15 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TemppB3920.html [2010-08-31 16:56:15 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempsC3920.html [2010-08-30 16:20:11 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempHx5276.html [2010-08-30 16:20:11 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempfo5276.html [2010-08-29 11:53:58 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempha2992.html [2010-08-29 11:53:58 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempeU2992.html [2010-08-28 10:24:38 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2010-08-28 10:13:14 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempww1700.html [2010-08-28 10:13:14 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempLf1700.html [2010-08-27 22:56:29 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempUD4940.html [2010-08-27 22:56:29 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempod4940.html [2010-08-03 15:20:29 | 000,000,680 | ---- | C] () -- C:\Users\kamil\AppData\Local\d3d9caps.dat [2010-07-09 20:04:40 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll [2010-06-28 09:40:02 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempwV1564.html [2010-06-28 09:40:02 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempyC1564.html [2010-06-28 08:52:51 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TemppM3176.html [2010-05-31 16:47:42 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2010-05-31 16:47:42 | 000,022,328 | ---- | C] () -- C:\Users\kamil\AppData\Roaming\PnkBstrK.sys [2010-05-18 15:48:30 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll [2010-05-18 15:48:30 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll [2010-05-18 15:48:30 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll [2010-04-27 16:49:25 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys [2010-04-24 12:56:50 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempYg3044.html [2010-04-23 19:28:00 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Temppy1876.html [2010-04-23 19:28:00 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempEY1876.html [2010-04-20 10:26:23 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempLW3776.html [2010-04-20 10:26:23 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Templd3776.html [2010-04-18 19:08:03 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempqv2896.html [2010-04-18 19:08:03 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempkK2896.html [2010-04-18 10:26:35 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempdk2792.html [2010-04-18 10:26:35 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempZh2792.html [2010-04-17 16:35:08 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempJH3920.html [2010-04-17 16:35:08 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempuz3920.html [2010-04-17 08:52:07 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempXK2252.html [2010-04-16 18:24:53 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempqgU376.html [2010-04-16 18:24:53 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempvBC376.html [2010-04-16 15:36:09 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempgR4068.html [2010-04-13 18:51:04 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempoR3468.html [2010-04-13 18:51:04 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempSP3468.html [2010-04-12 15:11:00 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempXQ2732.html [2010-04-12 15:11:00 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempxv2732.html [2010-04-11 18:42:23 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempEZ2156.html [2010-04-11 18:42:23 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempfu2156.html [2010-04-11 09:09:31 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempAZ2624.html [2010-04-11 09:09:31 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Templn2624.html [2010-04-10 21:03:24 | 000,092,160 | ---- | C] () -- C:\Users\kamil\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-04-10 17:49:16 | 000,000,169 | ---- | C] () -- C:\Windows\adidsl.ini [2010-04-10 17:49:16 | 000,000,021 | ---- | C] () -- C:\Windows\Fast800.ini [2010-04-10 17:48:14 | 000,000,990 | ---- | C] () -- C:\Windows\adiras.ini [2010-04-10 17:48:10 | 000,046,892 | ---- | C] () -- C:\Windows\System32\ADADIX16.DLL [2010-04-10 17:07:10 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempHh2412.html [2010-04-10 17:07:10 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempKy2412.html [2010-04-10 17:06:26 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010-02-10 13:03:16 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll [2008-07-25 12:51:28 | 000,000,684 | ---- | C] () -- C:\Windows\HotFixList.ini [2008-07-25 12:38:07 | 000,137,021 | ---- | C] () -- C:\ProgramData\nvModes.001 [2008-07-25 12:37:47 | 000,137,021 | ---- | C] () -- C:\ProgramData\nvModes.dat [2008-07-25 12:19:47 | 000,000,135 | R--- | C] () -- C:\Windows\System32\lngEng.ini [2008-07-25 12:19:47 | 000,000,117 | ---- | C] () -- C:\Windows\System32\lngKor.ini [2008-07-25 10:38:24 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2007-10-12 23:20:06 | 000,151,417 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2007-07-23 08:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll [2007-07-23 08:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll [2007-07-23 08:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll [2007-07-23 08:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll [2007-07-23 08:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll [2007-07-23 08:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll [2007-07-23 08:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll [2007-07-23 08:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll [2007-07-23 08:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll [2007-02-15 08:51:02 | 000,274,432 | ---- | C] () -- C:\Windows\System32\NDADLL.dll [2006-11-29 09:00:28 | 000,307,200 | ---- | C] () -- C:\Windows\System32\LDBGenWizView.dll [2006-11-02 11:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll [2006-11-02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006-10-09 02:01:28 | 000,061,440 | ---- | C] () -- C:\Windows\System32\AVSAudioWideStereoDMO.dll [2001-11-14 04:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll [color=#E56717]========== LOP Check ==========[/color] [2010-04-27 16:54:19 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\DAEMON Tools Lite [2010-04-24 10:07:41 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\fretsonfire [2010-11-13 15:06:16 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\Gadu-Gadu 10 [2010-07-12 12:24:19 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\GetRightToGo [2010-08-31 17:01:59 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\gtk-2.0 [2010-04-10 17:03:59 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\ipla [2011-02-03 17:21:19 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\LG Electronics [2011-01-30 16:31:48 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\MPMAN [2010-07-13 20:07:15 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\OpenFM [2010-08-30 21:52:13 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\PhotoFiltre [2010-09-13 17:00:29 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\runic games [2010-04-25 09:32:47 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\Sudeki [2011-01-06 18:03:01 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\Thinstall [2010-12-31 06:25:27 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\Tibia [2010-11-19 17:44:05 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\TS3Client [2010-08-29 12:52:02 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\uTorrent [2011-02-17 22:57:43 | 000,032,578 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2011-02-18 15:13:28 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{3982A897-C764-48B3-90D3-5CE2FC2D8A19}.job [color=#E56717]========== Purity Check ==========[/color] < End of report > [/log] RSIT [log] Logfile of random's system information tool 1.08 (written by random/random) Run by kamil at 2011-02-18 18:34:04 Microsoft® Windows Vista™ Home Basic Service Pack 2 System drive C: has 8 GB (12%) free of 71 GB Total RAM: 2042 MB (42% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:34:19, on 2011-02-18 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.19019) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe C:\Windows\system32\taskeng.exe C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe C:\Windows\System32\rundll32.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Users\kamil\AppData\Local\inetserv.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Samsung\Samsung Update Plus\SLUTrayNotifier.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe E:\cdstart.exe C:\Users\kamil\Documents\52\rsit\RSIT.exe C:\Program Files\trend micro\kamil.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [OutpostMonitor] C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe /tray /noservice O4 - HKLM\..\Run: [OutpostFeedBack] "C:\Program Files\Agnitum\Outpost Firewall\feedback.exe" /dump:os_startup O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKCU\..\Run: [inetserv] C:\Users\kamil\AppData\Local\inetserv.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'USŁUGA SIECIOWA') O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: c:\progra~1\agnitum\outpos~1\wl_hook.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: Usługa Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Samsung Update Plus - Unknown owner - C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe -- End of file - 6370 bytes ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\User_Feed_Synchronization-{3982A897-C764-48B3-90D3-5CE2FC2D8A19}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-07-10 41760] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184] "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-06-08 13543968] "NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-06-08 92704] "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-04-17 6111232] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-10-26 1029416] "LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2007-01-08 52256] "OutpostMonitor"=C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe [2009-04-28 2374464] "OutpostFeedBack"=C:\Program Files\Agnitum\Outpost Firewall\feedback.exe [2009-04-28 428032] "MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2010-11-30 997408] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe /automount [] "inetserv"=C:\Users\kamil\AppData\Local\inetserv.exe [2011-02-01 110614] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe [2010-10-07 12661344] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IPLA!] C:\Program Files\ipla\ipla.exe [2010-02-02 14252952] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-03-17 2289664] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2007-03-14 71216] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] C:\Program Files\Skype\Phone\Skype.exe [2010-12-03 14944136] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam] D:\Gry\Steam\Steam.exe [2010-12-05 1242448] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk] C:\PROGRA~1\Adobe\READER~1.0\Reader\READER~1.EXE [2006-10-22 40048] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk] C:\PROGRA~1\Adobe\READER~1.0\Reader\ADOBEC~1.EXE [2006-10-22 734872] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk] C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2008-02-12 723496] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="c:\progra~1\agnitum\outpos~1\wl_hook.dll" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveAutoRun"=0xFFFFFFFF "NoDriveTypeAutoRun"=36 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "BindDirectlyToPropertySetStorage"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 months====== 2011-02-17 09:40:44 ----ASH---- C:\hiberfil.sys 2011-02-16 22:28:30 ----A---- C:\Windows\ntbtlog.txt 2011-02-16 21:41:05 ----A---- C:\Windows\system32\vbscript.dll 2011-02-16 21:35:05 ----A---- C:\Windows\system32\jscript.dll 2011-02-16 08:46:45 ----D---- C:\Windows\system32\eu-ES 2011-02-16 08:46:45 ----D---- C:\Windows\system32\ca-ES 2011-02-16 08:46:44 ----D---- C:\Windows\system32\vi-VN 2011-02-16 08:23:22 ----D---- C:\Windows\system32\EventProviders 2011-02-16 08:02:31 ----A---- C:\Windows\system32\occache.dll 2011-02-16 08:02:31 ----A---- C:\Windows\system32\mstime.dll 2011-02-16 08:02:31 ----A---- C:\Windows\system32\mshtmled.dll 2011-02-16 08:02:31 ----A---- C:\Windows\system32\licmgr10.dll 2011-02-16 08:02:31 ----A---- C:\Windows\system32\jsproxy.dll 2011-02-16 08:02:30 ----A---- C:\Windows\system32\msfeedsbs.dll 2011-02-16 08:02:30 ----A---- C:\Windows\system32\msfeeds.dll 2011-02-16 08:02:30 ----A---- C:\Windows\system32\ieui.dll 2011-02-16 08:02:30 ----A---- C:\Windows\system32\iesetup.dll 2011-02-16 08:02:30 ----A---- C:\Windows\system32\iepeers.dll 2011-02-16 08:02:29 ----A---- C:\Windows\system32\wininet.dll 2011-02-16 08:02:29 ----A---- C:\Windows\system32\iernonce.dll 2011-02-16 08:02:29 ----A---- C:\Windows\system32\iedkcs32.dll 2011-02-16 08:02:28 ----A---- C:\Windows\system32\msfeedssync.exe 2011-02-16 08:02:28 ----A---- C:\Windows\system32\iertutil.dll 2011-02-16 08:02:28 ----A---- C:\Windows\system32\ie4uinit.exe 2011-02-16 08:02:27 ----A---- C:\Windows\system32\urlmon.dll 2011-02-16 08:02:27 ----A---- C:\Windows\system32\ieUnatt.exe 2011-02-16 08:02:27 ----A---- C:\Windows\system32\iesysprep.dll 2011-02-16 08:02:26 ----A---- C:\Windows\system32\ieframe.dll 2011-02-16 08:02:25 ----A---- C:\Windows\system32\mshtml.dll 2011-02-16 08:00:39 ----A---- C:\Windows\system32\mshtmler.dll 2011-02-16 08:00:39 ----A---- C:\Windows\system32\icardie.dll 2011-02-16 08:00:39 ----A---- C:\Windows\system32\admparse.dll 2011-02-16 08:00:38 ----A---- C:\Windows\system32\msls31.dll 2011-02-16 08:00:38 ----A---- C:\Windows\system32\imgutil.dll 2011-02-16 08:00:38 ----A---- C:\Windows\system32\ieakeng.dll 2011-02-16 08:00:38 ----A---- C:\Windows\system32\dxtrans.dll 2011-02-16 08:00:38 ----A---- C:\Windows\system32\dxtmsft.dll 2011-02-16 08:00:38 ----A---- C:\Windows\system32\corpol.dll 2011-02-16 08:00:37 ----A---- C:\Windows\system32\webcheck.dll 2011-02-16 08:00:37 ----A---- C:\Windows\system32\msrating.dll 2011-02-16 08:00:37 ----A---- C:\Windows\system32\inseng.dll 2011-02-16 08:00:37 ----A---- C:\Windows\system32\ieaksie.dll 2011-02-16 08:00:36 ----A---- C:\Windows\system32\WinFXDocObj.exe 2011-02-16 08:00:36 ----A---- C:\Windows\system32\wextract.exe 2011-02-16 08:00:36 ----A---- C:\Windows\system32\ieakui.dll 2011-02-16 08:00:36 ----A---- C:\Windows\system32\advpack.dll 2011-02-16 08:00:35 ----A---- C:\Windows\system32\pngfilt.dll 2011-02-16 08:00:35 ----A---- C:\Windows\system32\ieapfltr.dll 2011-02-16 08:00:34 ----A---- C:\Windows\system32\url.dll 2011-02-16 08:00:33 ----A---- C:\Windows\system32\mshta.exe 2011-02-16 08:00:33 ----A---- C:\Windows\system32\iexpress.exe 2011-02-16 08:00:32 ----A---- C:\Windows\system32\SetIEInstalledDate.exe 2011-02-16 08:00:32 ----A---- C:\Windows\system32\SetDepNx.exe 2011-02-16 08:00:32 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe 2011-02-16 08:00:32 ----A---- C:\Windows\system32\PDMSetup.exe 2011-02-14 16:30:18 ----D---- C:\ProgramData\Media Center Programs 2011-02-10 14:49:51 ----A---- C:\Windows\system32\win32k.sys 2011-02-10 14:49:45 ----A---- C:\Windows\system32\ntdll.dll 2011-02-10 14:49:43 ----A---- C:\Windows\system32\ntkrnlpa.exe 2011-02-10 14:49:42 ----A---- C:\Windows\system32\ntoskrnl.exe 2011-02-10 14:49:20 ----A---- C:\Windows\system32\shell32.dll 2011-02-10 14:49:16 ----A---- C:\Windows\system32\shlwapi.dll 2011-02-10 14:44:25 ----A---- C:\Windows\system32\atmfd.dll 2011-02-10 14:44:24 ----A---- C:\Windows\system32\atmlib.dll 2011-02-08 18:49:06 ----D---- C:\Program Files\SkanerOnline 2011-02-08 16:06:37 ----AH---- C:\Users\kamil\AppData\Roaming\jbMhE16d0h.txt 2011-02-03 20:22:07 ----HD---- C:\LG3G 2011-02-03 20:19:41 ----D---- C:\lgupload 2011-02-03 17:21:19 ----D---- C:\Users\kamil\AppData\Roaming\LG Electronics 2011-02-03 17:15:07 ----A---- C:\Windows\system32\drivers\lgusbmodem.sys 2011-02-03 17:15:07 ----A---- C:\Windows\system32\drivers\lgusbdiag.sys 2011-02-03 17:15:07 ----A---- C:\Windows\system32\drivers\lgusbbus.sys 2011-02-03 17:15:06 ----D---- C:\Program Files\LG Electronics 2011-02-03 17:13:26 ----D---- C:\Program Files\LG PC Suite 2 2011-01-30 16:31:48 ----D---- C:\Users\kamil\AppData\Roaming\MPMAN 2011-01-29 09:36:11 ----D---- C:\Windows\TempAE2F5317-B912-ED87-AA44-48E9B7C3915A-Signatures 2011-01-29 09:35:01 ----D---- C:\Program Files\Microsoft Security Client 2011-01-29 09:33:46 ----A---- C:\Windows\system32\drivers\netio.sys 2011-01-25 19:01:06 ----A---- C:\Windows\system32\XAudio2_7.dll 2011-01-25 19:01:06 ----A---- C:\Windows\system32\XAPOFX1_5.dll 2011-01-25 19:01:06 ----A---- C:\Windows\system32\xactengine3_7.dll 2011-01-25 19:01:05 ----A---- C:\Windows\system32\D3DCompiler_43.dll 2011-01-25 19:01:04 ----A---- C:\Windows\system32\d3dx11_43.dll 2011-01-25 19:01:04 ----A---- C:\Windows\system32\d3dcsx_43.dll 2011-01-25 19:01:03 ----A---- C:\Windows\system32\D3DX9_43.dll 2011-01-25 19:01:03 ----A---- C:\Windows\system32\d3dx10_43.dll 2011-01-25 19:01:02 ----A---- C:\Windows\system32\XAudio2_6.dll 2011-01-25 19:01:02 ----A---- C:\Windows\system32\XAPOFX1_4.dll 2011-01-25 19:01:01 ----A---- C:\Windows\system32\xactengine3_6.dll 2011-01-25 19:01:01 ----A---- C:\Windows\system32\X3DAudio1_7.dll 2011-01-25 19:01:00 ----A---- C:\Windows\system32\XAudio2_5.dll 2011-01-25 19:01:00 ----A---- C:\Windows\system32\xactengine3_5.dll 2011-01-25 19:00:59 ----A---- C:\Windows\system32\D3DCompiler_42.dll 2011-01-25 19:00:58 ----A---- C:\Windows\system32\d3dx11_42.dll 2011-01-25 19:00:58 ----A---- C:\Windows\system32\d3dcsx_42.dll 2011-01-25 19:00:57 ----A---- C:\Windows\system32\D3DX9_42.dll 2011-01-25 19:00:57 ----A---- C:\Windows\system32\d3dx10_42.dll 2011-01-25 19:00:56 ----A---- C:\Windows\system32\d3dx10_41.dll 2011-01-25 19:00:56 ----A---- C:\Windows\system32\D3DCompiler_41.dll 2011-01-25 19:00:55 ----A---- C:\Windows\system32\D3DX9_41.dll 2011-01-25 19:00:54 ----A---- C:\Windows\system32\XAudio2_4.dll 2011-01-25 19:00:54 ----A---- C:\Windows\system32\XAPOFX1_3.dll 2011-01-25 19:00:54 ----A---- C:\Windows\system32\xactengine3_4.dll 2011-01-25 19:00:53 ----A---- C:\Windows\system32\X3DAudio1_6.dll 2011-01-25 19:00:53 ----A---- C:\Windows\system32\d3dx10_40.dll 2011-01-25 19:00:53 ----A---- C:\Windows\system32\D3DCompiler_40.dll 2011-01-25 19:00:49 ----A---- C:\Windows\system32\D3DX9_40.dll 2011-01-25 19:00:48 ----A---- C:\Windows\system32\XAudio2_3.dll 2011-01-25 19:00:48 ----A---- C:\Windows\system32\XAPOFX1_2.dll 2011-01-25 19:00:48 ----A---- C:\Windows\system32\xactengine3_3.dll 2011-01-25 19:00:48 ----A---- C:\Windows\system32\X3DAudio1_5.dll 2011-01-25 19:00:47 ----A---- C:\Windows\system32\XAudio2_2.dll 2011-01-25 19:00:47 ----A---- C:\Windows\system32\XAPOFX1_1.dll 2011-01-25 19:00:47 ----A---- C:\Windows\system32\xactengine3_2.dll 2011-01-25 19:00:46 ----A---- C:\Windows\system32\d3dx10_39.dll 2011-01-25 19:00:46 ----A---- C:\Windows\system32\D3DCompiler_39.dll 2011-01-25 19:00:45 ----A---- C:\Windows\system32\D3DX9_39.dll 2011-01-25 19:00:44 ----A---- C:\Windows\system32\XAudio2_1.dll 2011-01-25 19:00:44 ----A---- C:\Windows\system32\XAPOFX1_0.dll 2011-01-25 19:00:44 ----A---- C:\Windows\system32\xactengine3_1.dll 2011-01-25 19:00:44 ----A---- C:\Windows\system32\X3DAudio1_4.dll 2011-01-25 19:00:43 ----A---- C:\Windows\system32\d3dx10_38.dll 2011-01-25 19:00:43 ----A---- C:\Windows\system32\D3DCompiler_38.dll 2011-01-25 19:00:42 ----A---- C:\Windows\system32\XAudio2_0.dll 2011-01-25 19:00:42 ----A---- C:\Windows\system32\D3DX9_38.dll 2011-01-25 19:00:41 ----A---- C:\Windows\system32\xactengine3_0.dll 2011-01-25 19:00:41 ----A---- C:\Windows\system32\X3DAudio1_3.dll 2011-01-25 19:00:40 ----A---- C:\Windows\system32\d3dx10_37.dll 2011-01-25 19:00:40 ----A---- C:\Windows\system32\D3DCompiler_37.dll 2011-01-25 19:00:39 ----A---- C:\Windows\system32\D3DX9_37.dll 2011-01-25 19:00:38 ----A---- C:\Windows\system32\xactengine2_10.dll 2011-01-25 19:00:37 ----A---- C:\Windows\system32\d3dx10_36.dll 2011-01-25 19:00:37 ----A---- C:\Windows\system32\D3DCompiler_36.dll 2011-01-25 19:00:36 ----A---- C:\Windows\system32\xactengine2_9.dll 2011-01-25 19:00:36 ----A---- C:\Windows\system32\d3dx9_36.dll 2011-01-25 19:00:35 ----A---- C:\Windows\system32\d3dx10_35.dll 2011-01-25 19:00:35 ----A---- C:\Windows\system32\D3DCompiler_35.dll 2011-01-25 19:00:33 ----A---- C:\Windows\system32\xactengine2_8.dll 2011-01-25 19:00:33 ----A---- C:\Windows\system32\X3DAudio1_2.dll 2011-01-25 19:00:33 ----A---- C:\Windows\system32\d3dx9_35.dll 2011-01-25 19:00:32 ----A---- C:\Windows\system32\d3dx10_34.dll 2011-01-25 19:00:32 ----A---- C:\Windows\system32\D3DCompiler_34.dll 2011-01-25 19:00:31 ----A---- C:\Windows\system32\d3dx9_34.dll 2011-01-25 19:00:30 ----A---- C:\Windows\system32\xactengine2_7.dll 2011-01-25 19:00:28 ----A---- C:\Windows\system32\xactengine2_6.dll 2011-01-25 19:00:27 ----A---- C:\Windows\system32\xactengine2_5.dll 2011-01-25 19:00:27 ----A---- C:\Windows\system32\d3dx10.dll 2011-01-25 19:00:26 ----A---- C:\Windows\system32\d3dx9_32.dll 2011-01-25 19:00:25 ----A---- C:\Windows\system32\xactengine2_4.dll 2011-01-25 19:00:25 ----A---- C:\Windows\system32\x3daudio1_1.dll 2011-01-25 19:00:25 ----A---- C:\Windows\system32\d3dx9_31.dll 2011-01-25 19:00:24 ----A---- C:\Windows\system32\xinput1_2.dll 2011-01-25 19:00:24 ----A---- C:\Windows\system32\xactengine2_3.dll 2011-01-25 19:00:24 ----A---- C:\Windows\system32\xactengine2_2.dll 2011-01-25 19:00:23 ----A---- C:\Windows\system32\xinput1_1.dll 2011-01-25 19:00:23 ----A---- C:\Windows\system32\xactengine2_1.dll 2011-01-25 19:00:11 ----A---- C:\Windows\system32\xactengine2_0.dll 2011-01-25 19:00:11 ----A---- C:\Windows\system32\x3daudio1_0.dll 2011-01-25 19:00:11 ----A---- C:\Windows\system32\d3dx9_30.dll 2011-01-25 19:00:10 ----A---- C:\Windows\system32\d3dx9_29.dll 2011-01-25 19:00:09 ----A---- C:\Windows\system32\d3dx9_28.dll 2011-01-25 19:00:08 ----A---- C:\Windows\system32\d3dx9_27.dll 2011-01-25 19:00:08 ----A---- C:\Windows\system32\d3dx9_26.dll 2011-01-25 19:00:07 ----A---- C:\Windows\system32\d3dx9_25.dll 2011-01-25 19:00:06 ----A---- C:\Windows\system32\d3dx9_24.dll ======List of files/folders modified in the last 1 months====== 2011-02-18 18:34:19 ----D---- C:\Windows\Prefetch 2011-02-18 18:34:17 ----D---- C:\Program Files\trend micro 2011-02-18 18:34:02 ----D---- C:\Windows\Temp 2011-02-18 18:24:40 ----D---- C:\Users\kamil\AppData\Roaming\Skype 2011-02-18 16:08:19 ----D---- C:\Users\kamil\AppData\Roaming\skypePM 2011-02-18 15:02:09 ----D---- C:\Windows\System32 2011-02-18 15:02:09 ----D---- C:\Windows\inf 2011-02-18 15:02:09 ----A---- C:\Windows\system32\PerfStringBackup.INI 2011-02-17 22:55:52 ----SHD---- C:\System Volume Information 2011-02-17 10:20:22 ----D---- C:\Windows\system32\catroot2 2011-02-17 10:20:20 ----D---- C:\Windows\Microsoft.NET 2011-02-17 10:20:16 ----RSD---- C:\Windows\assembly 2011-02-17 10:15:57 ----D---- C:\Windows\system32\drivers 2011-02-17 09:52:52 ----D---- C:\Windows\winsxs 2011-02-17 09:51:04 ----D---- C:\Windows\system32\wbem 2011-02-16 22:33:01 ----D---- C:\Windows\Minidump 2011-02-16 22:32:18 ----D---- C:\Windows 2011-02-16 21:28:35 ----D---- C:\Windows\system32\catroot 2011-02-16 09:13:08 ----D---- C:\Windows\rescache 2011-02-16 08:58:09 ----SHD---- C:\Boot 2011-02-16 08:47:18 ----D---- C:\Program Files\Windows Sidebar 2011-02-16 08:47:18 ----D---- C:\Program Files\Windows Media Player 2011-02-16 08:47:18 ----D---- C:\Program Files\Windows Mail 2011-02-16 08:47:18 ----D---- C:\Program Files\Windows Collaboration 2011-02-16 08:47:18 ----D---- C:\Program Files\Windows Calendar 2011-02-16 08:47:18 ----D---- C:\Program Files\Movie Maker 2011-02-16 08:47:18 ----D---- C:\Program Files\Internet Explorer 2011-02-16 08:47:17 ----D---- C:\Program Files\Windows Photo Gallery 2011-02-16 08:47:16 ----D---- C:\Program Files\Windows Defender 2011-02-16 08:47:16 ----D---- C:\Program Files\Common Files\System 2011-02-16 08:47:15 ----D---- C:\Windows\servicing 2011-02-16 08:47:11 ----D---- C:\Windows\system32\XPSViewer 2011-02-16 08:47:11 ----D---- C:\Windows\system32\sk-SK 2011-02-16 08:47:11 ----D---- C:\Windows\system32\oobe 2011-02-16 08:47:11 ----D---- C:\Windows\system32\lv-LV 2011-02-16 08:47:11 ----D---- C:\Windows\system32\ko-KR 2011-02-16 08:47:11 ----D---- C:\Windows\system32\it-IT 2011-02-16 08:47:11 ----D---- C:\Windows\system32\hr-HR 2011-02-16 08:47:11 ----D---- C:\Windows\system32\et-EE 2011-02-16 08:47:11 ----D---- C:\Windows\system32\en-US 2011-02-16 08:47:11 ----D---- C:\Windows\system32\el-GR 2011-02-16 08:47:11 ----D---- C:\Windows\system32\de-DE 2011-02-16 08:47:11 ----D---- C:\Windows\system32\da-DK 2011-02-16 08:47:11 ----D---- C:\Windows\IME 2011-02-16 08:47:10 ----D---- C:\Windows\system32\migration 2011-02-16 08:47:09 ----D---- C:\Windows\system32\sv-SE 2011-02-16 08:47:09 ----D---- C:\Windows\system32\SLUI 2011-02-16 08:47:09 ----D---- C:\Windows\system32\setup 2011-02-16 08:47:09 ----D---- C:\Windows\system32\ru-RU 2011-02-16 08:47:09 ----D---- C:\Windows\system32\pt-PT 2011-02-16 08:47:09 ----D---- C:\Windows\system32\hu-HU 2011-02-16 08:47:09 ----D---- C:\Windows\system32\he-IL 2011-02-16 08:47:09 ----D---- C:\Windows\system32\fr-FR 2011-02-16 08:47:09 ----D---- C:\Windows\system32\fi-FI 2011-02-16 08:47:09 ----D---- C:\Windows\system32\cs-CZ 2011-02-16 08:47:09 ----D---- C:\Windows\system32\AdvancedInstallers 2011-02-16 08:47:08 ----D---- C:\Windows\system32\zh-TW 2011-02-16 08:47:08 ----D---- C:\Windows\system32\zh-CN 2011-02-16 08:47:08 ----D---- C:\Windows\system32\uk-UA 2011-02-16 08:47:08 ----D---- C:\Windows\system32\sr-Latn-CS 2011-02-16 08:47:08 ----D---- C:\Windows\system32\sl-SI 2011-02-16 08:47:08 ----D---- C:\Windows\system32\manifeststore 2011-02-16 08:47:08 ----D---- C:\Windows\system32\es-ES 2011-02-16 08:47:07 ----D---- C:\Windows\system32\pl-PL 2011-02-16 08:47:06 ----D---- C:\Windows\system32\ro-RO 2011-02-16 08:47:06 ----D---- C:\Windows\system32\ja-JP 2011-02-16 08:47:06 ----D---- C:\Windows\system32\bg-BG 2011-02-16 08:47:05 ----D---- C:\Windows\system32\tr-TR 2011-02-16 08:47:05 ----D---- C:\Windows\system32\th-TH 2011-02-16 08:47:05 ----D---- C:\Windows\system32\drivers\pl-PL 2011-02-16 08:47:04 ----D---- C:\Windows\system32\nl-NL 2011-02-16 08:47:04 ----D---- C:\Windows\system32\nb-NO 2011-02-16 08:47:04 ----D---- C:\Windows\system32\lt-LT 2011-02-16 08:47:04 ----D---- C:\Windows\system32\ar-SA 2011-02-16 08:47:03 ----D---- C:\Windows\system32\pt-BR 2011-02-16 08:47:03 ----D---- C:\Windows\system32\migwiz 2011-02-16 08:46:50 ----RSD---- C:\Windows\Fonts 2011-02-16 08:46:50 ----D---- C:\Windows\AppPatch 2011-02-16 08:46:44 ----D---- C:\Windows\system32\Boot 2011-02-16 08:45:35 ----D---- C:\Windows\system32\drivers\UMDF 2011-02-16 08:35:56 ----D---- C:\Program Files\Common Files 2011-02-16 08:35:10 ----A---- C:\Windows\fonts\GlobalUserInterface.CompositeFont 2011-02-16 08:06:36 ----D---- C:\Windows\PolicyDefinitions 2011-02-16 08:03:20 ----D---- C:\Windows\Debug 2011-02-14 17:35:13 ----SHD---- C:\Windows\Installer 2011-02-14 16:30:18 ----HD---- C:\ProgramData 2011-02-14 15:43:10 ----D---- C:\ProgramData\Microsoft Help 2011-02-08 18:49:06 ----SD---- C:\Windows\Downloaded Program Files 2011-02-08 18:49:06 ----RD---- C:\Program Files 2011-02-07 18:57:09 ----D---- C:\Windows\system32\WDI 2011-02-04 17:34:02 ----A---- C:\Windows\system32\mrt.exe 2011-02-03 17:15:04 ----HD---- C:\Program Files\InstallShield Installation Information 2011-01-29 09:34:51 ----SD---- C:\ProgramData\Microsoft 2011-01-22 03:01:21 ----D---- C:\Windows\system32\config 2011-01-22 03:01:17 ----D---- C:\Windows\WinClon 2011-01-22 03:01:17 ----D---- C:\Windows\VMC302 2011-01-22 03:01:17 ----D---- C:\Windows\Tasks 2011-01-22 03:01:17 ----D---- C:\Windows\system32\Tasks 2011-01-22 03:01:17 ----D---- C:\Windows\system32\spool 2011-01-22 03:01:17 ----D---- C:\Windows\system32\Msdtc 2011-01-22 03:01:17 ----D---- C:\Windows\system32\CodeIntegrity 2011-01-22 03:01:16 ----D---- C:\Windows\registration ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2008-06-16 318488] R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-04-27 691696] R1 afw;Agnitum Firewall Driver; C:\Windows\system32\DRIVERS\afw.sys [2009-02-18 29208] R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2010-10-24 165264] R1 MpKsl3b685fcb;MpKsl3b685fcb; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F3756088-6E54-45E8-846C-DFADC10BF652}\MpKsl3b685fcb.sys [2011-02-18 28752] R1 MpKsld37a6168;MpKsld37a6168; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F3756088-6E54-45E8-846C-DFADC10BF652}\MpKsld37a6168.sys [2011-02-17 28752] R1 SandBox;SandBox; \??\C:\Windows\system32\drivers\SandBox.sys [2009-04-06 704384] R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-09-25 278728] R2 KMDFMEMIO;SAMSUNG Kernel Driver; C:\Windows\system32\DRIVERS\kmdfmemio.sys [2007-05-23 13312] R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-09-25 25416] R3 afwcore;afwcore; C:\Windows\system32\drivers\afwcore.sys [2009-02-10 307224] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2007-09-13 755712] R3 HdAudAddService;Sterownik funkcji Microsoft 1.1 UAA dla usługi standardu High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-04-17 2098904] R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2010-10-24 43392] R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2010-10-24 54144] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-06-08 7522624] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-10-26 193456] R3 VMC302;Vimicro Camera Service VMC302; C:\Windows\System32\Drivers\VMC302.sys [2008-04-05 242560] R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2007-12-28 298496] S2 E4LOADER;General Purpose USB Driver (e4ldr.sys); C:\Windows\System32\Drivers\e4ldr.sys [2007-01-04 69656] S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888] S3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\Windows\system32\DRIVERS\bcm4sbxp.sys [2006-11-02 45056] S3 BthEnum;Sterownik Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-01-21 19456] S3 BthPan;Urządzenie Bluetooth (sieć osobista); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160] S3 BTHPORT;Sterownik portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2008-01-21 219648] S3 BTHUSB;Sterownik USB odbiornika radiowego Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2008-01-21 29184] S3 btwaudio;Urz1dzenie dYwiekowe Bluetooth; C:\Windows\system32\drivers\btwaudio.sys [2008-02-14 80424] S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2007-07-15 80936] S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-07-15 16168] S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632] S3 e4usbaw;USB ADSL2 WAN Adapter; C:\Windows\system32\DRIVERS\e4usbaw.sys [2007-01-04 104344] S3 EagleNT;EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys [] S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [] S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-10-19 1380864] S3 LLRING0;LLRING0; \??\D:\Gry\Zypher\zhypermu small r3\MuGuard\llck2.sys [] S3 MSKSSRV;Serwer proxy usługi Microsoft Streaming; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192] S3 MSPCLOCK;Serwer proxy zegara Microsoft Streaming; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888] S3 MSPQM;Serwer proxy menedżera jakości Microsoft Streaming; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504] S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016] S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2008-01-21 2225664] S3 RFCOMM;Urządzenie Bluetooth (Protokół TDI RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys [2008-02-21 50688] S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys [2007-07-11 12416] S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys [2007-07-11 19840] S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys [2007-07-11 21632] S3 usbvideo;Urządzenie wideo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328] S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656] S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616] S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 acssrv;Agnitum Client Security Service; C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe [2009-04-28 1195008] R2 BcmSqlStartupSvc;Usługa startowa serwera SQL dodatku Business Contact Manager; C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2009-02-25 30312] R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504] R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2008-05-23 819200] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-03-17 73728] R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2010-11-11 11736] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-06-08 196608] R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2010-05-31 66872] R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2010-05-31 107832] R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2008-05-23 466944] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2006-12-19 272024] R2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-11-24 239968] R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-24 87904] R3 NisSrv;@c:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 206360] S2 gupdate;Usługa Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-08-17 136176] S2 Samsung Update Plus;Samsung Update Plus; C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe [2008-05-13 77480] S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2009-05-27 29262680] S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2010-06-02 3594440] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2010-12-05 403240] S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-11-24 45408] -----------------EOF----------------- [/log] PS. komputer nie uruchomił się ponownie
Tomek01 komentarz 19 lutego 2011 komentarz 19 lutego 2011 Nie uruchomił się bo wcisnąłeś RunScan a nie RunFix. Dlatego też nie pojawił się log z usuwania. Wykonaj wszystko jeszcze raz.
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.