x-kom hosting

Częste błędy nie wysyłaj w programach, blokowanie stron...

bykufgf
utworzono
utworzono

Witam. Od kilku miesięcy mam problem ze spokojną pracą na komputerze, a mianowicie np. podczas pracy na przeglądarce internetowej chrome nagle się ona wyłącza z komunikatem ,że uległa awarii i czy chce uruchomić ją ponownie. Czasami się udaje i działa normalnie ,ale często jest tak ,że ten komunikat wyskakuje w kółko. Inną sprawą jest to ,że podczas przeglądania stron wyskakuje komunikat ,że jakaś wtyczka uległa awarii i nawet po odświeżeniu strony nic się nie da zrobić(dopiero restart kompa pomaga), czasami jest tak ,że wyskakuje błąd flash'a i nie mogę oglądać filmików na youtube(tutaj również pomaga restart kompa). Podobnie mam przy graniu w gry po prostu wywala mi z niej z komunikatem nie wysyłaj. Ostatnio 2x wyskoczył mi komunikat o tym ,że system musi zostać zamknięty w ciągu 40s bodajże (to samo okienko co się robiło kawał komuś ,że on włączał jakiś skrót niby od np. przeglądarki ,a tu wyskakiwał mu ten komunikat). No i na deser dzisiaj mi avast zwariował i przy wchodzeniu na byle jaką stronę internetową wykrywał pełno wirusów.Skanowałem avastem całkowicie komputer dwa razy i nic nie znalazł (zresztą czego się spodziewać po darmowym antywirusie :) ). Nie mam pojęcia co z tym zrobić, więc proszę was o pomoc. Poniżej wstawiam log z OTL i RSIT:


OTL:

-Extras:
[log]OTL Extras logfile created on: 2012-01-20 12:57:11 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\byku\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1,50 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 66,42% Memory free
3,35 Gb Paging File | 3,00 Gb Available in Paging File | 89,44% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 25,19 Gb Total Space | 7,78 Gb Free Space | 30,88% Space Free | Partition Type: NTFS
Drive D: | 49,33 Gb Total Space | 25,47 Gb Free Space | 51,64% Space Free | Partition Type: NTFS

Computer Name: PREZES-EBA774DE | User Name: byku | NOT logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-299502267-725345543-839522115-1004\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe (Google Inc.)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"58258:TCP" = 58258:TCP:*:Enabled:Pando Media Booster
"58258:UDP" = 58258:UDP:*:Enabled:Pando Media Booster

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"58258:TCP" = 58258:TCP:*:Enabled:Pando Media Booster
"58258:UDP" = 58258:UDP:*:Enabled:Pando Media Booster
"5353:TCP" = 5353:TCP:*:Enabled:Adobe CSI CS4

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\Program Files\Counter-Strike\hl.exe" = D:\Program Files\Counter-Strike\hl.exe:*:Enabled:Half-Life Launcher
"D:\Program Files\uTorrent\uTorrent.exe" = D:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"D:\Program Files\Microsoft Games\Rise of Nations\thrones.exe" = D:\Program Files\Microsoft Games\Rise of Nations\thrones.exe:*:Enabled:Rise of Nations -- (Big Huge Games, Inc.)
"D:\Program Files\Microsoft Games\Rise of Nations\patriots.exe" = D:\Program Files\Microsoft Games\Rise of Nations\patriots.exe:*:Enabled:Rise of Nations -- (Big Huge Games, Inc.)
"D:\Program Files\Strogino CS Portal\Counter-Strike Source\hl2.exe" = D:\Program Files\Strogino CS Portal\Counter-Strike Source\hl2.exe:*:Enabled:hl2
"D:\Program Files\Valve\hl.exe" = D:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)
"D:\Program Files\Steam\Steam.exe" = D:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"D:\Program Files\Gadu-Gadu 10\gg.exe" = D:\Program Files\Gadu-Gadu 10\gg.exe:*:Disabled:Gadu-Gadu 10 -- (GG Network S.A.)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Disabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour
"D:\Program Files\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe" = D:\Program Files\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe:*:Disabled:Stronghold Crusader
"C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*:Disabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"D:\Program Files\Metinpirv\ForteMT2\Launcher.exe" = D:\Program Files\Metinpirv\ForteMT2\Launcher.exe:*:Disabled:Launcher -- ()
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" = C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4 -- (Adobe Systems Incorporated)
"D:\Program Files\Steam\steamapps\byczekfgf\counter-strike\hl.exe" = D:\Program Files\Steam\steamapps\byczekfgf\counter-strike\hl.exe:*:Enabled:Counter-Strike -- (Valve)


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{036FD544-AED6-3F33-856D-A2292D0CF471}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - PLK
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{12766F00-807F-4978-8D24-FDD0A3D60EE4}" = ArtRage 2
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F77C418-2C90-459C-BD33-B56A4182B9FA}" = System Requirements Lab CYRI
"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java(TM) 6 Update 29
"{271A659B-A7D3-405E-AE31-3086133BE0B7}" = Yamaha USB-MIDI Driver
"{2758691A-2CDE-4942-A4AC-0E8F61FE2067}" = USB Video Driver
"{2BA00471-0328-3743-93BD-FA813353A783}" = Microsoft .NET Framework 3.0 Service Pack 1
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2FC099BD-AC9B-33EB-809C-D332E1B27C40}" = Microsoft .NET Framework 3.5
"{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3AF8C37F-696E-871C-0851-CDE980FD665E}" = Bamboo Dock
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{5A67D2EA-FB70-4033-A6F3-606AD85B2015}_is1" = Driver Sweeper wersja 3.2.0
"{5C19E2DC-4CCF-3114-B40A-6E565987025F}" = Microsoft .NET Framework 4 Extended PLK Language Pack
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{6D3C6846-CDB6-418F-8FDB-DA21FE064F86}" = YAMAHA Musicsoft Downloader 5
"{6E0C3C3D-CF8A-4AEC-AD6C-B4486A96BE8E}" = Bamboo Tablets Tutorial
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7C77393F-8237-3825-A88A-AFAF3C69C072}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - PLK
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{8BBB5E4C-3F5E-4C07-BFBE-33B34600783A}" = LogMeIn Hamachi
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99F5E794-74A2-469A-86F9-F7E953EF3D9E}" = Counter-Strike Source
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}" = Counter-Strike 1.6
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1)
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{C3592426-531E-4110-911D-BFECE2CE284C}" = osu!
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D755C7A3-C03E-4460-8C00-AC6E55505FB5}" = LightScribe 1.4.74.1
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F31E509D-3597-324E-83CF-0C160B2320F0}" = Microsoft .NET Framework 3.5 Language Pack - plk
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FD271FAB-2F69-6983-A6A4-828F357940C4}" = Livebrush Mini
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"69083DC58646DE46A09847A522A1CC487F918039" = Pakiet sterowników systemu Windows - eMPIA Technology Inc, (emAudio) MEDIA (08/31/2007 5.7.0831.0)
"9722CA1E8F72F362E93CBEC75A707FDABFC8D880" = Pakiet sterowników systemu Windows - Advanced Micro Devices, Inc. (USB28xxBGA) Media (08/31/2007 5.7.0831.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"ASIO4ALL" = ASIO4ALL
"avast" = avast! Free Antivirus
"BabylonToolbar" = Babylon toolbar on IE
"Bamboo Dock" = Bamboo Dock
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.livebrush.2205ABAA7E8202CDC1251B1FA1E879364B7BAB52.1" = Livebrush Mini
"Counter-Strike 1.6 v32" = Counter-Strike 1.6 v32
"DAEMON Tools Lite" = DAEMON Tools Lite
"DVD Decrypter" = DVD Decrypter (Remove Only)
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"FL Studio 9" = FL Studio 9
"FreePascal_is1" = Free Pascal 2.4.4
"Gadu-Gadu 10" = Gadu-Gadu 10
"GameSpy Arcade" = GameSpy Arcade
"Hardcore" = Hardcore
"IL Download Manager" = IL Download Manager
"IL Harmless" = IL Harmless
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.9.0 (Full)
"LogMeIn Hamachi" = LogMeIn Hamachi
"Microsoft .NET Framework 3.5" = Microsoft .NET Framework 3.5
"Microsoft .NET Framework 3.5 Language Pack - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 — PLK
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended
"MixMeister BPM Analyzer_is1" = MixMeister BPM Analyzer 1.0
"Mozilla Firefox 9.0.1 (x86 pl)" = Mozilla Firefox 9.0.1 (x86 pl)
"Nero - Burning Rom!UninstallKey" = Nero OEM
"Notepad++" = Notepad++
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIAnForce" = NVIDIA Windows 2000/XP nForce Drivers
"Pen Tablet Driver" = Bamboo
"PoiZone" = PoiZone
"reFX Nexus_is1" = reFX Nexus VSTi RTAS v2.2.0
"RiseOfNationsExpansion 1.0" = Rise of Nations
"Sawer" = Sawer
"SpeedFan" = SpeedFan (remove only)
"Steam App 10" = Counter-Strike
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Toxic Biohazard" = Toxic Biohazard
"uTorrent" = µTorrent
"uTorrentBar Toolbar" = uTorrentBar Toolbar
"Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin
"Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
"wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1" = Bamboo Dock
"WIC" = Windows Imaging Component
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR 4.00 (32-bitowy)
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-299502267-725345543-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

Error: Unable to start EventLog service!

< End of report >

[/log]
-OTL:
[log]OTL logfile created on: 2012-01-20 12:57:11 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\byku\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1,50 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 66,42% Memory free
3,35 Gb Paging File | 3,00 Gb Available in Paging File | 89,44% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 25,19 Gb Total Space | 7,78 Gb Free Space | 30,88% Space Free | Partition Type: NTFS
Drive D: | 49,33 Gb Total Space | 25,47 Gb Free Space | 51,64% Space Free | Partition Type: NTFS

Computer Name: PREZES-EBA774DE | User Name: byku | NOT logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2012-01-20 12:54:51 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\byku\Pulpit\OTL.exe
PRC - [2012-01-16 18:49:05 | 000,924,632 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012-01-16 18:49:01 | 000,016,856 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2011-11-28 19:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011-11-11 22:15:58 | 000,140,952 | ---- | M] (Google Inc.) -- C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.79\GoogleCrashHandler.exe
PRC - [2011-09-27 04:45:40 | 000,646,232 | ---- | M] () -- C:\Program Files\Bamboo Dock\BambooCore.exe
PRC - [2011-09-08 17:48:34 | 003,281,272 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
PRC - [2011-09-08 17:48:34 | 001,485,176 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
PRC - [2011-06-09 13:06:06 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2008-04-14 22:51:40 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-14 22:51:12 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2007-06-26 12:22:42 | 000,081,997 | ---- | M] () -- C:\Program Files\USB TV\EM28XX\BDARemote.exe
PRC - [2003-10-08 10:41:10 | 000,057,344 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2012-01-20 12:54:51 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\byku\Pulpit\OTL.exe
MOD - [2012-01-19 23:19:15 | 000,044,744 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\defs\12012000\uiext.dll
MOD - [2012-01-16 18:49:07 | 000,043,992 | ---- | M] (Mozilla Foundation) -- D:\Program Files\Mozilla Firefox\mozutils.dll
MOD - [2012-01-16 18:49:06 | 000,121,816 | ---- | M] (Mozilla Foundation) -- D:\Program Files\Mozilla Firefox\components\browsercomps.dll
MOD - [2012-01-16 18:49:05 | 000,924,632 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\firefox.exe
MOD - [2012-01-16 18:49:05 | 000,269,272 | ---- | M] (Mozilla Foundation) -- D:\Program Files\Mozilla Firefox\freebl3.dll
MOD - [2012-01-16 18:49:04 | 002,124,760 | ---- | M] () -- D:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012-01-16 18:49:04 | 000,814,040 | ---- | M] (sqlite.org) -- D:\Program Files\Mozilla Firefox\mozsqlite3.dll
MOD - [2012-01-16 18:49:04 | 000,015,832 | ---- | M] (Mozilla Foundation) -- D:\Program Files\Mozilla Firefox\mozalloc.dll
MOD - [2012-01-16 18:49:03 | 000,646,104 | ---- | M] (Mozilla Foundation) -- D:\Program Files\Mozilla Firefox\nss3.dll
MOD - [2012-01-16 18:49:03 | 000,371,672 | ---- | M] (Mozilla Foundation) -- D:\Program Files\Mozilla Firefox\nssckbi.dll
MOD - [2012-01-16 18:49:03 | 000,187,352 | ---- | M] (Mozilla Foundation) -- D:\Program Files\Mozilla Firefox\nspr4.dll
MOD - [2012-01-16 18:49:02 | 000,109,528 | ---- | M] (Mozilla Foundation) -- D:\Program Files\Mozilla Firefox\nssdbm3.dll
MOD - [2012-01-16 18:49:02 | 000,105,432 | ---- | M] (Mozilla Foundation) -- D:\Program Files\Mozilla Firefox\nssutil3.dll
MOD - [2012-01-16 18:49:01 | 000,021,976 | ---- | M] (Mozilla Foundation) -- D:\Program Files\Mozilla Firefox\plc4.dll
MOD - [2012-01-16 18:49:01 | 000,020,440 | ---- | M] (Mozilla Foundation) -- D:\Program Files\Mozilla Firefox\plds4.dll
MOD - [2012-01-16 18:49:01 | 000,016,856 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\plugin-container.exe
MOD - [2012-01-16 18:49:00 | 000,170,968 | ---- | M] (Mozilla Foundation) -- D:\Program Files\Mozilla Firefox\softokn3.dll
MOD - [2012-01-16 18:49:00 | 000,105,432 | ---- | M] (Mozilla Foundation) -- D:\Program Files\Mozilla Firefox\smime3.dll
MOD - [2012-01-16 18:48:59 | 000,154,584 | ---- | M] (Mozilla Foundation) -- D:\Program Files\Mozilla Firefox\ssl3.dll
MOD - [2012-01-16 18:48:57 | 000,019,928 | ---- | M] (Mozilla Foundation) -- D:\Program Files\Mozilla Firefox\xpcom.dll
MOD - [2012-01-16 18:48:56 | 016,096,216 | ---- | M] (Mozilla Foundation) -- D:\Program Files\Mozilla Firefox\xul.dll
MOD - [2011-12-06 19:05:53 | 000,108,616 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswJsFlt.dll
MOD - [2011-11-28 19:01:33 | 000,199,280 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\1045\uiLangRes.dll
MOD - [2011-11-28 19:01:33 | 000,091,624 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\1045\Base.dll
MOD - [2011-11-28 19:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
MOD - [2011-11-28 19:01:22 | 001,821,000 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\CommonRes.dll
MOD - [2011-11-28 19:01:22 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2011-11-28 19:01:20 | 000,398,576 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswSqLt.dll
MOD - [2011-11-28 19:01:20 | 000,220,880 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswProperty.dll
MOD - [2011-11-28 19:01:20 | 000,205,448 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswLog.dll
MOD - [2011-11-28 19:01:20 | 000,025,728 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswUtil.dll
MOD - [2011-11-28 19:01:19 | 000,048,888 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswEngLdr.dll
MOD - [2011-11-28 19:01:18 | 000,682,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswAux.dll
MOD - [2011-11-28 19:01:18 | 000,317,200 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnBS.dll
MOD - [2011-11-28 19:01:18 | 000,167,832 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswData.dll
MOD - [2011-11-28 19:01:18 | 000,163,736 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnIS.dll
MOD - [2011-11-28 19:01:18 | 000,097,840 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnOS.dll
MOD - [2011-11-28 19:01:17 | 000,204,448 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashBase.dll
MOD - [2011-11-28 19:01:17 | 000,150,352 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashTask.dll
MOD - [2011-11-28 19:01:17 | 000,122,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashShell.dll
MOD - [2011-11-28 19:01:17 | 000,061,760 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashTaskEx.dll
MOD - [2011-11-28 19:01:14 | 000,319,784 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\Aavm4h.dll
MOD - [2011-11-28 19:01:13 | 000,072,584 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AavmRpch.dll
MOD - [2011-11-13 11:41:38 | 008,527,008 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2011-11-11 22:15:58 | 000,815,256 | ---- | M] (Google Inc.) -- C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.79\goopdate.dll
MOD - [2011-11-11 22:15:58 | 000,140,952 | ---- | M] (Google Inc.) -- C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.79\GoogleCrashHandler.exe
MOD - [2011-09-27 04:45:40 | 000,646,232 | ---- | M] () -- C:\Program Files\Bamboo Dock\BambooCore.exe
MOD - [2011-09-08 17:49:22 | 000,770,384 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Tablet\Pen\msvcr100.dll
MOD - [2011-09-08 17:49:22 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Tablet\Pen\msvcp100.dll
MOD - [2011-09-08 17:48:36 | 000,962,936 | ---- | M] () -- C:\Program Files\Tablet\Pen\libxml2.dll
MOD - [2011-09-08 17:48:34 | 003,281,272 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
MOD - [2011-09-08 17:48:34 | 001,485,176 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
MOD - [2011-09-08 17:48:34 | 001,369,464 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\system32\Pen_Tablet.dll
MOD - [2011-06-09 13:06:06 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
MOD - [2009-07-12 01:12:06 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
MOD - [2009-07-12 01:09:20 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll
MOD - [2009-07-12 00:02:02 | 003,780,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll
MOD - [2009-07-12 00:02:02 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
MOD - [2009-07-12 00:02:00 | 000,569,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
MOD - [2008-05-16 14:01:00 | 000,425,984 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvapi.dll
MOD - [2008-05-16 14:01:00 | 000,086,016 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvmctray.dll
MOD - [2008-04-14 22:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-14 22:51:58 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdmaud.drv
MOD - [2008-04-14 22:51:40 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
MOD - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
MOD - [2008-04-14 22:51:12 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
MOD - [2008-04-14 22:51:02 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsapi.dll
MOD - [2008-04-14 22:51:00 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2_32.dll
MOD - [2008-04-14 22:51:00 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wsock32.dll
MOD - [2008-04-14 22:51:00 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2help.dll
MOD - [2008-04-14 22:51:00 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wshtcpip.dll
MOD - [2008-04-14 22:51:00 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wtsapi32.dll
MOD - [2008-04-14 22:50:58 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2008-04-14 22:50:58 | 000,668,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wininet.dll
MOD - [2008-04-14 22:50:58 | 000,621,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\urlmon.dll
MOD - [2008-04-14 22:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-14 22:50:58 | 000,406,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usp10.dll
MOD - [2008-04-14 22:50:58 | 000,388,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\themeui.dll
MOD - [2008-04-14 22:50:58 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\webcheck.dll
MOD - [2008-04-14 22:50:58 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-14 22:50:58 | 000,181,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapi32.dll
MOD - [2008-04-14 22:50:58 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winmm.dll
MOD - [2008-04-14 22:50:58 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wintrust.dll
MOD - [2008-04-14 22:50:58 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll
MOD - [2008-04-14 22:50:58 | 000,122,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\stobject.dll
MOD - [2008-04-14 22:50:58 | 000,117,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\t2embed.dll
MOD - [2008-04-14 22:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-14 22:50:58 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winsta.dll
MOD - [2008-04-14 22:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-14 22:50:58 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winrnr.dll
MOD - [2008-04-14 22:50:48 | 008,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2008-04-14 22:50:48 | 001,499,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shdocvw.dll
MOD - [2008-04-14 22:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-14 22:50:48 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2008-04-14 22:50:48 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shimeng.dll
MOD - [2008-04-14 22:50:46 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2008-04-14 22:50:46 | 000,675,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasdlg.dll
MOD - [2008-04-14 22:50:46 | 000,584,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2008-04-14 22:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-14 22:50:46 | 000,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasapi32.dll
MOD - [2008-04-14 22:50:46 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\onex.dll
MOD - [2008-04-14 22:50:46 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schannel.dll
MOD - [2008-04-14 22:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-14 22:50:46 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll
MOD - [2008-04-14 22:50:46 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasman.dll
MOD - [2008-04-14 22:50:46 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2008-04-14 22:50:46 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rtutils.dll
MOD - [2008-04-14 22:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-14 22:50:46 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\powrprof.dll
MOD - [2008-04-14 22:50:46 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasadhlp.dll
MOD - [2008-04-14 22:50:44 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntshrui.dll
MOD - [2008-04-14 22:50:42 | 001,710,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netshell.dll
MOD - [2008-04-14 22:50:42 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netapi32.dll
MOD - [2008-04-14 22:50:42 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll
MOD - [2008-04-14 22:50:40 | 002,843,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msi.dll
MOD - [2008-04-14 22:50:40 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll
MOD - [2008-04-14 22:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-14 22:50:40 | 000,246,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mswsock.dll
MOD - [2008-04-14 22:50:40 | 000,195,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msutb.dll
MOD - [2008-04-14 22:50:40 | 000,132,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msv1_0.dll
MOD - [2008-04-14 22:50:40 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msimg32.dll
MOD - [2008-04-14 22:50:38 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll
MOD - [2008-04-14 22:50:38 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mscms.dll
MOD - [2008-04-14 22:50:38 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.dll
MOD - [2008-04-14 22:50:38 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msasn1.dll
MOD - [2008-04-14 22:50:38 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008-04-14 22:50:36 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2008-04-14 22:50:36 | 000,586,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mlang.dll
MOD - [2008-04-14 22:50:36 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mprapi.dll
MOD - [2008-04-14 22:50:36 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mpr.dll
MOD - [2008-04-14 22:50:36 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\linkinfo.dll
MOD - [2008-04-14 22:50:36 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\midimap.dll
MOD - [2008-04-14 22:50:34 | 000,346,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hnetcfg.dll
MOD - [2008-04-14 22:50:34 | 000,254,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\icm32.dll
MOD - [2008-04-14 22:50:34 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imagehlp.dll
MOD - [2008-04-14 22:50:34 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2008-04-14 22:50:34 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iphlpapi.dll
MOD - [2008-04-14 22:50:34 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hid.dll
MOD - [2008-04-14 22:50:32 | 000,285,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-04-14 22:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-14 22:50:32 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eappcfg.dll
MOD - [2008-04-14 22:50:32 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eappprxy.dll
MOD - [2008-04-14 22:50:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\feclient.dll
MOD - [2008-04-14 22:50:30 | 000,367,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dsound.dll
MOD - [2008-04-14 22:50:28 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dnsapi.dll
MOD - [2008-04-14 22:50:28 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dot3api.dll
MOD - [2008-04-14 22:50:28 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dot3dlg.dll
MOD - [2008-04-14 22:50:22 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dbghelp.dll
MOD - [2008-04-14 22:50:18 | 000,602,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\crypt32.dll
MOD - [2008-04-14 22:50:18 | 000,520,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptui.dll
MOD - [2008-04-14 22:50:18 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscui.dll
MOD - [2008-04-14 22:50:18 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\credui.dll
MOD - [2008-04-14 22:50:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscdll.dll
MOD - [2008-04-14 22:50:16 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2008-04-14 22:50:14 | 000,617,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comctl32.dll
MOD - [2008-04-14 22:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-14 22:50:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2008-04-14 22:50:06 | 001,025,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browseui.dll
MOD - [2008-04-14 22:50:06 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\batmeter.dll
MOD - [2008-04-14 22:50:04 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\atl.dll
MOD - [2008-04-14 22:50:00 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2008-04-14 22:50:00 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll
MOD - [2008-04-14 22:49:58 | 000,143,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\adsldpc.dll
MOD - [2008-04-14 22:49:56 | 001,852,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\acgenral.dll
MOD - [2008-04-14 22:49:56 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\activeds.dll
MOD - [2008-04-14 22:49:56 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\actxprxy.dll
MOD - [2008-04-14 22:49:16 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2008-04-14 22:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008-04-14 22:29:10 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
MOD - [2008-04-14 22:28:40 | 001,724,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5512_x-ww_dfb54e0c\GdiPlus.dll
MOD - [2008-04-14 00:08:00 | 002,953,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\xpsp2res.dll
MOD - [2008-04-13 23:07:58 | 000,208,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsaenh.dll
MOD - [2007-06-26 12:22:42 | 000,081,997 | ---- | M] () -- C:\Program Files\USB TV\EM28XX\BDARemote.exe
MOD - [2003-10-08 10:41:10 | 000,057,344 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
MOD - [2001-10-26 19:30:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.drv
MOD - [2001-10-26 19:29:40 | 000,163,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleacc.dll
MOD - [2001-10-26 19:27:00 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lz32.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]


[color=#E56717]========== Driver Services (SafeList) ==========[/color]


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-299502267-725345543-839522115-1004\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-299502267-725345543-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.10: C:\Program Files\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.0.0.1: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-12-03 10:24:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2012-01-16 18:49:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins

[2011-11-11 22:14:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\byku\Dane aplikacji\Mozilla\Extensions
[2012-01-12 06:33:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\byku\Dane aplikacji\Mozilla\Firefox\Profiles\9ssqyz7i.default\extensions
[2012-01-12 06:33:24 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Documents and Settings\byku\Dane aplikacji\Mozilla\Firefox\Profiles\9ssqyz7i.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\16.0.912.75\gcswf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\16.0.912.75\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\16.0.912.75\pdf.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Angry Birds = C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.1.2.1_0\
CHR - Extension: avast! WebRep = C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1374_0\

O1 HOSTS File: ([2011-04-24 22:58:30 | 000,001,211 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
O1 - Hosts: 127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com
O1 - Hosts: 127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
O1 - Hosts: 127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-299502267-725345543-839522115-1004\..\Toolbar\ShellBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-299502267-725345543-839522115-1004\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BambooCore] C:\Program Files\Bamboo Dock\BambooCore.exe ()
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] D:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKU\S-1-5-21-299502267-725345543-839522115-1004..\Run: [AdobeBridge] File not found
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\BDARemote.lnk = C:\Program Files\USB TV\EM28XX\BDARemote.exe ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-299502267-725345543-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{097D05FB-A327-48FA-AEC0-770C50B87E85}: NameServer = 217.30.129.149 217.30.137.200
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011-11-11 21:43:16 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found


SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: Hamachi2Svc - D:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2012-01-20 12:54:48 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\byku\Pulpit\OTL.exe
[2012-01-19 21:07:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Pulpit\projekt-8H67hj7
[2012-01-18 15:53:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Pulpit\workdarmoweszablony_eu
[2012-01-18 13:00:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\IrfanView
[2012-01-18 11:19:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Dane aplikacji\BabylonToolbar
[2012-01-17 10:29:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Dane aplikacji\Notepad++
[2012-01-17 10:26:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Notepad++
[2012-01-16 20:58:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\FLEXnet
[2012-01-16 20:43:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2012-01-16 18:13:03 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012-01-16 17:30:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Pulpit\Strona www
[2012-01-14 20:31:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Dane aplikacji\T-D-B
[2012-01-08 18:40:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\nview
[2012-01-08 18:40:05 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2012-01-08 16:21:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Menu Start\Programy\Terraria
[2012-01-08 08:51:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\NVIDIA
[2012-01-07 14:28:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\MixMeister
[2012-01-07 14:23:33 | 000,000,000 | ---D | C] -- C:\Program Files\BabylonToolbar
[2012-01-07 14:23:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Babylon
[2012-01-07 13:24:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Menu Start\Programy\Steam
[2012-01-06 23:41:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Dane aplikacji\ATI
[2012-01-06 23:16:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages
[2012-01-06 23:15:26 | 000,000,000 | ---D | C] -- C:\Program Files\USB TV
[2012-01-06 23:13:34 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2012-01-06 22:37:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\riotsGamesLogs
[2012-01-06 21:59:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Dane aplikacji\LolClient
[2012-01-06 15:36:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\PMB Files
[2012-01-06 15:35:43 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks
[2012-01-06 13:01:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AMMYY
[2012-01-04 17:29:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Dane aplikacji\gtk-2.0
[2012-01-04 17:29:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\.thumbnails
[2012-01-04 17:27:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\.gimp-2.6
[2012-01-04 17:27:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Moje dokumenty\gegl-0.0
[2012-01-02 20:12:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Dane aplikacji\Adobe Mini Bridge CS5.1
[2012-01-02 20:12:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Dane aplikacji\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011-12-31 12:54:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Pulpit\moje prace
[2011-12-29 10:58:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Dane aplikacji\Ambient Design
[2011-12-29 09:16:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\ArtRage 2
[2011-12-29 09:01:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Wacom
[2011-12-29 09:01:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Bamboo Dock
[2011-12-29 09:00:48 | 000,000,000 | ---D | C] -- C:\Program Files\Bamboo Dock
[2011-12-28 11:43:45 | 001,107,832 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\System32\Pen_Touch_Tablet.dll
[2011-12-28 11:43:36 | 000,000,000 | ---D | C] -- C:\Program Files\TabletPlugins
[2011-12-28 11:43:34 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Bamboo
[2011-12-28 11:43:25 | 000,011,312 | ---- | C] (Wacom Technology) -- C:\WINDOWS\System32\drivers\wacommousefilter.sys
[2011-12-28 11:43:13 | 000,014,120 | ---- | C] (Wacom Technology) -- C:\WINDOWS\System32\drivers\wacomvhid.sys
[2011-12-28 11:43:10 | 001,369,464 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\System32\Pen_Tablet.dll
[2011-12-28 11:43:10 | 001,156,472 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\System32\Wintab32.dll
[2011-12-28 11:43:10 | 001,152,888 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\System32\WacomMT.dll
[2011-12-28 11:43:06 | 000,000,000 | ---D | C] -- C:\Program Files\Tablet
[2011-12-27 20:00:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\Identities
[2011-12-27 19:58:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Dane aplikacji\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1
[2011-12-27 18:57:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\SYSTEMAX Software Development
[2011-12-27 18:56:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Dane aplikacji\SYSTEMAX Software Development
[2011-12-27 18:19:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Dane aplikacji\Wacom
[2011-12-27 18:19:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Dane aplikacji\WTablet
[2011-12-27 17:46:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Application Data
[2011-12-27 17:27:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2011-12-27 17:21:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2011-12-27 17:21:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl
[2011-12-27 17:21:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2011-12-27 17:18:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2011-12-27 17:15:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2011-12-27 17:11:36 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2011-12-24 13:32:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2011-12-24 13:32:40 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft XNA
[2011-12-24 13:09:32 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2011-12-23 19:07:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Skype
[2011-12-23 18:47:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Menu Start\Programy\Skype
[2011-12-23 18:47:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\Skype
[2011-12-18 21:32:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Ubisoft
[2011-12-17 19:47:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Pulpit\skin do osu
[2011-12-17 12:32:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Pulpit\zdjecia projekty photoshop, fl studio muzyka
[2011-12-16 15:18:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Moje dokumenty\OnLive App
[2011-12-16 13:51:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Dane aplikacji\TS3Client
[2011-12-16 13:50:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\TeamSpeak 3 Client
[2011-12-14 17:53:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\osu!
[2011-12-14 17:52:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Dane aplikacji\Downloaded Installations
[2011-12-11 16:56:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Moje dokumenty\Max Payne 2 Savegames
[2011-12-10 10:21:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Moje dokumenty\NFS Carbon
[2011-12-08 16:06:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\YAMAHA
[2011-12-08 15:53:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\YAMAHA
[2011-12-08 15:48:24 | 000,000,000 | ---D | C] -- C:\Program Files\Yamaha
[2011-12-03 15:19:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\regid.1986-12.com.adobe
[2011-11-29 18:52:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Moje dokumenty\Test Drive Unlimited
[2011-11-29 18:52:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Moje dokumenty\JustCause
[2011-11-29 18:52:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Moje dokumenty\Hitman Blood Money
[2011-11-29 18:51:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Moje dokumenty\GTA San Andreas User Files
[2011-11-29 18:45:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\reFX
[2011-11-29 18:36:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\reFX
[2011-11-29 18:36:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Digidesign
[2011-11-29 18:36:39 | 001,332,224 | ---- | C] (AD © 2009) -- C:\WINDOWS\System32\SYNSOEMU.DLL
[2011-11-29 18:32:16 | 000,225,280 | ---- | C] (Propellerhead Software AB) -- C:\WINDOWS\System32\rewire.dll
[2011-11-29 18:32:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Image-Line
[2011-11-29 18:31:46 | 000,000,000 | ---D | C] -- C:\Program Files\Image-Line
[2011-11-29 18:31:45 | 000,000,000 | ---D | C] -- C:\Program Files\Outsim
[2011-11-28 21:55:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\Incomedia
[2011-11-28 21:55:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Moje dokumenty\Incomedia
[2011-11-28 21:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl-PL
[2011-11-28 21:33:36 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2011-11-28 21:33:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2011-11-28 21:33:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-us
[2011-11-28 21:33:17 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2011-11-28 21:27:25 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 6.0
[2011-11-28 18:16:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\LightScribe Direct Disc Labeling
[2011-11-28 18:16:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LightScribe
[2011-11-28 18:16:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Nero
[2011-11-28 18:15:34 | 000,364,544 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\TwnLib4.dll
[2011-11-28 18:15:34 | 000,106,496 | ---- | C] (Pegasus Software) -- C:\WINDOWS\System32\TwnLib20.dll
[2011-11-28 18:15:29 | 001,568,768 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagX7.dll
[2011-11-28 18:15:29 | 000,476,320 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXpr7.dll
[2011-11-28 18:15:29 | 000,471,040 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXRA7.dll
[2011-11-28 18:15:29 | 000,262,144 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXR7.dll
[2011-11-28 18:15:27 | 000,155,648 | ---- | C] (Ahead Software Gmbh) -- C:\WINDOWS\System32\NeroCheck.exe
[2011-11-28 18:15:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Ahead
[2011-11-28 18:15:18 | 000,000,000 | ---D | C] -- C:\Program Files\Ahead
[2011-11-28 07:56:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\Adobe
[2011-11-26 18:42:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\EA GAMES
[2011-11-26 14:03:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Dane aplikacji\skypePM
[2011-11-25 22:04:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Dane aplikacji\Gadu-Gadu 10
[2011-11-25 22:03:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2011-11-25 22:03:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2011-11-25 11:38:51 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\CanonBJ
[2011-11-24 19:49:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2011-11-24 19:49:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Steam
[2011-11-24 16:18:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Free Pascal
[2011-11-22 16:03:44 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2011-11-21 21:32:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC
[2011-11-21 18:17:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Phyxion.net
[2011-11-21 18:05:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Pulpit\programy
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2012-01-20 12:58:12 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\byku\Pulpit\RSIT.exe
[2012-01-20 12:54:51 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\byku\Pulpit\OTL.exe
[2012-01-20 12:42:48 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2012-01-20 12:42:45 | 000,186,903 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012-01-20 12:42:31 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012-01-20 12:42:29 | 1610,145,792 | -HS- | M] () -- C:\hiberfil.sys
[2012-01-20 12:41:57 | 003,670,016 | -H-- | M] () -- C:\Documents and Settings\byku\NTUSER.DAT
[2012-01-20 12:41:57 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\byku\ntuser.ini
[2012-01-20 12:41:50 | 004,282,828 | -H-- | M] () -- C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2012-01-20 10:21:14 | 000,001,128 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-299502267-725345543-839522115-1004UA.job
[2012-01-19 22:21:01 | 000,001,076 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-299502267-725345543-839522115-1004Core.job
[2012-01-18 13:00:05 | 000,000,577 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\IrfanView.lnk
[2012-01-18 11:01:49 | 000,000,523 | ---- | M] () -- C:\Documents and Settings\byku\Pulpit\link polecający.rtf
[2012-01-18 08:53:44 | 000,000,354 | ---- | M] () -- C:\Documents and Settings\byku\Pulpit\znaczniki.rtf
[2012-01-17 14:25:58 | 000,015,608 | ---- | M] () -- C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2012-01-17 10:26:41 | 000,000,628 | ---- | M] () -- C:\Documents and Settings\byku\Pulpit\Notepad++.lnk
[2012-01-16 22:35:16 | 003,609,032 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-01-14 15:19:30 | 000,186,008 | ---- | M] () -- C:\Documents and Settings\byku\Pulpit\sasuke2.png
[2012-01-14 10:49:20 | 000,014,477 | ---- | M] () -- C:\Documents and Settings\byku\Pulpit\ustawienia do tabletu.PNG
[2012-01-13 21:26:10 | 000,005,965 | ---- | M] () -- C:\Documents and Settings\byku\.recently-used.xbel
[2012-01-13 21:11:46 | 000,153,048 | ---- | M] () -- C:\Documents and Settings\byku\Moje dokumenty\ts3_clientui-win32-1321432557-2012-01-13 21_11_45.750000.dmp
[2012-01-12 16:52:12 | 000,019,742 | ---- | M] () -- C:\Documents and Settings\byku\Pulpit\handtingling.jpg
[2012-01-08 18:39:02 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012-01-08 18:24:15 | 000,000,206 | ---- | M] () -- C:\WINDOWS\WININIT.INI
[2012-01-08 13:03:20 | 000,000,714 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\BDARemote.lnk
[2012-01-08 13:03:20 | 000,000,702 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\BDARemote.lnk
[2012-01-07 20:34:05 | 000,002,295 | ---- | M] () -- C:\Documents and Settings\byku\Pulpit\Google Chrome.lnk
[2012-01-07 14:23:35 | 000,000,237 | ---- | M] () -- C:\user.js
[2012-01-06 23:18:35 | 000,000,000 | ---- | M] () -- C:\WINDOWS\ativpsrm.bin
[2012-01-06 13:01:39 | 000,718,640 | ---- | M] () -- C:\Documents and Settings\byku\Pulpit\AA_v3.exe
[2012-01-04 20:36:57 | 000,162,405 | ---- | M] () -- C:\Documents and Settings\byku\Pulpit\logooooo.xcf
[2012-01-03 21:13:35 | 000,000,132 | ---- | M] () -- C:\Documents and Settings\byku\Dane aplikacji\Preferencje Adobe CS5 dla formatu PNG
[2011-12-31 13:03:47 | 000,107,014 | ---- | M] () -- C:\Documents and Settings\byku\Pulpit\gimpforkoser.jpg
[2011-12-29 09:16:33 | 000,000,699 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\ArtRage.lnk
[2011-12-29 09:01:25 | 000,000,880 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Bamboo Dock.lnk
[2011-12-27 17:30:12 | 000,578,990 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2011-12-27 17:30:12 | 000,514,840 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011-12-27 17:30:12 | 000,115,258 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2011-12-27 17:30:12 | 000,092,230 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011-12-27 17:30:12 | 000,006,546 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2011-12-27 17:29:52 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2011-12-27 17:27:55 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011-12-27 17:14:29 | 000,251,152 | RHS- | M] () -- C:\ntldr
[2011-12-23 19:07:30 | 000,002,177 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2011-12-20 21:22:27 | 000,005,632 | ---- | M] () -- C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-12-18 17:48:23 | 000,030,215 | ---- | M] () -- C:\Documents and Settings\byku\Moje dokumenty\ts3_clientui-win32-1321432557-2011-12-18 17_48_23.718750.dmp
[2011-12-18 17:46:13 | 000,164,222 | ---- | M] () -- C:\Documents and Settings\byku\Moje dokumenty\ts3_clientui-win32-1321432557-2011-12-18 17_46_12.796875.dmp
[2011-12-18 17:46:13 | 000,163,718 | ---- | M] () -- C:\Documents and Settings\byku\Moje dokumenty\ts3_clientui-win32-1321432557-2011-12-18 17_46_13.687500.dmp
[2011-12-18 17:46:13 | 000,159,014 | ---- | M] () -- C:\Documents and Settings\byku\Moje dokumenty\ts3_clientui-win32-1321432557-2011-12-18 17_46_12.781250.dmp
[2011-12-18 12:11:18 | 000,000,811 | ---- | M] () -- C:\Documents and Settings\byku\Pulpit\cw02_5.pas
[2011-12-18 12:10:20 | 000,001,364 | ---- | M] () -- C:\Documents and Settings\byku\Pulpit\cw02_4.pas
[2011-12-18 11:44:44 | 000,000,932 | ---- | M] () -- C:\Documents and Settings\byku\Pulpit\cw02_3.pas
[2011-12-08 15:53:39 | 000,001,601 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Musicsoft Downloader.lnk
[2011-12-05 18:28:03 | 000,219,703 | ---- | M] () -- C:\Documents and Settings\byku\Moje dokumenty\nowa muza.flp
[2011-12-03 10:24:59 | 000,002,644 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011-11-30 22:08:49 | 000,940,804 | ---- | M] () -- C:\Documents and Settings\byku\Moje dokumenty\tapetawallpaper.psd
[2011-11-29 18:32:15 | 000,000,670 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\FL Studio 9.lnk
[2011-11-28 21:36:43 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011-11-28 19:01:25 | 000,041,184 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011-11-28 19:01:23 | 000,199,816 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011-11-28 18:53:35 | 000,314,456 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011-11-28 18:52:19 | 000,034,392 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011-11-28 18:52:16 | 000,052,952 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011-11-28 18:52:02 | 000,111,320 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011-11-28 18:51:59 | 000,105,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011-11-28 18:51:50 | 000,020,568 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011-11-28 18:48:49 | 000,030,808 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011-11-28 18:41:45 | 000,001,239 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nero StartSmart.lnk
[2011-11-28 18:41:45 | 000,000,954 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nero Online Upgrade.lnk
[2011-11-28 18:16:57 | 000,001,774 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\LightScribe.lnk
[2011-11-26 14:03:06 | 000,000,056 | -H-- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\ezsidmv.dat
[2011-11-21 22:07:44 | 000,472,576 | ---- | M] () -- C:\WINDOWS\Nvidia Omega Drivers v2.169.21 Uninstall.exe
[2011-11-21 18:16:25 | 000,000,331 | ---- | M] () -- C:\Documents and Settings\byku\Pulpit\Skrót do M@ti.lnk
[2011-11-21 18:16:08 | 000,000,275 | ---- | M] () -- C:\Documents and Settings\byku\Pulpit\Skrót do Dysk lokalny (D).lnk
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-01-20 12:58:12 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\byku\Pulpit\RSIT.exe
[2012-01-18 13:00:05 | 000,000,577 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\IrfanView.lnk
[2012-01-18 11:01:49 | 000,000,523 | ---- | C] () -- C:\Documents and Settings\byku\Pulpit\link polecający.rtf
[2012-01-18 08:53:44 | 000,000,354 | ---- | C] () -- C:\Documents and Settings\byku\Pulpit\znaczniki.rtf
[2012-01-17 10:26:41 | 000,000,628 | ---- | C] () -- C:\Documents and Settings\byku\Pulpit\Notepad++.lnk
[2012-01-16 20:55:30 | 000,000,732 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Photoshop CS4.lnk
[2012-01-16 20:53:53 | 000,000,706 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Bridge CS4.lnk
[2012-01-16 20:46:30 | 000,000,826 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Extension Manager CS4.lnk
[2012-01-16 20:45:33 | 000,001,104 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe ExtendScript Toolkit CS4.lnk
[2012-01-14 15:19:29 | 000,186,008 | ---- | C] () -- C:\Documents and Settings\byku\Pulpit\sasuke2.png
[2012-01-13 21:26:10 | 000,005,965 | ---- | C] () -- C:\Documents and Settings\byku\.recently-used.xbel
[2012-01-13 21:11:45 | 000,153,048 | ---- | C] () -- C:\Documents and Settings\byku\Moje dokumenty\ts3_clientui-win32-1321432557-2012-01-13 21_11_45.750000.dmp
[2012-01-12 16:52:14 | 000,019,742 | ---- | C] () -- C:\Documents and Settings\byku\Pulpit\handtingling.jpg
[2012-01-08 18:42:09 | 1610,145,792 | -HS- | C] () -- C:\hiberfil.sys
[2012-01-08 18:40:49 | 000,186,903 | ---- | C] () -- C:\WINDOWS\System32\nvapps.xml
[2012-01-08 18:40:47 | 000,018,070 | ---- | C] () -- C:\WINDOWS\System32\nvdisp.nvu
[2012-01-07 14:23:34 | 000,000,237 | ---- | C] () -- C:\user.js
[2012-01-06 23:18:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2012-01-06 23:15:50 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2012-01-06 23:15:50 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\psisrndr.ax
[2012-01-06 23:15:49 | 000,052,224 | ---- | C] () -- C:\WINDOWS\System32\msdvbnp.ax
[2012-01-06 23:15:26 | 000,000,702 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\BDARemote.lnk
[2012-01-06 23:14:11 | 000,017,917 | R--- | C] () -- C:\WINDOWS\atiogl.xml
[2012-01-06 13:01:30 | 000,718,640 | ---- | C] () -- C:\Documents and Settings\byku\Pulpit\AA_v3.exe
[2012-01-04 20:36:41 | 000,162,405 | ---- | C] () -- C:\Documents and Settings\byku\Pulpit\logooooo.xcf
[2011-12-31 13:28:16 | 000,014,477 | ---- | C] () -- C:\Documents and Settings\byku\Pulpit\ustawienia do tabletu.PNG
[2011-12-31 13:03:50 | 000,107,014 | ---- | C] () -- C:\Documents and Settings\byku\Pulpit\gimpforkoser.jpg
[2011-12-29 09:16:33 | 000,000,699 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\ArtRage.lnk
[2011-12-29 09:01:25 | 000,000,880 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Bamboo Dock.lnk
[2011-12-28 11:43:07 | 000,000,488 | ---- | C] () -- C:\WINDOWS\System32\PenTouchTabletUserDefaults.xml
[2011-12-28 11:43:07 | 000,000,488 | ---- | C] () -- C:\WINDOWS\System32\PenTabletUserDefaults.xml
[2011-12-27 17:15:08 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2011-12-27 17:15:06 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2011-12-27 17:15:04 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2011-12-23 19:07:18 | 000,002,177 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2011-12-18 17:48:23 | 000,030,215 | ---- | C] () -- C:\Documents and Settings\byku\Moje dokumenty\ts3_clientui-win32-1321432557-2011-12-18 17_48_23.718750.dmp
[2011-12-18 17:46:13 | 000,163,718 | ---- | C] () -- C:\Documents and Settings\byku\Moje dokumenty\ts3_clientui-win32-1321432557-2011-12-18 17_46_13.687500.dmp
[2011-12-18 17:46:12 | 000,164,222 | ---- | C] () -- C:\Documents and Settings\byku\Moje dokumenty\ts3_clientui-win32-1321432557-2011-12-18 17_46_12.796875.dmp
[2011-12-18 17:46:12 | 000,159,014 | ---- | C] () -- C:\Documents and Settings\byku\Moje dokumenty\ts3_clientui-win32-1321432557-2011-12-18 17_46_12.781250.dmp
[2011-12-18 12:11:20 | 000,000,811 | ---- | C] () -- C:\Documents and Settings\byku\Pulpit\cw02_5.pas
[2011-12-18 12:10:23 | 000,001,364 | ---- | C] () -- C:\Documents and Settings\byku\Pulpit\cw02_4.pas
[2011-12-18 11:44:47 | 000,000,932 | ---- | C] () -- C:\Documents and Settings\byku\Pulpit\cw02_3.pas
[2011-12-08 15:53:39 | 000,001,601 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Musicsoft Downloader.lnk
[2011-12-04 22:43:35 | 000,219,703 | ---- | C] () -- C:\Documents and Settings\byku\Moje dokumenty\nowa muza.flp
[2011-12-04 22:02:36 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\byku\Dane aplikacji\Preferencje Adobe CS5 dla formatu PNG
[2011-12-03 15:04:46 | 000,000,728 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Help.lnk
[2011-11-30 22:08:47 | 000,940,804 | ---- | C] () -- C:\Documents and Settings\byku\Moje dokumenty\tapetawallpaper.psd
[2011-11-29 18:52:14 | 008,053,069 | ---- | C] () -- C:\Documents and Settings\byku\Moje dokumenty\tapeta( darkness).psd
[2011-11-29 18:52:14 | 000,338,376 | ---- | C] () -- C:\Documents and Settings\byku\Moje dokumenty\avatar dla kamila.psd
[2011-11-29 18:32:15 | 000,000,670 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\FL Studio 9.lnk
[2011-11-28 18:41:45 | 000,001,239 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Nero StartSmart.lnk
[2011-11-28 18:16:57 | 000,001,774 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\LightScribe.lnk
[2011-11-28 18:16:41 | 000,000,954 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Nero Online Upgrade.lnk
[2011-11-26 14:03:06 | 000,000,056 | -H-- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\ezsidmv.dat
[2011-11-25 22:02:04 | 000,000,572 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Gadu-Gadu 10.lnk
[2011-11-21 22:07:44 | 000,472,576 | ---- | C] () -- C:\WINDOWS\Nvidia Omega Drivers v2.169.21 Uninstall.exe
[2011-11-21 20:43:35 | 000,000,122 | R--- | C] () -- C:\WINDOWS\System32\drivers\ramsed.bin
[2011-11-21 20:43:35 | 000,000,042 | R--- | C] () -- C:\WINDOWS\System32\drivers\jedireg.pat
[2011-11-21 20:43:34 | 000,001,024 | R--- | C] () -- C:\WINDOWS\System32\drivers\jedih2rx.bin
[2011-11-21 18:23:34 | 000,005,632 | ---- | C] () -- C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-11-21 18:16:25 | 000,000,331 | ---- | C] () -- C:\Documents and Settings\byku\Pulpit\Skrót do M@ti.lnk
[2011-11-21 18:16:08 | 000,000,275 | ---- | C] () -- C:\Documents and Settings\byku\Pulpit\Skrót do Dysk lokalny (D).lnk
[2011-11-20 08:06:35 | 000,000,206 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2011-11-12 20:05:42 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2011-11-12 20:05:31 | 000,650,752 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011-11-12 20:05:31 | 000,243,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011-11-12 20:05:31 | 000,074,752 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011-11-12 20:05:31 | 000,000,714 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2011-11-12 16:15:30 | 000,015,608 | ---- | C] () -- C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2011-11-12 14:56:38 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011-11-11 22:33:18 | 000,006,546 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2011-11-11 22:33:17 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011-11-11 22:31:39 | 004,282,828 | -H-- | C] () -- C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2011-11-11 22:30:20 | 003,609,032 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011-11-11 21:57:03 | 000,023,040 | R--- | C] () -- C:\WINDOWS\System32\drivers\GVCplDrv.sys
[2011-11-11 21:55:01 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2011-11-11 21:46:33 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011-11-11 21:43:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\control.ini
[2011-11-11 21:42:09 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2011-11-11 21:42:03 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2011-11-11 21:39:46 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011-11-11 21:39:34 | 000,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini
[2011-11-11 21:39:34 | 000,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini
[2011-11-11 21:38:48 | 000,026,717 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini
[2011-11-11 21:38:46 | 000,003,813 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini
[2011-10-25 21:21:48 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\OpenVideo.dll
[2011-10-25 21:21:34 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\OVDecoder.dll
[2008-05-16 14:01:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008-05-16 14:01:00 | 001,630,208 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2008-05-16 14:01:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008-05-16 14:01:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2008-05-16 14:01:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008-05-16 14:01:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008-05-16 14:01:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2008-05-16 14:01:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2008-05-16 14:01:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2007-06-02 10:46:32 | 000,153,840 | ---- | C] () -- C:\WINDOWS\System32\ARThumb.dll
[2004-08-04 01:56:48 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004-08-04 01:44:10 | 000,270,848 | ---- | C] () -- C:\WINDOWS\System32\sbe.dll
[2004-08-04 01:44:04 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo.dll
[2004-08-04 01:43:58 | 000,186,880 | ---- | C] () -- C:\WINDOWS\System32\encdec.dll
[2004-08-04 01:43:56 | 000,253,440 | ---- | C] () -- C:\WINDOWS\System32\compatui.dll
[2004-08-04 01:43:54 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\amstream.dll
[2004-08-04 01:43:16 | 000,733,696 | ---- | C] () -- C:\WINDOWS\System32\qedwipes.dll
[2004-08-03 23:51:32 | 000,053,920 | ---- | C] () -- C:\WINDOWS\System32\dosx.exe
[2004-08-03 23:48:52 | 000,003,346 | ---- | C] () -- C:\WINDOWS\System32\redir.exe
[2004-08-03 23:46:56 | 000,042,537 | ---- | C] () -- C:\WINDOWS\System32\keyboard.sys
[2004-08-03 23:45:34 | 000,033,936 | ---- | C] () -- C:\WINDOWS\System32\ntio.sys
[2004-08-03 23:45:16 | 000,035,424 | ---- | C] () -- C:\WINDOWS\System32\ntio412.sys
[2004-08-03 23:45:16 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio404.sys
[2004-08-03 23:45:14 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio804.sys
[2004-08-03 23:45:12 | 000,035,648 | ---- | C] () -- C:\WINDOWS\System32\ntio411.sys
[2004-08-02 15:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004-07-17 12:46:14 | 000,053,478 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.ini
[2004-07-17 12:34:48 | 000,355,112 | ---- | C] () -- C:\WINDOWS\System32\msjetoledb40.dll
[2001-10-26 19:29:40 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\scriptpw.dll
[2001-10-26 19:29:32 | 000,199,168 | ---- | C] () -- C:\WINDOWS\System32\ir32_32.dll
[2001-10-26 19:28:34 | 000,094,282 | ---- | C] () -- C:\WINDOWS\System32\msencode.dll
[2001-10-26 19:27:02 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\tsd32.dll
[2001-10-26 18:29:54 | 000,057,856 | ---- | C] () -- C:\WINDOWS\System32\dvdplay.exe
[2001-10-26 18:29:42 | 000,157,696 | ---- | C] () -- C:\WINDOWS\System32\paqsp.dll
[2001-10-26 18:15:16 | 000,578,990 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat
[2001-10-26 18:15:16 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat
[2001-10-26 18:15:16 | 000,115,258 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat
[2001-10-26 18:15:16 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat
[2001-10-26 18:15:10 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\vwipxspx.exe
[2001-10-26 18:15:08 | 000,011,859 | ---- | C] () -- C:\WINDOWS\System32\setver.exe
[2001-10-26 18:15:08 | 000,003,260 | ---- | C] () -- C:\WINDOWS\System32\nw16.exe
[2001-10-26 18:15:04 | 000,027,898 | ---- | C] () -- C:\WINDOWS\System32\ntdos.sys
[2001-10-26 18:14:58 | 000,007,116 | ---- | C] () -- C:\WINDOWS\System32\nlsfunc.exe
[2001-10-26 18:14:56 | 000,039,434 | ---- | C] () -- C:\WINDOWS\System32\mem.exe
[2001-10-26 18:14:54 | 000,014,913 | ---- | C] () -- C:\WINDOWS\System32\kb16.com
[2001-10-26 18:14:54 | 000,001,168 | ---- | C] () -- C:\WINDOWS\System32\loadfix.com
[2001-10-26 18:14:52 | 000,004,976 | ---- | C] () -- C:\WINDOWS\System32\himem.sys
[2001-10-26 18:14:50 | 000,019,806 | ---- | C] () -- C:\WINDOWS\System32\graphics.com
[2001-10-26 18:14:48 | 000,008,520 | ---- | C] () -- C:\WINDOWS\System32\exe2bin.exe
[2001-10-26 18:14:46 | 000,012,866 | ---- | C] () -- C:\WINDOWS\System32\edlin.exe
[2001-10-26 18:14:42 | 000,020,986 | ---- | C] () -- C:\WINDOWS\System32\debug.exe
[2001-10-26 18:14:38 | 000,051,823 | ---- | C] () -- C:\WINDOWS\System32\command.com
[2001-10-26 18:14:34 | 000,012,594 | ---- | C] () -- C:\WINDOWS\System32\append.exe
[2001-10-26 18:14:32 | 000,009,043 | ---- | C] () -- C:\WINDOWS\System32\ansi.sys
[2001-10-26 18:12:52 | 000,000,359 | ---- | C] () -- C:\WINDOWS\System32\prodspec.ini
[2001-10-26 17:45:26 | 000,016,024 | ---- | C] () -- C:\WINDOWS\System32\rsvp.ini
[2001-10-26 17:45:26 | 000,006,074 | ---- | C] () -- C:\WINDOWS\System32\rasctrs.ini
[2001-10-26 17:45:24 | 000,013,819 | ---- | C] () -- C:\WINDOWS\System32\pschdprf.ini
[2001-10-26 17:45:10 | 000,070,622 | ---- | C] () -- C:\WINDOWS\System32\edit.com
[2001-10-26 17:42:08 | 000,020,629 | ---- | C] () -- C:\WINDOWS\System32\mqperf.ini
[2001-10-26 17:42:08 | 000,002,992 | ---- | C] () -- C:\WINDOWS\System32\perfci.ini
[2001-10-26 17:42:08 | 000,002,890 | ---- | C] () -- C:\WINDOWS\System32\perfwci.ini
[2001-10-26 17:42:08 | 000,001,295 | ---- | C] () -- C:\WINDOWS\System32\perffilt.ini
[2001-08-23 15:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001-08-23 15:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001-08-17 23:35:10 | 000,000,817 | ---- | C] () -- C:\WINDOWS\System32\mscdexnt.exe
[2001-08-17 23:32:34 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\share.exe
[2001-08-17 23:32:34 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\fastopen.exe
[2001-08-17 23:31:56 | 000,042,809 | ---- | C] () -- C:\WINDOWS\System32\key01.sys
[2001-08-17 23:31:56 | 000,027,097 | ---- | C] () -- C:\WINDOWS\System32\country.sys
[2001-08-17 23:31:50 | 000,029,274 | ---- | C] () -- C:\WINDOWS\System32\ntdos412.sys
[2001-08-17 23:31:46 | 000,029,370 | ---- | C] () -- C:\WINDOWS\System32\ntdos411.sys
[2001-08-17 23:31:46 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos404.sys
[2001-08-17 23:31:44 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos804.sys
[2001-08-17 23:30:24 | 000,514,840 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001-08-17 23:30:24 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001-08-17 23:30:24 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001-08-17 23:30:22 | 000,092,230 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001-08-17 23:15:38 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001-08-17 23:13:24 | 000,002,656 | ---- | C] () -- C:\WINDOWS\System32\netware.drv
[2001-08-17 21:55:06 | 001,015,477 | ---- | C] () -- C:\WINDOWS\System32\esentprf.ini
[2001-07-22 04:25:18 | 000,001,405 | ---- | C] () -- C:\WINDOWS\msdfmap.ini
[2001-07-22 00:36:48 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001-07-22 00:36:04 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001-07-22 00:24:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2001-07-22 00:16:20 | 000,000,477 | ---- | C] () -- C:\WINDOWS\win.ini
[2001-07-22 00:15:52 | 000,000,231 | ---- | C] () -- C:\WINDOWS\system.ini
[2001-07-22 00:15:50 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\win87em.dll
[1996-04-03 20:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

[color=#E56717]========== LOP Check ==========[/color]

[2012-01-06 13:01:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AMMYY
[2011-11-11 22:08:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software
[2012-01-07 14:23:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Babylon
[2011-11-25 11:38:51 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\CanonBJ
[2011-11-12 22:19:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2011-11-25 22:03:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2012-01-06 17:01:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PMB Files
[2011-12-03 16:39:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\regid.1986-12.com.adobe
[2011-12-27 18:57:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SYSTEMAX Software Development
[2011-12-29 09:01:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Wacom
[2011-12-08 16:06:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\YAMAHA
[2011-12-24 13:00:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\byku\Dane aplikacji\.minecraft
[2011-12-29 10:58:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\byku\Dane aplikacji\Ambient Design
[2012-01-18 11:19:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\byku\Dane aplikacji\BabylonToolbar
[2011-12-18 21:21:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\byku\Dane aplikacji\DAEMON Tools Lite
[2011-12-14 17:52:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\byku\Dane aplikacji\Downloaded Installations
[2011-11-25 22:26:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\byku\Dane aplikacji\Gadu-Gadu 10
[2012-01-13 21:26:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\byku\Dane aplikacji\gtk-2.0
[2012-01-06 21:59:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\byku\Dane aplikacji\LolClient
[2011-11-14 17:58:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\byku\Dane aplikacji\Need for Speed World
[2012-01-17 10:29:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\byku\Dane aplikacji\Notepad++
[2012-01-02 20:12:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\byku\Dane aplikacji\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011-12-27 18:56:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\byku\Dane aplikacji\SYSTEMAX Software Development
[2012-01-14 20:31:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\byku\Dane aplikacji\T-D-B
[2011-12-16 15:15:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\byku\Dane aplikacji\TS3Client
[2012-01-14 15:35:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\byku\Dane aplikacji\uTorrent
[2011-12-27 18:19:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\byku\Dane aplikacji\Wacom
[2011-12-27 19:58:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\byku\Dane aplikacji\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2011-11-11 21:43:16 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2011-11-11 21:37:24 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2001-07-22 00:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2011-11-11 21:43:16 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2012-01-20 12:42:29 | 1610,145,792 | -HS- | M] () -- C:\hiberfil.sys
[2011-11-11 21:43:16 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2011-11-11 21:43:16 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004-08-03 23:38:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2011-12-27 17:14:29 | 000,251,152 | RHS- | M] () -- C:\ntldr
[2012-01-20 12:42:29 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[2012-01-07 14:23:35 | 000,000,237 | ---- | M] () -- C:\user.js


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2004-08-04 01:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys
[2008-04-14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008-04-14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2004-08-04 01:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2001-08-17 23:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2004-08-04 01:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe

< End of report >

[/log]

RSIT:

-log:
[log]Logfile of random's system information tool 1.09 (written by random/random)
Run by Prezes at 2012-01-20 13:02:46
Microsoft Windows XP Professional Dodatek Service Pack 3
System drive C: has 8 GB (31%) free of 26 GB
Total RAM: 1535 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:03:00, on 2012-01-20
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Tablet\Pen\Pen_TouchService.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
D:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Tablet\Pen\Pen_Tablet.exe
C:\Program Files\Tablet\Pen\Pen_Tablet.exe
C:\Documents and Settings\byku\Pulpit\RSIT.exe
C:\Program Files\trend micro\Prezes.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll
O2 - BHO: uTorrentBar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo0.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo0.dll
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "D:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [BambooCore] C:\Program Files\Bamboo Dock\BambooCore.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "D:\Program Files\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-21-299502267-725345543-839522115-1004\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'byku')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BDARemote.lnk = C:\Program Files\USB TV\EM28XX\BDARemote.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{097D05FB-A327-48FA-AEC0-770C50B87E85}: NameServer = 217.30.129.149 217.30.137.200
O17 - HKLM\System\CS1\Services\Tcpip\..\{097D05FB-A327-48FA-AEC0-770C50B87E85}: NameServer = 217.30.129.149 217.30.137.200
O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - D:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_Tablet.exe
O23 - Service: Wacom Consumer Touch Service (TouchServicePen) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_TouchService.exe

--
End of file - 5825 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-299502267-725345543-839522115-1004Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-299502267-725345543-839522115-1004UA.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Prezes\Dane aplikacji\Mozilla\Firefox\Profiles\gq0uzmt1.default

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.10]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files\TabletPlugins\npwacom.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@wacom.com/wtPlugin,version=2.0.0.1]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

D:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

D:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

D:\Program Files\Mozilla Firefox\searchplugins\
allegro-pl.xml
fbc-pl.xml
google.xml
merlin-pl.xml
pwn-pl.xml
wikipedia-pl.xml
wp-pl.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}]
Babylon toolbar helper - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll [2011-08-14 270960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
uTorrentBar Toolbar - C:\Program Files\uTorrentBar\prxtbuTo0.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-11-11 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-11-11 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - uTorrentBar Toolbar - C:\Program Files\uTorrentBar\prxtbuTo0.dll [2011-05-09 176936]
{98889811-442D-49dd-99D7-DC866BE87DBC} - Babylon Toolbar - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll [2011-08-14 237680]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2003-10-08 57344]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-11-28 3744552]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
"LogMeIn Hamachi Ui"=D:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2011-08-15 1955208]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"BambooCore"=C:\Program Files\Bamboo Dock\BambooCore.exe [2011-09-27 646232]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-16 13529088]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-05-16 86016]
"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Steam"=D:\Program Files\Steam\Steam.exe [2011-11-24 1242448]

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart
BDARemote.lnk - C:\Program Files\USB TV\EM28XX\BDARemote.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\Counter-Strike\hl.exe"="D:\Program Files\Counter-Strike\hl.exe:*:Enabled:Half-Life Launcher"
"D:\Program Files\uTorrent\uTorrent.exe"="D:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"D:\Program Files\Microsoft Games\Rise of Nations\thrones.exe"="D:\Program Files\Microsoft Games\Rise of Nations\thrones.exe:*:Enabled:Rise of Nations"
"D:\Program Files\Microsoft Games\Rise of Nations\patriots.exe"="D:\Program Files\Microsoft Games\Rise of Nations\patriots.exe:*:Enabled:Rise of Nations"
"D:\Program Files\Strogino CS Portal\Counter-Strike Source\hl2.exe"="D:\Program Files\Strogino CS Portal\Counter-Strike Source\hl2.exe:*:Enabled:hl2"
"D:\Program Files\Valve\hl.exe"="D:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"D:\Program Files\Steam\Steam.exe"="D:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"D:\Program Files\Gadu-Gadu 10\gg.exe"="D:\Program Files\Gadu-Gadu 10\gg.exe:*:Disabled:Gadu-Gadu 10"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Disabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Disabled:Uruchamia plik DLL jako aplikację"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"D:\Program Files\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe"="D:\Program Files\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe:*:Disabled:Stronghold Crusader"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Disabled:Microsoft DirectPlay Helper"
"D:\Program Files\Skype\Phone\Skype.exe"="D:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"D:\Program Files\Metinpirv\ForteMT2\Launcher.exe"="D:\Program Files\Metinpirv\ForteMT2\Launcher.exe:*:Disabled:Launcher"
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
"D:\Program Files\Steam\steamapps\byczekfgf\counter-strike\hl.exe"="D:\Program Files\Steam\steamapps\byczekfgf\counter-strike\hl.exe:*:Enabled:Counter-Strike"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"midi"=wdmaud.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"msacm.vorbis"=vorbis.acm
"midi2"=xgusb.cpl

======File associations======

.reg - open - "regedit.exe" "%1"

======List of files/folders created in the last 1 month======

2012-01-20 13:02:48 ----D---- C:\Program Files\trend micro
2012-01-20 13:02:46 ----D---- C:\rsit
2012-01-18 11:02:53 ----D---- C:\Documents and Settings\Prezes\Dane aplikacji\BabylonToolbar
2012-01-17 10:26:39 ----D---- C:\Documents and Settings\Prezes\Dane aplikacji\Notepad++
2012-01-16 20:58:16 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\FLEXnet
2012-01-16 20:46:16 ----D---- C:\Documents and Settings\Prezes\Dane aplikacji\Adobe
2012-01-16 20:43:13 ----D---- C:\Program Files\Common Files\Macrovision Shared
2012-01-16 18:13:03 ----SHD---- C:\Config.Msi
2012-01-08 18:42:09 ----ASH---- C:\hiberfil.sys
2012-01-08 18:40:47 ----D---- C:\WINDOWS\nview
2012-01-08 18:40:47 ----A---- C:\WINDOWS\system32\nvudisp.exe
2012-01-08 18:40:20 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2012-01-08 18:40:05 ----D---- C:\NVIDIA
2012-01-08 08:51:40 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\NVIDIA
2012-01-07 14:23:34 ----A---- C:\user.js
2012-01-07 14:23:33 ----D---- C:\Program Files\BabylonToolbar
2012-01-07 14:23:21 ----D---- C:\Documents and Settings\Prezes\Dane aplikacji\Babylon
2012-01-07 14:23:21 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Babylon
2012-01-06 23:16:24 ----D---- C:\WINDOWS\RegisteredPackages
2012-01-06 23:15:50 ----A---- C:\WINDOWS\system32\psisdecd.dll
2012-01-06 23:15:50 ----A---- C:\WINDOWS\system32\drivers\wstcodec.sys
2012-01-06 23:15:50 ----A---- C:\WINDOWS\system32\drivers\streamip.sys
2012-01-06 23:15:50 ----A---- C:\WINDOWS\system32\drivers\slip.sys
2012-01-06 23:15:50 ----A---- C:\WINDOWS\system32\drivers\ndisip.sys
2012-01-06 23:15:50 ----A---- C:\WINDOWS\system32\drivers\nabtsfec.sys
2012-01-06 23:15:49 ----A---- C:\WINDOWS\system32\drivers\mstee.sys
2012-01-06 23:15:49 ----A---- C:\WINDOWS\system32\drivers\msdv.sys
2012-01-06 23:15:49 ----A---- C:\WINDOWS\system32\drivers\mpe.sys
2012-01-06 23:15:49 ----A---- C:\WINDOWS\system32\drivers\ccdecode.sys
2012-01-06 23:15:49 ----A---- C:\WINDOWS\system32\drivers\bdasup.sys
2012-01-06 23:15:45 ----A---- C:\WINDOWS\system32\dxdllreg.exe
2012-01-06 23:15:26 ----D---- C:\Program Files\USB TV
2012-01-06 23:13:34 ----D---- C:\Program Files\ATI Technologies
2012-01-06 15:36:18 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\PMB Files
2012-01-06 15:35:43 ----D---- C:\Program Files\Pando Networks
2012-01-06 13:01:47 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\AMMYY
2011-12-29 10:48:58 ----D---- C:\Documents and Settings\Prezes\Dane aplikacji\com.livebrush.2205ABAA7E8202CDC1251B1FA1E879364B7BAB52.1
2011-12-29 09:16:41 ----D---- C:\Documents and Settings\Prezes\Dane aplikacji\Ambient Design
2011-12-29 09:01:25 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Wacom
2011-12-29 09:00:48 ----D---- C:\Program Files\Bamboo Dock
2011-12-29 08:56:51 ----A---- C:\WINDOWS\ntbtlog.txt
2011-12-28 11:43:45 ----A---- C:\WINDOWS\system32\Pen_Touch_Tablet.dll
2011-12-28 11:43:36 ----D---- C:\Program Files\TabletPlugins
2011-12-28 11:43:25 ----A---- C:\WINDOWS\system32\drivers\wacommousefilter.sys
2011-12-28 11:43:13 ----A---- C:\WINDOWS\system32\drivers\wacomvhid.sys
2011-12-28 11:43:10 ----A---- C:\WINDOWS\system32\Wintab32.dll
2011-12-28 11:43:10 ----A---- C:\WINDOWS\system32\WacomMT.dll
2011-12-28 11:43:10 ----A---- C:\WINDOWS\system32\Pen_Tablet.dll
2011-12-28 11:43:06 ----D---- C:\Program Files\Tablet
2011-12-27 18:57:05 ----D---- C:\Documents and Settings\Prezes\Dane aplikacji\SYSTEMAX Software Development
2011-12-27 18:57:05 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\SYSTEMAX Software Development
2011-12-27 18:15:32 ----D---- C:\Documents and Settings\Prezes\Dane aplikacji\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1
2011-12-27 18:14:36 ----D---- C:\Documents and Settings\Prezes\Dane aplikacji\WTablet
2011-12-27 18:06:10 ----D---- C:\Documents and Settings\Prezes\Dane aplikacji\Wacom
2011-12-27 17:29:10 ----A---- C:\WINDOWS\OEWABLog.txt
2011-12-27 17:27:36 ----D---- C:\WINDOWS\Prefetch
2011-12-27 17:23:07 ----A---- C:\WINDOWS\setuplog.txt
2011-12-27 17:22:10 ----N---- C:\WINDOWS\system32\smtpapi.dll
2011-12-27 17:22:10 ----N---- C:\WINDOWS\system32\rwnh.dll
2011-12-27 17:22:10 ----N---- C:\WINDOWS\system32\drivers\irbus.sys
2011-12-27 17:22:10 ----N---- C:\WINDOWS\system32\comsdupd.exe
2011-12-27 17:22:08 ----N---- C:\WINDOWS\system32\ati3duag.dll
2011-12-27 17:22:08 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2011-12-27 17:22:08 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2011-12-27 17:22:08 ----N---- C:\WINDOWS\system32\aaclient.dll
2011-12-27 17:22:08 ----A---- C:\WINDOWS\system32\ati3d1ag.dll
2011-12-27 17:22:08 ----A---- C:\WINDOWS\system32\ati2dvaa.dll
2011-12-27 17:22:07 ----N---- C:\WINDOWS\system32\dot3ui.dll
2011-12-27 17:22:07 ----N---- C:\WINDOWS\system32\dot3svc.dll
2011-12-27 17:22:07 ----N---- C:\WINDOWS\system32\dot3msm.dll
2011-12-27 17:22:07 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2011-12-27 17:22:07 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2011-12-27 17:22:07 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2011-12-27 17:22:07 ----N---- C:\WINDOWS\system32\dot3api.dll
2011-12-27 17:22:07 ----N---- C:\WINDOWS\system32\dimsroam.dll
2011-12-27 17:22:07 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2011-12-27 17:22:07 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2011-12-27 17:22:07 ----N---- C:\WINDOWS\system32\credssp.dll
2011-12-27 17:22:07 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2011-12-27 17:22:07 ----N---- C:\WINDOWS\system32\azroles.dll
2011-12-27 17:22:07 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2011-12-27 17:22:07 ----A---- C:\WINDOWS\system32\ativtmxx.dll
2011-12-27 17:22:06 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2011-12-27 17:22:06 ----N---- C:\WINDOWS\system32\eapsvc.dll
2011-12-27 17:22:06 ----N---- C:\WINDOWS\system32\eapqec.dll
2011-12-27 17:22:06 ----N---- C:\WINDOWS\system32\eappprxy.dll
2011-12-27 17:22:06 ----N---- C:\WINDOWS\system32\eapphost.dll
2011-12-27 17:22:06 ----N---- C:\WINDOWS\system32\eappgnui.dll
2011-12-27 17:22:06 ----N---- C:\WINDOWS\system32\eappcfg.dll
2011-12-27 17:22:06 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2011-12-27 17:22:06 ----N---- C:\WINDOWS\system32\eapolqec.dll
2011-12-27 17:22:05 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2011-12-27 17:22:05 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2011-12-27 17:22:05 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2011-12-27 17:22:04 ----N---- C:\WINDOWS\system32\mmcperf.exe
2011-12-27 17:22:04 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2011-12-27 17:22:04 ----N---- C:\WINDOWS\system32\mmcex.dll
2011-12-27 17:22:04 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2011-12-27 17:22:04 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2011-12-27 17:22:04 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2011-12-27 17:22:04 ----N---- C:\WINDOWS\system32\kmsvc.dll
2011-12-27 17:22:04 ----N---- C:\WINDOWS\system32\kbdpash.dll
2011-12-27 17:22:03 ----N---- C:\WINDOWS\system32\qagent.dll
2011-12-27 17:22:03 ----N---- C:\WINDOWS\system32\onex.dll
2011-12-27 17:22:03 ----N---- C:\WINDOWS\system32\napstat.exe
2011-12-27 17:22:03 ----N---- C:\WINDOWS\system32\napmontr.dll
2011-12-27 17:22:03 ----N---- C:\WINDOWS\system32\napipsec.dll
2011-12-27 17:22:03 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2011-12-27 17:22:03 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2011-12-27 17:22:03 ----N---- C:\WINDOWS\system32\mssha.dll
2011-12-27 17:22:02 ----N---- C:\WINDOWS\system32\slserv.exe
2011-12-27 17:22:02 ----N---- C:\WINDOWS\system32\slrundll.exe
2011-12-27 17:22:02 ----N---- C:\WINDOWS\system32\slgen.dll
2011-12-27 17:22:02 ----N---- C:\WINDOWS\system32\slextspk.dll
2011-12-27 17:22:02 ----N---- C:\WINDOWS\system32\slcoinst.dll
2011-12-27 17:22:02 ----N---- C:\WINDOWS\system32\setupn.exe
2011-12-27 17:22:02 ----N---- C:\WINDOWS\system32\s3gnb.dll
2011-12-27 17:22:02 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2011-12-27 17:22:02 ----N---- C:\WINDOWS\system32\rasqec.dll
2011-12-27 17:22:02 ----N---- C:\WINDOWS\system32\qutil.dll
2011-12-27 17:22:02 ----N---- C:\WINDOWS\system32\qcliprov.dll
2011-12-27 17:22:02 ----N---- C:\WINDOWS\system32\qagentrt.dll
2011-12-27 17:22:01 ----N---- C:\WINDOWS\system32\xpsp3res.dll
2011-12-27 17:22:01 ----N---- C:\WINDOWS\system32\wlanapi.dll
2011-12-27 17:22:01 ----N---- C:\WINDOWS\system32\verclsid.exe
2011-12-27 17:22:01 ----N---- C:\WINDOWS\system32\tzchange.exe
2011-12-27 17:22:01 ----N---- C:\WINDOWS\system32\tspkg.dll
2011-12-27 17:22:01 ----N---- C:\WINDOWS\system32\tsgqec.dll
2011-12-27 17:22:00 ----N---- C:\WINDOWS\system32\xmllite.dll
2011-12-27 17:22:00 ----N---- C:\WINDOWS\slrundll.exe
2011-12-27 17:21:59 ----D---- C:\WINDOWS\l2schemas
2011-12-27 17:21:58 ----D---- C:\WINDOWS\system32\pl
2011-12-27 17:21:58 ----D---- C:\WINDOWS\system32\bits
2011-12-27 17:18:19 ----D---- C:\WINDOWS\ServicePackFiles
2011-12-27 17:15:12 ----N---- C:\WINDOWS\system32\drivers\adv11nt5.dll
2011-12-27 17:15:12 ----N---- C:\WINDOWS\system32\drivers\adv09nt5.dll
2011-12-27 17:15:12 ----N---- C:\WINDOWS\system32\drivers\adv08nt5.dll
2011-12-27 17:15:12 ----N---- C:\WINDOWS\system32\drivers\adv07nt5.dll
2011-12-27 17:15:12 ----N---- C:\WINDOWS\system32\drivers\adv05nt5.dll
2011-12-27 17:15:12 ----N---- C:\WINDOWS\system32\drivers\adv02nt5.dll
2011-12-27 17:15:12 ----N---- C:\WINDOWS\system32\drivers\adv01nt5.dll
2011-12-27 17:15:12 ----D---- C:\WINDOWS\network diagnostic
2011-12-27 17:15:11 ----N---- C:\WINDOWS\system32\drivers\ati1rvxx.sys
2011-12-27 17:15:11 ----N---- C:\WINDOWS\system32\drivers\ati1raxx.sys
2011-12-27 17:15:11 ----N---- C:\WINDOWS\system32\drivers\ati1pdxx.sys
2011-12-27 17:15:11 ----N---- C:\WINDOWS\system32\drivers\ati1mdxx.sys
2011-12-27 17:15:11 ----N---- C:\WINDOWS\system32\drivers\ati1btxx.sys
2011-12-27 17:15:11 ----N---- C:\WINDOWS\system32\drivers\amdagp.sys
2011-12-27 17:15:11 ----N---- C:\WINDOWS\system32\drivers\alim1541.sys
2011-12-27 17:15:11 ----N---- C:\WINDOWS\system32\drivers\agpcpq.sys
2011-12-27 17:15:11 ----N---- C:\WINDOWS\system32\drivers\agp440.sys
2011-12-27 17:15:10 ----N---- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2011-12-27 17:15:10 ----N---- C:\WINDOWS\system32\drivers\ati1xsxx.sys
2011-12-27 17:15:10 ----N---- C:\WINDOWS\system32\drivers\ati1xbxx.sys
2011-12-27 17:15:10 ----N---- C:\WINDOWS\system32\drivers\ati1tuxx.sys
2011-12-27 17:15:10 ----N---- C:\WINDOWS\system32\drivers\ati1ttxx.sys
2011-12-27 17:15:10 ----N---- C:\WINDOWS\system32\drivers\ati1snxx.sys
2011-12-27 17:15:10 ----A---- C:\WINDOWS\system32\drivers\ati2mtag.sys
2011-12-27 17:15:09 ----N---- C:\WINDOWS\system32\drivers\atinxbxx.sys
2011-12-27 17:15:09 ----N---- C:\WINDOWS\system32\drivers\atintuxx.sys
2011-12-27 17:15:09 ----N---- C:\WINDOWS\system32\drivers\atinttxx.sys
2011-12-27 17:15:09 ----N---- C:\WINDOWS\system32\drivers\atinsnxx.sys
2011-12-27 17:15:09 ----N---- C:\WINDOWS\system32\drivers\atinrvxx.sys
2011-12-27 17:15:09 ----N---- C:\WINDOWS\system32\drivers\atinraxx.sys
2011-12-27 17:15:09 ----N---- C:\WINDOWS\system32\drivers\atinpdxx.sys
2011-12-27 17:15:09 ----N---- C:\WINDOWS\system32\drivers\atinmdxx.sys
2011-12-27 17:15:09 ----N---- C:\WINDOWS\system32\drivers\atinbtxx.sys
2011-12-27 17:15:08 ----N---- C:\WINDOWS\system32\drivers\atv04nt5.dll
2011-12-27 17:15:08 ----N---- C:\WINDOWS\system32\drivers\atv02nt5.dll
2011-12-27 17:15:08 ----N---- C:\WINDOWS\system32\drivers\atv01nt5.dll
2011-12-27 17:15:08 ----N---- C:\WINDOWS\system32\drivers\atinxsxx.sys
2011-12-27 17:15:07 ----N---- C:\WINDOWS\system32\drivers\bthusb.sys
2011-12-27 17:15:07 ----N---- C:\WINDOWS\system32\drivers\bthprint.sys
2011-12-27 17:15:07 ----N---- C:\WINDOWS\system32\drivers\bthport.sys
2011-12-27 17:15:07 ----N---- C:\WINDOWS\system32\drivers\bthpan.sys
2011-12-27 17:15:07 ----N---- C:\WINDOWS\system32\drivers\bthmodem.sys
2011-12-27 17:15:07 ----N---- C:\WINDOWS\system32\drivers\bthenum.sys
2011-12-27 17:15:07 ----N---- C:\WINDOWS\system32\drivers\atv10nt5.dll
2011-12-27 17:15:07 ----N---- C:\WINDOWS\system32\drivers\atv06nt5.dll
2011-12-27 17:15:06 ----N---- C:\WINDOWS\system32\drivers\hsfcxts2.sys
2011-12-27 17:15:06 ----N---- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
2011-12-27 17:15:06 ----N---- C:\WINDOWS\system32\drivers\hidir.sys
2011-12-27 17:15:06 ----N---- C:\WINDOWS\system32\drivers\hidbth.sys
2011-12-27 17:15:06 ----N---- C:\WINDOWS\system32\drivers\hdaudbus.sys
2011-12-27 17:15:06 ----N---- C:\WINDOWS\system32\drivers\gagp30kx.sys
2011-12-27 17:15:06 ----N---- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
2011-12-27 17:15:05 ----N---- C:\WINDOWS\system32\drivers\mdmxsdk.sys
2011-12-27 17:15:05 ----N---- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2011-12-27 17:15:04 ----N---- C:\WINDOWS\system32\drivers\recagent.sys
2011-12-27 17:15:04 ----N---- C:\WINDOWS\system32\drivers\ntmtlfax.sys
2011-12-27 17:15:04 ----N---- C:\WINDOWS\system32\drivers\mutohpen.sys
2011-12-27 17:15:04 ----N---- C:\WINDOWS\system32\drivers\mtxparhm.sys
2011-12-27 17:15:04 ----N---- C:\WINDOWS\system32\drivers\mtlstrm.sys
2011-12-27 17:15:04 ----N---- C:\WINDOWS\system32\drivers\mtlmnt5.sys
2011-12-27 17:15:03 ----N---- C:\WINDOWS\system32\drivers\slnthal.sys
2011-12-27 17:15:03 ----N---- C:\WINDOWS\system32\drivers\slntamr.sys
2011-12-27 17:15:03 ----N---- C:\WINDOWS\system32\drivers\slnt7554.sys
2011-12-27 17:15:03 ----N---- C:\WINDOWS\system32\drivers\sisagp.sys
2011-12-27 17:15:03 ----N---- C:\WINDOWS\system32\drivers\siint5.dll
2011-12-27 17:15:03 ----N---- C:\WINDOWS\system32\drivers\sffp_mmc.sys
2011-12-27 17:15:03 ----N---- C:\WINDOWS\system32\drivers\s3gnbm.sys
2011-12-27 17:15:03 ----N---- C:\WINDOWS\system32\drivers\rndismpx.sys
2011-12-27 17:15:03 ----N---- C:\WINDOWS\system32\drivers\rfcomm.sys
2011-12-27 17:15:02 ----N---- C:\WINDOWS\system32\drivers\wadv07nt.sys
2011-12-27 17:15:02 ----N---- C:\WINDOWS\system32\drivers\wacompen.sys
2011-12-27 17:15:02 ----N---- C:\WINDOWS\system32\drivers\viaagp.sys
2011-12-27 17:15:02 ----N---- C:\WINDOWS\system32\drivers\vchnt5.dll
2011-12-27 17:15:02 ----N---- C:\WINDOWS\system32\drivers\usbvideo.sys
2011-12-27 17:15:02 ----N---- C:\WINDOWS\system32\drivers\usb8023x.sys
2011-12-27 17:15:02 ----N---- C:\WINDOWS\system32\drivers\uagp35.sys
2011-12-27 17:15:02 ----N---- C:\WINDOWS\system32\drivers\smbali.sys
2011-12-27 17:15:02 ----N---- C:\WINDOWS\system32\drivers\slwdmsup.sys
2011-12-27 17:15:01 ----N---- C:\WINDOWS\system32\drivers\watv10nt.sys
2011-12-27 17:15:01 ----N---- C:\WINDOWS\system32\drivers\watv06nt.sys
2011-12-27 17:15:01 ----N---- C:\WINDOWS\system32\drivers\wadv11nt.sys
2011-12-27 17:15:01 ----N---- C:\WINDOWS\system32\drivers\wadv09nt.sys
2011-12-27 17:15:01 ----N---- C:\WINDOWS\system32\drivers\wadv08nt.sys
2011-12-27 17:13:44 ----A---- C:\WINDOWS\002898_.tmp
2011-12-27 17:11:36 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2011-12-24 13:32:46 ----D---- C:\WINDOWS\Logs
2011-12-24 13:32:40 ----D---- C:\Program Files\Microsoft XNA
2011-12-24 13:09:32 ----D---- C:\Program Files\Microsoft.NET

======List of files/folders modified in the last 1 month======

2012-01-20 13:02:48 ----RD---- C:\Program Files
2012-01-20 12:57:39 ----D---- C:\WINDOWS\Temp
2012-01-20 12:41:58 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-01-19 10:53:01 ----D---- C:\WINDOWS\system32\CatRoot2
2012-01-18 22:51:32 ----D---- C:\WINDOWS
2012-01-18 12:47:10 ----D---- C:\Program Files\Common Files\Steam
2012-01-18 11:36:10 ----D---- C:\WINDOWS\system32
2012-01-18 11:03:38 ----D---- C:\Program Files\uTorrentBar
2012-01-16 21:17:07 ----D---- C:\Program Files\Adobe
2012-01-16 20:55:39 ----SHD---- C:\WINDOWS\Installer
2012-01-16 20:54:25 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Adobe
2012-01-16 20:51:44 ----D---- C:\Program Files\Common Files\Adobe
2012-01-16 20:51:06 ----RSD---- C:\WINDOWS\Fonts
2012-01-16 20:43:13 ----D---- C:\Program Files\Common Files
2012-01-16 20:16:00 ----D---- C:\WINDOWS\WinSxS
2012-01-16 20:11:43 ----D---- C:\Documents and Settings\Prezes\Dane aplikacji\uTorrent
2012-01-16 19:28:09 ----D---- C:\Program Files\SpeedFan
2012-01-15 08:01:37 ----D---- C:\WINDOWS\system32\drivers
2012-01-08 20:11:39 ----D---- C:\WINDOWS\Minidump
2012-01-08 18:40:56 ----HD---- C:\WINDOWS\inf
2012-01-08 18:40:48 ----D---- C:\WINDOWS\Help
2012-01-08 18:40:43 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-01-08 18:24:59 ----RSD---- C:\WINDOWS\assembly
2012-01-08 18:24:15 ----A---- C:\WINDOWS\WININIT.INI
2012-01-08 13:04:23 ----D---- C:\WINDOWS\system32\DirectX
2012-01-08 09:19:03 ----D---- C:\WINDOWS\system32\ReinstallBackups
2012-01-07 15:13:05 ----HD---- C:\Program Files\InstallShield Installation Information
2012-01-04 16:52:32 ----SD---- C:\WINDOWS\Tasks
2011-12-27 17:30:12 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-12-27 17:26:41 ----D---- C:\WINDOWS\system32\Setup
2011-12-27 17:26:41 ----D---- C:\WINDOWS\AppPatch
2011-12-27 17:26:40 ----D---- C:\WINDOWS\system32\wbem
2011-12-27 17:26:15 ----D---- C:\WINDOWS\security
2011-12-27 17:26:11 ----D---- C:\WINDOWS\system32\CatRoot
2011-12-27 17:22:27 ----D---- C:\Program Files\Messenger
2011-12-27 17:22:24 ----D---- C:\Program Files\Windows Media Player
2011-12-27 17:22:11 ----D---- C:\WINDOWS\ehome
2011-12-27 17:22:10 ----D---- C:\WINDOWS\system32\inetsrv
2011-12-27 17:22:10 ----D---- C:\WINDOWS\ime
2011-12-27 17:22:00 ----D---- C:\WINDOWS\system32\pl-PL
2011-12-27 17:21:59 ----D---- C:\WINDOWS\system32\usmt
2011-12-27 17:21:59 ----D---- C:\Program Files\Internet Explorer
2011-12-27 17:21:58 ----D---- C:\WINDOWS\PeerNet
2011-12-27 17:21:58 ----D---- C:\Program Files\Movie Maker
2011-12-27 17:18:04 ----D---- C:\WINDOWS\system32\Restore
2011-12-27 17:18:04 ----D---- C:\WINDOWS\system32\npp
2011-12-27 17:18:01 ----D---- C:\WINDOWS\msagent
2011-12-27 17:17:58 ----D---- C:\WINDOWS\srchasst
2011-12-27 17:17:57 ----D---- C:\Program Files\NetMeeting
2011-12-27 17:17:55 ----D---- C:\WINDOWS\system32\Com
2011-12-27 17:17:51 ----D---- C:\Program Files\Windows NT
2011-12-27 17:17:51 ----D---- C:\Program Files\Outlook Express
2011-12-27 17:17:47 ----D---- C:\Program Files\Common Files\System
2011-12-27 17:17:21 ----D---- C:\WINDOWS\system32\oobe
2011-12-27 17:17:20 ----D---- C:\WINDOWS\system
2011-12-27 17:14:34 ----D---- C:\WINDOWS\Microsoft.NET
2011-12-27 17:09:01 ----D---- C:\WINDOWS\Debug
2011-12-24 13:32:42 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-12-24 13:09:42 ----D---- C:\WINDOWS\system32\en-us
2011-12-23 19:08:00 ----D---- C:\Documents and Settings\Prezes\Dane aplikacji\Skype
2011-12-23 19:07:10 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Skype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 giveio;giveio; C:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R0 nv_agp;NVIDIA nForce AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\nv_agp.sys [2002-09-06 13568]
R0 nvidesm;nvidesm; C:\WINDOWS\system32\drivers\nvidesm.sys [2002-11-13 20224]
R0 speedfan;speedfan; C:\WINDOWS\system32\speedfan.sys [2011-03-18 25240]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-11-28 30808]
R1 AmdK7;Sterownik procesora AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41856]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-11-28 34392]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-11-28 314456]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-11-28 52952]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2011-11-12 239168]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-11-28 20568]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-11-28 111320]
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2003-10-04 391552]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-10-09 475788]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 hidusb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Sterownik myszy HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-26 12160]
R3 ms_mpu401;Sterownik portu MIDI UART Microsoft MPU-401; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-16 6557408]
R3 NVENET;NVIDIA nForce MCP Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENET.sys [2002-11-27 80896]
R3 usbstor;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 wacommousefilter;Wacom Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\wacommousefilter.sys [2011-09-08 11312]
R3 wacomvhid;Wacom Virtual Hid Driver; C:\WINDOWS\system32\DRIVERS\wacomvhid.sys [2011-09-08 14120]
S3 GVCplDrv;GVCplDrv; C:\WINDOWS\system32\drivers\GVCplDrv.sys [2004-05-02 23040]
S3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Klasa PRINTER USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Sterownik skanera USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 YMIDUSB;Yamaha Corporation USB MIDI Driver; C:\WINDOWS\System32\Drivers\ymidusb.sys [2009-08-04 18560]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-11-28 44768]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; D:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2011-08-15 1361288]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-11-11 153376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-02-17 73728]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-16 159812]
R2 TabletServicePen;TabletServicePen; C:\Program Files\Tablet\Pen\Pen_Tablet.exe [2011-09-08 5554552]
R2 TouchServicePen;Wacom Consumer Touch Service; C:\Program Files\Tablet\Pen\Pen_TouchService.exe [2011-09-08 451960]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;„Usługa stanu ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-01-16 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2012-01-06 419624]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

[/log]
-info:
[log]info.txt logfile of random's system information tool 1.09 2012-01-20 13:03:03

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
µTorrent-->"D:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{FE23D063-934D-4829-A0D8-00634CE79B4A}
Adobe Anchor Service CS4-->MsiExec.exe /I{1618734A-3957-4ADD-8199-F973763109A8}
Adobe Bridge CS4-->MsiExec.exe /I{83877DB1-8B77-45BC-AB43-2BAC22E093E0}
Adobe CMaps CS4-->MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191}
Adobe Color - Photoshop Specific CS4-->MsiExec.exe /I{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}
Adobe Color EU Extra Settings CS4-->MsiExec.exe /I{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}
Adobe Color JA Extra Settings CS4-->MsiExec.exe /I{0D6013AB-A0C7-41DC-973C-E93129C9A29F}
Adobe Color NA Recommended Settings CS4-->MsiExec.exe /I{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}
Adobe Color Video Profiles CS CS4-->MsiExec.exe /I{63C24A08-70F3-4C8E-B9FB-9F21A903801D}
Adobe Community Help-->msiexec /qb /x {3521BDBD-D453-5D9F-AA55-44B75D214629}
Adobe Community Help-->MsiExec.exe /I{3521BDBD-D453-5D9F-AA55-44B75D214629}
Adobe CSI CS4-->MsiExec.exe /I{0F723FC1-7606-4867-866C-CE80AD292DAF}
Adobe Default Language CS4-->MsiExec.exe /I{C52E3EC1-048C-45E1-8D53-10B0C6509683}
Adobe ExtendScript Toolkit CS4-->MsiExec.exe /I{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}
Adobe Extension Manager CS4-->MsiExec.exe /I{054EFA56-2AC1-48F4-A883-0AB89874B972}
Adobe Flash Player 11 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil11e_Plugin.exe -maintain plugin
Adobe Fonts All-->MsiExec.exe /I{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}
Adobe Linguistics CS4-->MsiExec.exe /I{931AB7EA-3656-4BB7-864D-022B09E3DD67}
Adobe Output Module-->MsiExec.exe /I{BB4E33EC-8181-4685-96F7-8554293DEC6A}
Adobe PDF Library Files CS4-->MsiExec.exe /I{F93C84A6-0DC6-42AF-89FA-776F7C377353}
Adobe Photoshop CS4 Support-->MsiExec.exe /I{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}
Adobe Photoshop CS4-->C:\Program Files\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\Setup.exe --uninstall=1
Adobe Photoshop CS4-->MsiExec.exe /I{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}
Adobe Photoshop CS4-->MsiExec.exe /I{E4848436-0345-47E2-B648-8B522FCDA623}
Adobe Reader X (10.1.1)-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-AA1000000001}
Adobe Search for Help-->MsiExec.exe /I{F0E64E2E-3A60-40D8-A55D-92F6831875DA}
Adobe Service Manager Extension-->MsiExec.exe /I{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}
Adobe Setup-->MsiExec.exe /I{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}
Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}
Adobe Update Manager CS4-->MsiExec.exe /I{05308C4E-7285-4066-BAE3-6B50DA6ED755}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}
Adobe XMP Panels CS4-->MsiExec.exe /I{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}
AdobeColorCommonSetCMYK-->MsiExec.exe /I{68243FF8-83CA-466B-B2B8-9F99DA5479C4}
AdobeColorCommonSetRGB-->MsiExec.exe /I{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}
ArtRage 2-->MsiExec.exe /X{12766F00-807F-4978-8D24-FDD0A3D60EE4}
ASIO4ALL-->D:\Program Files\ASIO4ALL v2\uninstall.exe
avast! Free Antivirus-->C:\Program Files\AVAST Software\Avast\aswRunDll.exe "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
Babylon toolbar on IE-->"C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\uninstall.exe"
Bamboo Dock-->C:\Program Files\Bamboo Dock\uninst.exe
Bamboo Dock-->msiexec /qb /x {3AF8C37F-696E-871C-0851-CDE980FD665E}
Bamboo Dock-->MsiExec.exe /I{3AF8C37F-696E-871C-0851-CDE980FD665E}
Bamboo-->C:\Program Files\Tablet\Pen\32\Remove.exe /u
Connect-->MsiExec.exe /I{B29AD377-CC12-490A-A480-1452337C618D}
Counter-Strike 1.6 v32-->D:\Program Files\Counter-Strike\Uninstal.exe
Counter-Strike 1.6-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}\Setup.exe" -l0x19
Counter-Strike Source-->MsiExec.exe /X{99F5E794-74A2-469A-86F9-F7E953EF3D9E}
Counter-Strike-->"D:\Program Files\Steam\steam.exe" steam://uninstall/10
DAEMON Tools Lite-->D:\Program Files\DAEMON Tools Lite\uninst.exe
Driver Sweeper wersja 3.2.0-->"d:\Program Files\Phyxion.net\Driver Sweeper\unins000.exe"
DVD Decrypter (Remove Only)-->"D:\Program Files\DVD Decrypter\uninstall.exe"
EVEREST Home Edition v2.20-->"d:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe"
FL Studio 9-->D:\Program Files\Image-Line\FL Studio 9\uninstall.exe
Free Pascal 2.4.4-->"D:\Program Files\FPC\2.4.4\unins000.exe"
Gadu-Gadu 10-->D:\Program Files\Gadu-Gadu 10\Uninstall.exe
GameSpy Arcade-->D:\PROGRA~1\GAMESP~1\UNWISE.EXE D:\PROGRA~1\GAMESP~1\INSTALL.LOG
Hardcore-->C:\Program Files\Image-Line\Hardcore\uninstall.exe
IL Download Manager-->C:\Program Files\Image-Line\Downloader\uninstall.exe
IL Harmless-->D:\Program Files\Image-Line\IL Harmless\uninstall.exe
IrfanView (remove only)-->D:\Program Files\IrfanView\iv_uninstall.exe
Java(TM) 6 Update 29-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216029FF}
K-Lite Codec Pack 7.9.0 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
kuler-->MsiExec.exe /I{098727E1-775A-4450-B573-3F441F1CA243}
Livebrush Mini-->msiexec /qb /x {FD271FAB-2F69-6983-A6A4-828F357940C4}
Livebrush Mini-->MsiExec.exe /I{FD271FAB-2F69-6983-A6A4-828F357940C4}
LogMeIn Hamachi-->C:\WINDOWS\system32\\msiexec.exe /i {8BBB5E4C-3F5E-4C07-BFBE-33B34600783A} REMOVE=ALL
LogMeIn Hamachi-->MsiExec.exe /I{8BBB5E4C-3F5E-4C07-BFBE-33B34600783A}
Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - PLK-->MsiExec.exe /I{036FD544-AED6-3F33-856D-A2292D0CF471}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - PLK-->MsiExec.exe /I{7C77393F-8237-3825-A88A-AFAF3C69C072}
Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783}
Microsoft .NET Framework 3.5 Language Pack - plk-->MsiExec.exe /I{F31E509D-3597-324E-83CF-0C160B2320F0}
Microsoft .NET Framework 3.5-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setup.exe
Microsoft .NET Framework 3.5-->MsiExec.exe /I{2FC099BD-AC9B-33EB-809C-D332E1B27C40}
Microsoft .NET Framework 4 Client Profile PLK Language Pack-->MsiExec.exe /X{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}
Microsoft .NET Framework 4 Client Profile-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft .NET Framework 4 Extended PLK Language Pack-->MsiExec.exe /X{5C19E2DC-4CCF-3114-B40A-6E565987025F}
Microsoft .NET Framework 4 Extended-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\Setup.exe /repair /x86 /parameterfolder Extended
Microsoft .NET Framework 4 Extended-->MsiExec.exe /X{0A0CADCF-78DA-33C4-A350-CD51849B9702}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft XNA Framework Redistributable 4.0-->MsiExec.exe /I{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}
Microsoft_VC80_ATL_x86-->MsiExec.exe /I{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}
Microsoft_VC80_CRT_x86-->MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
Microsoft_VC80_MFC_x86-->MsiExec.exe /I{D1A19B02-817E-4296-A45B-07853FD74D57}
Microsoft_VC80_MFCLOC_x86-->MsiExec.exe /I{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}
Microsoft_VC90_ATL_x86-->MsiExec.exe /I{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}
Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403}
Microsoft_VC90_MFC_x86-->MsiExec.exe /I{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}
Microsoft_VC90_MFCLOC_x86-->MsiExec.exe /I{B6D38690-755E-4F40-A35A-23F8BC2B86AC}
MixMeister BPM Analyzer 1.0-->"D:\Program Files\MixMeister BPM Analyzer\unins000.exe"
Mozilla Firefox 9.0.1 (x86 pl)-->D:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
MSXML4 Parser-->MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE346E5DA13}
Nero OEM-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
Notepad++-->D:\Program Files\Notepad++\uninstall.exe
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
NVIDIA Windows 2000/XP nForce Drivers-->rundll32.exe C:\WINDOWS\system32\NVNFINST.DLL,NvUninstallCrush
osu!-->MsiExec.exe /X{C3592426-531E-4110-911D-BFECE2CE284C}
Pakiet językowy programu Microsoft .NET Framework 3.5 — PLK-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - plk\setup.exe
Pakiet sterowników systemu Windows - Advanced Micro Devices, Inc. (USB28xxBGA) Media (08/31/2007 5.7.0831.0)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst32.exe /u C:\WINDOWS\system32\DRVSTORE\embda_754491038463AF55DC013DBF40581C2B1BFEE429\embda.inf
Pakiet sterowników systemu Windows - eMPIA Technology Inc, (emAudio) MEDIA (08/31/2007 5.7.0831.0)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst32.exe /u C:\WINDOWS\system32\DRVSTORE\emaudio_754491038463AF55DC013DBF40581C2B1BFEE429\emaudio.inf
Pando Media Booster-->C:\Program Files\Pando Networks\Media Booster\uninst.exe
PDF Settings CS4-->MsiExec.exe /I{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}
Photoshop Camera Raw-->MsiExec.exe /I{CC75AB5C-2110-4A7F-AF52-708680D22FE8}
PoiZone-->C:\Program Files\Image-Line\PoiZone\uninstall.exe
Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1045 /parameterfolder ClientLP
Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\ExtendedLP\Setup.exe /repair /x86 /lcid 1045 /parameterfolder ExtendedLP
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE
reFX Nexus VSTi RTAS v2.2.0-->"D:\Program Files\VstPlugins\Uninstall Nexus\unins000.exe"
Rise of Nations-->"D:\Program Files\Microsoft Games\Rise of Nations\Uninstal.exe" /runtemp /uninstall
Sawer-->C:\Program Files\Image-Line\Sawer\uninstall.exe
Skype™ 4.2-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
Skype™ 5.5-->MsiExec.exe /X{AA59DDE4-B672-4621-A016-4C248204957A}
SpeedFan (remove only)-->"C:\Program Files\SpeedFan\uninstall.exe"
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Suite Shared Configuration CS4-->MsiExec.exe /I{842B4B72-9E8F-4962-B3C1-1C422A5C4434}
System Requirements Lab CYRI-->MsiExec.exe /I{1F77C418-2C90-459C-BD33-B56A4182B9FA}
TeamSpeak 3 Client-->"D:\Program Files\TeamSpeak 3 Client\uninstall.exe"
Toxic Biohazard-->C:\Program Files\Image-Line\Toxic Biohazard\uninstall.exe
USB Video Driver-->C:\Program Files\InstallShield Installation Information\{2758691A-2CDE-4942-A4AC-0E8F61FE2067}\setup.exe -runfromtemp -l0x0015 -removeonly
uTorrentBar Toolbar-->C:\Program Files\uTorrentBar\uninstall.exe
WebTablet FB Plugin-->"C:\Program Files\TabletPlugins\fbWTPUninstall.exe"
WebTablet IE Plugin-->"C:\Program Files\TabletPlugins\ieUninstall.exe" /S
WebTablet Netscape Plugin-->"C:\Program Files\TabletPlugins\npUninstall.exe" /S
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR 4.00 (32-bitowy)-->C:\Program Files\WinRAR\uninstall.exe
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
YAMAHA Musicsoft Downloader 5-->C:\Program Files\InstallShield Installation Information\{6D3C6846-CDB6-418F-8FDB-DA21FE064F86}\setup.exe -runfromtemp -l0x0009 -removeonly
Yamaha USB-MIDI Driver-->MsiExec.exe /X{271A659B-A7D3-405E-AE31-3086133BE0B7}

======Hosts File======

127.0.0.1 localhost
127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com
127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net

======System event log======

Computer Name: PREZES-EBA774DE
Event Code: 7036
Message: Usługa Usługa odnajdywania SSDP weszła w stan uruchomienia.

Record Number: 7204
Source Name: Service Control Manager
Time Written: 20120108200410.000000+060
Event Type: informacje
User:

Computer Name: PREZES-EBA774DE
Event Code: 7036
Message: Usługa Rozpoznawanie lokalizacji w sieci (NLA) weszła w stan uruchomienia.

Record Number: 7203
Source Name: Service Control Manager
Time Written: 20120108200410.000000+060
Event Type: informacje
User:

Computer Name: PREZES-EBA774DE
Event Code: 7035
Message: Do usługi Rozpoznawanie lokalizacji w sieci (NLA) został pomyślnie wysłany kod sterowania uruchom.

Record Number: 7202
Source Name: Service Control Manager
Time Written: 20120108200410.000000+060
Event Type: informacje
User: ZARZĄDZANIE NT\SYSTEM

Computer Name: PREZES-EBA774DE
Event Code: 7035
Message: Do usługi Usługa odnajdywania SSDP został pomyślnie wysłany kod sterowania uruchom.

Record Number: 7201
Source Name: Service Control Manager
Time Written: 20120108200410.000000+060
Event Type: informacje
User: ZARZĄDZANIE NT\SYSTEM

Computer Name: PREZES-EBA774DE
Event Code: 7035
Message: Do usługi Menedżer połączeń usługi Dostęp zdalny został pomyślnie wysłany kod sterowania uruchom.

Record Number: 7200
Source Name: Service Control Manager
Time Written: 20120108200410.000000+060
Event Type: informacje
User: ZARZĄDZANIE NT\SYSTEM

=====Application event log=====

Computer Name: PREZES-EBA774DE
Event Code: 103
Message: wuaueng.dll (2216) SUS20ClientDataStore: Aparat bazy danych zatrzymał wystąpienie (0).

Record Number: 5
Source Name: ESENT
Time Written: 20111225073855.000000+060
Event Type: informacje
User:

Computer Name: PREZES-EBA774DE
Event Code: 102
Message: wuaueng.dll (2216) SUS20ClientDataStore: Aparat bazy danych uruchomił nowe wystąpienie (0).

Record Number: 4
Source Name: ESENT
Time Written: 20111225073355.000000+060
Event Type: informacje
User:

Computer Name: PREZES-EBA774DE
Event Code: 100
Message: wuauclt (2216) Aparat bazy danych 5.01.2600.2180 został uruchomiony.

Record Number: 3
Source Name: ESENT
Time Written: 20111225073355.000000+060
Event Type: informacje
User:

Computer Name: PREZES-EBA774DE
Event Code: 1800
Message: Usługa Centrum zabezpieczeń systemu Windows została uruchomiona.

Record Number: 2
Source Name: SecurityCenter
Time Written: 20111225073310.000000+060
Event Type: informacje
User:

Computer Name: PREZES-EBA774DE
Event Code: 4
Message: The LightScribe Service started successfully.

Record Number: 1
Source Name: LightScribeService
Time Written: 20111225073305.000000+060
Event Type: informacje
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;D:\Program Files\FPC\2.4.4\bin\i386-Win32;D:\Program Files\FPC\2.4.4\bin\i386-Win32
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 8 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=0801
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------

[/log]

Natsuki Kuga
komentarz
komentarz

W OTL zaznacz opcję plików na 360 dni, [b]Skanuj[/b] i pokaż log.

bykufgf
komentarz
komentarz

Log z OTL

[log]OTL logfile created on: 2012-01-20 16:17:32 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\byku\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1,50 Gb Total Physical Memory | 1,01 Gb Available Physical Memory | 67,38% Memory free
3,35 Gb Paging File | 3,03 Gb Available in Paging File | 90,22% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 25,19 Gb Total Space | 7,29 Gb Free Space | 28,92% Space Free | Partition Type: NTFS
Drive D: | 49,33 Gb Total Space | 24,05 Gb Free Space | 48,75% Space Free | Partition Type: NTFS

Computer Name: PREZES-EBA774DE | User Name: byku | NOT logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 360 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2012-01-20 12:54:51 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\byku\Pulpit\OTL.exe
PRC - [2012-01-05 10:48:46 | 001,047,024 | ---- | M] (Google Inc.) -- C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
PRC - [2011-11-28 19:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011-11-11 22:15:58 | 000,140,952 | ---- | M] (Google Inc.) -- C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.79\GoogleCrashHandler.exe
PRC - [2011-09-27 04:45:40 | 000,646,232 | ---- | M] () -- C:\Program Files\Bamboo Dock\BambooCore.exe
PRC - [2011-09-08 17:48:34 | 003,281,272 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
PRC - [2011-09-08 17:48:34 | 001,485,176 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
PRC - [2011-06-09 13:06:06 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2008-04-14 22:51:40 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-14 22:51:12 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2007-06-26 12:22:42 | 000,081,997 | ---- | M] () -- C:\Program Files\USB TV\EM28XX\BDARemote.exe
PRC - [2003-10-08 10:41:10 | 000,057,344 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2012-01-20 12:54:51 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\byku\Pulpit\OTL.exe
MOD - [2012-01-19 23:19:15 | 000,044,744 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\defs\12012000\uiext.dll
MOD - [2012-01-05 10:48:46 | 001,047,024 | ---- | M] (Google Inc.) -- C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
MOD - [2012-01-05 10:48:44 | 000,411,120 | ---- | M] () -- C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\16.0.912.75\ppgooglenaclpluginchrome.dll
MOD - [2012-01-05 10:48:43 | 003,767,792 | ---- | M] () -- C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\16.0.912.75\pdf.dll
MOD - [2012-01-05 10:47:27 | 009,848,816 | ---- | M] (The ICU Project) -- C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\16.0.912.75\icudt.dll
MOD - [2012-01-05 10:47:21 | 028,803,056 | ---- | M] (Google Inc.) -- C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\16.0.912.75\chrome.dll
MOD - [2012-01-05 10:47:19 | 000,122,880 | ---- | M] () -- C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\16.0.912.75\avutil-51.dll
MOD - [2012-01-05 10:47:18 | 000,222,208 | ---- | M] () -- C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\16.0.912.75\avformat-53.dll
MOD - [2012-01-05 10:47:17 | 001,746,432 | ---- | M] () -- C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\16.0.912.75\avcodec-53.dll
MOD - [2012-01-05 08:06:01 | 008,593,056 | ---- | M] () -- C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\16.0.912.75\gcswf32.dll
MOD - [2011-12-06 19:05:53 | 000,108,616 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswJsFlt.dll
MOD - [2011-11-28 19:01:33 | 000,199,280 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\1045\uiLangRes.dll
MOD - [2011-11-28 19:01:33 | 000,091,624 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\1045\Base.dll
MOD - [2011-11-28 19:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
MOD - [2011-11-28 19:01:22 | 001,821,000 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\CommonRes.dll
MOD - [2011-11-28 19:01:22 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2011-11-28 19:01:20 | 000,398,576 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswSqLt.dll
MOD - [2011-11-28 19:01:20 | 000,220,880 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswProperty.dll
MOD - [2011-11-28 19:01:20 | 000,205,448 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswLog.dll
MOD - [2011-11-28 19:01:20 | 000,025,728 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswUtil.dll
MOD - [2011-11-28 19:01:19 | 000,048,888 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswEngLdr.dll
MOD - [2011-11-28 19:01:18 | 000,682,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswAux.dll
MOD - [2011-11-28 19:01:18 | 000,317,200 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnBS.dll
MOD - [2011-11-28 19:01:18 | 000,167,832 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswData.dll
MOD - [2011-11-28 19:01:18 | 000,163,736 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnIS.dll
MOD - [2011-11-28 19:01:18 | 000,097,840 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnOS.dll
MOD - [2011-11-28 19:01:17 | 000,204,448 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashBase.dll
MOD - [2011-11-28 19:01:17 | 000,150,352 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashTask.dll
MOD - [2011-11-28 19:01:17 | 000,122,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashShell.dll
MOD - [2011-11-28 19:01:17 | 000,061,760 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashTaskEx.dll
MOD - [2011-11-28 19:01:14 | 000,319,784 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\Aavm4h.dll
MOD - [2011-11-28 19:01:13 | 000,072,584 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AavmRpch.dll
MOD - [2011-11-11 22:15:58 | 000,815,256 | ---- | M] (Google Inc.) -- C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.79\goopdate.dll
MOD - [2011-11-11 22:15:58 | 000,140,952 | ---- | M] (Google Inc.) -- C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.79\GoogleCrashHandler.exe
MOD - [2011-09-27 04:45:40 | 000,646,232 | ---- | M] () -- C:\Program Files\Bamboo Dock\BambooCore.exe
MOD - [2011-09-08 17:49:22 | 000,770,384 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Tablet\Pen\msvcr100.dll
MOD - [2011-09-08 17:49:22 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Tablet\Pen\msvcp100.dll
MOD - [2011-09-08 17:48:36 | 000,962,936 | ---- | M] () -- C:\Program Files\Tablet\Pen\libxml2.dll
MOD - [2011-09-08 17:48:34 | 003,281,272 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
MOD - [2011-09-08 17:48:34 | 001,485,176 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
MOD - [2011-09-08 17:48:34 | 001,369,464 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\system32\Pen_Tablet.dll
MOD - [2011-09-05 18:04:56 | 000,394,136 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll
MOD - [2011-06-09 13:06:06 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
MOD - [2009-07-12 00:02:02 | 003,780,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll
MOD - [2009-07-12 00:02:02 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
MOD - [2009-07-12 00:02:00 | 000,569,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
MOD - [2008-05-16 14:01:00 | 000,425,984 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvapi.dll
MOD - [2008-05-16 14:01:00 | 000,086,016 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvmctray.dll
MOD - [2008-04-14 22:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-14 22:51:58 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdmaud.drv
MOD - [2008-04-14 22:51:40 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
MOD - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
MOD - [2008-04-14 22:51:12 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
MOD - [2008-04-14 22:51:02 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsapi.dll
MOD - [2008-04-14 22:51:00 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2_32.dll
MOD - [2008-04-14 22:51:00 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wsock32.dll
MOD - [2008-04-14 22:51:00 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2help.dll
MOD - [2008-04-14 22:51:00 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wshtcpip.dll
MOD - [2008-04-14 22:51:00 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wtsapi32.dll
MOD - [2008-04-14 22:50:58 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2008-04-14 22:50:58 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sxs.dll
MOD - [2008-04-14 22:50:58 | 000,668,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wininet.dll
MOD - [2008-04-14 22:50:58 | 000,621,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\urlmon.dll
MOD - [2008-04-14 22:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-14 22:50:58 | 000,406,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usp10.dll
MOD - [2008-04-14 22:50:58 | 000,388,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\themeui.dll
MOD - [2008-04-14 22:50:58 | 000,354,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winhttp.dll
MOD - [2008-04-14 22:50:58 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\webcheck.dll
MOD - [2008-04-14 22:50:58 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-14 22:50:58 | 000,181,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapi32.dll
MOD - [2008-04-14 22:50:58 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winmm.dll
MOD - [2008-04-14 22:50:58 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wintrust.dll
MOD - [2008-04-14 22:50:58 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll
MOD - [2008-04-14 22:50:58 | 000,122,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\stobject.dll
MOD - [2008-04-14 22:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-14 22:50:58 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winsta.dll
MOD - [2008-04-14 22:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-14 22:50:48 | 008,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2008-04-14 22:50:48 | 001,499,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shdocvw.dll
MOD - [2008-04-14 22:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-14 22:50:48 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2008-04-14 22:50:48 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shimeng.dll
MOD - [2008-04-14 22:50:46 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2008-04-14 22:50:46 | 000,675,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasdlg.dll
MOD - [2008-04-14 22:50:46 | 000,584,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2008-04-14 22:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-14 22:50:46 | 000,433,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\riched20.dll
MOD - [2008-04-14 22:50:46 | 000,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasapi32.dll
MOD - [2008-04-14 22:50:46 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\onex.dll
MOD - [2008-04-14 22:50:46 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schannel.dll
MOD - [2008-04-14 22:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-14 22:50:46 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll
MOD - [2008-04-14 22:50:46 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasman.dll
MOD - [2008-04-14 22:50:46 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2008-04-14 22:50:46 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rtutils.dll
MOD - [2008-04-14 22:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-14 22:50:46 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\powrprof.dll
MOD - [2008-04-14 22:50:46 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasadhlp.dll
MOD - [2008-04-14 22:50:46 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sensapi.dll
MOD - [2008-04-14 22:50:44 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntshrui.dll
MOD - [2008-04-14 22:50:42 | 001,710,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netshell.dll
MOD - [2008-04-14 22:50:42 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netapi32.dll
MOD - [2008-04-14 22:50:42 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll
MOD - [2008-04-14 22:50:40 | 002,843,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msi.dll
MOD - [2008-04-14 22:50:40 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll
MOD - [2008-04-14 22:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-14 22:50:40 | 000,246,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mswsock.dll
MOD - [2008-04-14 22:50:40 | 000,195,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msutb.dll
MOD - [2008-04-14 22:50:40 | 000,132,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msv1_0.dll
MOD - [2008-04-14 22:50:40 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msimg32.dll
MOD - [2008-04-14 22:50:38 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll
MOD - [2008-04-14 22:50:38 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mscms.dll
MOD - [2008-04-14 22:50:38 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.dll
MOD - [2008-04-14 22:50:38 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msasn1.dll
MOD - [2008-04-14 22:50:38 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008-04-14 22:50:36 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2008-04-14 22:50:36 | 000,586,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mlang.dll
MOD - [2008-04-14 22:50:36 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mprapi.dll
MOD - [2008-04-14 22:50:36 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mpr.dll
MOD - [2008-04-14 22:50:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lpk.dll
MOD - [2008-04-14 22:50:36 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\linkinfo.dll
MOD - [2008-04-14 22:50:36 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\midimap.dll
MOD - [2008-04-14 22:50:34 | 000,346,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hnetcfg.dll
MOD - [2008-04-14 22:50:34 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imagehlp.dll
MOD - [2008-04-14 22:50:34 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2008-04-14 22:50:34 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iphlpapi.dll
MOD - [2008-04-14 22:50:34 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hid.dll
MOD - [2008-04-14 22:50:32 | 000,285,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-04-14 22:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-14 22:50:32 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eappcfg.dll
MOD - [2008-04-14 22:50:32 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eappprxy.dll
MOD - [2008-04-14 22:50:30 | 000,367,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dsound.dll
MOD - [2008-04-14 22:50:28 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dnsapi.dll
MOD - [2008-04-14 22:50:28 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dot3api.dll
MOD - [2008-04-14 22:50:28 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dot3dlg.dll
MOD - [2008-04-14 22:50:22 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dbghelp.dll
MOD - [2008-04-14 22:50:18 | 000,602,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\crypt32.dll
MOD - [2008-04-14 22:50:18 | 000,520,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptui.dll
MOD - [2008-04-14 22:50:18 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscui.dll
MOD - [2008-04-14 22:50:18 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\credui.dll
MOD - [2008-04-14 22:50:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscdll.dll
MOD - [2008-04-14 22:50:18 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptnet.dll
MOD - [2008-04-14 22:50:16 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2008-04-14 22:50:14 | 000,617,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comctl32.dll
MOD - [2008-04-14 22:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-14 22:50:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2008-04-14 22:50:06 | 001,025,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browseui.dll
MOD - [2008-04-14 22:50:06 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\batmeter.dll
MOD - [2008-04-14 22:50:04 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\atl.dll
MOD - [2008-04-14 22:50:00 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2008-04-14 22:50:00 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll
MOD - [2008-04-14 22:49:58 | 000,143,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\adsldpc.dll
MOD - [2008-04-14 22:49:56 | 001,852,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\acgenral.dll
MOD - [2008-04-14 22:49:56 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\activeds.dll
MOD - [2008-04-14 22:49:56 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\actxprxy.dll
MOD - [2008-04-14 22:49:16 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2008-04-14 22:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008-04-14 22:29:10 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
MOD - [2008-04-14 22:28:40 | 001,724,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5512_x-ww_dfb54e0c\GdiPlus.dll
MOD - [2008-04-14 00:08:00 | 002,953,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\xpsp2res.dll
MOD - [2008-04-13 23:07:58 | 000,208,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsaenh.dll
MOD - [2007-06-26 12:22:42 | 000,081,997 | ---- | M] () -- C:\Program Files\USB TV\EM28XX\BDARemote.exe
MOD - [2003-10-08 10:41:10 | 000,057,344 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
MOD - [2001-10-26 19:30:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.drv
MOD - [2001-10-26 19:29:40 | 000,163,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleacc.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]


[color=#E56717]========== Driver Services (SafeList) ==========[/color]


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-299502267-725345543-839522115-1004\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-299502267-725345543-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: D:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.10: C:\Program Files\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.0.0.1: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-12-03 10:24:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2012-01-16 18:49:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins

[2011-11-11 22:14:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\byku\Dane aplikacji\Mozilla\Extensions
[2012-01-12 06:33:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\byku\Dane aplikacji\Mozilla\Firefox\Profiles\9ssqyz7i.default\extensions
[2012-01-12 06:33:24 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Documents and Settings\byku\Dane aplikacji\Mozilla\Firefox\Profiles\9ssqyz7i.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\16.0.912.75\gcswf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\16.0.912.75\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\16.0.912.75\pdf.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Angry Birds = C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.1.2.1_0\
CHR - Extension: avast! WebRep = C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1374_0\

O1 HOSTS File: ([2011-04-24 22:58:30 | 000,001,211 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
O1 - Hosts: 127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com
O1 - Hosts: 127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
O1 - Hosts: 127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-299502267-725345543-839522115-1004\..\Toolbar\ShellBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-299502267-725345543-839522115-1004\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BambooCore] C:\Program Files\Bamboo Dock\BambooCore.exe ()
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] D:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKU\S-1-5-21-299502267-725345543-839522115-1004..\Run: [AdobeBridge] File not found
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\BDARemote.lnk = C:\Program Files\USB TV\EM28XX\BDARemote.exe ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-299502267-725345543-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{097D05FB-A327-48FA-AEC0-770C50B87E85}: NameServer = 217.30.129.149 217.30.137.200
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011-11-11 21:43:16 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found


SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: Hamachi2Svc - D:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 360 Days ==========[/color]

[2012-01-20 14:28:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Office
[2012-01-20 14:26:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2012-01-20 14:25:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Microsoft
[2012-01-20 14:21:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2012-01-20 14:21:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2012-01-20 14:20:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help
[2012-01-20 13:02:48 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012-01-20 13:02:46 | 000,000,000 | ---D | C] -- C:\rsit
[2012-01-20 12:54:48 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\byku\Pulpit\OTL.exe
[2012-01-19 21:07:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Pulpit\projekt-8H67hj7
[2012-01-18 15:53:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Pulpit\workdarmoweszablony_eu
[2012-01-18 13:00:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\IrfanView
[2012-01-18 11:19:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Dane aplikacji\BabylonToolbar
[2012-01-17 10:29:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Dane aplikacji\Notepad++
[2012-01-17 10:26:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Notepad++
[2012-01-16 20:58:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\FLEXnet
[2012-01-16 20:43:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2012-01-16 18:13:03 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012-01-16 17:30:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Pulpit\Strona www
[2012-01-14 20:31:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Dane aplikacji\T-D-B
[2012-01-08 18:40:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\nview
[2012-01-08 18:40:05 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2012-01-08 16:21:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Menu Start\Programy\Terraria
[2012-01-08 08:51:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\NVIDIA
[2012-01-07 14:28:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\MixMeister
[2012-01-07 14:23:33 | 000,000,000 | ---D | C] -- C:\Program Files\BabylonToolbar
[2012-01-07 14:23:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Babylon
[2012-01-07 13:24:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Menu Start\Programy\Steam
[2012-01-06 23:41:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Dane aplikacji\ATI
[2012-01-06 23:16:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages
[2012-01-06 23:15:26 | 000,000,000 | ---D | C] -- C:\Program Files\USB TV
[2012-01-06 23:13:34 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2012-01-06 22:37:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\riotsGamesLogs
[2012-01-06 21:59:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Dane aplikacji\LolClient
[2012-01-06 15:36:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\PMB Files
[2012-01-06 15:35:43 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks
[2012-01-06 13:01:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AMMYY
[2012-01-04 17:29:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Dane aplikacji\gtk-2.0
[2012-01-04 17:29:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\.thumbnails
[2012-01-04 17:27:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\.gimp-2.6
[2012-01-04 17:27:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Moje dokumenty\gegl-0.0
[2012-01-02 20:12:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Dane aplikacji\Adobe Mini Bridge CS5.1
[2012-01-02 20:12:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Dane aplikacji\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011-12-31 12:54:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Pulpit\moje prace
[2011-12-29 10:58:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Dane aplikacji\Ambient Design
[2011-12-29 09:16:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\ArtRage 2
[2011-12-29 09:01:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Wacom
[2011-12-29 09:01:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Bamboo Dock
[2011-12-29 09:00:48 | 000,000,000 | ---D | C] -- C:\Program Files\Bamboo Dock
[2011-12-28 11:43:45 | 001,107,832 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\System32\Pen_Touch_Tablet.dll
[2011-12-28 11:43:36 | 000,000,000 | ---D | C] -- C:\Program Files\TabletPlugins
[2011-12-28 11:43:34 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Bamboo
[2011-12-28 11:43:25 | 000,011,312 | ---- | C] (Wacom Technology) -- C:\WINDOWS\System32\drivers\wacommousefilter.sys
[2011-12-28 11:43:13 | 000,014,120 | ---- | C] (Wacom Technology) -- C:\WINDOWS\System32\drivers\wacomvhid.sys
[2011-12-28 11:43:10 | 001,369,464 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\System32\Pen_Tablet.dll
[2011-12-28 11:43:10 | 001,156,472 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\System32\Wintab32.dll
[2011-12-28 11:43:10 | 001,152,888 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\System32\WacomMT.dll
[2011-12-28 11:43:06 | 000,000,000 | ---D | C] -- C:\Program Files\Tablet
[2011-12-27 20:00:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\Identities
[2011-12-27 19:58:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Dane aplikacji\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1
[2011-12-27 18:57:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\SYSTEMAX Software Development
[2011-12-27 18:56:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Dane aplikacji\SYSTEMAX Software Development
[2011-12-27 18:19:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Dane aplikacji\Wacom
[2011-12-27 18:19:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Dane aplikacji\WTablet
[2011-12-27 17:46:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Application Data
[2011-12-27 17:27:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2011-12-27 17:21:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2011-12-27 17:21:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl
[2011-12-27 17:21:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2011-12-27 17:18:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2011-12-27 17:15:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2011-12-27 17:11:36 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2011-12-24 13:32:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2011-12-24 13:32:40 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft XNA
[2011-12-24 13:09:32 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2011-12-23 19:07:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Skype
[2011-12-23 18:47:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Menu Start\Programy\Skype
[2011-12-23 18:47:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\Skype
[2011-12-18 21:32:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Ubisoft
[2011-12-17 19:47:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Pulpit\skin do osu
[2011-12-17 12:32:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Pulpit\zdjecia projekty photoshop, fl studio muzyka
[2011-12-16 15:18:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Moje dokumenty\OnLive App
[2011-12-16 13:51:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Dane aplikacji\TS3Client
[2011-12-16 13:50:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\TeamSpeak 3 Client
[2011-12-14 17:53:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\osu!
[2011-12-14 17:52:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Dane aplikacji\Downloaded Installations
[2011-12-11 16:56:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Moje dokumenty\Max Payne 2 Savegames
[2011-12-10 10:21:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Moje dokumenty\NFS Carbon
[2011-12-08 16:06:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\YAMAHA
[2011-12-08 15:53:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\YAMAHA
[2011-12-08 15:48:24 | 000,000,000 | ---D | C] -- C:\Program Files\Yamaha
[2011-12-03 15:19:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\regid.1986-12.com.adobe
[2011-11-29 18:52:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Moje dokumenty\Test Drive Unlimited
[2011-11-29 18:52:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Moje dokumenty\JustCause
[2011-11-29 18:52:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Moje dokumenty\Hitman Blood Money
[2011-11-29 18:51:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Moje dokumenty\GTA San Andreas User Files
[2011-11-29 18:45:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\reFX
[2011-11-29 18:36:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\reFX
[2011-11-29 18:36:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Digidesign
[2011-11-29 18:36:39 | 001,332,224 | ---- | C] (AD © 2009) -- C:\WINDOWS\System32\SYNSOEMU.DLL
[2011-11-29 18:32:16 | 000,225,280 | ---- | C] (Propellerhead Software AB) -- C:\WINDOWS\System32\rewire.dll
[2011-11-29 18:32:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Image-Line
[2011-11-29 18:31:46 | 000,000,000 | ---D | C] -- C:\Program Files\Image-Line
[2011-11-29 18:31:45 | 000,000,000 | ---D | C] -- C:\Program Files\Outsim
[2011-11-28 21:55:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\Incomedia
[2011-11-28 21:55:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Moje dokumenty\Incomedia
[2011-11-28 21:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl-PL
[2011-11-28 21:33:36 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2011-11-28 21:33:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2011-11-28 21:33:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-us
[2011-11-28 21:33:17 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2011-11-28 21:27:25 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 6.0
[2011-11-28 18:16:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\LightScribe Direct Disc Labeling
[2011-11-28 18:16:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LightScribe
[2011-11-28 18:16:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Nero
[2011-11-28 18:15:34 | 000,364,544 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\TwnLib4.dll
[2011-11-28 18:15:34 | 000,106,496 | ---- | C] (Pegasus Software) -- C:\WINDOWS\System32\TwnLib20.dll
[2011-11-28 18:15:29 | 001,568,768 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagX7.dll
[2011-11-28 18:15:29 | 000,476,320 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXpr7.dll
[2011-11-28 18:15:29 | 000,471,040 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXRA7.dll
[2011-11-28 18:15:29 | 000,262,144 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXR7.dll
[2011-11-28 18:15:27 | 000,155,648 | ---- | C] (Ahead Software Gmbh) -- C:\WINDOWS\System32\NeroCheck.exe
[2011-11-28 18:15:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Ahead
[2011-11-28 18:15:18 | 000,000,000 | ---D | C] -- C:\Program Files\Ahead
[2011-11-28 07:56:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\Adobe
[2011-11-26 18:42:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\EA GAMES
[2011-11-26 14:03:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Dane aplikacji\skypePM
[2011-11-25 22:04:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Dane aplikacji\Gadu-Gadu 10
[2011-11-25 22:03:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2011-11-25 22:03:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2011-11-25 11:38:51 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\CanonBJ
[2011-11-24 19:49:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2011-11-24 19:49:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Steam
[2011-11-24 16:18:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Free Pascal
[2011-11-22 16:03:44 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2011-11-21 21:32:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC
[2011-11-21 18:17:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Phyxion.net
[2011-11-21 18:05:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Pulpit\programy
[2011-11-21 08:54:07 | 000,000,000 | ---D | C] -- C:\Samsung
[2011-11-21 08:34:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2011-11-19 16:10:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\ATI
[2011-11-19 16:03:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2011-11-19 16:03:05 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2011-11-19 16:02:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Dane aplikacji\InstallShield
[2011-11-17 19:17:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Lavalys
[2011-11-16 20:35:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2011-11-16 19:00:55 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2011-11-15 22:45:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2011-11-15 22:44:29 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2011-11-15 22:44:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2011-11-15 10:19:50 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011-11-15 10:12:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Adobe
[2011-11-14 17:58:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Dane aplikacji\Need for Speed World
[2011-11-14 17:39:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\Electronic_Arts_Inc
[2011-11-14 17:35:40 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2011-11-14 17:34:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2011-11-14 17:07:36 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2011-11-14 17:07:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\SystemRequirementsLab
[2011-11-14 17:07:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2011-11-13 19:23:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Pulpit\gry
[2011-11-12 22:28:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Moje dokumenty\My Games
[2011-11-12 22:27:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Dane aplikacji\Microsoft Games
[2011-11-12 22:27:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Games
[2011-11-12 22:20:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\DAEMON Tools Lite
[2011-11-12 22:19:55 | 000,239,168 | ---- | C] (DT Soft Ltd) -- C:\WINDOWS\System32\drivers\dtsoftbus01.sys
[2011-11-12 22:19:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Dane aplikacji\DAEMON Tools Lite
[2011-11-12 22:19:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2011-11-12 22:14:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi
[2011-11-12 22:13:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\LogMeIn Hamachi
[2011-11-12 21:39:51 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2011-11-12 21:39:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\uTorrentBar
[2011-11-12 21:39:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\Conduit
[2011-11-12 21:39:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\Temp
[2011-11-12 21:39:41 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrentBar
[2011-11-12 21:39:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\uTorrent
[2011-11-12 21:39:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Dane aplikacji\uTorrent
[2011-11-12 20:06:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Dane aplikacji\Media Player Classic
[2011-11-12 20:05:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\K-Lite Codec Pack
[2011-11-12 20:05:32 | 000,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\WINDOWS\System32\lameACM.acm
[2011-11-12 20:05:32 | 000,151,552 | ---- | C] (fccHandler) -- C:\WINDOWS\System32\ac3acm.acm
[2011-11-12 20:05:23 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack
[2011-11-12 16:14:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\nvidia icons
[2011-11-12 15:52:27 | 000,000,000 | ---D | C] -- C:\Program Files\SpeedFan
[2011-11-12 14:27:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Dane aplikacji\Skype
[2011-11-12 08:07:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Menu Start\Programy\Counter-Strike
[2011-11-12 07:32:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Menu Start\Programy\WinRAR
[2011-11-12 07:32:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Dane aplikacji\WinRAR
[2011-11-12 07:32:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\WinRAR
[2011-11-12 07:32:36 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2011-11-12 07:23:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Dane aplikacji\Macromedia
[2011-11-12 07:23:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Dane aplikacji\Adobe
[2011-11-11 22:33:18 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2011-11-11 22:33:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2011-11-11 22:33:13 | 000,000,000 | R--D | C] -- C:\Program Files
[2011-11-11 22:33:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2011-11-11 22:33:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2011-11-11 22:33:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2011-11-11 22:32:44 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start
[2011-11-11 22:32:44 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty
[2011-11-11 22:32:44 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart
[2011-11-11 22:32:44 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Szablony
[2011-11-11 22:32:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Ulubione
[2011-11-11 22:32:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Pulpit
[2011-11-11 22:30:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2011-11-11 22:30:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2011-11-11 22:30:46 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft
[2011-11-11 22:30:46 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji
[2011-11-11 22:30:21 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2011-11-11 22:30:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2011-11-11 22:24:25 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2011-11-11 22:24:25 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2011-11-11 22:24:25 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2011-11-11 22:24:25 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1045
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2011-11-11 22:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2011-11-11 22:23:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Dane aplikacji\.minecraft
[2011-11-11 22:23:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sun
[2011-11-11 22:23:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011-11-11 22:23:16 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2011-11-11 22:20:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2011-11-11 22:18:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Dane aplikacji\Sun
[2011-11-11 22:17:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Moje dokumenty\Downloads
[2011-11-11 22:16:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Menu Start\Programy\Google Chrome
[2011-11-11 22:15:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\Google
[2011-11-11 22:15:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Moje dokumenty\Pobieranie
[2011-11-11 22:14:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\Mozilla
[2011-11-11 22:14:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Dane aplikacji\Mozilla
[2011-11-11 22:14:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Dane aplikacji\Identities
[2011-11-11 22:14:24 | 000,000,000 | R--D | C] -- C:\Documents and Settings\byku\Moje dokumenty\Moje obrazy
[2011-11-11 22:14:24 | 000,000,000 | R--D | C] -- C:\Documents and Settings\byku\Moje dokumenty\Moja muzyka
[2011-11-11 22:14:15 | 000,000,000 | --SD | C] -- C:\Documents and Settings\byku\Dane aplikacji\Microsoft
[2011-11-11 22:14:15 | 000,000,000 | --SD | C] -- C:\Documents and Settings\byku\Cookies
[2011-11-11 22:14:15 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\byku\SendTo
[2011-11-11 22:14:15 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\byku\Recent
[2011-11-11 22:14:15 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\byku\Dane aplikacji
[2011-11-11 22:14:15 | 000,000,000 | R--D | C] -- C:\Documents and Settings\byku\Ulubione
[2011-11-11 22:14:15 | 000,000,000 | R--D | C] -- C:\Documents and Settings\byku\Moje dokumenty
[2011-11-11 22:14:15 | 000,000,000 | R--D | C] -- C:\Documents and Settings\byku\Menu Start
[2011-11-11 22:14:15 | 000,000,000 | R--D | C] -- C:\Documents and Settings\byku\Menu Start\Programy\Autostart
[2011-11-11 22:14:15 | 000,000,000 | R--D | C] -- C:\Documents and Settings\byku\Menu Start\Programy\Akcesoria
[2011-11-11 22:14:15 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\byku\Ustawienia lokalne
[2011-11-11 22:14:15 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\byku\Szablony
[2011-11-11 22:14:15 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\byku\PrintHood
[2011-11-11 22:14:15 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\byku\NetHood
[2011-11-11 22:14:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Pulpit
[2011-11-11 22:14:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\Microsoft
[2011-11-11 22:13:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Skype
[2011-11-11 22:08:46 | 000,314,456 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011-11-11 22:08:46 | 000,052,952 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011-11-11 22:08:46 | 000,034,392 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011-11-11 22:08:46 | 000,020,568 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011-11-11 22:08:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\avast! Free Antivirus
[2011-11-11 22:08:45 | 000,111,320 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011-11-11 22:08:45 | 000,105,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011-11-11 22:08:45 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011-11-11 22:08:36 | 000,041,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011-11-11 22:08:35 | 000,199,816 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011-11-11 22:08:25 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011-11-11 22:08:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software
[2011-11-11 21:55:03 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek Sound Manager
[2011-11-11 21:55:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Realtek Sound Manager
[2011-11-11 21:55:01 | 000,000,000 | ---D | C] -- C:\Program Files\AvRack
[2011-11-11 21:54:56 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2011-11-11 21:52:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2011-11-11 21:52:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2011-11-11 21:48:50 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2011-11-11 21:47:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2011-11-11 21:47:23 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2011-11-11 21:43:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2011-11-11 21:43:42 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2011-11-11 21:43:42 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2011-11-11 21:42:19 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2011-11-11 21:42:09 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2011-11-11 21:42:09 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2011-11-11 21:41:59 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2011-11-11 21:41:55 | 000,000,000 | ---D | C] -- C:\Program Files\Usługi online
[2011-11-11 21:41:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2011-11-11 21:41:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2011-11-11 21:40:56 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2011-11-11 21:40:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2011-11-11 21:40:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2011-11-11 21:40:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2011-11-11 21:40:40 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2011-11-11 21:40:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2011-11-11 21:40:27 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2011-11-11 21:40:23 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2011-11-11 21:40:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2011-11-11 21:40:13 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2011-11-11 21:40:12 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje obrazy
[2011-11-11 21:39:48 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Gry
[2011-11-11 21:39:36 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2011-11-11 21:39:30 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Narzędzia administracyjne
[2011-11-11 21:39:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2011-11-11 21:39:21 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moja muzyka
[2011-11-11 21:39:21 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2011-11-11 21:39:15 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2011-11-11 21:39:11 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2011-11-11 21:38:37 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2011-11-11 21:38:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2011-11-11 21:38:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2011-11-11 21:38:17 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje wideo
[2011-11-11 21:37:53 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Akcesoria
[2011-10-25 21:19:50 | 000,044,032 | ---- | C] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll
[2011-06-16 02:34:06 | 002,117,632 | ---- | C] (Multicore Ware) -- C:\WINDOWS\System32\SlotMaximizerBe.dll
[2011-06-16 02:34:06 | 000,079,872 | ---- | C] (Multicore Ware) -- C:\WINDOWS\System32\SlotMaximizerAg.dll
[2011-03-18 17:08:54 | 000,025,240 | ---- | C] (Almico Software) -- C:\WINDOWS\System32\speedfan.sys
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 360 Days ==========[/color]

[2012-01-20 16:13:07 | 000,186,903 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012-01-20 15:29:31 | 003,773,976 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-01-20 15:29:17 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2012-01-20 15:29:02 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012-01-20 15:28:59 | 1610,145,792 | -HS- | M] () -- C:\hiberfil.sys
[2012-01-20 14:22:37 | 000,000,552 | ---- | M] () -- C:\WINDOWS\win.ini
[2012-01-20 14:21:00 | 000,001,128 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-299502267-725345543-839522115-1004UA.job
[2012-01-20 13:38:39 | 003,670,016 | -H-- | M] () -- C:\Documents and Settings\byku\NTUSER.DAT
[2012-01-20 13:38:39 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\byku\ntuser.ini
[2012-01-20 13:38:33 | 004,283,382 | -H-- | M] () -- C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2012-01-20 13:16:43 | 000,175,704 | ---- | M] () -- C:\Documents and Settings\byku\Pulpit\temat.rtf
[2012-01-20 12:58:12 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\byku\Pulpit\RSIT.exe
[2012-01-20 12:54:51 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\byku\Pulpit\OTL.exe
[2012-01-19 22:21:01 | 000,001,076 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-299502267-725345543-839522115-1004Core.job
[2012-01-18 13:00:05 | 000,000,577 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\IrfanView.lnk
[2012-01-18 11:01:49 | 000,000,523 | ---- | M] () -- C:\Documents and Settings\byku\Pulpit\link polecający.rtf
[2012-01-18 08:53:44 | 000,000,354 | ---- | M] () -- C:\Documents and Settings\byku\Pulpit\znaczniki.rtf
[2012-01-17 14:25:58 | 000,015,608 | ---- | M] () -- C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2012-01-17 10:26:41 | 000,000,628 | ---- | M] () -- C:\Documents and Settings\byku\Pulpit\Notepad++.lnk
[2012-01-14 15:19:30 | 000,186,008 | ---- | M] () -- C:\Documents and Settings\byku\Pulpit\sasuke2.png
[2012-01-14 10:49:20 | 000,014,477 | ---- | M] () -- C:\Documents and Settings\byku\Pulpit\ustawienia do tabletu.PNG
[2012-01-13 21:26:10 | 000,005,965 | ---- | M] () -- C:\Documents and Settings\byku\.recently-used.xbel
[2012-01-13 21:11:46 | 000,153,048 | ---- | M] () -- C:\Documents and Settings\byku\Moje dokumenty\ts3_clientui-win32-1321432557-2012-01-13 21_11_45.750000.dmp
[2012-01-12 16:52:12 | 000,019,742 | ---- | M] () -- C:\Documents and Settings\byku\Pulpit\handtingling.jpg
[2012-01-08 18:39:02 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012-01-08 18:24:15 | 000,000,206 | ---- | M] () -- C:\WINDOWS\WININIT.INI
[2012-01-08 13:03:20 | 000,000,714 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\BDARemote.lnk
[2012-01-08 13:03:20 | 000,000,702 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\BDARemote.lnk
[2012-01-07 20:34:05 | 000,002,295 | ---- | M] () -- C:\Documents and Settings\byku\Pulpit\Google Chrome.lnk
[2012-01-07 14:23:35 | 000,000,237 | ---- | M] () -- C:\user.js
[2012-01-06 23:18:35 | 000,000,000 | ---- | M] () -- C:\WINDOWS\ativpsrm.bin
[2012-01-06 13:01:39 | 000,718,640 | ---- | M] () -- C:\Documents and Settings\byku\Pulpit\AA_v3.exe
[2012-01-04 20:36:57 | 000,162,405 | ---- | M] () -- C:\Documents and Settings\byku\Pulpit\logooooo.xcf
[2012-01-03 21:13:35 | 000,000,132 | ---- | M] () -- C:\Documents and Settings\byku\Dane aplikacji\Preferencje Adobe CS5 dla formatu PNG
[2011-12-31 13:03:47 | 000,107,014 | ---- | M] () -- C:\Documents and Settings\byku\Pulpit\gimpforkoser.jpg
[2011-12-29 09:16:33 | 000,000,699 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\ArtRage.lnk
[2011-12-29 09:01:25 | 000,000,880 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Bamboo Dock.lnk
[2011-12-27 17:30:12 | 000,578,990 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2011-12-27 17:30:12 | 000,514,840 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011-12-27 17:30:12 | 000,115,258 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2011-12-27 17:30:12 | 000,092,230 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011-12-27 17:30:12 | 000,006,546 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2011-12-27 17:29:52 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2011-12-27 17:27:55 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011-12-27 17:14:29 | 000,251,152 | RHS- | M] () -- C:\ntldr
[2011-12-23 19:07:30 | 000,002,177 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2011-12-20 21:22:27 | 000,005,632 | ---- | M] () -- C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-12-18 17:48:23 | 000,030,215 | ---- | M] () -- C:\Documents and Settings\byku\Moje dokumenty\ts3_clientui-win32-1321432557-2011-12-18 17_48_23.718750.dmp
[2011-12-18 17:46:13 | 000,164,222 | ---- | M] () -- C:\Documents and Settings\byku\Moje dokumenty\ts3_clientui-win32-1321432557-2011-12-18 17_46_12.796875.dmp
[2011-12-18 17:46:13 | 000,163,718 | ---- | M] () -- C:\Documents and Settings\byku\Moje dokumenty\ts3_clientui-win32-1321432557-2011-12-18 17_46_13.687500.dmp
[2011-12-18 17:46:13 | 000,159,014 | ---- | M] () -- C:\Documents and Settings\byku\Moje dokumenty\ts3_clientui-win32-1321432557-2011-12-18 17_46_12.781250.dmp
[2011-12-18 12:11:18 | 000,000,811 | ---- | M] () -- C:\Documents and Settings\byku\Pulpit\cw02_5.pas
[2011-12-18 12:10:20 | 000,001,364 | ---- | M] () -- C:\Documents and Settings\byku\Pulpit\cw02_4.pas
[2011-12-18 11:44:44 | 000,000,932 | ---- | M] () -- C:\Documents and Settings\byku\Pulpit\cw02_3.pas
[2011-12-08 15:53:39 | 000,001,601 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Musicsoft Downloader.lnk
[2011-12-05 18:28:03 | 000,219,703 | ---- | M] () -- C:\Documents and Settings\byku\Moje dokumenty\nowa muza.flp
[2011-12-03 10:24:59 | 000,002,644 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011-11-30 22:08:49 | 000,940,804 | ---- | M] () -- C:\Documents and Settings\byku\Moje dokumenty\tapetawallpaper.psd
[2011-11-29 18:32:15 | 000,000,670 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\FL Studio 9.lnk
[2011-11-28 21:36:43 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011-11-28 19:01:25 | 000,041,184 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011-11-28 19:01:23 | 000,199,816 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011-11-28 18:53:35 | 000,314,456 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011-11-28 18:52:19 | 000,034,392 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011-11-28 18:52:16 | 000,052,952 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011-11-28 18:52:02 | 000,111,320 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011-11-28 18:51:59 | 000,105,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011-11-28 18:51:50 | 000,020,568 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011-11-28 18:48:49 | 000,030,808 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011-11-28 18:41:45 | 000,001,239 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nero StartSmart.lnk
[2011-11-28 18:41:45 | 000,000,954 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nero Online Upgrade.lnk
[2011-11-28 18:16:57 | 000,001,774 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\LightScribe.lnk
[2011-11-26 14:03:06 | 000,000,056 | -H-- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\ezsidmv.dat
[2011-11-21 22:07:44 | 000,472,576 | ---- | M] () -- C:\WINDOWS\Nvidia Omega Drivers v2.169.21 Uninstall.exe
[2011-11-21 18:16:25 | 000,000,331 | ---- | M] () -- C:\Documents and Settings\byku\Pulpit\Skrót do M@ti.lnk
[2011-11-21 18:16:08 | 000,000,275 | ---- | M] () -- C:\Documents and Settings\byku\Pulpit\Skrót do Dysk lokalny (D).lnk
[2011-11-19 20:47:14 | 000,024,414 | ---- | M] () -- C:\Documents and Settings\byku\Moje dokumenty\lamborghini_bull.jpg
[2011-11-19 16:13:49 | 000,004,096 | ---- | M] () -- C:\WINDOWS\System32\crash
[2011-11-19 07:58:25 | 000,000,026 | ---- | M] () -- C:\Documents and Settings\byku\Moje dokumenty\1.stk
[2011-11-18 22:34:24 | 000,000,026 | ---- | M] () -- C:\Documents and Settings\byku\Moje dokumenty\kolo.stk
[2011-11-17 19:17:45 | 000,000,623 | ---- | M] () -- C:\Documents and Settings\byku\Pulpit\EVEREST Home Edition.lnk
[2011-11-15 22:45:56 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader X.lnk
[2011-11-12 22:19:55 | 000,239,168 | ---- | M] (DT Soft Ltd) -- C:\WINDOWS\System32\drivers\dtsoftbus01.sys
[2011-11-12 15:52:26 | 000,000,045 | ---- | M] () -- C:\WINDOWS\System32\initdebug.nfo
[2011-11-11 22:33:11 | 000,000,231 | ---- | M] () -- C:\WINDOWS\system.ini
[2011-11-11 22:10:37 | 000,000,606 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk
[2011-11-11 22:08:46 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\avast! Free Antivirus.lnk
[2011-11-11 22:01:46 | 000,000,534 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Dialnet.lnk
[2011-11-11 21:47:18 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2011-11-11 21:46:33 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2011-11-11 21:43:16 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2011-11-11 21:43:16 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2011-11-11 21:43:16 | 000,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2011-11-11 21:43:16 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2011-11-11 21:43:16 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2011-11-11 21:43:08 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2011-11-11 21:43:08 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2011-11-11 21:42:58 | 000,004,293 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2011-11-11 21:42:09 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2011-11-11 21:42:09 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2011-11-11 21:42:03 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2011-11-11 21:42:03 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2011-11-11 21:42:03 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2011-11-11 21:42:03 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2011-11-11 21:42:03 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2011-11-11 21:42:03 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2011-11-11 21:39:46 | 000,021,856 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011-11-11 21:39:34 | 000,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2011-11-11 21:39:34 | 000,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini
[2011-11-11 21:37:24 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2011-10-28 09:00:00 | 000,074,752 | ---- | M] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011-10-25 21:21:48 | 000,056,832 | ---- | M] () -- C:\WINDOWS\System32\OpenVideo.dll
[2011-10-25 21:21:34 | 000,056,832 | ---- | M] () -- C:\WINDOWS\System32\OVDecoder.dll
[2011-10-25 21:19:50 | 000,044,032 | ---- | M] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll
[2011-09-23 20:21:50 | 000,338,376 | ---- | M] () -- C:\Documents and Settings\byku\Moje dokumenty\avatar dla kamila.psd
[2011-09-11 08:46:52 | 008,053,069 | ---- | M] () -- C:\Documents and Settings\byku\Moje dokumenty\tapeta( darkness).psd
[2011-09-08 17:49:26 | 000,011,312 | ---- | M] (Wacom Technology) -- C:\WINDOWS\System32\drivers\wacommousefilter.sys
[2011-09-08 17:49:24 | 000,014,120 | ---- | M] (Wacom Technology) -- C:\WINDOWS\System32\drivers\wacomvhid.sys
[2011-09-08 17:48:36 | 001,156,472 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\System32\Wintab32.dll
[2011-09-08 17:48:36 | 001,152,888 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\System32\WacomMT.dll
[2011-09-08 17:48:34 | 001,369,464 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\System32\Pen_Tablet.dll
[2011-09-08 17:48:34 | 001,107,832 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\System32\Pen_Touch_Tablet.dll
[2011-07-16 15:17:06 | 000,151,552 | ---- | M] (fccHandler) -- C:\WINDOWS\System32\ac3acm.acm
[2011-06-24 15:44:30 | 000,243,200 | ---- | M] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011-06-24 15:28:22 | 000,650,752 | ---- | M] () -- C:\WINDOWS\System32\xvidcore.dll
[2011-06-22 15:14:00 | 000,000,714 | ---- | M] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2011-06-16 02:34:06 | 002,117,632 | ---- | M] (Multicore Ware) -- C:\WINDOWS\System32\SlotMaximizerBe.dll
[2011-06-16 02:34:06 | 000,079,872 | ---- | M] (Multicore Ware) -- C:\WINDOWS\System32\SlotMaximizerAg.dll
[2011-06-15 23:00:38 | 000,000,488 | ---- | M] () -- C:\WINDOWS\System32\PenTouchTabletUserDefaults.xml
[2011-06-15 23:00:38 | 000,000,488 | ---- | M] () -- C:\WINDOWS\System32\PenTabletUserDefaults.xml
[2011-04-24 22:58:30 | 000,001,211 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011-03-18 17:08:54 | 000,025,240 | ---- | M] (Almico Software) -- C:\WINDOWS\System32\speedfan.sys
[2011-03-02 11:43:46 | 000,175,616 | ---- | M] () -- C:\WINDOWS\System32\unrar.dll
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-01-20 13:15:30 | 000,175,704 | ---- | C] () -- C:\Documents and Settings\byku\Pulpit\temat.rtf
[2012-01-20 12:58:12 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\byku\Pulpit\RSIT.exe
[2012-01-18 13:00:05 | 000,000,577 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\IrfanView.lnk
[2012-01-18 11:01:49 | 000,000,523 | ---- | C] () -- C:\Documents and Settings\byku\Pulpit\link polecający.rtf
[2012-01-18 08:53:44 | 000,000,354 | ---- | C] () -- C:\Documents and Settings\byku\Pulpit\znaczniki.rtf
[2012-01-17 10:26:41 | 000,000,628 | ---- | C] () -- C:\Documents and Settings\byku\Pulpit\Notepad++.lnk
[2012-01-16 20:55:30 | 000,000,732 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Photoshop CS4.lnk
[2012-01-16 20:53:53 | 000,000,706 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Bridge CS4.lnk
[2012-01-16 20:46:30 | 000,000,826 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Extension Manager CS4.lnk
[2012-01-16 20:45:33 | 000,001,104 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe ExtendScript Toolkit CS4.lnk
[2012-01-14 15:19:29 | 000,186,008 | ---- | C] () -- C:\Documents and Settings\byku\Pulpit\sasuke2.png
[2012-01-13 21:26:10 | 000,005,965 | ---- | C] () -- C:\Documents and Settings\byku\.recently-used.xbel
[2012-01-13 21:11:45 | 000,153,048 | ---- | C] () -- C:\Documents and Settings\byku\Moje dokumenty\ts3_clientui-win32-1321432557-2012-01-13 21_11_45.750000.dmp
[2012-01-12 16:52:14 | 000,019,742 | ---- | C] () -- C:\Documents and Settings\byku\Pulpit\handtingling.jpg
[2012-01-08 18:42:09 | 1610,145,792 | -HS- | C] () -- C:\hiberfil.sys
[2012-01-08 18:40:49 | 000,186,903 | ---- | C] () -- C:\WINDOWS\System32\nvapps.xml
[2012-01-08 18:40:47 | 000,018,070 | ---- | C] () -- C:\WINDOWS\System32\nvdisp.nvu
[2012-01-07 14:23:34 | 000,000,237 | ---- | C] () -- C:\user.js
[2012-01-06 23:18:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2012-01-06 23:15:50 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2012-01-06 23:15:50 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\psisrndr.ax
[2012-01-06 23:15:49 | 000,052,224 | ---- | C] () -- C:\WINDOWS\System32\msdvbnp.ax
[2012-01-06 23:15:26 | 000,000,702 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\BDARemote.lnk
[2012-01-06 23:14:11 | 000,017,917 | R--- | C] () -- C:\WINDOWS\atiogl.xml
[2012-01-06 13:01:30 | 000,718,640 | ---- | C] () -- C:\Documents and Settings\byku\Pulpit\AA_v3.exe
[2012-01-04 20:36:41 | 000,162,405 | ---- | C] () -- C:\Documents and Settings\byku\Pulpit\logooooo.xcf
[2011-12-31 13:28:16 | 000,014,477 | ---- | C] () -- C:\Documents and Settings\byku\Pulpit\ustawienia do tabletu.PNG
[2011-12-31 13:03:50 | 000,107,014 | ---- | C] () -- C:\Documents and Settings\byku\Pulpit\gimpforkoser.jpg
[2011-12-29 09:16:33 | 000,000,699 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\ArtRage.lnk
[2011-12-29 09:01:25 | 000,000,880 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Bamboo Dock.lnk
[2011-12-28 11:43:07 | 000,000,488 | ---- | C] () -- C:\WINDOWS\System32\PenTouchTabletUserDefaults.xml
[2011-12-28 11:43:07 | 000,000,488 | ---- | C] () -- C:\WINDOWS\System32\PenTabletUserDefaults.xml
[2011-12-27 17:22:10 | 000,046,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\irbus.sys
[2011-12-27 17:15:08 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2011-12-27 17:15:06 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2011-12-27 17:15:04 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2011-12-23 19:07:18 | 000,002,177 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2011-12-18 17:48:23 | 000,030,215 | ---- | C] () -- C:\Documents and Settings\byku\Moje dokumenty\ts3_clientui-win32-1321432557-2011-12-18 17_48_23.718750.dmp
[2011-12-18 17:46:13 | 000,163,718 | ---- | C] () -- C:\Documents and Settings\byku\Moje dokumenty\ts3_clientui-win32-1321432557-2011-12-18 17_46_13.687500.dmp
[2011-12-18 17:46:12 | 000,164,222 | ---- | C] () -- C:\Documents and Settings\byku\Moje dokumenty\ts3_clientui-win32-1321432557-2011-12-18 17_46_12.796875.dmp
[2011-12-18 17:46:12 | 000,159,014 | ---- | C] () -- C:\Documents and Settings\byku\Moje dokumenty\ts3_clientui-win32-1321432557-2011-12-18 17_46_12.781250.dmp
[2011-12-18 12:11:20 | 000,000,811 | ---- | C] () -- C:\Documents and Settings\byku\Pulpit\cw02_5.pas
[2011-12-18 12:10:23 | 000,001,364 | ---- | C] () -- C:\Documents and Settings\byku\Pulpit\cw02_4.pas
[2011-12-18 11:44:47 | 000,000,932 | ---- | C] () -- C:\Documents and Settings\byku\Pulpit\cw02_3.pas
[2011-12-08 15:53:39 | 000,001,601 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Musicsoft Downloader.lnk
[2011-12-04 22:43:35 | 000,219,703 | ---- | C] () -- C:\Documents and Settings\byku\Moje dokumenty\nowa muza.flp
[2011-12-04 22:02:36 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\byku\Dane aplikacji\Preferencje Adobe CS5 dla formatu PNG
[2011-12-03 15:04:46 | 000,000,728 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Help.lnk
[2011-11-30 22:08:47 | 000,940,804 | ---- | C] () -- C:\Documents and Settings\byku\Moje dokumenty\tapetawallpaper.psd
[2011-11-29 18:52:14 | 008,053,069 | ---- | C] () -- C:\Documents and Settings\byku\Moje dokumenty\tapeta( darkness).psd
[2011-11-29 18:52:14 | 000,338,376 | ---- | C] () -- C:\Documents and Settings\byku\Moje dokumenty\avatar dla kamila.psd
[2011-11-29 18:32:15 | 000,000,670 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\FL Studio 9.lnk
[2011-11-28 18:41:45 | 000,001,239 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Nero StartSmart.lnk
[2011-11-28 18:16:57 | 000,001,774 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\LightScribe.lnk
[2011-11-28 18:16:41 | 000,000,954 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Nero Online Upgrade.lnk
[2011-11-26 14:03:06 | 000,000,056 | -H-- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\ezsidmv.dat
[2011-11-25 22:02:04 | 000,000,572 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Gadu-Gadu 10.lnk
[2011-11-21 22:07:44 | 000,472,576 | ---- | C] () -- C:\WINDOWS\Nvidia Omega Drivers v2.169.21 Uninstall.exe
[2011-11-21 20:43:35 | 000,000,122 | R--- | C] () -- C:\WINDOWS\System32\drivers\ramsed.bin
[2011-11-21 20:43:35 | 000,000,042 | R--- | C] () -- C:\WINDOWS\System32\drivers\jedireg.pat
[2011-11-21 20:43:34 | 000,001,024 | R--- | C] () -- C:\WINDOWS\System32\drivers\jedih2rx.bin
[2011-11-21 18:23:34 | 000,005,632 | ---- | C] () -- C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-11-21 18:16:25 | 000,000,331 | ---- | C] () -- C:\Documents and Settings\byku\Pulpit\Skrót do M@ti.lnk
[2011-11-21 18:16:08 | 000,000,275 | ---- | C] () -- C:\Documents and Settings\byku\Pulpit\Skrót do Dysk lokalny (D).lnk
[2011-11-20 08:06:35 | 000,000,206 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2011-11-19 20:43:09 | 000,024,414 | ---- | C] () -- C:\Documents and Settings\byku\Moje dokumenty\lamborghini_bull.jpg
[2011-11-19 16:13:49 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\crash
[2011-11-19 16:03:00 | 000,000,714 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\BDARemote.lnk
[2011-11-18 22:34:24 | 000,000,026 | ---- | C] () -- C:\Documents and Settings\byku\Moje dokumenty\kolo.stk
[2011-11-18 22:05:22 | 000,000,026 | ---- | C] () -- C:\Documents and Settings\byku\Moje dokumenty\1.stk
[2011-11-17 19:17:45 | 000,000,623 | ---- | C] () -- C:\Documents and Settings\byku\Pulpit\EVEREST Home Edition.lnk
[2011-11-15 22:45:56 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Reader X.lnk
[2011-11-15 22:45:56 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader X.lnk
[2011-11-12 20:05:42 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2011-11-12 20:05:32 | 000,000,414 | ---- | C] () -- C:\WINDOWS\System32\lame_acm.xml
[2011-11-12 20:05:31 | 000,650,752 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011-11-12 20:05:31 | 000,243,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011-11-12 20:05:31 | 000,074,752 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011-11-12 20:05:31 | 000,000,714 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2011-11-12 16:15:30 | 000,015,608 | ---- | C] () -- C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2011-11-12 16:13:59 | 000,139,792 | ---- | C] () -- C:\WINDOWS\System32\nv3dcht.chm
[2011-11-12 16:13:59 | 000,059,261 | ---- | C] () -- C:\WINDOWS\System32\nvmobcht.chm
[2011-11-12 16:13:58 | 000,137,045 | ---- | C] () -- C:\WINDOWS\System32\nv3dtha.chm
[2011-11-12 16:13:58 | 000,134,133 | ---- | C] () -- C:\WINDOWS\System32\nv3dchs.chm
[2011-11-12 16:13:58 | 000,133,761 | ---- | C] () -- C:\WINDOWS\System32\nv3dtrk.chm
[2011-11-12 16:13:58 | 000,128,913 | ---- | C] () -- C:\WINDOWS\System32\nv3dslv.chm
[2011-11-12 16:13:58 | 000,118,734 | ---- | C] () -- C:\WINDOWS\System32\nv3dsve.chm
[2011-11-12 16:13:58 | 000,059,225 | ---- | C] () -- C:\WINDOWS\System32\nvmobtha.chm
[2011-11-12 16:13:58 | 000,058,607 | ---- | C] () -- C:\WINDOWS\System32\nvmobchs.chm
[2011-11-12 16:13:58 | 000,057,450 | ---- | C] () -- C:\WINDOWS\System32\nvmobtrk.chm
[2011-11-12 16:13:58 | 000,057,380 | ---- | C] () -- C:\WINDOWS\System32\nvmobslv.chm
[2011-11-12 16:13:58 | 000,055,693 | ---- | C] () -- C:\WINDOWS\System32\nvmobsve.chm
[2011-11-12 16:13:57 | 000,130,245 | ---- | C] () -- C:\WINDOWS\System32\nv3dplk.chm
[2011-11-12 16:13:57 | 000,129,550 | ---- | C] () -- C:\WINDOWS\System32\nv3dptg.chm
[2011-11-12 16:13:57 | 000,129,499 | ---- | C] () -- C:\WINDOWS\System32\nv3dsky.chm
[2011-11-12 16:13:57 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\nv3drus.chm
[2011-11-12 16:13:57 | 000,118,410 | ---- | C] () -- C:\WINDOWS\System32\nv3dptb.chm
[2011-11-12 16:13:57 | 000,057,545 | ---- | C] () -- C:\WINDOWS\System32\nvmobsky.chm
[2011-11-12 16:13:57 | 000,057,376 | ---- | C] () -- C:\WINDOWS\System32\nvmobplk.chm
[2011-11-12 16:13:57 | 000,057,339 | ---- | C] () -- C:\WINDOWS\System32\nvmobrus.chm
[2011-11-12 16:13:57 | 000,055,946 | ---- | C] () -- C:\WINDOWS\System32\nvmobptb.chm
[2011-11-12 16:13:57 | 000,055,845 | ---- | C] () -- C:\WINDOWS\System32\nvmobptg.chm
[2011-11-12 16:13:56 | 000,144,421 | ---- | C] () -- C:\WINDOWS\System32\nv3djpn.chm
[2011-11-12 16:13:56 | 000,132,251 | ---- | C] () -- C:\WINDOWS\System32\nv3dkor.chm
[2011-11-12 16:13:56 | 000,121,053 | ---- | C] () -- C:\WINDOWS\System32\nv3dita.chm
[2011-11-12 16:13:56 | 000,119,706 | ---- | C] () -- C:\WINDOWS\System32\nv3dnor.chm
[2011-11-12 16:13:56 | 000,118,401 | ---- | C] () -- C:\WINDOWS\System32\nv3dnld.chm
[2011-11-12 16:13:56 | 000,060,357 | ---- | C] () -- C:\WINDOWS\System32\nvmobjpn.chm
[2011-11-12 16:13:56 | 000,059,061 | ---- | C] () -- C:\WINDOWS\System32\nvmobkor.chm
[2011-11-12 16:13:56 | 000,056,175 | ---- | C] () -- C:\WINDOWS\System32\nvmobita.chm
[2011-11-12 16:13:56 | 000,055,525 | ---- | C] () -- C:\WINDOWS\System32\nvmobnor.chm
[2011-11-12 16:13:56 | 000,055,475 | ---- | C] () -- C:\WINDOWS\System32\nvmobnld.chm
[2011-11-12 16:13:55 | 000,132,088 | ---- | C] () -- C:\WINDOWS\System32\nv3dheb.chm
[2011-11-12 16:13:55 | 000,131,070 | ---- | C] () -- C:\WINDOWS\System32\nv3dhun.chm
[2011-11-12 16:13:55 | 000,124,278 | ---- | C] () -- C:\WINDOWS\System32\nv3dfin.chm
[2011-11-12 16:13:55 | 000,119,315 | ---- | C] () -- C:\WINDOWS\System32\nv3dfra.chm
[2011-11-12 16:13:55 | 000,118,608 | ---- | C] () -- C:\WINDOWS\System32\nv3desm.chm
[2011-11-12 16:13:55 | 000,058,340 | ---- | C] () -- C:\WINDOWS\System32\nvmobheb.chm
[2011-11-12 16:13:55 | 000,057,512 | ---- | C] () -- C:\WINDOWS\System32\nvmobhun.chm
[2011-11-12 16:13:55 | 000,056,934 | ---- | C] () -- C:\WINDOWS\System32\nvmobfin.chm
[2011-11-12 16:13:55 | 000,056,087 | ---- | C] () -- C:\WINDOWS\System32\nvmobfra.chm
[2011-11-12 16:13:55 | 000,055,992 | ---- | C] () -- C:\WINDOWS\System32\nvmobesm.chm
[2011-11-12 16:13:54 | 000,131,422 | ---- | C] () -- C:\WINDOWS\System32\nv3dell.chm
[2011-11-12 16:13:54 | 000,128,958 | ---- | C] () -- C:\WINDOWS\System32\nv3dcsy.chm
[2011-11-12 16:13:54 | 000,123,526 | ---- | C] () -- C:\WINDOWS\System32\nv3ddeu.chm
[2011-11-12 16:13:54 | 000,118,926 | ---- | C] () -- C:\WINDOWS\System32\nv3ddan.chm
[2011-11-12 16:13:54 | 000,117,909 | ---- | C] () -- C:\WINDOWS\System32\nv3desn.chm
[2011-11-12 16:13:54 | 000,117,083 | ---- | C] () -- C:\WINDOWS\System32\nv3deng.chm
[2011-11-12 16:13:54 | 000,059,100 | ---- | C] () -- C:\WINDOWS\System32\nvmobell.chm
[2011-11-12 16:13:54 | 000,057,387 | ---- | C] () -- C:\WINDOWS\System32\nvmobcsy.chm
[2011-11-12 16:13:54 | 000,056,087 | ---- | C] () -- C:\WINDOWS\System32\nvmobdeu.chm
[2011-11-12 16:13:54 | 000,055,669 | ---- | C] () -- C:\WINDOWS\System32\nvmobesn.chm
[2011-11-12 16:13:54 | 000,055,622 | ---- | C] () -- C:\WINDOWS\System32\nvmobdan.chm
[2011-11-12 16:13:54 | 000,055,103 | ---- | C] () -- C:\WINDOWS\System32\nvmobeng.chm
[2011-11-12 16:13:53 | 000,128,544 | ---- | C] () -- C:\WINDOWS\System32\nv3dara.chm
[2011-11-12 16:13:53 | 000,116,384 | ---- | C] () -- C:\WINDOWS\System32\nv3d.chm
[2011-11-12 16:13:53 | 000,057,328 | ---- | C] () -- C:\WINDOWS\System32\nvmobara.chm
[2011-11-12 16:13:53 | 000,054,988 | ---- | C] () -- C:\WINDOWS\System32\nvmob.chm
[2011-11-12 15:52:26 | 000,000,045 | ---- | C] () -- C:\WINDOWS\System32\initdebug.nfo
[2011-11-12 14:56:38 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011-11-11 22:33:21 | 000,001,393 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2011-11-11 22:33:18 | 000,006,546 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2011-11-11 22:33:17 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011-11-11 22:33:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls
[2011-11-11 22:33:09 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls
[2011-11-11 22:33:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls
[2011-11-11 22:33:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10081.nls
[2011-11-11 22:33:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28595.NLS
[2011-11-11 22:33:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10017.nls
[2011-11-11 22:33:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10007.nls
[2011-11-11 22:33:04 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls
[2011-11-11 22:33:04 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls
[2011-11-11 22:33:04 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls
[2011-11-11 22:33:04 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS
[2011-11-11 22:33:04 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10006.nls
[2011-11-11 22:33:02 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls
[2011-11-11 22:33:02 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls
[2011-11-11 22:33:02 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28594.NLS
[2011-11-11 22:33:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20127.nls
[2011-11-11 22:32:58 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10082.nls
[2011-11-11 22:32:58 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10029.nls
[2011-11-11 22:32:58 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10010.nls
[2011-11-11 22:32:54 | 000,001,734 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2011-11-11 22:31:39 | 004,283,382 | -H-- | C] () -- C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2011-11-11 22:30:20 | 003,773,976 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011-11-11 22:29:47 | 000,000,211 | -HS- | C] () -- C:\boot.ini
[2011-11-11 22:29:44 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2011-11-11 22:16:51 | 000,002,295 | ---- | C] () -- C:\Documents and Settings\byku\Pulpit\Google Chrome.lnk
[2011-11-11 22:16:00 | 000,001,128 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-299502267-725345543-839522115-1004UA.job
[2011-11-11 22:16:00 | 000,001,076 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-299502267-725345543-839522115-1004Core.job
[2011-11-11 22:14:26 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\byku\Menu Start\Programy\Outlook Express.lnk
[2011-11-11 22:14:25 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\byku\Menu Start\Programy\Internet Explorer.lnk
[2011-11-11 22:14:16 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\byku\Menu Start\Programy\Pomoc zdalna.lnk
[2011-11-11 22:14:16 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\byku\Menu Start\Programy\Windows Media Player.lnk
[2011-11-11 22:14:16 | 000,000,188 | -HS- | C] () -- C:\Documents and Settings\byku\ntuser.ini
[2011-11-11 22:14:15 | 003,670,016 | -H-- | C] () -- C:\Documents and Settings\byku\NTUSER.DAT
[2011-11-11 22:10:37 | 000,000,606 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk
[2011-11-11 22:10:37 | 000,000,606 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Mozilla Firefox.lnk
[2011-11-11 22:08:46 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\avast! Free Antivirus.lnk
[2011-11-11 22:01:46 | 000,000,534 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Dialnet.lnk
[2011-11-11 21:57:03 | 000,023,040 | R--- | C] () -- C:\WINDOWS\System32\drivers\GVCplDrv.sys
[2011-11-11 21:55:01 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2011-11-11 21:54:59 | 000,141,016 | ---- | C] () -- C:\WINDOWS\System32\ALSNDMGR.WAV
[2011-11-11 21:47:24 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\tasks\SA.DAT
[2011-11-11 21:47:18 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2011-11-11 21:46:33 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011-11-11 21:43:16 | 000,002,644 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2011-11-11 21:43:16 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2011-11-11 21:43:16 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2011-11-11 21:43:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\control.ini
[2011-11-11 21:43:16 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2011-11-11 21:43:16 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2011-11-11 21:43:08 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2011-11-11 21:43:08 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2011-11-11 21:43:07 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2011-11-11 21:42:09 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2011-11-11 21:42:09 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2011-11-11 21:42:03 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2011-11-11 21:42:03 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest
[2011-11-11 21:42:03 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2011-11-11 21:42:03 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2011-11-11 21:42:03 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2011-11-11 21:42:03 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2011-11-11 21:41:58 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Windows Movie Maker.lnk
[2011-11-11 21:41:09 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2011-11-11 21:41:09 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2011-11-11 21:39:48 | 000,000,643 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Windows Messenger.lnk
[2011-11-11 21:39:46 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011-11-11 21:39:34 | 000,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini
[2011-11-11 21:39:34 | 000,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini
[2011-11-11 21:38:52 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Pod mikroskopem.bmp
[2011-11-11 21:38:52 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Stiuk z Santa Fe.bmp
[2011-11-11 21:38:52 | 000,026,680 | ---- | C] () -- C:\WINDOWS\Wachlarze.bmp
[2011-11-11 21:38:52 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Nefryt.bmp
[2011-11-11 21:38:52 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rododendron.bmp
[2011-11-11 21:38:52 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Indiański pled.bmp
[2011-11-11 21:38:51 | 000,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce
[2011-11-11 21:38:51 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Bąbelki.bmp
[2011-11-11 21:38:51 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Na rybkach.bmp
[2011-11-11 21:38:51 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Kawa.bmp
[2011-11-11 21:38:51 | 000,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce
[2011-11-11 21:38:51 | 000,016,730 | ---- | C] () -- C:\WINDOWS\Puch.bmp
[2011-11-11 21:38:51 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Niebieska koronka 16.bmp
[2011-11-11 21:38:50 | 000,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce
[2011-11-11 21:38:50 | 000,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce
[2011-11-11 21:38:50 | 000,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce
[2011-11-11 21:38:50 | 000,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce
[2011-11-11 21:38:50 | 000,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce
[2011-11-11 21:38:50 | 000,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce
[2011-11-11 21:38:48 | 000,026,717 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini
[2011-11-11 21:38:48 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2011-11-11 21:38:48 | 000,001,225 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2011-11-11 21:38:46 | 000,003,813 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini
[2011-11-11 21:38:46 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2011-11-11 21:38:39 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2011-10-25 21:21:48 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\OpenVideo.dll
[2011-10-25 21:21:34 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\OVDecoder.dll
[2008-05-16 14:01:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008-05-16 14:01:00 | 001,630,208 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2008-05-16 14:01:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008-05-16 14:01:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2008-05-16 14:01:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008-05-16 14:01:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008-05-16 14:01:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2008-05-16 14:01:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2008-05-16 14:01:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2007-06-02 10:46:32 | 000,153,840 | ---- | C] () -- C:\WINDOWS\System32\ARThumb.dll
[2004-08-04 01:56:48 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004-08-04 01:44:10 | 000,270,848 | ---- | C] () -- C:\WINDOWS\System32\sbe.dll
[2004-08-04 01:44:04 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo.dll
[2004-08-04 01:43:58 | 000,186,880 | ---- | C] () -- C:\WINDOWS\System32\encdec.dll
[2004-08-04 01:43:56 | 000,253,440 | ---- | C] () -- C:\WINDOWS\System32\compatui.dll
[2004-08-04 01:43:54 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\amstream.dll
[2004-08-04 01:43:16 | 000,733,696 | ---- | C] () -- C:\WINDOWS\System32\qedwipes.dll
[2004-08-03 23:51:32 | 000,053,920 | ---- | C] () -- C:\WINDOWS\System32\dosx.exe
[2004-08-03 23:48:52 | 000,003,346 | ---- | C] () -- C:\WINDOWS\System32\redir.exe
[2004-08-03 23:46:56 | 000,042,537 | ---- | C] () -- C:\WINDOWS\System32\keyboard.sys
[2004-08-03 23:45:34 | 000,033,936 | ---- | C] () -- C:\WINDOWS\System32\ntio.sys
[2004-08-03 23:45:16 | 000,035,424 | ---- | C] () -- C:\WINDOWS\System32\ntio412.sys
[2004-08-03 23:45:16 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio404.sys
[2004-08-03 23:45:14 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio804.sys
[2004-08-03 23:45:12 | 000,035,648 | ---- | C] () -- C:\WINDOWS\System32\ntio411.sys
[2004-08-02 15:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004-07-17 12:46:14 | 000,053,478 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.ini
[2004-07-17 12:34:48 | 000,355,112 | ---- | C] () -- C:\WINDOWS\System32\msjetoledb40.dll
[2001-10-26 19:29:40 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\scriptpw.dll
[2001-10-26 19:29:32 | 000,199,168 | ---- | C] () -- C:\WINDOWS\System32\ir32_32.dll
[2001-10-26 19:28:34 | 000,094,282 | ---- | C] () -- C:\WINDOWS\System32\msencode.dll
[2001-10-26 19:27:02 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\tsd32.dll
[2001-10-26 18:29:54 | 000,057,856 | ---- | C] () -- C:\WINDOWS\System32\dvdplay.exe
[2001-10-26 18:29:42 | 000,157,696 | ---- | C] () -- C:\WINDOWS\System32\paqsp.dll
[2001-10-26 18:15:16 | 000,578,990 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat
[2001-10-26 18:15:16 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat
[2001-10-26 18:15:16 | 000,115,258 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat
[2001-10-26 18:15:16 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat
[2001-10-26 18:15:10 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\vwipxspx.exe
[2001-10-26 18:15:08 | 000,011,859 | ---- | C] () -- C:\WINDOWS\System32\setver.exe
[2001-10-26 18:15:08 | 000,003,260 | ---- | C] () -- C:\WINDOWS\System32\nw16.exe
[2001-10-26 18:15:04 | 000,027,898 | ---- | C] () -- C:\WINDOWS\System32\ntdos.sys
[2001-10-26 18:14:58 | 000,007,116 | ---- | C] () -- C:\WINDOWS\System32\nlsfunc.exe
[2001-10-26 18:14:56 | 000,039,434 | ---- | C] () -- C:\WINDOWS\System32\mem.exe
[2001-10-26 18:14:54 | 000,014,913 | ---- | C] () -- C:\WINDOWS\System32\kb16.com
[2001-10-26 18:14:54 | 000,001,168 | ---- | C] () -- C:\WINDOWS\System32\loadfix.com
[2001-10-26 18:14:52 | 000,004,976 | ---- | C] () -- C:\WINDOWS\System32\himem.sys
[2001-10-26 18:14:50 | 000,019,806 | ---- | C] () -- C:\WINDOWS\System32\graphics.com
[2001-10-26 18:14:48 | 000,008,520 | ---- | C] () -- C:\WINDOWS\System32\exe2bin.exe
[2001-10-26 18:14:46 | 000,012,866 | ---- | C] () -- C:\WINDOWS\System32\edlin.exe
[2001-10-26 18:14:42 | 000,020,986 | ---- | C] () -- C:\WINDOWS\System32\debug.exe
[2001-10-26 18:14:38 | 000,051,823 | ---- | C] () -- C:\WINDOWS\System32\command.com
[2001-10-26 18:14:34 | 000,012,594 | ---- | C] () -- C:\WINDOWS\System32\append.exe
[2001-10-26 18:14:32 | 000,009,043 | ---- | C] () -- C:\WINDOWS\System32\ansi.sys
[2001-10-26 18:12:52 | 000,000,359 | ---- | C] () -- C:\WINDOWS\System32\prodspec.ini
[2001-10-26 17:45:26 | 000,016,024 | ---- | C] () -- C:\WINDOWS\System32\rsvp.ini
[2001-10-26 17:45:26 | 000,006,074 | ---- | C] () -- C:\WINDOWS\System32\rasctrs.ini
[2001-10-26 17:45:24 | 000,013,819 | ---- | C] () -- C:\WINDOWS\System32\pschdprf.ini
[2001-10-26 17:45:10 | 000,070,622 | ---- | C] () -- C:\WINDOWS\System32\edit.com
[2001-10-26 17:42:08 | 000,020,629 | ---- | C] () -- C:\WINDOWS\System32\mqperf.ini
[2001-10-26 17:42:08 | 000,002,992 | ---- | C] () -- C:\WINDOWS\System32\perfci.ini
[2001-10-26 17:42:08 | 000,002,890 | ---- | C] () -- C:\WINDOWS\System32\perfwci.ini
[2001-10-26 17:42:08 | 000,001,295 | ---- | C] () -- C:\WINDOWS\System32\perffilt.ini
[2001-08-23 15:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001-08-23 15:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001-08-17 23:35:10 | 000,000,817 | ---- | C] () -- C:\WINDOWS\System32\mscdexnt.exe
[2001-08-17 23:32:34 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\share.exe
[2001-08-17 23:32:34 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\fastopen.exe
[2001-08-17 23:31:56 | 000,042,809 | ---- | C] () -- C:\WINDOWS\System32\key01.sys
[2001-08-17 23:31:56 | 000,027,097 | ---- | C] () -- C:\WINDOWS\System32\country.sys
[2001-08-17 23:31:50 | 000,029,274 | ---- | C] () -- C:\WINDOWS\System32\ntdos412.sys
[2001-08-17 23:31:46 | 000,029,370 | ---- | C] () -- C:\WINDOWS\System32\ntdos411.sys
[2001-08-17 23:31:46 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos404.sys
[2001-08-17 23:31:44 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos804.sys
[2001-08-17 23:30:24 | 000,514,840 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001-08-17 23:30:24 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001-08-17 23:30:24 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001-08-17 23:30:22 | 000,092,230 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001-08-17 23:15:38 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001-08-17 23:13:24 | 000,002,656 | ---- | C] () -- C:\WINDOWS\System32\netware.drv
[2001-08-17 21:55:06 | 001,015,477 | ---- | C] () -- C:\WINDOWS\System32\esentprf.ini
[2001-07-22 04:25:18 | 000,001,405 | ---- | C] () -- C:\WINDOWS\msdfmap.ini
[2001-07-22 00:36:48 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001-07-22 00:36:04 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001-07-22 00:24:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2001-07-22 00:16:20 | 000,000,552 | ---- | C] () -- C:\WINDOWS\win.ini
[2001-07-22 00:15:52 | 000,000,231 | ---- | C] () -- C:\WINDOWS\system.ini
[2001-07-22 00:15:50 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\win87em.dll
[1996-04-03 20:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

[color=#E56717]========== LOP Check ==========[/color]

[2012-01-06 13:01:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AMMYY
[2011-11-11 22:08:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software
[2012-01-07 14:23:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Babylon
[2011-11-25 11:38:51 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\CanonBJ
[2011-11-12 22:19:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2011-11-25 22:03:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2012-01-06 17:01:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PMB Files
[2011-12-03 16:39:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\regid.1986-12.com.adobe
[2011-12-27 18:57:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SYSTEMAX Software Development
[2011-12-29 09:01:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Wacom
[2011-12-08 16:06:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\YAMAHA
[2011-12-24 13:00:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\byku\Dane aplikacji\.minecraft
[2011-12-29 10:58:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\byku\Dane aplikacji\Ambient Design
[2012-01-18 11:19:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\byku\Dane aplikacji\BabylonToolbar
[2011-12-18 21:21:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\byku\Dane aplikacji\DAEMON Tools Lite
[2011-12-14 17:52:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\byku\Dane aplikacji\Downloaded Installations
[2011-11-25 22:26:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\byku\Dane aplikacji\Gadu-Gadu 10
[2012-01-13 21:26:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\byku\Dane aplikacji\gtk-2.0
[2012-01-06 21:59:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\byku\Dane aplikacji\LolClient
[2011-11-14 17:58:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\byku\Dane aplikacji\Need for Speed World
[2012-01-17 10:29:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\byku\Dane aplikacji\Notepad++
[2012-01-02 20:12:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\byku\Dane aplikacji\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011-12-27 18:56:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\byku\Dane aplikacji\SYSTEMAX Software Development
[2012-01-14 20:31:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\byku\Dane aplikacji\T-D-B
[2011-12-16 15:15:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\byku\Dane aplikacji\TS3Client
[2012-01-14 15:35:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\byku\Dane aplikacji\uTorrent
[2011-12-27 18:19:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\byku\Dane aplikacji\Wacom
[2011-12-27 19:58:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\byku\Dane aplikacji\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2011-11-11 21:43:16 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2011-11-11 21:37:24 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2001-07-22 00:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2011-11-11 21:43:16 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2012-01-20 15:28:59 | 1610,145,792 | -HS- | M] () -- C:\hiberfil.sys
[2011-11-11 21:43:16 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2011-11-11 21:43:16 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004-08-03 23:38:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2011-12-27 17:14:29 | 000,251,152 | RHS- | M] () -- C:\ntldr
[2012-01-20 15:28:58 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[2012-01-07 14:23:35 | 000,000,237 | ---- | M] () -- C:\user.js


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2004-08-04 01:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys
[2008-04-14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008-04-14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2004-08-04 01:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2001-08-17 23:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2004-08-04 01:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe

< End of report >

[/log]
[log]OTL Extras logfile created on: 2012-01-20 16:17:32 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\byku\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1,50 Gb Total Physical Memory | 1,01 Gb Available Physical Memory | 67,38% Memory free
3,35 Gb Paging File | 3,03 Gb Available in Paging File | 90,22% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 25,19 Gb Total Space | 7,29 Gb Free Space | 28,92% Space Free | Partition Type: NTFS
Drive D: | 49,33 Gb Total Space | 24,05 Gb Free Space | 48,75% Space Free | Partition Type: NTFS

Computer Name: PREZES-EBA774DE | User Name: byku | NOT logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 360 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-299502267-725345543-839522115-1004\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe (Google Inc.)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "D:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"58258:TCP" = 58258:TCP:*:Enabled:Pando Media Booster
"58258:UDP" = 58258:UDP:*:Enabled:Pando Media Booster

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"58258:TCP" = 58258:TCP:*:Enabled:Pando Media Booster
"58258:UDP" = 58258:UDP:*:Enabled:Pando Media Booster
"5353:TCP" = 5353:TCP:*:Enabled:Adobe CSI CS4

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\Program Files\Counter-Strike\hl.exe" = D:\Program Files\Counter-Strike\hl.exe:*:Enabled:Half-Life Launcher
"D:\Program Files\uTorrent\uTorrent.exe" = D:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"D:\Program Files\Microsoft Games\Rise of Nations\thrones.exe" = D:\Program Files\Microsoft Games\Rise of Nations\thrones.exe:*:Enabled:Rise of Nations -- (Big Huge Games, Inc.)
"D:\Program Files\Microsoft Games\Rise of Nations\patriots.exe" = D:\Program Files\Microsoft Games\Rise of Nations\patriots.exe:*:Enabled:Rise of Nations -- (Big Huge Games, Inc.)
"D:\Program Files\Strogino CS Portal\Counter-Strike Source\hl2.exe" = D:\Program Files\Strogino CS Portal\Counter-Strike Source\hl2.exe:*:Enabled:hl2
"D:\Program Files\Valve\hl.exe" = D:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)
"D:\Program Files\Steam\Steam.exe" = D:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"D:\Program Files\Gadu-Gadu 10\gg.exe" = D:\Program Files\Gadu-Gadu 10\gg.exe:*:Disabled:Gadu-Gadu 10 -- (GG Network S.A.)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Disabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour
"D:\Program Files\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe" = D:\Program Files\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe:*:Disabled:Stronghold Crusader
"C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*:Disabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"D:\Program Files\Metinpirv\ForteMT2\Launcher.exe" = D:\Program Files\Metinpirv\ForteMT2\Launcher.exe:*:Disabled:Launcher -- ()
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" = C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4 -- (Adobe Systems Incorporated)
"D:\Program Files\Steam\steamapps\byczekfgf\counter-strike\hl.exe" = D:\Program Files\Steam\steamapps\byczekfgf\counter-strike\hl.exe:*:Enabled:Counter-Strike -- (Valve)
"D:\Program Files\Microsoft Office\Office14\ONENOTE.EXE" = D:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote -- (Microsoft Corporation)
"D:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE" = D:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{036FD544-AED6-3F33-856D-A2292D0CF471}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - PLK
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{12766F00-807F-4978-8D24-FDD0A3D60EE4}" = ArtRage 2
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F77C418-2C90-459C-BD33-B56A4182B9FA}" = System Requirements Lab CYRI
"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java(TM) 6 Update 29
"{271A659B-A7D3-405E-AE31-3086133BE0B7}" = Yamaha USB-MIDI Driver
"{2758691A-2CDE-4942-A4AC-0E8F61FE2067}" = USB Video Driver
"{2BA00471-0328-3743-93BD-FA813353A783}" = Microsoft .NET Framework 3.0 Service Pack 1
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2FC099BD-AC9B-33EB-809C-D332E1B27C40}" = Microsoft .NET Framework 3.5
"{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3AF8C37F-696E-871C-0851-CDE980FD665E}" = Bamboo Dock
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{5A67D2EA-FB70-4033-A6F3-606AD85B2015}_is1" = Driver Sweeper wersja 3.2.0
"{5C19E2DC-4CCF-3114-B40A-6E565987025F}" = Microsoft .NET Framework 4 Extended PLK Language Pack
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{6D3C6846-CDB6-418F-8FDB-DA21FE064F86}" = YAMAHA Musicsoft Downloader 5
"{6E0C3C3D-CF8A-4AEC-AD6C-B4486A96BE8E}" = Bamboo Tablets Tutorial
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7C77393F-8237-3825-A88A-AFAF3C69C072}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - PLK
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{8BBB5E4C-3F5E-4C07-BFBE-33B34600783A}" = LogMeIn Hamachi
"{90140000-0010-0415-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Polish) 14
"{90140000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2010
"{90140000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2010
"{90140000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2010
"{90140000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2010
"{90140000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2010
"{90140000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2010
"{90140000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2010
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2010
"{90140000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2010
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99F5E794-74A2-469A-86F9-F7E953EF3D9E}" = Counter-Strike Source
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}" = Counter-Strike 1.6
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1)
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{C3592426-531E-4110-911D-BFECE2CE284C}" = osu!
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D755C7A3-C03E-4460-8C00-AC6E55505FB5}" = LightScribe 1.4.74.1
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F31E509D-3597-324E-83CF-0C160B2320F0}" = Microsoft .NET Framework 3.5 Language Pack - plk
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FD271FAB-2F69-6983-A6A4-828F357940C4}" = Livebrush Mini
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"69083DC58646DE46A09847A522A1CC487F918039" = Pakiet sterowników systemu Windows - eMPIA Technology Inc, (emAudio) MEDIA (08/31/2007 5.7.0831.0)
"9722CA1E8F72F362E93CBEC75A707FDABFC8D880" = Pakiet sterowników systemu Windows - Advanced Micro Devices, Inc. (USB28xxBGA) Media (08/31/2007 5.7.0831.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"ASIO4ALL" = ASIO4ALL
"avast" = avast! Free Antivirus
"BabylonToolbar" = Babylon toolbar on IE
"Bamboo Dock" = Bamboo Dock
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.livebrush.2205ABAA7E8202CDC1251B1FA1E879364B7BAB52.1" = Livebrush Mini
"Counter-Strike 1.6 v32" = Counter-Strike 1.6 v32
"DAEMON Tools Lite" = DAEMON Tools Lite
"DVD Decrypter" = DVD Decrypter (Remove Only)
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"FL Studio 9" = FL Studio 9
"FreePascal_is1" = Free Pascal 2.4.4
"Gadu-Gadu 10" = Gadu-Gadu 10
"GameSpy Arcade" = GameSpy Arcade
"Hardcore" = Hardcore
"IL Download Manager" = IL Download Manager
"IL Harmless" = IL Harmless
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.9.0 (Full)
"LogMeIn Hamachi" = LogMeIn Hamachi
"Microsoft .NET Framework 3.5" = Microsoft .NET Framework 3.5
"Microsoft .NET Framework 3.5 Language Pack - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 — PLK
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended
"MixMeister BPM Analyzer_is1" = MixMeister BPM Analyzer 1.0
"Mozilla Firefox 9.0.1 (x86 pl)" = Mozilla Firefox 9.0.1 (x86 pl)
"Nero - Burning Rom!UninstallKey" = Nero OEM
"Notepad++" = Notepad++
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIAnForce" = NVIDIA Windows 2000/XP nForce Drivers
"Office14.SingleImage" = Microsoft Office Professional 2010
"Pen Tablet Driver" = Bamboo
"PoiZone" = PoiZone
"reFX Nexus_is1" = reFX Nexus VSTi RTAS v2.2.0
"RiseOfNationsExpansion 1.0" = Rise of Nations
"Sawer" = Sawer
"SpeedFan" = SpeedFan (remove only)
"Steam App 10" = Counter-Strike
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Toxic Biohazard" = Toxic Biohazard
"uTorrent" = µTorrent
"uTorrentBar Toolbar" = uTorrentBar Toolbar
"Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin
"Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
"wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1" = Bamboo Dock
"WIC" = Windows Imaging Component
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR 4.00 (32-bitowy)
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-299502267-725345543-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

Error: Unable to start EventLog service!

< End of report >

[/log]

Dodam ,że loga robiłem z uprawnieniami użytkownika, nie wiem czy to ma znaczenie.

Natsuki Kuga
komentarz
komentarz

Do OTL wklej:
[code]
:OTL
IE - HKU\S-1-5-21-299502267-725345543-839522115-1004\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-299502267-725345543-839522115-1004\..\Toolbar\ShellBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-299502267-725345543-839522115-1004\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)

:Files
C:\Program Files\uTorrentBar
C:\Program Files\Conduit
C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\uTorrentBar
C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\Conduit
C:\Documents and Settings\All Users\Dane aplikacji\Babylon

:Commands
[resethosts]
[emptytemp]
[/code]
[b]Wykonaj skrypt,[/b] pokaż raport.

Do [url="http://jpshortstuff.247fixes.com/SystemLook.exe"][b]SystemLook[/b][/url] wklej:
[code]
:file
C:\WINDOWS\System32\crash
[/code]
[b]Look,[/b] pokaż raport.

Pokaż jeszcze logi z RSIT i Gmer.

bykufgf
komentarz
komentarz

Raport z otl [log]All processes killed
========== OTL ==========
Registry key HKEY_USERS\S-1-5-21-299502267-725345543-839522115-1004\Software\Microsoft\Internet Explorer\URLSearchHooks not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ deleted successfully.
File C:\Program Files\uTorrentBar\prxtbuTo0.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}\ deleted successfully.
C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ not found.
File C:\Program Files\uTorrentBar\prxtbuTo0.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{98889811-442D-49dd-99D7-DC866BE87DBC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC}\ deleted successfully.
C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ not found.
File C:\Program Files\uTorrentBar\prxtbuTo0.dll not found.
Registry key HKEY_USERS\S-1-5-21-299502267-725345543-839522115-1004\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}\ not found.
File C:\Program Files\uTorrentBar\prxtbuTo0.dll not found.
Registry key HKEY_USERS\S-1-5-21-299502267-725345543-839522115-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}\ not found.
File C:\Program Files\uTorrentBar\prxtbuTo0.dll not found.
========== FILES ==========
File\Folder C:\Program Files\uTorrentBar not found.
File\Folder C:\Program Files\Conduit not found.
File\Folder C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\uTorrentBar not found.
File\Folder C:\Documents and Settings\byku\Ustawienia lokalne\Dane aplikacji\Conduit not found.
C:\Documents and Settings\All Users\Dane aplikacji\Babylon folder moved successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56475 bytes

User: All Users

User: byku
->Temp folder emptied: 1136002499 bytes
->Temporary Internet Files folder emptied: 21560460 bytes
->Java cache emptied: 668912 bytes
->FireFox cache emptied: 76973371 bytes
->Google Chrome cache emptied: 223597438 bytes
->Flash cache emptied: 66141 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56475 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Miecz
->Temp folder emptied: 45106737 bytes
->Temporary Internet Files folder emptied: 20296313 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 646080433 bytes
->Flash cache emptied: 60310 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Prezes
->Temp folder emptied: 26954000 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 17725 bytes
->FireFox cache emptied: 45509950 bytes
->Flash cache emptied: 57215 bytes

User: Użytkownik
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56475 bytes

User: Użytkownik.PREZES-EBA774DE
->Temp folder emptied: 288059 bytes
->Temporary Internet Files folder emptied: 2658728 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 294568211 bytes
->Google Chrome cache emptied: 6359243 bytes
->Flash cache emptied: 95807 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2134153 bytes
%systemroot%\System32 .tmp files removed: 6152740 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 32768 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 2 437,00 mb


OTL by OldTimer - Version 3.2.31.0 log created on 01242012_091558

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

[/log]

SystemLook:
[log]SystemLook 30.07.11 by jpshortstuff
Log created at 09:22 on 24/01/2012 by Prezes
Administrator - Elevation successful

No Context: C:\WINDOWS\System32\crash

-= EOF =-[/log]
Rsit:
[log]Logfile of random's system information tool 1.09 (written by random/random)
Run by Prezes at 2012-01-24 09:24:01
Microsoft Windows XP Professional Dodatek Service Pack 3
System drive C: has 10 GB (40%) free of 26 GB
Total RAM: 1535 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 09:24:07, on 2012-01-24
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Tablet\Pen\Pen_TouchService.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Bamboo Dock\BambooCore.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\USB TV\EM28XX\BDARemote.exe
D:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Tablet\Pen\Pen_Tablet.exe
C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
C:\Program Files\Tablet\Pen\Pen_Tablet.exe
D:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\byku\Pulpit\RSIT.exe
C:\Program Files\trend micro\Prezes.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "D:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [BambooCore] C:\Program Files\Bamboo Dock\BambooCore.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "D:\Program Files\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BDARemote.lnk = C:\Program Files\USB TV\EM28XX\BDARemote.exe
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Wyślij &do programu OneNote - res://D:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{097D05FB-A327-48FA-AEC0-770C50B87E85}: NameServer = 217.30.129.149 217.30.137.200
O17 - HKLM\System\CS1\Services\Tcpip\..\{097D05FB-A327-48FA-AEC0-770C50B87E85}: NameServer = 217.30.129.149 217.30.137.200
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - D:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_Tablet.exe
O23 - Service: Wacom Consumer Touch Service (TouchServicePen) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_TouchService.exe

--
End of file - 7022 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-299502267-725345543-839522115-1004Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-299502267-725345543-839522115-1004UA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-299502267-725345543-839522115-1006Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-299502267-725345543-839522115-1006UA.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Prezes\Dane aplikacji\Mozilla\Firefox\Profiles\gq0uzmt1.default

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=D:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=D:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.10]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files\TabletPlugins\npwacom.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@wacom.com/wtPlugin,version=2.0.0.1]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

D:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

D:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

D:\Program Files\Mozilla Firefox\searchplugins\
allegro-pl.xml
fbc-pl.xml
google.xml
merlin-pl.xml
pwn-pl.xml
wikipedia-pl.xml
wp-pl.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - D:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-11-11 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-11-11 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2003-10-08 57344]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-11-28 3744552]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
"LogMeIn Hamachi Ui"=D:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2011-08-15 1955208]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"BambooCore"=C:\Program Files\Bamboo Dock\BambooCore.exe [2011-09-27 646232]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-16 13529088]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-05-16 86016]
"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"UserFaultCheck"=C:\WINDOWS\system32\dumprep 0 -u []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Steam"=D:\Program Files\Steam\Steam.exe [2011-11-24 1242448]

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart
BDARemote.lnk - C:\Program Files\USB TV\EM28XX\BDARemote.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\Counter-Strike\hl.exe"="D:\Program Files\Counter-Strike\hl.exe:*:Enabled:Half-Life Launcher"
"D:\Program Files\uTorrent\uTorrent.exe"="D:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"D:\Program Files\Microsoft Games\Rise of Nations\thrones.exe"="D:\Program Files\Microsoft Games\Rise of Nations\thrones.exe:*:Enabled:Rise of Nations"
"D:\Program Files\Microsoft Games\Rise of Nations\patriots.exe"="D:\Program Files\Microsoft Games\Rise of Nations\patriots.exe:*:Enabled:Rise of Nations"
"D:\Program Files\Strogino CS Portal\Counter-Strike Source\hl2.exe"="D:\Program Files\Strogino CS Portal\Counter-Strike Source\hl2.exe:*:Enabled:hl2"
"D:\Program Files\Valve\hl.exe"="D:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"D:\Program Files\Steam\Steam.exe"="D:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"D:\Program Files\Gadu-Gadu 10\gg.exe"="D:\Program Files\Gadu-Gadu 10\gg.exe:*:Disabled:Gadu-Gadu 10"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Disabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Disabled:Uruchamia plik DLL jako aplikację"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"D:\Program Files\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe"="D:\Program Files\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe:*:Disabled:Stronghold Crusader"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Disabled:Microsoft DirectPlay Helper"
"D:\Program Files\Skype\Phone\Skype.exe"="D:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"D:\Program Files\Metinpirv\ForteMT2\Launcher.exe"="D:\Program Files\Metinpirv\ForteMT2\Launcher.exe:*:Disabled:Launcher"
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
"D:\Program Files\Microsoft Office\Office14\ONENOTE.EXE"="D:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"D:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE"="D:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"D:\Program Files\Steam\steamapps\byczekfgf\counter-strike\hl.exe"="D:\Program Files\Steam\steamapps\byczekfgf\counter-strike\hl.exe:*:Enabled:Counter-Strike"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"midi"=wdmaud.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"msacm.vorbis"=vorbis.acm
"midi2"=xgusb.cpl

======File associations======

.reg - open - "regedit.exe" "%1"

======List of files/folders created in the last 1 month======

2012-01-24 09:13:08 ----D---- C:\_OTL
2012-01-23 22:49:41 ----D---- C:\Program Files\CCleaner
2012-01-20 14:26:08 ----D---- C:\Program Files\Common Files\DESIGNER
2012-01-20 14:21:26 ----D---- C:\WINDOWS\SHELLNEW
2012-01-20 14:21:18 ----D---- C:\Program Files\Microsoft Analysis Services
2012-01-20 14:20:01 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help
2012-01-20 13:02:48 ----D---- C:\Program Files\trend micro
2012-01-20 13:02:46 ----D---- C:\rsit
2012-01-18 11:02:53 ----D---- C:\Documents and Settings\Prezes\Dane aplikacji\BabylonToolbar
2012-01-17 10:26:39 ----D---- C:\Documents and Settings\Prezes\Dane aplikacji\Notepad++
2012-01-16 20:58:16 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\FLEXnet
2012-01-16 20:46:16 ----D---- C:\Documents and Settings\Prezes\Dane aplikacji\Adobe
2012-01-16 20:43:13 ----D---- C:\Program Files\Common Files\Macrovision Shared
2012-01-16 18:13:03 ----SHD---- C:\Config.Msi
2012-01-08 18:42:09 ----ASH---- C:\hiberfil.sys
2012-01-08 18:40:47 ----D---- C:\WINDOWS\nview
2012-01-08 18:40:47 ----A---- C:\WINDOWS\system32\nvudisp.exe
2012-01-08 18:40:20 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2012-01-08 18:40:05 ----D---- C:\NVIDIA
2012-01-08 08:51:40 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\NVIDIA
2012-01-07 14:23:34 ----A---- C:\user.js
2012-01-07 14:23:33 ----D---- C:\Program Files\BabylonToolbar
2012-01-07 14:23:21 ----D---- C:\Documents and Settings\Prezes\Dane aplikacji\Babylon
2012-01-06 23:16:24 ----D---- C:\WINDOWS\RegisteredPackages
2012-01-06 23:15:50 ----A---- C:\WINDOWS\system32\psisdecd.dll
2012-01-06 23:15:50 ----A---- C:\WINDOWS\system32\drivers\wstcodec.sys
2012-01-06 23:15:50 ----A---- C:\WINDOWS\system32\drivers\streamip.sys
2012-01-06 23:15:50 ----A---- C:\WINDOWS\system32\drivers\slip.sys
2012-01-06 23:15:50 ----A---- C:\WINDOWS\system32\drivers\ndisip.sys
2012-01-06 23:15:50 ----A---- C:\WINDOWS\system32\drivers\nabtsfec.sys
2012-01-06 23:15:49 ----A---- C:\WINDOWS\system32\drivers\mstee.sys
2012-01-06 23:15:49 ----A---- C:\WINDOWS\system32\drivers\msdv.sys
2012-01-06 23:15:49 ----A---- C:\WINDOWS\system32\drivers\mpe.sys
2012-01-06 23:15:49 ----A---- C:\WINDOWS\system32\drivers\ccdecode.sys
2012-01-06 23:15:49 ----A---- C:\WINDOWS\system32\drivers\bdasup.sys
2012-01-06 23:15:45 ----A---- C:\WINDOWS\system32\dxdllreg.exe
2012-01-06 23:15:26 ----D---- C:\Program Files\USB TV
2012-01-06 23:13:34 ----D---- C:\Program Files\ATI Technologies
2012-01-06 15:36:18 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\PMB Files
2012-01-06 15:35:43 ----D---- C:\Program Files\Pando Networks
2012-01-06 13:01:47 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\AMMYY
2011-12-29 10:48:58 ----D---- C:\Documents and Settings\Prezes\Dane aplikacji\com.livebrush.2205ABAA7E8202CDC1251B1FA1E879364B7BAB52.1
2011-12-29 09:16:41 ----D---- C:\Documents and Settings\Prezes\Dane aplikacji\Ambient Design
2011-12-29 09:01:25 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Wacom
2011-12-29 09:00:48 ----D---- C:\Program Files\Bamboo Dock
2011-12-28 11:43:45 ----A---- C:\WINDOWS\system32\Pen_Touch_Tablet.dll
2011-12-28 11:43:36 ----D---- C:\Program Files\TabletPlugins
2011-12-28 11:43:25 ----A---- C:\WINDOWS\system32\drivers\wacommousefilter.sys
2011-12-28 11:43:13 ----A---- C:\WINDOWS\system32\drivers\wacomvhid.sys
2011-12-28 11:43:10 ----A---- C:\WINDOWS\system32\Wintab32.dll
2011-12-28 11:43:10 ----A---- C:\WINDOWS\system32\WacomMT.dll
2011-12-28 11:43:10 ----A---- C:\WINDOWS\system32\Pen_Tablet.dll
2011-12-28 11:43:06 ----D---- C:\Program Files\Tablet
2011-12-27 18:57:05 ----D---- C:\Documents and Settings\Prezes\Dane aplikacji\SYSTEMAX Software Development
2011-12-27 18:57:05 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\SYSTEMAX Software Development
2011-12-27 18:15:32 ----D---- C:\Documents and Settings\Prezes\Dane aplikacji\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1
2011-12-27 18:14:36 ----D---- C:\Documents and Settings\Prezes\Dane aplikacji\WTablet
2011-12-27 18:06:10 ----D---- C:\Documents and Settings\Prezes\Dane aplikacji\Wacom
2011-12-27 17:27:36 ----D---- C:\WINDOWS\Prefetch
2011-12-27 17:22:10 ----N---- C:\WINDOWS\system32\smtpapi.dll
2011-12-27 17:22:10 ----N---- C:\WINDOWS\system32\rwnh.dll
2011-12-27 17:22:10 ----N---- C:\WINDOWS\system32\drivers\irbus.sys
2011-12-27 17:22:10 ----N---- C:\WINDOWS\system32\comsdupd.exe
2011-12-27 17:22:08 ----N---- C:\WINDOWS\system32\ati3duag.dll
2011-12-27 17:22:08 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2011-12-27 17:22:08 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2011-12-27 17:22:08 ----N---- C:\WINDOWS\system32\aaclient.dll
2011-12-27 17:22:08 ----A---- C:\WINDOWS\system32\ati3d1ag.dll
2011-12-27 17:22:08 ----A---- C:\WINDOWS\system32\ati2dvaa.dll
2011-12-27 17:22:07 ----N---- C:\WINDOWS\system32\dot3ui.dll
2011-12-27 17:22:07 ----N---- C:\WINDOWS\system32\dot3svc.dll
2011-12-27 17:22:07 ----N---- C:\WINDOWS\system32\dot3msm.dll
2011-12-27 17:22:07 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2011-12-27 17:22:07 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2011-12-27 17:22:07 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2011-12-27 17:22:07 ----N---- C:\WINDOWS\system32\dot3api.dll
2011-12-27 17:22:07 ----N---- C:\WINDOWS\system32\dimsroam.dll
2011-12-27 17:22:07 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2011-12-27 17:22:07 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2011-12-27 17:22:07 ----N---- C:\WINDOWS\system32\credssp.dll
2011-12-27 17:22:07 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2011-12-27 17:22:07 ----N---- C:\WINDOWS\system32\azroles.dll
2011-12-27 17:22:07 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2011-12-27 17:22:07 ----A---- C:\WINDOWS\system32\ativtmxx.dll
2011-12-27 17:22:06 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2011-12-27 17:22:06 ----N---- C:\WINDOWS\system32\eapsvc.dll
2011-12-27 17:22:06 ----N---- C:\WINDOWS\system32\eapqec.dll
2011-12-27 17:22:06 ----N---- C:\WINDOWS\system32\eappprxy.dll
2011-12-27 17:22:06 ----N---- C:\WINDOWS\system32\eapphost.dll
2011-12-27 17:22:06 ----N---- C:\WINDOWS\system32\eappgnui.dll
2011-12-27 17:22:06 ----N---- C:\WINDOWS\system32\eappcfg.dll
2011-12-27 17:22:06 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2011-12-27 17:22:06 ----N---- C:\WINDOWS\system32\eapolqec.dll
2011-12-27 17:22:05 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2011-12-27 17:22:05 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2011-12-27 17:22:05 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2011-12-27 17:22:04 ----N---- C:\WINDOWS\system32\mmcperf.exe
2011-12-27 17:22:04 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2011-12-27 17:22:04 ----N---- C:\WINDOWS\system32\mmcex.dll
2011-12-27 17:22:04 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2011-12-27 17:22:04 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2011-12-27 17:22:04 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2011-12-27 17:22:04 ----N---- C:\WINDOWS\system32\kmsvc.dll
2011-12-27 17:22:04 ----N---- C:\WINDOWS\system32\kbdpash.dll
2011-12-27 17:22:03 ----N---- C:\WINDOWS\system32\qagent.dll
2011-12-27 17:22:03 ----N---- C:\WINDOWS\system32\onex.dll
2011-12-27 17:22:03 ----N---- C:\WINDOWS\system32\napstat.exe
2011-12-27 17:22:03 ----N---- C:\WINDOWS\system32\napmontr.dll
2011-12-27 17:22:03 ----N---- C:\WINDOWS\system32\napipsec.dll
2011-12-27 17:22:03 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2011-12-27 17:22:03 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2011-12-27 17:22:03 ----N---- C:\WINDOWS\system32\mssha.dll
2011-12-27 17:22:02 ----N---- C:\WINDOWS\system32\slserv.exe
2011-12-27 17:22:02 ----N---- C:\WINDOWS\system32\slrundll.exe
2011-12-27 17:22:02 ----N---- C:\WINDOWS\system32\slgen.dll
2011-12-27 17:22:02 ----N---- C:\WINDOWS\system32\slextspk.dll
2011-12-27 17:22:02 ----N---- C:\WINDOWS\system32\slcoinst.dll
2011-12-27 17:22:02 ----N---- C:\WINDOWS\system32\setupn.exe
2011-12-27 17:22:02 ----N---- C:\WINDOWS\system32\s3gnb.dll
2011-12-27 17:22:02 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2011-12-27 17:22:02 ----N---- C:\WINDOWS\system32\rasqec.dll
2011-12-27 17:22:02 ----N---- C:\WINDOWS\system32\qutil.dll
2011-12-27 17:22:02 ----N---- C:\WINDOWS\system32\qcliprov.dll
2011-12-27 17:22:02 ----N---- C:\WINDOWS\system32\qagentrt.dll
2011-12-27 17:22:01 ----N---- C:\WINDOWS\system32\xpsp3res.dll
2011-12-27 17:22:01 ----N---- C:\WINDOWS\system32\wlanapi.dll
2011-12-27 17:22:01 ----N---- C:\WINDOWS\system32\verclsid.exe
2011-12-27 17:22:01 ----N---- C:\WINDOWS\system32\tzchange.exe
2011-12-27 17:22:01 ----N---- C:\WINDOWS\system32\tspkg.dll
2011-12-27 17:22:01 ----N---- C:\WINDOWS\system32\tsgqec.dll
2011-12-27 17:22:00 ----N---- C:\WINDOWS\system32\xmllite.dll
2011-12-27 17:22:00 ----N---- C:\WINDOWS\slrundll.exe
2011-12-27 17:21:59 ----D---- C:\WINDOWS\l2schemas
2011-12-27 17:21:58 ----D---- C:\WINDOWS\system32\pl
2011-12-27 17:21:58 ----D---- C:\WINDOWS\system32\bits
2011-12-27 17:18:19 ----D---- C:\WINDOWS\ServicePackFiles
2011-12-27 17:15:12 ----N---- C:\WINDOWS\system32\drivers\adv11nt5.dll
2011-12-27 17:15:12 ----N---- C:\WINDOWS\system32\drivers\adv09nt5.dll
2011-12-27 17:15:12 ----N---- C:\WINDOWS\system32\drivers\adv08nt5.dll
2011-12-27 17:15:12 ----N---- C:\WINDOWS\system32\drivers\adv07nt5.dll
2011-12-27 17:15:12 ----N---- C:\WINDOWS\system32\drivers\adv05nt5.dll
2011-12-27 17:15:12 ----N---- C:\WINDOWS\system32\drivers\adv02nt5.dll
2011-12-27 17:15:12 ----N---- C:\WINDOWS\system32\drivers\adv01nt5.dll
2011-12-27 17:15:12 ----D---- C:\WINDOWS\network diagnostic
2011-12-27 17:15:11 ----N---- C:\WINDOWS\system32\drivers\ati1rvxx.sys
2011-12-27 17:15:11 ----N---- C:\WINDOWS\system32\drivers\ati1raxx.sys
2011-12-27 17:15:11 ----N---- C:\WINDOWS\system32\drivers\ati1pdxx.sys
2011-12-27 17:15:11 ----N---- C:\WINDOWS\system32\drivers\ati1mdxx.sys
2011-12-27 17:15:11 ----N---- C:\WINDOWS\system32\drivers\ati1btxx.sys
2011-12-27 17:15:11 ----N---- C:\WINDOWS\system32\drivers\amdagp.sys
2011-12-27 17:15:11 ----N---- C:\WINDOWS\system32\drivers\alim1541.sys
2011-12-27 17:15:11 ----N---- C:\WINDOWS\system32\drivers\agpcpq.sys
2011-12-27 17:15:11 ----N---- C:\WINDOWS\system32\drivers\agp440.sys
2011-12-27 17:15:10 ----N---- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2011-12-27 17:15:10 ----N---- C:\WINDOWS\system32\drivers\ati1xsxx.sys
2011-12-27 17:15:10 ----N---- C:\WINDOWS\system32\drivers\ati1xbxx.sys
2011-12-27 17:15:10 ----N---- C:\WINDOWS\system32\drivers\ati1tuxx.sys
2011-12-27 17:15:10 ----N---- C:\WINDOWS\system32\drivers\ati1ttxx.sys
2011-12-27 17:15:10 ----N---- C:\WINDOWS\system32\drivers\ati1snxx.sys
2011-12-27 17:15:10 ----A---- C:\WINDOWS\system32\drivers\ati2mtag.sys
2011-12-27 17:15:09 ----N---- C:\WINDOWS\system32\drivers\atinxbxx.sys
2011-12-27 17:15:09 ----N---- C:\WINDOWS\system32\drivers\atintuxx.sys
2011-12-27 17:15:09 ----N---- C:\WINDOWS\system32\drivers\atinttxx.sys
2011-12-27 17:15:09 ----N---- C:\WINDOWS\system32\drivers\atinsnxx.sys
2011-12-27 17:15:09 ----N---- C:\WINDOWS\system32\drivers\atinrvxx.sys
2011-12-27 17:15:09 ----N---- C:\WINDOWS\system32\drivers\atinraxx.sys
2011-12-27 17:15:09 ----N---- C:\WINDOWS\system32\drivers\atinpdxx.sys
2011-12-27 17:15:09 ----N---- C:\WINDOWS\system32\drivers\atinmdxx.sys
2011-12-27 17:15:09 ----N---- C:\WINDOWS\system32\drivers\atinbtxx.sys
2011-12-27 17:15:08 ----N---- C:\WINDOWS\system32\drivers\atv04nt5.dll
2011-12-27 17:15:08 ----N---- C:\WINDOWS\system32\drivers\atv02nt5.dll
2011-12-27 17:15:08 ----N---- C:\WINDOWS\system32\drivers\atv01nt5.dll
2011-12-27 17:15:08 ----N---- C:\WINDOWS\system32\drivers\atinxsxx.sys
2011-12-27 17:15:07 ----N---- C:\WINDOWS\system32\drivers\bthusb.sys
2011-12-27 17:15:07 ----N---- C:\WINDOWS\system32\drivers\bthprint.sys
2011-12-27 17:15:07 ----N---- C:\WINDOWS\system32\drivers\bthport.sys
2011-12-27 17:15:07 ----N---- C:\WINDOWS\system32\drivers\bthpan.sys
2011-12-27 17:15:07 ----N---- C:\WINDOWS\system32\drivers\bthmodem.sys
2011-12-27 17:15:07 ----N---- C:\WINDOWS\system32\drivers\bthenum.sys
2011-12-27 17:15:07 ----N---- C:\WINDOWS\system32\drivers\atv10nt5.dll
2011-12-27 17:15:07 ----N---- C:\WINDOWS\system32\drivers\atv06nt5.dll
2011-12-27 17:15:06 ----N---- C:\WINDOWS\system32\drivers\hsfcxts2.sys
2011-12-27 17:15:06 ----N---- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
2011-12-27 17:15:06 ----N---- C:\WINDOWS\system32\drivers\hidir.sys
2011-12-27 17:15:06 ----N---- C:\WINDOWS\system32\drivers\hidbth.sys
2011-12-27 17:15:06 ----N---- C:\WINDOWS\system32\drivers\hdaudbus.sys
2011-12-27 17:15:06 ----N---- C:\WINDOWS\system32\drivers\gagp30kx.sys
2011-12-27 17:15:06 ----N---- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
2011-12-27 17:15:05 ----N---- C:\WINDOWS\system32\drivers\mdmxsdk.sys
2011-12-27 17:15:05 ----N---- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2011-12-27 17:15:04 ----N---- C:\WINDOWS\system32\drivers\recagent.sys
2011-12-27 17:15:04 ----N---- C:\WINDOWS\system32\drivers\ntmtlfax.sys
2011-12-27 17:15:04 ----N---- C:\WINDOWS\system32\drivers\mutohpen.sys
2011-12-27 17:15:04 ----N---- C:\WINDOWS\system32\drivers\mtxparhm.sys
2011-12-27 17:15:04 ----N---- C:\WINDOWS\system32\drivers\mtlstrm.sys
2011-12-27 17:15:04 ----N---- C:\WINDOWS\system32\drivers\mtlmnt5.sys
2011-12-27 17:15:03 ----N---- C:\WINDOWS\system32\drivers\slnthal.sys
2011-12-27 17:15:03 ----N---- C:\WINDOWS\system32\drivers\slntamr.sys
2011-12-27 17:15:03 ----N---- C:\WINDOWS\system32\drivers\slnt7554.sys
2011-12-27 17:15:03 ----N---- C:\WINDOWS\system32\drivers\sisagp.sys
2011-12-27 17:15:03 ----N---- C:\WINDOWS\system32\drivers\siint5.dll
2011-12-27 17:15:03 ----N---- C:\WINDOWS\system32\drivers\sffp_mmc.sys
2011-12-27 17:15:03 ----N---- C:\WINDOWS\system32\drivers\s3gnbm.sys
2011-12-27 17:15:03 ----N---- C:\WINDOWS\system32\drivers\rndismpx.sys
2011-12-27 17:15:03 ----N---- C:\WINDOWS\system32\drivers\rfcomm.sys
2011-12-27 17:15:02 ----N---- C:\WINDOWS\system32\drivers\wadv07nt.sys
2011-12-27 17:15:02 ----N---- C:\WINDOWS\system32\drivers\wacompen.sys
2011-12-27 17:15:02 ----N---- C:\WINDOWS\system32\drivers\viaagp.sys
2011-12-27 17:15:02 ----N---- C:\WINDOWS\system32\drivers\vchnt5.dll
2011-12-27 17:15:02 ----N---- C:\WINDOWS\system32\drivers\usbvideo.sys
2011-12-27 17:15:02 ----N---- C:\WINDOWS\system32\drivers\usb8023x.sys
2011-12-27 17:15:02 ----N---- C:\WINDOWS\system32\drivers\uagp35.sys
2011-12-27 17:15:02 ----N---- C:\WINDOWS\system32\drivers\smbali.sys
2011-12-27 17:15:02 ----N---- C:\WINDOWS\system32\drivers\slwdmsup.sys
2011-12-27 17:15:01 ----N---- C:\WINDOWS\system32\drivers\watv10nt.sys
2011-12-27 17:15:01 ----N---- C:\WINDOWS\system32\drivers\watv06nt.sys
2011-12-27 17:15:01 ----N---- C:\WINDOWS\system32\drivers\wadv11nt.sys
2011-12-27 17:15:01 ----N---- C:\WINDOWS\system32\drivers\wadv09nt.sys
2011-12-27 17:15:01 ----N---- C:\WINDOWS\system32\drivers\wadv08nt.sys
2011-12-27 17:11:36 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$

======List of files/folders modified in the last 1 month======

2012-01-24 09:20:37 ----D---- C:\WINDOWS\Temp
2012-01-24 09:17:49 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-01-24 09:17:37 ----D---- C:\WINDOWS\system32
2012-01-24 09:17:37 ----D---- C:\WINDOWS
2012-01-24 09:16:08 ----D---- C:\WINDOWS\system32\drivers\etc
2012-01-24 09:15:49 ----D---- C:\WINDOWS\system32\CatRoot2
2012-01-24 09:13:12 ----RD---- C:\Program Files
2012-01-23 22:51:03 ----D---- C:\Documents and Settings\Prezes\Dane aplikacji\Media Player Classic
2012-01-23 22:50:59 ----D---- C:\WINDOWS\Minidump
2012-01-23 22:50:59 ----D---- C:\WINDOWS\Debug
2012-01-22 16:53:39 ----SD---- C:\WINDOWS\Tasks
2012-01-22 11:56:48 ----SHD---- C:\WINDOWS\Installer
2012-01-21 10:24:34 ----RSD---- C:\WINDOWS\assembly
2012-01-21 10:21:20 ----D---- C:\WINDOWS\Microsoft.NET
2012-01-20 14:33:35 ----SD---- C:\Documents and Settings\Prezes\Dane aplikacji\Microsoft
2012-01-20 14:29:01 ----D---- C:\WINDOWS\system32\config
2012-01-20 14:28:24 ----RSD---- C:\WINDOWS\Fonts
2012-01-20 14:27:43 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-01-20 14:26:08 ----D---- C:\Program Files\Common Files
2012-01-20 14:25:35 ----D---- C:\Program Files\Microsoft.NET
2012-01-20 14:23:25 ----SD---- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft
2012-01-20 14:22:37 ----A---- C:\WINDOWS\win.ini
2012-01-20 14:22:28 ----D---- C:\Program Files\Common Files\System
2012-01-20 14:20:07 ----HD---- C:\WINDOWS\inf
2012-01-20 14:06:29 ----D---- C:\WINDOWS\WinSxS
2012-01-18 12:47:10 ----D---- C:\Program Files\Common Files\Steam
2012-01-16 21:17:07 ----D---- C:\Program Files\Adobe
2012-01-16 20:54:25 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Adobe
2012-01-16 20:51:44 ----D---- C:\Program Files\Common Files\Adobe
2012-01-16 20:11:43 ----D---- C:\Documents and Settings\Prezes\Dane aplikacji\uTorrent
2012-01-16 19:28:09 ----D---- C:\Program Files\SpeedFan
2012-01-15 08:01:37 ----D---- C:\WINDOWS\system32\drivers
2012-01-08 18:40:48 ----D---- C:\WINDOWS\Help
2012-01-08 18:40:43 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-01-08 18:24:15 ----A---- C:\WINDOWS\WININIT.INI
2012-01-08 13:04:23 ----D---- C:\WINDOWS\system32\DirectX
2012-01-08 09:19:03 ----D---- C:\WINDOWS\system32\ReinstallBackups
2012-01-07 15:13:05 ----HD---- C:\Program Files\InstallShield Installation Information
2011-12-27 17:30:12 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-12-27 17:26:41 ----D---- C:\WINDOWS\system32\Setup
2011-12-27 17:26:41 ----D---- C:\WINDOWS\AppPatch
2011-12-27 17:26:40 ----D---- C:\WINDOWS\system32\wbem
2011-12-27 17:26:15 ----D---- C:\WINDOWS\security
2011-12-27 17:26:11 ----D---- C:\WINDOWS\system32\CatRoot
2011-12-27 17:22:27 ----D---- C:\Program Files\Messenger
2011-12-27 17:22:24 ----D---- C:\Program Files\Windows Media Player
2011-12-27 17:22:11 ----D---- C:\WINDOWS\ehome
2011-12-27 17:22:10 ----D---- C:\WINDOWS\system32\inetsrv
2011-12-27 17:22:10 ----D---- C:\WINDOWS\ime
2011-12-27 17:22:00 ----D---- C:\WINDOWS\system32\pl-PL
2011-12-27 17:21:59 ----D---- C:\WINDOWS\system32\usmt
2011-12-27 17:21:59 ----D---- C:\Program Files\Internet Explorer
2011-12-27 17:21:58 ----D---- C:\WINDOWS\PeerNet
2011-12-27 17:21:58 ----D---- C:\Program Files\Movie Maker
2011-12-27 17:18:04 ----D---- C:\WINDOWS\system32\Restore
2011-12-27 17:18:04 ----D---- C:\WINDOWS\system32\npp
2011-12-27 17:18:01 ----D---- C:\WINDOWS\msagent
2011-12-27 17:17:58 ----D---- C:\WINDOWS\srchasst
2011-12-27 17:17:57 ----D---- C:\Program Files\NetMeeting
2011-12-27 17:17:55 ----D---- C:\WINDOWS\system32\Com
2011-12-27 17:17:51 ----D---- C:\Program Files\Windows NT
2011-12-27 17:17:51 ----D---- C:\Program Files\Outlook Express
2011-12-27 17:17:21 ----D---- C:\WINDOWS\system32\oobe
2011-12-27 17:17:20 ----D---- C:\WINDOWS\system

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 giveio;giveio; C:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R0 nv_agp;NVIDIA nForce AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\nv_agp.sys [2002-09-06 13568]
R0 nvidesm;nvidesm; C:\WINDOWS\system32\drivers\nvidesm.sys [2002-11-13 20224]
R0 speedfan;speedfan; C:\WINDOWS\system32\speedfan.sys [2011-03-18 25240]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-11-28 30808]
R1 AmdK7;Sterownik procesora AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41856]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-11-28 34392]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-11-28 314456]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-11-28 52952]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2011-11-12 239168]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-11-28 20568]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-11-28 111320]
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2003-10-04 391552]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-10-09 475788]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 hidusb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Sterownik myszy HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-26 12160]
R3 ms_mpu401;Sterownik portu MIDI UART Microsoft MPU-401; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-16 6557408]
R3 NVENET;NVIDIA nForce MCP Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENET.sys [2002-11-27 80896]
R3 usbstor;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 wacommousefilter;Wacom Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\wacommousefilter.sys [2011-09-08 11312]
R3 wacomvhid;Wacom Virtual Hid Driver; C:\WINDOWS\system32\DRIVERS\wacomvhid.sys [2011-09-08 14120]
S3 GVCplDrv;GVCplDrv; C:\WINDOWS\system32\drivers\GVCplDrv.sys [2004-05-02 23040]
S3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Klasa PRINTER USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Sterownik skanera USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 YMIDUSB;Yamaha Corporation USB MIDI Driver; C:\WINDOWS\System32\Drivers\ymidusb.sys [2009-08-04 18560]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-11-28 44768]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; D:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2011-08-15 1361288]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-11-11 153376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-02-17 73728]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-16 159812]
R2 TabletServicePen;TabletServicePen; C:\Program Files\Tablet\Pen\Pen_Tablet.exe [2011-09-08 5554552]
R2 TouchServicePen;Wacom Consumer Touch Service; C:\Program Files\Tablet\Pen\Pen_TouchService.exe [2011-09-08 451960]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;„Usługa stanu ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-01-16 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2012-01-06 419624]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

[/log]
Gmer:
[log]GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-01-24 11:50:31
Windows 5.1.2600 Dodatek Service Pack 3 Harddisk0\DR0 -> \Device\Scsi\nvidesm1Port0Path1Target0Lun0 WDC_WD80 rev.77.0
Running: gmer.exe; Driver: C:\DOCUME~1\Prezes\USTAWI~1\Temp\pftcqkow.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwAllocateVirtualMemory [0xACE59510]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwClose [0xACE61452]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateKey [0xACE6130A]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwDeleteKey [0xACE61916]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwDeleteValueKey [0xACE6182C]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwDuplicateObject [0xACE60EDC]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwFreeVirtualMemory [0xACE595C0]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwOpenKey [0xACE613E6]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwOpenProcess [0xACE60E14]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwOpenThread [0xACE60E7C]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwProtectVirtualMemory [0xACE59658]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwQueryValueKey [0xACE6152E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwRenameKey [0xACE619E6]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwRestoreKey [0xACE614EA]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwSetValueKey [0xACE61672]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwAcceptConnectPort [0x8058FDF5]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwAccessCheck [0x805790F1]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwAccessCheckAndAuditAlarm [0x80587999]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwAccessCheckByType [0x80591130]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwAccessCheckByTypeAndAuditAlarm [0x8058DA83]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwAccessCheckByTypeResultList [0x8063807E]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwAccessCheckByTypeResultListAndAuditAlarm [0x8063A207]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwAccessCheckByTypeResultListAndAuditAlarmByHandle [0x8063A250]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwAddAtom [0x8057A6E4]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwAddBootEntry [0x80649047]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwAdjustGroupsToken [0x80637835]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwAdjustPrivilegesToken [0x8058D0A1]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwAlertResumeThread [0x8062F97C]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwAlertThread [0x8057ABCD]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwAllocateLocallyUniqueId [0x80588928]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwAllocateUserPhysicalPages [0x806268FF]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwAllocateUuids [0x805DD3C9]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwAreMappedFilesTheSame [0x805D9767]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwAssignProcessToJobObject [0x805A24BA]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwCallbackReturn [0x804E2CB4]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwCancelDeviceWakeupRequest [0x8064905B]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwCancelIoFile [0x805C9B06]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwCancelTimer [0x804ECFAC]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwClearEvent [0x8056966F]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwCloseObjectAuditAlarm [0x8058D50F]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwCompactKeys [0x8064E93C]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwCompareTokens [0x80589718]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwCompleteConnectPort [0x80590B3D]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwCompressKey [0x8064EBA9]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwConnectPort [0x805879EB]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwContinue [0x804E1FF2]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwCreateDebugObject [0x8065A054]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwCreateDirectoryObject [0x805A2882]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwCreateEvent [0x8056D57A]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwCreateEventPair [0x8064914C]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwCreateFile [0x8056CDC0]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwCreateIoCompletion [0x80591389]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwCreateJobObject [0x805AB1B0]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwCreateJobSet [0x8062FE27]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwCreateMailslotFile [0x805D9658]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwCreateMutant [0x80578037]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwCreateNamedPipeFile [0x80583F3F]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwCreatePagingFile [0x805BBDB7]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwCreatePort [0x805975B1]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwCreateProcess [0x805B135A]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwCreateProcessEx [0x8057FC60]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwCreateProfile [0x80649783]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwCreateSection [0x805652B3]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwCreateSemaphore [0x8057243B]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwCreateSymbolicLinkObject [0x8059F509]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwCreateThread [0x8058E63F]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwCreateTimer [0x8059E5E5]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwCreateToken [0x805A8B58]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwCreateWaitablePort [0x805DB124]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwDebugActiveProcess [0x8065B1CD]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwDebugContinue [0x8065B327]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwDelayExecution [0x80566410]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwDeleteAtom [0x80587485]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwDeleteFile [0x805D800B]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwDeleteObjectAuditAlarm [0x8063A2AB]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwDeviceIoControlFile [0x8058EFAD]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwDisplayString [0x805BEF81]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwDuplicateToken [0x8057CFE1]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwEnumerateKey [0x80570D64]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwEnumerateSystemEnvironmentValuesEx [0x80648AD3]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwEnumerateValueKey [0x8059066B]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwExtendSection [0x80625720]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwFilterToken [0x805B0B3E]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwFindAtom [0x805899A8]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwFlushBuffersFile [0x80587602]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwFlushInstructionCache [0x80577693]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwFlushKey [0x805DC590]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwFlushVirtualMemory [0x8059ACCC]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwFlushWriteBuffer [0x80627163]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwFreeUserPhysicalPages [0x80626CB4]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwFsControlFile [0x8057AAB5]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwGetContextThread [0x805E03F3]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwGetDevicePowerState [0x8062C163]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwGetPlugPlayEvent [0x8059FDB8]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwGetWriteWatch [0x8053B765]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwImpersonateAnonymousToken [0x805975D5]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwImpersonateClientOfPort [0x80589184]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwImpersonateThread [0x8057E637]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwInitializeRegistry [0x805A8064]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwInitiatePowerAction [0x8062BF2F]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwIsProcessInJob [0x8062FCDB]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwIsSystemResumeAutomatic [0x8062C14A]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwListenPort [0x805AA6F1]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwLoadDriver [0x805A3AF1]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwLoadKey [0x805AED5D]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwLoadKey2 [0x805AEB9A]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwLockFile [0x8058846B]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwLockProductActivationKeys [0x805B0D0E]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwLockRegistryKey [0x805D0ED7]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwLockVirtualMemory [0x805B0190]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwMakePermanentObject [0x8059F945]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwMakeTemporaryObject [0x8059F8C2]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwMapUserPhysicalPages [0x80625DEB]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwMapUserPhysicalPagesScatter [0x806262BF]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwMapViewOfSection [0x80573B61]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwNotifyChangeDirectoryFile [0x8058A944]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwNotifyChangeKey [0x8058A68D]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwNotifyChangeMultipleKeys [0x8058A756]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwOpenDirectoryObject [0x80590A36]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwOpenEvent [0x8057DCDD]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwOpenEventPair [0x8064923F]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwOpenFile [0x8056CD5B]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwOpenIoCompletion [0x80616783]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwOpenJobObject [0x8063007F]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwOpenMutant [0x805780E5]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwOpenObjectAuditAlarm [0x805953A9]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwOpenProcessToken [0x8056DEF5]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwOpenProcessTokenEx [0x8056E0EE]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwOpenSection [0x80570FD7]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwOpenSemaphore [0x8059EFC5]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwOpenSymbolicLinkObject [0x80590902]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwOpenThreadToken [0x8056D992]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwOpenThreadTokenEx [0x8056D903]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwOpenTimer [0x80649075]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwPlugPlayControl [0x805DB2E4]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwPowerInformation [0x8059C9C6]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwPrivilegeCheck [0x805DD99E]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwPrivilegeObjectAuditAlarm [0x805DD238]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwPrivilegedServiceAuditAlarm [0x805AA834]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwPulseEvent [0x805DB07C]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwQueryAttributesFile [0x805744B2]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwQueryDebugFilterState [0x804F7E4D]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwQueryDefaultLocale [0x80566B9E]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwQueryDefaultUILanguage [0x8057EA9D]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwQueryDirectoryFile [0x80572111]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwQueryDirectoryObject [0x805843A1]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwQueryEaFile [0x806169D0]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwQueryEvent [0x80590AB3]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwQueryFullAttributesFile [0x8057C810]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwQueryInformationAtom [0x805D76E8]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwQueryInformationFile [0x80572C6A]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwQueryInformationJobObject [0x805808A1]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwQueryInformationPort [0x806231E7]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwQueryInformationProcess [0x8056DB30]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwQueryInformationThread [0x8056BA87]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwQueryInformationToken [0x8056E65F]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwQueryInstallUILanguage [0x8057DE21]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwQueryIntervalProfile [0x80649C33]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwQueryIoCompletion [0x80616844]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwQueryKey [0x80570A6D]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwQueryMultipleValueKey [0x8064E320]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwQueryMutant [0x806495B8]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwQueryObject [0x8057F4A8]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwQueryOpenSubKeys [0x8064E529]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwQueryPerformanceCounter [0x80567348]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwQueryQuotaInformationFile [0x80617297]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwQuerySection [0x8057D4CC]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwQuerySecurityObject [0x805DD83E]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwQuerySemaphore [0x8064839B]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwQuerySymbolicLinkObject [0x80590773]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwQuerySystemEnvironmentValue [0x80648AFB]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwQuerySystemEnvironmentValueEx [0x80648AC0]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwQuerySystemInformation [0x8057BC36]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwQuerySystemTime [0x805911BA]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwQueryTimer [0x80587206]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwQueryTimerResolution [0x80584007]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwQueryVirtualMemory [0x8056E1EC]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwQueryVolumeInformationFile [0x8056D003]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwQueueApcThread [0x8059108B]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwRaiseException [0x804E203A]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwRaiseHardError [0x806480D7]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwReadFile [0x80574117]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwReadFileScatter [0x805DA82F]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwReadRequestData [0x805894C9]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwReadVirtualMemory [0x8057E2CE]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwRegisterThreadTerminatePort [0x8058ED8C]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwReleaseMutant [0x8056647B]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwReleaseSemaphore [0x80587EFE]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwRemoveIoCompletion [0x80566FA9]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwRemoveProcessDebug [0x8065B2A2]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwReplaceKey [0x8064F0FA]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwReplyPort [0x8057CCDA]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwReplyWaitReceivePort [0x8056B82E]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwReplyWaitReceivePortEx [0x8056B346]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwReplyWaitReplyPort [0x806232C6]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwRequestDeviceWakeup [0x8062C0D7]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwRequestPort [0x805DD5F4]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwRequestWaitReplyPort [0x80576CE6]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwRequestWakeupLatency [0x8062BED0]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwResetEvent [0x8059EB88]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwResetWriteWatch [0x8053BBFA]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwResumeProcess [0x8062F91C]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwResumeThread [0x8058ECB2]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwSaveKey [0x8064ED92]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwSaveKeyEx [0x8064EE7D]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwSaveMergedKeys [0x8064EFAA]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwSecureConnectPort [0x8058F4DE]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwSetContextThread [0x8062DCDF]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwSetDebugFilterState [0x8065CDEC]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwSetDefaultHardErrorPort [0x805D5657]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwSetDefaultLocale [0x805AE859]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwSetDefaultUILanguage [0x805AE800]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwSetEaFile [0x80616F1F]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwSetEvent [0x805696BE]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwSetEventBoostPriority [0x8057598E]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwSetHighEventPair [0x8064953F]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwSetHighWaitLowEventPair [0x8064945F]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwSetInformationDebugObject [0x8065AC43]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwSetInformationFile [0x8057494A]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwSetInformationJobObject [0x805AB304]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwSetInformationKey [0x8064DE83]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwSetInformationObject [0x8057DD53]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwSetInformationProcess [0x8056DC01]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwSetInformationThread [0x80575576]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwSetInformationToken [0x805A86F0]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwSetIntervalProfile [0x8064975F]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwSetIoCompletion [0x8056BD1B]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwSetLdtEntries [0x8062E9FF]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwSetLowEventPair [0x806494D3]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwSetLowWaitHighEventPair [0x806493EB]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwSetQuotaInformationFile [0x8061726D]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwSetSecurityObject [0x8059B19B]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwSetSystemEnvironmentValue [0x80648D98]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwSetSystemInformation [0x805A7BDD]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwSetSystemPowerState [0x8066768B]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwSetSystemTime [0x80647A21]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwSetThreadExecutionState [0x805E0162]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwSetTimer [0x804E579B]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwSetTimerResolution [0x805E07E8]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwSetUuidSeed [0x805AAA1B]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwSetVolumeInformationFile [0x806177B3]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwShutdownSystem [0x8064716B]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwSignalAndWaitForSingleObject [0x80517361]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwStartProfile [0x806499CA]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwStopProfile [0x80649B83]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwSuspendProcess [0x8062F8C1]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwSuspendThread [0x805E045E]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwSystemDebugControl [0x80649CE3]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwTerminateJobObject [0x806301F5]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwTerminateProcess [0x805822E0]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwTerminateThread [0x8057B885]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwTestAlert [0x8058E799]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwTraceEvent [0x80545B18]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwTranslateFilePath [0x80648AE7]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwUnloadDriver [0x80619BD6]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwUnloadKey [0x8064D9FA]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwUnloadKeyEx [0x8064DC23]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwUnlockFile [0x805885CB]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwUnlockVirtualMemory [0x806271D7]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwUnmapViewOfSection [0x805736E6]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwVdmControl [0x805B79B7]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwWaitForDebugEvent [0x8065A98E]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwWaitForMultipleObjects [0x805666E0]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwWaitForSingleObject [0x8056617C]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwWaitHighEventPair [0x8064937F]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwWaitLowEventPair [0x80649313]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwWriteFile [0x80574BF5]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwWriteFileGather [0x805DA465]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwWriteRequestData [0x805896B6]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwWriteVirtualMemory [0x8057E420]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwYieldExecution [0x804F0EA6]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwCreateKeyedEvent [0x805CBD8D]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwOpenKeyedEvent [0x8058162C]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwReleaseKeyedEvent [0x8064A157]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwWaitForKeyedEvent [0x8064A3F2]
SSDT \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) ZwQueryPortInformationProcess [0x8062D4BD]

---- Kernel code sections - GMER 1.0.15 ----

? \WINDOWS\system32\ntoskrnl.exe kernel module suspicious modification

Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0xACE6D7A2]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateSection [0xACE6D5CC]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwLoadDriver [0xACE6D700]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) NtCreateSection
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject

---- Kernel code sections - GMER 1.0.15 ----

.text ntoskrnl.exe! + 967 804DB03D 1 Byte [90]
.text ntoskrnl.exe! + 452 804DBAA2 18 Bytes [E0, 25, 7F, FF, FF, FF, 0F, ...]
.text ntoskrnl.exe! + 46A 804DBABA 1 Byte [00]
.text ntoskrnl.exe! + 2304 804DE8EA 1 Byte [06]
.text ntoskrnl.exe! + 5FA 804E26EC 4 Bytes [10, 95, E5, AC]
.text ...
.text ACPI.sys F75B8000 6 Bytes [FF, FF, FF, 5D, C2, 08]
.text ACPI.sys F75B8007 16 Bytes [CC, CC, CC, CC, CC, 8B, FF, ...]
.text ACPI.sys F75B8018 14 Bytes [74, 07, 8B, 40, 60, 80, 48, ...]
.text ACPI.sys F75B8027 14 Bytes [84, C0, 74, 15, 8B, 45, 10, ...]
.text ACPI.sys F75B8036 6 Bytes [FF, 70, 10, E8, 22, 01]
.text ...
.text ftdisk.sys F74D7547 3 Bytes [8F, 4D, F7]
.text ftdisk.sys F74D75D1 3 Bytes [8C, 4D, F7] {MOV WORD [EBP-0x9], CS}
.text ftdisk.sys F74D75E9 3 Bytes [8B, 4D, F7] {MOV ECX, [EBP-0x9]}
.text ftdisk.sys F74D75FF 3 Bytes [8B, 4D, F7] {MOV ECX, [EBP-0x9]}
.text ftdisk.sys F74D762E 3 Bytes [8A, 4D, F7] {MOV CL, [EBP-0x9]}
.text ...
.text dmio.sys F74C2000 6 Bytes [75, F4, 74, 03, 83, 20]
.text dmio.sys F74C2007 61 Bytes [8B, 01, 51, FF, 50, 20, 85, ...]
.text dmio.sys F74C2045 18 Bytes [CC, CC, CC, CC, CC, 8B, FF, ...]
.text dmio.sys F74C2058 17 Bytes [3C, 02, 8B, 75, 08, 8D, 5E, ...]
.text dmio.sys F74C206A 3 Bytes [C6, 86, 80]
.text ...
.text atapi.sys F74993DD 3 Bytes [44, 4A, F7]
.text atapi.sys F749941E 3 Bytes [44, 4A, F7]
.text atapi.sys F7499438 3 Bytes [44, 4A, F7]
.text atapi.sys F7499480 3 Bytes [4F, 4A, F7]
.text atapi.sys F7499497 3 Bytes [44, 4A, F7]
.text ...
.text SCSIPORT.SYS F748141C 3 Bytes [82, 48, F7]
.text SCSIPORT.SYS F74814ED 3 Bytes [82, 48, F7]
.text SCSIPORT.SYS F74815BE 3 Bytes [82, 48, F7]
.text SCSIPORT.SYS F748163D 3 Bytes [82, 48, F7]
.text SCSIPORT.SYS F7481669 3 Bytes [14, 48, F7]
.text ...
.text fltmgr.sys F74613E5 3 Bytes [91, 46, F7]
.text fltmgr.sys F74613F6 3 Bytes [C0, 46, F7]
.text fltmgr.sys F74614A0 3 Bytes [91, 46, F7]
.text fltmgr.sys F74614C3 3 Bytes [91, 46, F7]
.text fltmgr.sys F74614EA 3 Bytes [91, 46, F7]
.text ...
.text sr.sys F744F32B 3 Bytes [13, 45, F7] {ADC EAX, [EBP-0x9]}
.text sr.sys F744F344 3 Bytes [11, 45, F7] {ADC [EBP-0x9], EAX}
.text sr.sys F744F3C7 3 Bytes [FB, 44, F7]
.text sr.sys F744F417 3 Bytes [FB, 44, F7]
.text sr.sys F744F433 3 Bytes [13, 45, F7] {ADC EAX, [EBP-0x9]}
.text ...
.text KSecDD.sys F74383A2 3 Bytes [C3, 43, F7]
.text KSecDD.sys F74383A8 3 Bytes [AC, 43, F7]
.text KSecDD.sys F74383D5 3 Bytes [AC, 43, F7]
.text KSecDD.sys F74383DE 3 Bytes [AC, 43, F7]
.text KSecDD.sys F74383FD 3 Bytes [AC, 43, F7]
.text ...
.text Ntfs.sys F7B63000 2 Bytes [78, 04] {JS 0x6}
.text Ntfs.sys F7B63017 3 Bytes [83, 78, 04]
.text Ntfs.sys F7B6301B 19 Bytes [75, 44, 8D, 46, 04, 8B, 30, ...]
.text Ntfs.sys F7B6302F 10 Bytes [8B, 0F, 85, C9, 74, 13, 89, ...]
.text Ntfs.sys F7B6303A 11 Bytes [89, 45, D0, 89, 08, 89, 41, ...]
.text ...
PAGENPNP NDIS.sys!NdisIMCancelInitializeDeviceInstance + D F741C000 24 Bytes [66, 8B, 06, 66, 89, 45, F8, ...]
PAGENPNP NDIS.sys!NdisIMCancelInitializeDeviceInstance + 26 F741C019 5 Bytes [FF, 15, 50, 0E, 41]
PAGENPNP NDIS.sys!NdisIMCancelInitializeDeviceInstance + 2C F741C01F 9 Bytes [85, C0, 89, 45, FC, 75, 07, ...]
PAGENPNP NDIS.sys!NdisIMCancelInitializeDeviceInstance + 37 F741C02A 4 Bytes [C0, EB, 35, 6A]
PAGENPNP NDIS.sys!NdisIMCancelInitializeDeviceInstance + 3C F741C02F 10 Bytes [56, 8D, 45, F8, 50, FF, 15, ...]
PAGENPNP ...
PAGENPNP NDIS.sys!NdisIMGetBindingContext + 12 F741C07E 11 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGENPNP NDIS.sys!NdisIMInitializeDeviceInstance + 7 F741C08A 14 Bytes [FF, 75, 0C, FF, 75, 08, E8, ...]
PAGENPNP NDIS.sys!NdisIMInitializeDeviceInstance + 16 F741C099 54 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGENPNP NDIS.sys!NdisIMInitializeDeviceInstance + 4D F741C0D0 5 Bytes [32, C0, C9, C2, 10]
PAGENPNP NDIS.sys!NdisIMInitializeDeviceInstance + 53 F741C0D6 29 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGENPNP NDIS.sys!NdisIMInitializeDeviceInstance + 71 F741C0F4 35 Bytes [74, 2E, 83, F9, 01, 74, 08, ...]
PAGENPNP ...
PAGENPNP NDIS.sys!NdisImmediateReadPortUchar + 1B F741C2BB 31 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGENPNP NDIS.sys!NdisImmediateReadPortUshort + 1B F741C2DB 31 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGENPNP NDIS.sys!NdisImmediateReadPortUlong + 1B F741C2FB 40 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGENPNP NDIS.sys!NdisImmediateWritePortUchar + 24 F741C324 1 Byte [01]
PAGENPNP NDIS.sys!NdisImmediateWritePortUchar + 27 F741C327 3 Bytes [8B, B8, FC]
PAGENPNP NDIS.sys!NdisImmediateWritePortUchar + 2D F741C32D 65 Bytes CALL F741C09B NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
PAGENPNP NDIS.sys!NdisImmediateWritePortUchar + 6F F741C36F 24 Bytes [38, 5D, FC, 74, 0D, FF, 75, ...]
PAGENPNP NDIS.sys!NdisImmediateWritePortUchar + 88 F741C388 40 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGENPNP NDIS.sys!NdisImmediateWritePortUshort + 24 F741C3B1 1 Byte [01]
PAGENPNP NDIS.sys!NdisImmediateWritePortUshort + 27 F741C3B4 3 Bytes [8B, B8, FC]
PAGENPNP NDIS.sys!NdisImmediateWritePortUshort + 2D F741C3BA 65 Bytes CALL F741C09B NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
PAGENPNP NDIS.sys!NdisImmediateWritePortUshort + 6F F741C3FC 24 Bytes [38, 5D, FC, 74, 0D, FF, 75, ...]
PAGENPNP NDIS.sys!NdisImmediateWritePortUshort + 88 F741C415 40 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGENPNP NDIS.sys!NdisImmediateWritePortUlong + 24 F741C43E 1 Byte [01]
PAGENPNP NDIS.sys!NdisImmediateWritePortUlong + 27 F741C441 3 Bytes [8B, B8, FC]
PAGENPNP NDIS.sys!NdisImmediateWritePortUlong + 2D F741C447 65 Bytes CALL F741C09B NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
PAGENPNP NDIS.sys!NdisImmediateWritePortUlong + 6F F741C489 24 Bytes [38, 5D, FC, 74, 0D, FF, 75, ...]
PAGENPNP NDIS.sys!NdisImmediateWritePortUlong + 88 F741C4A2 54 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGENPNP ...
PAGENPNP NDIS.sys!NdisImmediateReadSharedMemory + 1C F741C594 11 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGENPNP NDIS.sys!NdisImmediateWriteSharedMemory + 7 F741C5A0 20 Bytes [FF, 75, 14, FF, 75, 10, FF, ...]
PAGENPNP NDIS.sys!NdisImmediateWriteSharedMemory + 1C F741C5B5 47 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGENPNP NDIS.sys!NdisOpenFile + 2B F741C5E5 13 Bytes [8B, F8, 3B, FB, 89, 7D, F0, ...]
PAGENPNP NDIS.sys!NdisOpenFile + 39 F741C5F3 1 Byte [9A]
PAGENPNP NDIS.sys!NdisOpenFile + 3C F741C5F6 4 Bytes JMP F741C748 NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
PAGENPNP NDIS.sys!NdisOpenFile + 42 F741C5FC 15 Bytes [56, 6A, 0F, 59, FF, 75, 14, ...]
PAGENPNP NDIS.sys!NdisOpenFile + 52 F741C60C 4 Bytes [BE, 50, C7, 41]
PAGENPNP ...
PAGENPNP NDIS.sys!NdisCloseFile + C F741C7A3 5 Bytes [57, 8B, 7D, 08, 6A]
PAGENPNP NDIS.sys!NdisCloseFile + 12 F741C7A9 5 Bytes [FF, 37, FF, D6, 6A]
PAGENPNP NDIS.sys!NdisCloseFile + 18 F741C7AF 8 Bytes [57, FF, D6, 5F, 5E, 5D, C2, ...]
PAGENPNP NDIS.sys!NdisCloseFile + 21 F741C7B8 23 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGENPNP NDIS.sys!NdisMapFile + 13 F741C7D0 1 Byte [1D]
PAGENPNP NDIS.sys!NdisMapFile + 13 F741C7D0 14 Bytes [1D, 00, 01, C0, EB, 11, 8B, ...]
PAGENPNP NDIS.sys!NdisMapFile + 22 F741C7DF 7 Bytes [89, 01, 8B, 45, 08, 83, 20]
PAGENPNP NDIS.sys!NdisMapFile + 2A F741C7E7 3 Bytes [5D, C2, 0C]
PAGENPNP NDIS.sys!NdisMapFile + 2E F741C7EB 16 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGENPNP NDIS.sys!NdisUnmapFile + C F741C7FC 3 Bytes [5D, C2, 04]
PAGENPNP NDIS.sys!NdisUnmapFile + 10 F741C800 15 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGENPNP NDIS.sys!NdisQueryMapRegisterCount + B F741C810 2 Bytes [B8, BB]
PAGENPNP NDIS.sys!NdisQueryMapRegisterCount + F F741C814 4 Bytes [C0, 5D, C2, 08] {RCR BYTE [EBP-0x3e], 0x8}
PAGENPNP NDIS.sys!NdisQueryMapRegisterCount + 14 F741C819 57 Bytes [90, 90, 90, 90, 90, 8B, 42, ...]
PAGENPNP NDIS.sys!NdisQueryMapRegisterCount + 4F F741C854 27 Bytes CALL F740C586 NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
PAGENPNP NDIS.sys!NdisQueryMapRegisterCount + 6B F741C870 12 Bytes CALL F740BD1A NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
PAGENPNP ...
PAGENPNP NDIS.sys!NdisCloseAdapter + C F741D64E 12 Bytes CALL F740BD1B NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
PAGENPNP NDIS.sys!NdisCloseAdapter + 19 F741D65B 7 Bytes [8B, CF, FF, 15, A8, 0B, 41]
PAGENPNP NDIS.sys!NdisCloseAdapter + 21 F741D663 5 Bytes [8B, 35, 58, 13, 41]
PAGENPNP NDIS.sys!NdisCloseAdapter + 27 F741D669 10 Bytes [EB, 0B, 3B, 75, 0C, 74, 0A, ...]
PAGENPNP NDIS.sys!NdisCloseAdapter + 34 F741D676 13 Bytes [85, F6, 75, F1, 8A, D0, 8B, ...]
PAGENPNP ...
PAGENPNP NDIS.sys!NdisDeregisterProtocol + F F741D830 12 Bytes CALL F740BD1B NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
PAGENPNP NDIS.sys!NdisDeregisterProtocol + 1C F741D83D 7 Bytes [8B, CF, FF, 15, A8, 0B, 41]
PAGENPNP NDIS.sys!NdisDeregisterProtocol + 24 F741D845 5 Bytes [8B, 35, 50, 13, 41]
PAGENPNP NDIS.sys!NdisDeregisterProtocol + 2A F741D84B 23 Bytes [EB, 08, 3B, 75, 0C, 74, 07, ...]
PAGENPNP NDIS.sys!NdisDeregisterProtocol + 42 F741D863 39 Bytes CALL F740BD38 NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
PAGENPNP ...
PAGENPNP NDIS.sys!NdisTerminateWrapper + 1F F741D90B 7 Bytes [85, C0, 74, 30, 80, 88, B4]
PAGENPNP NDIS.sys!NdisTerminateWrapper + 29 F741D915 4 Bytes [04, 83, 78, 04] {ADD AL, 0x83; JS 0x8}
PAGENPNP NDIS.sys!NdisTerminateWrapper + 2E F741D91A 4 Bytes [66, 8B, 88, B4]
PAGENPNP NDIS.sys!NdisTerminateWrapper + 35 F741D921 9 Bytes [75, 25, 84, ED, 78, 21, 83, ...]
PAGENPNP NDIS.sys!NdisTerminateWrapper + 3F F741D92B 8 Bytes [66, 83, C9, 10, 66, 89, 88, ...]
PAGENPNP ...
PAGENPNP NDIS.sys!NdisIMDeregisterLayeredMiniport + 3 F741D955 7 Bytes [90, 90, 90, 90, 90, C2, 10]
PAGENPNP NDIS.sys!NdisMDeregisterIoPortRange + 3 F741D95D 21 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGENPNP NDIS.sys!NdisMUnmapIoSpace + 11 F741D973 3 Bytes [5D, C2, 0C]
PAGENPNP NDIS.sys!NdisMUnmapIoSpace + 15 F741D977 72 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGENPNP NDIS.sys!NdisMRegisterDmaChannel + 46 F741D9C2 11 Bytes [89, 4D, E4, 8B, 4D, 10, 89, ...]
PAGENPNP NDIS.sys!NdisMRegisterDmaChannel + 52 F741D9CE 1 Byte [01]
PAGENPNP NDIS.sys!NdisMRegisterDmaChannel + 55 F741D9D1 39 Bytes [89, 4D, EC, 8B, 48, 04, 89, ...]
PAGENPNP NDIS.sys!NdisMRegisterDmaChannel + 7E F741D9FA 10 Bytes [43, 89, 4D, F4, 43, FF, 15, ...]
PAGENPNP NDIS.sys!NdisMRegisterDmaChannel + 89 F741DA05 8 Bytes [85, C0, 89, 45, 0C, 0F, 84, ...]
PAGENPNP ...
PAGENPNP NDIS.sys!NdisMDeregisterAdapterShutdownHandler + 10 F741DB24 11 Bytes [74, 0E, 8D, 46, 08, 50, FF, ...]
PAGENPNP NDIS.sys!NdisMDeregisterAdapterShutdownHandler + 1C F741DB30 3 Bytes [83, 66, 04]
PAGENPNP NDIS.sys!NdisMDeregisterAdapterShutdownHandler + 20 F741DB34 4 Bytes [5E, 5D, C2, 04]
PAGENPNP NDIS.sys!NdisMDeregisterAdapterShutdownHandler + 25 F741DB39 15 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGENPNP NDIS.sys!NdisMPciAssignResources + B F741DB49 1 Byte [01]
PAGENPNP NDIS.sys!NdisMPciAssignResources + E F741DB4C 7 Bytes [05, 75, 16, 8B, 80, E4, 01] {ADD EAX, 0x808b1675; IN AL, 0x1}
PAGENPNP NDIS.sys!NdisMPciAssignResources + 17 F741DB55 21 Bytes [85, C0, 74, 0C, 8B, 4D, 10, ...]
PAGENPNP NDIS.sys!NdisMPciAssignResources + 2D F741DB6B 2 Bytes [B8, 01]
PAGENPNP NDIS.sys!NdisMPciAssignResources + 31 F741DB6F 4 Bytes [C0, 5D, C2, 0C] {RCR BYTE [EBP-0x3e], 0xc}
PAGENPNP ...
PAGENPNP NDIS.sys!NdisMGetDmaAlignment + A F741DEC5 1 Byte [04]
PAGENPNP NDIS.sys!NdisMGetDmaAlignment + D F741DEC8 2 Bytes [83, 38]
PAGENPNP NDIS.sys!NdisMGetDmaAlignment + 10 F741DECB 3 Bytes [74, 0B, 8B]
PAGENPNP NDIS.sys!NdisMGetDmaAlignment + 14 F741DECF 14 Bytes [8B, 48, 04, 50, FF, 51, 24, ...]
PAGENPNP NDIS.sys!NdisMGetDmaAlignment + 23 F741DEDE 23 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGENPNP NDIS.sys!NdisIMDeInitializeDeviceInstance + 14 F741DEF7 2 Bytes [BB, 01]
PAGENPNP NDIS.sys!NdisIMDeInitializeDeviceInstance + 18 F741DEFB 13 Bytes CALL F740BCE8 NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
PAGENPNP NDIS.sys!NdisIMDeInitializeDeviceInstance + 28 F741DF0B 9 Bytes CALL F740B485 NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
PAGENPNP NDIS.sys!NdisIMDeInitializeDeviceInstance + 33 F741DF16 6 Bytes [33, D2, C7, 86, DC, 02]
PAGENPNP NDIS.sys!NdisIMDeInitializeDeviceInstance + 3B F741DF1E 1 Byte [03]
PAGENPNP ...
PAGENPNP NDIS.sys!NdisMDeregisterDmaChannel + 13 F741DF9E 14 Bytes CALL F740BD1C NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
PAGENPNP NDIS.sys!NdisMDeregisterDmaChannel + 22 F741DFAD 26 Bytes [88, 45, 0B, 8B, 46, 14, 8B, ...]
PAGENPNP NDIS.sys!NdisMDeregisterDmaChannel + 3D F741DFC8 14 Bytes CALL F740F6F3 NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
PAGENPNP NDIS.sys!NdisMDeregisterDmaChannel + 4C F741DFD7 6 Bytes [56, FF, 15, 58, 0E, 41]
PAGENPNP NDIS.sys!NdisMDeregisterDmaChannel + 53 F741DFDE 6 Bytes [5F, 5E, 5B, 5D, C2, 04]
PAGENPNP ...
PAGENPNP NDIS.sys!NdisMFreeMapRegisters + C F741DFF6 15 Bytes CALL F740BD1E NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
PAGENPNP NDIS.sys!NdisMFreeMapRegisters + 1E F741E008 7 Bytes [53, 33, DB, 39, 9E, 14, 01]
PAGENPNP NDIS.sys!NdisMFreeMapRegisters + 27 F741E011 4 Bytes [74, 7A, 8B, 86]
PAGENPNP NDIS.sys!NdisMFreeMapRegisters + 2C F741E016 1 Byte [04]
PAGENPNP NDIS.sys!NdisMFreeMapRegisters + 2F F741E019 11 Bytes [8B, 40, 04, 8B, 40, 1C, 57, ...]
PAGENPNP ...
PAGENPNP NDIS.sys!NdisReadEisaSlotInformation + A F741E13E 1 Byte [BB]
PAGENPNP NDIS.sys!NdisReadEisaSlotInformation + D F741E141 4 Bytes [C0, 5D, C2, 10] {RCR BYTE [EBP-0x3e], 0x10}
PAGENPNP NDIS.sys!NdisReadEisaSlotInformation + 12 F741E146 14 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGENPNP NDIS.sys!NdisReadEisaSlotInformationEx + A F741E155 1 Byte [BB]
PAGENPNP NDIS.sys!NdisReadEisaSlotInformationEx + D F741E158 4 Bytes [C0, 5D, C2, 14] {RCR BYTE [EBP-0x3e], 0x14}
PAGENPNP NDIS.sys!NdisReadEisaSlotInformationEx + 12 F741E15D 19 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGENPNP NDIS.sys!NdisImmediateReadPciSlotInformation + F F741E171 13 Bytes [FF, 75, 18, FF, 75, 14, FF, ...]
PAGENPNP NDIS.sys!NdisImmediateReadPciSlotInformation + 1E F741E180 3 Bytes [5D, C2, 14]
PAGENPNP NDIS.sys!NdisImmediateReadPciSlotInformation + 22 F741E184 17 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGENPNP NDIS.sys!NdisImmediateWritePciSlotInformation + D F741E196 1 Byte [6A]
PAGENPNP NDIS.sys!NdisImmediateWritePciSlotInformation + D F741E196 15 Bytes [6A, 00, FF, 75, 18, FF, 75, ...]
PAGENPNP NDIS.sys!NdisImmediateWritePciSlotInformation + 1E F741E1A7 3 Bytes [5D, C2, 14]
PAGENPNP NDIS.sys!NdisImmediateWritePciSlotInformation + 22 F741E1AB 20 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGENPNP NDIS.sys!NdisImmediateWritePciSlotInformation + 38 F741E1C1 22 Bytes [83, C9, FF, F0, 0F, C1, 08, ...]
PAGENPNP ...
PAGENPNP NDIS.sys!NdisMDeregisterInterrupt + C F741E212 14 Bytes CALL F741E1AD NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
PAGENPNP NDIS.sys!NdisMDeregisterInterrupt + 1B F741E221 4 Bytes [5E, 5D, C2, 04]
PAGENPNP NDIS.sys!NdisMDeregisterInterrupt + 20 F741E226 20 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGENPNP NDIS.sys!NdisMDeregisterInterrupt + 36 F741E23C 8 Bytes [33, DB, 53, FF, 15, 50, 0E, ...]
PAGENPNP NDIS.sys!NdisMDeregisterInterrupt + 3F F741E245 16 Bytes [8B, F0, 3B, F3, 8B, 45, 18, ...]
PAGENPNP ...
PAGENPNP NDIS.sys!NdisIMNotifyPnPEvent + 2D F741E609 20 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGENPNP NDIS.sys!NdisIMNotifyPnPEvent + 42 F741E61E 17 Bytes CALL F740BD1C NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
PAGENPNP NDIS.sys!NdisIMNotifyPnPEvent + 54 F741E630 8 Bytes [88, 45, FF, FF, 15, 38, 0E, ...]
PAGENPNP NDIS.sys!NdisIMNotifyPnPEvent + 5D F741E639 4 Bytes [89, 86, 1C, 01]
PAGENPNP NDIS.sys!NdisIMNotifyPnPEvent + 63 F741E63F 4 Bytes [8D, 86, CC, 02]
PAGENPNP ...
PAGENDSP NDIS.sys!NdisReturnPackets + 10 F7420820 14 Bytes [88, 45, FE, 33, C0, 39, 45, ...]
PAGENDSP NDIS.sys!NdisReturnPackets + 21 F7420831 17 Bytes [53, 56, 57, 8B, 4D, 08, 8B, ...]
PAGENDSP NDIS.sys!NdisReturnPackets + 33 F7420843 5 Bytes [3B, C1, C6, 45, FF]
PAGENDSP NDIS.sys!NdisReturnPackets + 39 F7420849 4 Bytes [0F, 83, 2C, 07]
PAGENDSP NDIS.sys!NdisReturnPackets + 3F F742084F 36 Bytes [2B, C1, 8D, 04, 40, 8D, 5C, ...]
PAGENDSP ...
PAGENDSP NDIS.sys!NdisRequest + 18 F7420993 32 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGENDSP NDIS.sys!NdisRequest + 39 F74209B4 5 Bytes [8B, 1D, 38, 0E, 41]
PAGENDSP NDIS.sys!NdisRequest + 3F F74209BA 12 Bytes [88, 45, FF, FF, D3, 8B, 55, ...]
PAGENDSP NDIS.sys!NdisRequest + 4D F74209C8 4 Bytes [C7, 86, 50, 04]
PAGENDSP NDIS.sys!NdisRequest + 53 F74209CE 1 Byte [3C]
PAGENDSP ...
PAGENDSP NDIS.sys!NdisGetReceivedPacket + 16 F7420F30 8 Bytes [8B, 55, 0C, 39, 94, 81, 28, ...]
PAGENDSP NDIS.sys!NdisGetReceivedPacket + 20 F7420F3A 20 Bytes [75, 0C, 85, D2, 74, 08, 0F, ...]
PAGENDSP NDIS.sys!NdisGetReceivedPacket + 35 F7420F4F 5 Bytes [FF, 15, 88, 0B, 41]
PAGENDSP NDIS.sys!NdisGetReceivedPacket + 3B F7420F55 13 Bytes JMP F7420E7C NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
PAGENDSP NDIS.sys!NdisGetReceivedPacket + 4A F7420F64 17 Bytes [83, C9, FF, F0, 0F, C1, 08, ...]
PAGENDSP ...
PAGENDSP NDIS.sys!NdisOpenProtocolConfiguration + 19 F7420FB2 2 Bytes [56, 6A]
PAGENDSP NDIS.sys!NdisOpenProtocolConfiguration + 1C F7420FB5 5 Bytes [FF, 15, 50, 0E, 41]
PAGENDSP NDIS.sys!NdisOpenProtocolConfiguration + 22 F7420FBB 16 Bytes [8B, 4D, 08, 8B, D0, F7, D8, ...]
PAGENDSP NDIS.sys!NdisOpenProtocolConfiguration + 34 F7420FCD 7 Bytes [C0, 89, 01, 0F, 85, A8, 09] {ROR BYTE [ECX-0x577af0ff], 0x9}
PAGENDSP NDIS.sys!NdisOpenProtocolConfiguration + 3D F7420FD6 50 Bytes JMP 830242DD
PAGENDSP ...
PAGENDSP NDIS.sys!NdisQueryAdapterInstanceName + 12 F742109A 6 Bytes [85, C0, C7, 45, FC, 01]
PAGENDSP NDIS.sys!NdisQueryAdapterInstanceName + 1A F74210A2 23 Bytes [C0, 89, 45, 0C, 74, 59, 53, ...]
PAGENDSP NDIS.sys!NdisQueryAdapterInstanceName + 32 F74210BA 5 Bytes [FF, 15, 50, 0E, 41]
PAGENDSP NDIS.sys!NdisQueryAdapterInstanceName + 38 F74210C0 8 Bytes [8B, D8, 85, DB, 0F, 84, BF, ...]
PAGENDSP NDIS.sys!NdisQueryAdapterInstanceName + 42 F74210CA 29 Bytes [FF, 75, 0C, 8B, CF, 8B, D1, ...]
PAGENDSP ...
PAGENDSP NDIS.sys!NdisSetPacketPoolProtocolId + 2D F7421144 33 Bytes [8D, 04, 40, 8D, 44, C6, 08, ...]
PAGENDSP NDIS.sys!NdisSetPacketPoolProtocolId + 4F F7421166 36 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGENDSP NDIS.sys!NdisReEnumerateProtocolBindings + 20 F742118B 27 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGENDSP NDIS.sys!NdisGetDriverHandle + 17 F74211A7 8 Bytes [8D, 4E, 30, FF, 15, 30, 0E, ...]
PAGENDSP NDIS.sys!NdisGetDriverHandle + 20 F74211B0 5 Bytes [FF, 15, 38, 0E, 41]
PAGENDSP NDIS.sys!NdisGetDriverHandle + 26 F74211B6 3 Bytes [80, 7E, 2D]
PAGENDSP NDIS.sys!NdisGetDriverHandle + 2A F74211BA 4 Bytes [89, 86, 1C, 01]
PAGENDSP NDIS.sys!NdisGetDriverHandle + 30 F74211C0 4 Bytes [C7, 86, 50, 04]
PAGENDSP ...
PAGENDSP NDIS.sys!NdisMSendComplete + B F7421BDF 29 Bytes [53, 57, 8B, 7D, 0C, 8B, 47, ...]
PAGENDSP NDIS.sys!NdisMSendComplete + 29 F7421BFD 7 Bytes [8B, 5D, 0C, 8B, 43, 08, 25]
PAGENDSP NDIS.sys!NdisMSendComplete + 31 F7421C05 4 Bytes [FF, FF, FF, 3D]
PAGENDSP NDIS.sys!NdisMSendComplete + 36 F7421C0A 7 Bytes [43, 4F, 4D, 0F, 84, 26, 01]
PAGENDSP NDIS.sys!NdisMSendComplete + 3F F7421C13 9 Bytes [8A, 47, 1D, A8, 10, 0F, 84, ...]
PAGENDSP ...
PAGENDSP NDIS.sys!NdisMTransferDataComplete + C F7421F61 19 Bytes [53, 56, 57, 8B, 7D, 0C, 8D, ...]
PAGENDSP NDIS.sys!NdisMTransferDataComplete + 20 F7421F75 26 Bytes [73, 1B, 6A, 03, 33, D2, 5E, ...]
PAGENDSP NDIS.sys!NdisMTransferDataComplete + 3B F7421F90 19 Bytes [EB, 02, 33, F6, 85, F6, 74, ...]
PAGENDSP NDIS.sys!NdisMTransferDataComplete + 50 F7421FA5 1 Byte [04]
PAGENDSP NDIS.sys!NdisMTransferDataComplete + 50 F7421FA5 14 Bytes [04, 00, 85, 58, 3C, 74, 0B, ...]
PAGENDSP ...
PAGENDSP NDIS.sys!NdisMWanSendComplete + 14 F7422292 9 Bytes [74, 0B, B1, 02, FF, 15, 84, ...]
PAGENDSP NDIS.sys!NdisMWanSendComplete + 1E F742229C 8 Bytes [88, 45, FF, 8B, 1D, 30, 0E, ...]
PAGENDSP NDIS.sys!NdisMWanSendComplete + 27 F74222A5 10 Bytes [8D, 4E, 30, FF, D3, FF, 15, ...]
PAGENDSP NDIS.sys!NdisMWanSendComplete + 32 F74222B0 7 Bytes [8B, 7E, 1C, 89, 86, 1C, 01]
PAGENDSP NDIS.sys!NdisMWanSendComplete + 3B F74222B9 4 Bytes [C7, 86, 50, 04]
PAGENDSP ...
PAGENDSP NDIS.sys!NdisSetProtocolFilter + A F7423887 1 Byte [BB]
PAGENDSP NDIS.sys!NdisSetProtocolFilter + D F742388A 4 Bytes [C0, 5D, C2, 20] {RCR BYTE [EBP-0x3e], 0x20}
PAGENDSP NDIS.sys!NdisSetProtocolFilter + 12 F742388F 14 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGENDSP NDIS.sys!NdisWriteEventLogEntry + A F742389E 4 Bytes [66, 83, 7D, 14]
PAGENDSP NDIS.sys!NdisWriteEventLogEntry + F F74238A3 26 Bytes [53, 56, 57, 76, 21, 8B, 4D, ...]
PAGENDSP NDIS.sys!NdisWriteEventLogEntry + 2A F74238BE 40 Bytes [75, F6, 01, 55, FC, 83, C1, ...]
PAGENDSP NDIS.sys!NdisWriteEventLogEntry + 53 F74238E7 4 Bytes [01, C0, E9, 8C]
PAGENDSP NDIS.sys!NdisWriteEventLogEntry + 5A F74238EE 22 Bytes [83, F8, 04, 76, 05, 83, C0, ...]
PAGENDSP ...
PAGENDSP NDIS.sys!NdisSend + 18 F742399E 26 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGENDSP NDIS.sys!NdisSendPackets + 16 F74239B9 40 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGENDSP NDIS.sys!NdisTransferData + 24 F74239E2 20 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGENDSP NDIS.sys!NdisReset + 10 F74239F7 18 Bytes [01, 80, 8B, 41, 58, 85, C0, ...]
PAGENDSP NDIS.sys!NdisReset + 23 F7423A0A 30 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGENDSP NDIS.sys!NdisReset + 42 F7423A29 28 Bytes [8D, 51, FC, 8B, 02, 3B, C7, ...]
PAGENDSP NDIS.sys!NdisReset + 5F F7423A46 23 Bytes [83, C8, FF, F0, 0F, C1, 02, ...]
PAGENDSP NDIS.sys!NdisReset + 78 F7423A5F 17 Bytes [83, C9, FF, F0, 0F, C1, 08, ...]
PAGENDSP ...
PAGENDSP NDIS.sys!NdisCompletePnPEvent + D F7423DAA 1 Byte [6A]
PAGENDSP NDIS.sys!NdisCompletePnPEvent + D F7423DAA 13 Bytes [6A, 00, FF, 70, 0C, 89, 48, ...]
PAGENDSP NDIS.sys!NdisCompletePnPEvent + 1B F7423DB8 3 Bytes [5D, C2, 0C]
PAGENDSM NDIS.sys!NdisCompletePnPEvent + 63 F7423E00 36 Bytes [90, 90, 90, 90, 90, 90, 90, ...]
PAGENDSM NDIS.sys!NdisCompletePnPEvent + 88 F7423E25 8 Bytes [F6, 40, 3C, 01, 0F, 85, 31, ...]
PAGENDSM ...
PAGENDSM NDIS.sys!NdisMSetTimer + 2C F7423EF6 8 Bytes [02, 89, 55, FC, 0F, 85, 54, ...]
PAGENDSM NDIS.sys!NdisMSetTimer + 36 F7423F00 14 Bytes [8D, 46, 28, 50, FF, 75, FC, ...]
PAGENDSM NDIS.sys!NdisMSetTimer + 45 F7423F0F 5 Bytes [5E, 5B, C9, C2, 08]
PAGENDSM NDIS.sys!NdisMSetTimer + 4B F7423F15 25 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGENDSM NDIS.sys!NdisMSetTimer + 67 F7423F31 14 Bytes CALL F740B485 NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
PAGENDSM ...
PAGENDSM NDIS.sys!NdisMQueryInformationComplete + 1C F74248B4 8 Bytes [88, 45, 0B, FF, 15, 38, 0E, ...]
PAGENDSM NDIS.sys!NdisMQueryInformationComplete + 25 F74248BD 12 Bytes [8B, 55, 0C, 33, DB, 53, 8B, ...]
PAGENDSM NDIS.sys!NdisMQueryInformationComplete + 33 F74248CB 4 Bytes [C7, 86, 50, 04]
PAGENDSM NDIS.sys!NdisMQueryInformationComplete + 39 F74248D1 3 Bytes [9E, 0A, 0C]
PAGENDSM NDIS.sys!NdisMQueryInformationComplete + 3D F74248D5 9 Bytes CALL F7424089 NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
PAGENDSM ...
PAGENDSM NDIS.sys!NdisMSetInformationComplete + 1C F7424C90 8 Bytes [88, 45, 0B, FF, 15, 38, 0E, ...]
PAGENDSM NDIS.sys!NdisMSetInformationComplete + 25 F7424C99 12 Bytes [8B, 55, 0C, 33, DB, 53, 8B, ...]
PAGENDSM NDIS.sys!NdisMSetInformationComplete + 33 F7424CA7 4 Bytes [C7, 86, 50, 04]
PAGENDSM NDIS.sys!NdisMSetInformationComplete + 39 F7424CAD 3 Bytes [57, 03, 0C]
PAGENDSM NDIS.sys!NdisMSetInformationComplete + 3D F7424CB1 9 Bytes CALL F7424A92 NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
PAGENDSM ...
PAGENDSM NDIS.sys!NdisMSetPeriodicTimer + 28 F7425738 9 Bytes [89, 55, FC, 74, 1A, 3D, 6F, ...]
PAGENDSM NDIS.sys!NdisMSetPeriodicTimer + 32 F7425742 11 Bytes [74, 13, 8B, 46, 50, 8B, 48, ...]
PAGENDSM NDIS.sys!NdisMSetPeriodicTimer + 40 F7425750 5 Bytes [02, 0F, 85, 86, 09]
PAGENDSM NDIS.sys!NdisMSetPeriodicTimer + 47 F7425757 17 Bytes [8D, 46, 28, 50, FF, 75, 0C, ...]
PAGENDSM NDIS.sys!NdisMSetPeriodicTimer + 59 F7425769 5 Bytes [5E, 5B, C9, C2, 08]
PAGENDSM ...
PAGENDSM NDIS.sys!NdisMCreateLog + 1D F7425791 8 Bytes [88, 45, 0B, FF, 15, 38, 0E, ...]
PAGENDSM NDIS.sys!NdisMCreateLog + 26 F742579A 4 Bytes [39, 9F, DC, 01]
PAGENDSM NDIS.sys!NdisMCreateLog + 2C F74257A0 4 Bytes [89, 87, 1C, 01]
PAGENDSM NDIS.sys!NdisMCreateLog + 32 F74257A6 4 Bytes [C7, 87, 50, 04]
PAGENDSM NDIS.sys!NdisMCreateLog + 38 F74257AC 3 Bytes [A2, 01, 0D]
PAGENDSM ...
PAGENDSM NDIS.sys!NdisMIndicateStatus + 11 F7425A00 5 Bytes [01, 40, C6, 45, FD] {ADD [EAX-0x3a], EAX; INC EBP; STD }
PAGENDSM NDIS.sys!NdisMIndicateStatus + 17 F7425A06 3 Bytes [C6, 45, FE]
PAGENDSM NDIS.sys!NdisMIndicateStatus + 1B F7425A0A 6 Bytes [89, 7D, F0, C6, 45, FF]
PAGENDSM NDIS.sys!NdisMIndicateStatus + 22 F7425A11 4 Bytes [0F, 84, 81, 01]
PAGENDSM NDIS.sys!NdisMIndicateStatus + 28 F7425A17 4 Bytes [81, 7D, 0C, 0C]
PAGENDSM ...
PAGENDSM NDIS.sys!NdisMIndicateStatusComplete + 1A F7425C47 5 Bytes [8B, 1D, 38, 0E, 41]
PAGENDSM NDIS.sys!NdisMIndicateStatusComplete + 20 F7425C4D 12 Bytes [88, 45, 0B, FF, D3, 8B, 7E, ...]
PAGENDSM NDIS.sys!NdisMIndicateStatusComplete + 2E F7425C5B 4 Bytes [C7, 86, 50, 04]
PAGENDSM NDIS.sys!NdisMIndicateStatusComplete + 34 F7425C61 3 Bytes [A2, 0C, 0B]
PAGENDSM NDIS.sys!NdisMIndicateStatusComplete + 38 F7425C65 14 Bytes [85, FF, 75, 1F, 8A, 55, 0B, ...]
PAGENDSM ...
PAGENDSM NDIS.sys!NdisMSendResourcesAvailable + 11 F74279C8 15 Bytes [74, 45, 53, 8D, 4E, 30, 57, ...]
PAGENDSM NDIS.sys!NdisMSendResourcesAvailable + 21 F74279D8 4 Bytes [8D, BE, 1C, 01]
PAGENDSM NDIS.sys!NdisMSendResourcesAvailable + 27 F74279DE 5 Bytes [FF, 15, 38, 0E, 41]
PAGENDSM NDIS.sys!NdisMSendResourcesAvailable + 2D F74279E4 6 Bytes [33, D2, 8D, 9E, 50, 04]
PAGENDSM NDIS.sys!NdisMSendResourcesAvailable + 35 F74279EC 1 Byte [6A]
PAGENDSM ...
PAGENDSM NDIS.sys!NdisMStartBufferPhysicalMapping + B F7427A24 7 Bytes [53, 57, 8B, 7D, 08, 8B, 87]
PAGENDSM NDIS.sys!NdisMStartBufferPhysicalMapping + 13 F7427A2C 1 Byte [04]
PAGENDSM NDIS.sys!NdisMStartBufferPhysicalMapping + 16 F7427A2F 57 Bytes [8B, 40, 04, 8B, 40, 20, 89, ...]
PAGENDSM NDIS.sys!NdisMStartBufferPhysicalMapping + 51 F7427A6A 7 Bytes [53, FF, 34, D1, 50, FF, B7]
PAGENDSM NDIS.sys!NdisMStartBufferPhysicalMapping + 59 F7427A72 1 Byte [04]
PAGENDSM ...
PAGENDSM NDIS.sys!NdisMCompleteBufferPhysicalMapping + E F7427AC6 8 Bytes [8B, 55, 10, 8D, 0C, D1, 8B, ...]
PAGENDSM NDIS.sys!NdisMCompleteBufferPhysicalMapping + 17 F7427ACF 1 Byte [04]
PAGENDSM NDIS.sys!NdisMCompleteBufferPhysicalMapping + 1A F7427AD2 36 Bytes [56, 8B, 72, 04, 33, C0, 8A, ...]
PAGENDSM NDIS.sys!NdisMCompleteBufferPhysicalMapping + 3F F7427AF7 35 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGENDSM NDIS.sys!NdisMCompleteBufferPhysicalMapping + 63 F7427B1B 9 Bytes [8B, F2, 8B, F9, FF, 15, 50, ...]
PAGENDSM ...
PAGENDSM NDIS.sys!NdisIMCopySendPerPacketInfo + 57 F74283C5 37 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGENDSM NDIS.sys!NdisIMCopySendCompletePerPacketInfo + 21 F74283EB 28 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGENDSM NDIS.sys!NdisMCloseLog + 18 F7428408 8 Bytes [88, 45, 0B, FF, 15, 38, 0E, ...]
PAGENDSM NDIS.sys!NdisMCloseLog + 21 F7428411 11 Bytes [8A, 55, 0B, 33, C0, 8B, CF, ...]
PAGENDSM NDIS.sys!NdisMCloseLog + 2E F742841E 4 Bytes [89, 86, 1C, 01]
PAGENDSM NDIS.sys!NdisMCloseLog + 34 F7428424 4 Bytes [89, 86, 50, 04]
PAGENDSM NDIS.sys!NdisMCloseLog + 3A F742842A 5 Bytes [FF, 15, AC, 0B, 41]
PAGENDSM ...
PAGENDSM NDIS.sys!NdisMWriteLogData + B F7428450 12 Bytes [53, 56, 57, 8D, 45, F8, 50, ...]
PAGENDSM NDIS.sys!NdisMWriteLogData + 18 F742845D 14 Bytes [8B, 5D, 08, 8D, 4B, 04, 89, ...]
PAGENDSM NDIS.sys!NdisMWriteLogData + 27 F742846C 12 Bytes [8B, 53, 0C, 8B, 4D, 10, 3B, ...]
PAGENDSM NDIS.sys!NdisMWriteLogData + 35 F742847A 127 Bytes [8B, 43, 14, 8B, 75, 0C, 2B, ...]
PAGENDSM NDIS.sys!NdisMWriteLogData + B7 F74284FC 3 Bytes [83, 63, 08]
PAGENDSM ...
PAGENDSM NDIS.sys!NdisMFlushLog + 15 F742877D 20 Bytes [33, C9, 89, 4E, 14, 89, 4E, ...]
PAGENDSM NDIS.sys!NdisMFlushLog + 2A F7428792 5 Bytes [5F, 5E, 5D, C2, 04]
PAGENDSM NDIS.sys!NdisMFlushLog + 30 F7428798 20 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGENDSM NDIS.sys!NdisIMSwitchToMiniport + 10 F74287AD 8 Bytes [8B, 5D, 0C, 8B, 3D, 38, 0E, ...]
PAGENDSM NDIS.sys!NdisIMSwitchToMiniport + 19 F74287B6 11 Bytes [8B, 75, 08, 88, 03, FF, D7, ...]
PAGENDSM NDIS.sys!NdisIMSwitchToMiniport + 26 F74287C3 21 Bytes [75, 09, 83, 0B, FF, C6, 45, ...]
PAGENDSM NDIS.sys!NdisIMSwitchToMiniport + 3C F74287D9 5 Bytes [FF, D7, 80, 7E, 2D]
PAGENDSM NDIS.sys!NdisIMSwitchToMiniport + 42 F74287DF 4 Bytes [89, 86, 1C, 01]
PAGENDSM ...
PAGENDSM NDIS.sys!NdisMWanIndicateReceive + 18 F742884C 5 Bytes [8B, 1D, 38, 0E, 41]
PAGENDSM NDIS.sys!NdisMWanIndicateReceive + 1E F7428852 12 Bytes [88, 45, 0F, FF, D3, 8B, 7E, ...]
PAGENDSM NDIS.sys!NdisMWanIndicateReceive + 2C F7428860 4 Bytes [C7, 86, 50, 04]
PAGENDSM NDIS.sys!NdisMWanIndicateReceive + 32 F7428866 3 Bytes [EB, 0C, 0B]
PAGENDSM NDIS.sys!NdisMWanIndicateReceive + 36 F742886A 7 Bytes [EB, 3F, FF, 15, 34, 0E, 41]
PAGENDSM ...
PAGENDSM NDIS.sys!NdisMWanIndicateReceiveComplete + 18 F74288EC 5 Bytes [8B, 1D, 38, 0E, 41]
PAGENDSM NDIS.sys!NdisMWanIndicateReceiveComplete + 1E F74288F2 12 Bytes [88, 45, 0B, FF, D3, 8B, 7E, ...]
PAGENDSM NDIS.sys!NdisMWanIndicateReceiveComplete + 2C F7428900 4 Bytes [C7, 86, 50, 04]
PAGENDSM NDIS.sys!NdisMWanIndicateReceiveComplete + 32 F7428906 3 Bytes [1D, 0D, 0B]
PAGENDSM NDIS.sys!NdisMWanIndicateReceiveComplete + 36 F742890A 7 Bytes [EB, 31, FF, 15, 34, 0E, 41]
PAGENDSM ...
PAGENDSM NDIS.sys!NdisMSetMiniportSecondary + 31 F7428D3D 9 Bytes [C0, 5F, 5E, 8B, C3, 5B, 5D, ...]
PAGENDSM NDIS.sys!NdisMSetMiniportSecondary + 3B F7428D47 41 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGENDSM NDIS.sys!NdisMSetMiniportSecondary + 65 F7428D71 14 Bytes [01, 80, EB, 76, 8B, 46, 3C, ...]
PAGENDSM NDIS.sys!NdisMSetMiniportSecondary + 75 F7428D81 1 Byte [20]
PAGENDSM NDIS.sys!NdisMSetMiniportSecondary + 75 F7428D81 6 Bytes [20, 00, 6A, 01, BA, 0D]
PAGENDSM ...
PAGENDSM NDIS.sys!NdisMPromoteMiniport + 1D F7428F1F 8 Bytes [88, 45, 0B, FF, 15, 38, 0E, ...]
PAGENDSM NDIS.sys!NdisMPromoteMiniport + 26 F7428F28 8 Bytes [F6, 46, 3F, 10, 89, 86, 1C, ...]
PAGENDSM NDIS.sys!NdisMPromoteMiniport + 30 F7428F32 4 Bytes [C7, 86, 50, 04]
PAGENDSM NDIS.sys!NdisMPromoteMiniport + 36 F7428F38 3 Bytes [10, 14, 0B] {ADC [EBX+ECX], DL}
PAGENDSM NDIS.sys!NdisMPromoteMiniport + 3A F7428F3C 3 Bytes [0F, 84, B3]
PAGENDSM ...
PAGENDSM NDIS.sys!NdisMResetComplete + 16 F7429038 8 Bytes [88, 45, 0B, FF, 15, 38, 0E, ...]
PAGENDSM NDIS.sys!NdisMResetComplete + 1F F7429041 8 Bytes [F6, 46, 3E, 20, 89, 86, 1C, ...]
PAGENDSM NDIS.sys!NdisMResetComplete + 29 F742904B 4 Bytes [C7, 86, 50, 04]
PAGENDSM NDIS.sys!NdisMResetComplete + 2F F7429051 3 Bytes [9C, 10, 0B] {PUSHF ; ADC [EBX], CL}
PAGENDSM NDIS.sys!NdisMResetComplete + 33 F7429055 6 Bytes [75, 2E, 68, CE, 90, 42]
PAGENDSM ...
PAGENDSM NDIS.sys!NdisIMRevertBack + 16 F742913B 5 Bytes [FF, 15, 38, 0E, 41]
PAGENDSM NDIS.sys!NdisIMRevertBack + 1C F7429141 6 Bytes [8B, CE, 89, 86, 1C, 01]
PAGENDSM NDIS.sys!NdisIMRevertBack + 24 F7429149 4 Bytes [C7, 86, 50, 04]
PAGENDSM NDIS.sys!NdisIMRevertBack + 2A F742914F 3 Bytes [C0, 08, 0B] {ROR BYTE [EAX], 0xb}
PAGENDSM NDIS.sys!NdisIMRevertBack + 2E F7429153 19 Bytes CALL F74247AD NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
PAGENDSM ...
PAGENDSM NDIS.sys!NdisIMQueueMiniportCallback + 11 F74291B0 5 Bytes [8B, 3D, 38, 0E, 41]
PAGENDSM NDIS.sys!NdisIMQueueMiniportCallback + 17 F74291B6 12 Bytes [8B, 75, 08, 88, 45, FF, FF, ...]
PAGENDSM NDIS.sys!NdisIMQueueMiniportCallback + 25 F74291C4 12 Bytes [8D, 5E, 30, 8B, CB, 75, 1A, ...]
PAGENDSM NDIS.sys!NdisIMQueueMiniportCallback + 32 F74291D1 6 Bytes [FF, D7, 89, 86, 1C, 01]
PAGENDSM NDIS.sys!NdisIMQueueMiniportCallback + 3A F74291D9 4 Bytes [C7, 86, 50, 04]
PAGENDSM ...
PAGENDSM NDIS.sys!NdisMReadDmaCounter + 16 F742936D 17 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGENDSM NDIS.sys!NdisMRemoveMiniport + E F7429380 9 Bytes [80, 48, 41, 01, FF, 15, 48, ...]
PAGENDSM NDIS.sys!NdisMRemoveMiniport + 18 F742938A 5 Bytes [33, C0, 5D, C2, 04]
PAGENDSM NDIS.sys!NdisMRemoveMiniport + 1E F7429390 45 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGENDSM NDIS.sys!NdisMRemoveMiniport + 4D F74293BF 1 Byte [04]
PAGENDSM NDIS.sys!NdisMRemoveMiniport + 4D F74293BF 14 Bytes [04, 00, 85, 78, 3C, 74, 0D, ...]
PAGENDSM ...
PAGENDSM NDIS.sys!NdisMFreeSharedMemory + B F7429478 37 Bytes [3C, 02, 73, 19, FF, 75, 1C, ...]
PAGENDSM NDIS.sys!NdisMFreeSharedMemory + 32 F742949F 13 Bytes CALL F740CA57 NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
PAGENDSM NDIS.sys!NdisMFreeSharedMemory + 40 F74294AD 5 Bytes [FF, 15, 50, 0E, 41]
PAGENDSM NDIS.sys!NdisMFreeSharedMemory + 46 F74294B3 9 Bytes [85, C0, 74, 3A, 8B, 4D, 0C, ...]
PAGENDSM NDIS.sys!NdisMFreeSharedMemory + 50 F74294BD 29 Bytes [89, 48, 14, 8A, 4D, 10, 88, ...]
PAGENDSM ...
PAGENDSM NDIS.sys!NdisMCancelTimer + 12 F742950D 7 Bytes [08, 74, 08, 8B, 45, 0C, C6] {OR [EAX+ECX-0x75], DH; INC EBP; OR AL, 0xc6}
PAGENDSM NDIS.sys!NdisMCancelTimer + 1B F7429516 8 Bytes [EB, 61, 56, FF, 15, 30, 0D, ...]
PAGENDSM NDIS.sys!NdisMCancelTimer + 24 F742951F 14 Bytes [8B, 4D, 0C, 88, 01, 8B, 4E, ...]
PAGENDSM NDIS.sys!NdisMCancelTimer + 35 F7429530 11 Bytes [02, 74, 46, 84, C0, 74, 42, ...]
PAGENDSM NDIS.sys!NdisMCancelTimer + 42 F742953D 5 Bytes [FF, 15, A8, 0B, 41]
PAGENDSM ...
PAGENDSM NDIS.sys!NdisMSynchronizeWithInterrupt + 16 F7429599 3 Bytes [5D, C2, 0C]
PAGENDSM NDIS.sys!NdisMSynchronizeWithInterrupt + 1A F742959D 16 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGENDSM NDIS.sys!NdisMSynchronizeWithInterrupt + 2B F74295AE 15 Bytes [56, 8B, 75, 0C, 57, 8D, 4E, ...]
PAGENDSM NDIS.sys!NdisMSynchronizeWithInterrupt + 3B F74295BE 6 Bytes [FF, D7, C7, 86, 50, 04]
PAGENDSM NDIS.sys!NdisMSynchronizeWithInterrupt + 43 F74295C6 3 Bytes [F3, 04, 0A]
PAGENDSM ...
PAGENDCO NDIS.sys!NdisCmOpenAddressFamilyComplete + 1E F7429B2E 8 Bytes [88, 45, 0F, FF, 15, 38, 0E, ...]
PAGENDCO NDIS.sys!NdisCmOpenAddressFamilyComplete + 27 F7429B37 3 Bytes [83, 7D, 08]
PAGENDCO NDIS.sys!NdisCmOpenAddressFamilyComplete + 2B F7429B3B 4 Bytes [89, 87, 1C, 01]
PAGENDCO NDIS.sys!NdisCmOpenAddressFamilyComplete + 31 F7429B41 7 Bytes [8B, 45, 10, C7, 87, 50, 04]
PAGENDCO NDIS.sys!NdisCmOpenAddressFamilyComplete + 3A F7429B4A 3 Bytes [A2, 03, 18]
PAGENDCO ...
PAGENDCO NDIS.sys!NdisCoRequest + 1A F7429C0A 13 Bytes CALL F7429BAE NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
PAGENDCO NDIS.sys!NdisCoRequest + 29 F7429C19 3 Bytes [83, 65, FC]
PAGENDCO NDIS.sys!NdisCoRequest + 2D F7429C1D 3 Bytes [83, 65, 0C]
PAGENDCO NDIS.sys!NdisCoRequest + 31 F7429C21 9 Bytes [33, C0, 8B, FB, AB, AB, AB, ...]
PAGENDCO NDIS.sys!NdisCoRequest + 3B F7429C2B 2 Bytes [AB, 6A]
PAGENDCO ...
PAGENDCO NDIS.sys!NdisCoRequestComplete + 20 F7429CE0 3 Bytes [5D, C2, 14]
PAGENDCO NDIS.sys!NdisCoRequestComplete + 24 F7429CE4 31 Bytes [90, 90, 90, 90, 90, 90, 90, ...]
PAGENDCO NDIS.sys!NdisCoRequestComplete + 44 F7429D04 7 Bytes [FF, 4E, 08, 0F, 84, 99, 01]
PAGENDCO NDIS.sys!NdisCoRequestComplete + 4D F7429D0D 9 Bytes [8A, D0, 8B, CF, FF, 15, AC, ...]
PAGENDCO NDIS.sys!NdisCoRequestComplete + 57 F7429D17 6 Bytes [84, DB, 0F, 85, 8E, 01]
PAGENDCO ...
PAGENDCO NDIS.sys!NdisClRegisterSap + C F7429D34 17 Bytes [57, 8B, 7D, 08, 8B, CF, E8, ...]
PAGENDCO NDIS.sys!NdisClRegisterSap + 1F F7429D47 9 Bytes [56, 68, 4E, 44, 63, 6F, 6A, ...]
PAGENDCO NDIS.sys!NdisClRegisterSap + 29 F7429D51 5 Bytes [FF, 15, 50, 0E, 41]
PAGENDCO NDIS.sys!NdisClRegisterSap + 2F F7429D57 8 Bytes [8B, F0, 85, F6, 0F, 84, 3A, ...]
PAGENDCO NDIS.sys!NdisClRegisterSap + 39 F7429D61 3 Bytes [83, 66, 10]
PAGENDCO ...
PAGENDCO NDIS.sys!NdisCmRegisterSapComplete + 22 F7429DD3 3 Bytes [0F, 85, E2]
PAGENDCO NDIS.sys!NdisCmRegisterSapComplete + 28 F7429DD9 4 Bytes [5E, 5D, C2, 0C]
PAGENDCO NDIS.sys!NdisCmRegisterSapComplete + 2D F7429DDE 33 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGENDCO NDIS.sys!NdisMCoRequestComplete + 1D F7429E00 3 Bytes [0F, 84, CB]
PAGENDCO NDIS.sys!NdisMCoRequestComplete + 23 F7429E06 6 Bytes [3B, D6, 0F, 84, 6C, 01]
PAGENDCO NDIS.sys!NdisMCoRequestComplete + 2B F7429E0E 9 Bytes [8B, 48, 0C, F6, C1, 01, 0F, ...]
PAGENDCO NDIS.sys!NdisMCoRequestComplete + 37 F7429E1A 13 Bytes [83, 78, 10, 01, FF, 75, 08, ...]
PAGENDCO NDIS.sys!NdisMCoRequestComplete + 47 F7429E2A 9 Bytes CALL F7424898 NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
PAGENDCO ...
PAGENDCO NDIS.sys!NdisCoCreateVc + 28 F742A1AE 16 Bytes [85, DB, 74, 09, 3B, 43, 6C, ...]
PAGENDCO NDIS.sys!NdisCoCreateVc + 39 F742A1BF 39 Bytes [8B, 40, 0C, 8B, 40, 18, 8B, ...]
PAGENDCO NDIS.sys!NdisCoCreateVc + 62 F742A1E8 4 Bytes JMP F742A5A7 NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
PAGENDCO NDIS.sys!NdisCoCreateVc + 68 F742A1EE 7 Bytes [68, 4E, 44, 63, 6F, 68, 98]
PAGENDCO NDIS.sys!NdisCoCreateVc + 72 F742A1F8 1 Byte [6A]
PAGENDCO ...
PAGENDCO NDIS.sys!NdisMCmCreateVc + 11 F742A5CC 4 Bytes JMP F742A757 NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
PAGENDCO NDIS.sys!NdisMCmCreateVc + 17 F742A5D2 5 Bytes [8B, 45, 14, 83, 20]
PAGENDCO NDIS.sys!NdisMCmCreateVc + 1D F742A5D8 6 Bytes [56, 8B, 35, 50, 0E, 41]
PAGENDCO NDIS.sys!NdisMCmCreateVc + 24 F742A5DF 8 Bytes [68, 4E, 44, 63, 6F, 6A, 48, ...]
PAGENDCO NDIS.sys!NdisMCmCreateVc + 2D F742A5E8 13 Bytes [FF, D6, 8B, D0, 85, D2, 89, ...]
PAGENDCO ...
PAGENDCO NDIS.sys!NdisMCmActivateVc + 18 F742A77A 31 Bytes [83, 4E, 04, 01, 8B, 4D, 0C, ...]
PAGENDCO NDIS.sys!NdisMCmActivateVc + 38 F742A79A 7 Bytes [5F, 33, C0, 5E, 5D, C2, 08]
PAGENDCO NDIS.sys!NdisMCmActivateVc + 40 F742A7A2 28 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGENDCO NDIS.sys!NdisMCoActivateVcComplete + 18 F742A7BF 7 Bytes [83, 66, 04, FD, 83, 7D, 08]
PAGENDCO NDIS.sys!NdisMCoActivateVcComplete + 20 F742A7C7 20 Bytes [8B, 4E, 04, 75, 06, 83, C9, ...]
PAGENDCO NDIS.sys!NdisMCoActivateVcComplete + 35 F742A7DC 17 Bytes [FF, 75, 10, FF, 76, 28, FF, ...]
PAGENDCO NDIS.sys!NdisMCoActivateVcComplete + 47 F742A7EE 29 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGENDCO NDIS.sys!NdisMCmDeactivateVc + 19 F742A80C 10 Bytes [8B, 4E, 04, F6, C1, 01, 75, ...]
PAGENDCO NDIS.sys!NdisMCmDeactivateVc + 24 F742A817 1 Byte [01]
PAGENDCO NDIS.sys!NdisMCmDeactivateVc + 24 F742A817 21 Bytes [01, 00, EB, 08, 33, DB, 83, ...]
PAGENDCO NDIS.sys!NdisMCmDeactivateVc + 3A F742A82D 8 Bytes [5F, 5E, 8B, C3, 5B, 5D, C2, ...]
PAGENDCO NDIS.sys!NdisMCmDeactivateVc + 43 F742A836 28 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGENDCO NDIS.sys!NdisMCoDeactivateVcComplete + 18 F742A853 7 Bytes [83, 66, 04, FB, 83, 7D, 08]
PAGENDCO NDIS.sys!NdisMCoDeactivateVcComplete + 20 F742A85B 20 Bytes [8B, 4E, 04, 75, 06, 83, E1, ...]
PAGENDCO NDIS.sys!NdisMCoDeactivateVcComplete + 35 F742A870 14 Bytes [FF, 76, 28, FF, 75, 08, FF, ...]
PAGENDCO NDIS.sys!NdisMCoDeactivateVcComplete + 44 F742A87F 13 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGENDCO NDIS.sys!NdisClIncomingCallComplete + 9 F742A88D 15 Bytes [56, 8B, 75, 0C, 75, 56, 8B, ...]
PAGENDCO NDIS.sys!NdisClIncomingCallComplete + 19 F742A89D 29 Bytes [57, 83, C1, 74, FF, D3, FF, ...]
PAGENDCO NDIS.sys!NdisClIncomingCallComplete + 39 F742A8BD 20 Bytes [8B, 07, 89, 79, 04, 89, 01, ...]
PAGENDCO NDIS.sys!NdisClIncomingCallComplete + 4E F742A8D2 45 Bytes [83, C1, 74, FF, D7, 8D, 4E, ...]
PAGENDCO NDIS.sys!NdisClIncomingCallComplete + 7C F742A900 22 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGENDCO NDIS.sys!NdisCmDispatchCallConnected + 12 F742A917 25 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGENDCO NDIS.sys!NdisClModifyCallQoS + 15 F742A931 28 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGENDCO NDIS.sys!NdisCmModifyCallQoSComplete + 18 F742A94E 25 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGENDCO NDIS.sys!NdisCmDispatchIncomingCallQoSChange + 15 F742A968 34 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGENDCO NDIS.sys!NdisCmDispatchIncomingCloseCall + 1E F742A98B 11 Bytes [90, 90, 90, 90, 90, 6A, 0C, ...]
PAGENDCO NDIS.sys!NdisCmDispatchIncomingCloseCall + 2A F742A997 169 Bytes CALL F740C0CD NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
PAGENDCO NDIS.sys!NdisCmDispatchIncomingCloseCall + D4 F742AA41 22 Bytes [8B, 45, 0C, 89, 38, 83, 4D, ...]
PAGENDCO NDIS.sys!NdisCmDispatchIncomingCloseCall + EB F742AA58 1 Byte [8B]
PAGENDCO NDIS.sys!NdisCmDispatchIncomingCloseCall + EB F742AA58 31 Bytes [8B, 00, 89, 45, E4, 33, C0, ...]
PAGENDCO ...
PAGENDCO NDIS.sys!NdisClGetProtocolVcContextFromTapiCallId + 1D F742AA9A 4 Bytes [C0, 5D, C2, 0C] {RCR BYTE [EBP-0x3e], 0xc}
PAGENDCO NDIS.sys!NdisClGetProtocolVcContextFromTapiCallId + 22 F742AA9F 31 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGENDCO NDIS.sys!NdisCmDispatchIncomingDropParty + 1B F742AABF 24 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGENDCO NDIS.sys!NdisCmDispatchIncomingDropParty + 34 F742AAD8 19 Bytes [F6, 46, 07, 80, 75, 04, FF, ...]
PAGENDCO NDIS.sys!NdisCmDispatchIncomingDropParty + 48 F742AAEC 33 Bytes [5F, 5E, 8A, C3, 5B, C3, 90, ...]
PAGENDCO NDIS.sys!NdisCmDispatchIncomingDropParty + 6A F742AB0E 16 Bytes [FF, 0E, 8B, 7E, 28, 8A, D0, ...]
PAGENDCO NDIS.sys!NdisCmDispatchIncomingDropParty + 7B F742AB1F 13 Bytes [08, 74, 19, 83, 20, F7, 8B, ...]
PAGENDCO ...
PAGENDCO NDIS.sys!NdisCoAssignInstanceName + 13 F742ABF3 20 Bytes [8B, 43, 64, 89, 45, FC, 66, ...]
PAGENDCO NDIS.sys!NdisCoAssignInstanceName + 29 F742AC09 15 Bytes [8B, 45, 0C, 85, C0, 6A, 30, ...]
PAGENDCO NDIS.sys!NdisCoAssignInstanceName + 39 F742AC19 17 Bytes [66, 03, C1, 89, 45, 08, 0F, ...]
PAGENDCO NDIS.sys!NdisCoAssignInstanceName + 4B F742AC2B 5 Bytes [FF, 15, 50, 0E, 41]
PAGENDCO NDIS.sys!NdisCoAssignInstanceName + 51 F742AC31 8 Bytes [8B, D0, 85, D2, 0F, 84, 4D, ...]
PAGENDCO ...
PAGENDCO NDIS.sys!NdisCoGetTapiCallId + F F742ADD6 19 Bytes [85, C9, 74, 30, 8B, 51, 10, ...]
PAGENDCO NDIS.sys!NdisCoGetTapiCallId + 23 F742ADEA 18 Bytes [01, C0, EB, 21, 56, 6A, 04, ...]
PAGENDCO NDIS.sys!NdisCoGetTapiCallId + 38 F742ADFF 1 Byte [89]
.text Mup.sys F787D324 3 Bytes [13, 88, F7]
.text Mup.sys F787D328 3 Bytes [13, 88, F7]
.text Mup.sys F787D342 3 Bytes [07, 88, F7] {POP ES; MOV BH, DH}
.text Mup.sys F787D399 3 Bytes [11, 88, F7]
.text Mup.sys F787D3B7 3 Bytes [0A, 88, F7]
.text ...
.text USBPORT.SYS!USBPORT_RegisterUSBPortDriver BA10C000 2 Bytes JMP BA10C0F3 \SystemRoot\system32\DRIVERS\USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation)
.text USBPORT.SYS!USBPORT_RegisterUSBPortDriver BA10C005 4 Bytes [8B, 8B, 20, 01]
.text USBPORT.SYS!USBPORT_RegisterUSBPortDriver BA10C00B 7 Bytes [8B, 49, 28, 83, A3, 20, 05]
.text USBPORT.SYS!USBPORT_RegisterUSBPortDriver BA10C015 5 Bytes [50, 8D, 83, 38, 02]
.text USBPORT.SYS!USBPORT_RegisterUSBPortDriver BA10C01C 18 Bytes [50, 56, 89, 4D, 08, E8, 5C, ...]
.text ...
.text USBPORT.SYS!DllUnload + 7 BA1138B3 6 Bytes [74, 10, A1, 88, 90, 11]
.text USBPORT.SYS!DllUnload + E BA1138BA 10 Bytes [85, C0, 74, 07, 50, FF, 15, ...]
.text USBPORT.SYS!DllUnload + 19 BA1138C5 5 Bytes [FF, 35, 8C, 90, 11]
.text USBPORT.SYS!DllUnload + 1F BA1138CB 10 Bytes CALL BA1090FA \SystemRoot\system32\DRIVERS\USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation)
.text USBPORT.SYS!DllUnload + 2A BA1138D6 10 Bytes CALL BA1090FA \SystemRoot\system32\DRIVERS\USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation)
.text ...
.text USBPORT.SYS!USBPORT_GetHciMn + 4 BA1138F6 20 Bytes [10, C3, CC, CC, CC, CC, CC, ...]
.text USBPORT.SYS!USBPORT_GetHciMn + 19 BA11390B 10 Bytes [53, 8B, 58, 28, 56, 57, BF, ...]
.text USBPORT.SYS!USBPORT_GetHciMn + 24 BA113916 7 Bytes [8B, CF, FF, 15, 08, 8A, 11]
.text USBPORT.SYS!USBPORT_GetHciMn + 2C BA11391E 5 Bytes [8B, 0D, D8, 90, 11]
.text USBPORT.SYS!USBPORT_GetHciMn + 32 BA113924 4 Bytes [BE, D8, 90, 11]
.text ...
.text USBPORT.SYS!USBPORT_RegisterUSBPortDriver + C BA113D8E 7 Bytes [53, 56, 8B, 35, 4C, 8A, 11]
.text USBPORT.SYS!USBPORT_RegisterUSBPortDriver + 14 BA113D96 5 Bytes [57, BB, E0, 90, 11]
.text USBPORT.SYS!USBPORT_RegisterUSBPortDriver + 1A BA113D9C 3 Bytes [0F, 85, BC]
.text USBPORT.SYS!USBPORT_RegisterUSBPortDriver + 20 BA113DA2 4 Bytes [B8, D8, 90, 11]
.text USBPORT.SYS!USBPORT_RegisterUSBPortDriver + 25 BA113DA7 4 Bytes [A3, DC, 90, 11]
.text ...
PAGE portcls.sys!PcDispatchIrp + 7C0 BA062000 4 Bytes [15, 2C, C3, 05]
PAGE portcls.sys!PcDispatchIrp + 7C5 BA062005 14 Bytes [8B, D8, 85, DB, 8B, 45, 10, ...]
PAGE portcls.sys!PcDispatchIrp + 7D5 BA062015 9 Bytes [8B, 47, 18, 89, 70, 0C, 80, ...]
PAGE portcls.sys!PcDispatchIrp + 7DF BA06201F 13 Bytes [74, 0E, 8B, 47, 18, 8B, 48, ...]
PAGE portcls.sys!PcDispatchIrp + 7EF BA06202F 6 Bytes [8B, 4D, FC, 81, C1, 88]
PAGE ...
PAGE portcls.sys!PcValidateConnectRequest + 19 BA0620E7 3 Bytes [5D, C2, 0C]
PAGE portcls.sys!PcValidateConnectRequest + 1D BA0620EB 5 Bytes [FF, 15, 7C, C4, 05]
PAGE portcls.sys!PcValidateConnectRequest + 23 BA0620F1 8 Bytes JMP BA06202F \SystemRoot\system32\drivers\portcls.sys (Port Class (Class Driver for Port/Miniport Devices)/Microsoft Corporation)
PAGE portcls.sys!PcValidateConnectRequest + 2D BA0620FB 5 Bytes [C0, 0F, 84, A9, 54]
PAGE portcls.sys!PcValidateConnectRequest + 34 BA062102 51 Bytes JMP BA061FBC \SystemRoot\system32\drivers\portcls.sys (Port Class (Class Driver for Port/Miniport Devices)/Microsoft Corporation)
PAGE portcls.sys!KsoDispatchCreateWithGenericFactory + 2A BA062136 21 Bytes [8B, 42, 28, EB, EC, 90, 90, ...]
PAGE portcls.sys!PcCaptureFormat + C BA06214C 20 Bytes [53, 8B, 5D, 0C, 56, 8B, 33, ...]
PAGE portcls.sys!PcCaptureFormat + 21 BA062161 17 Bytes CALL BA05145C \SystemRoot\system32\drivers\portcls.sys (Port Class (Class Driver for Port/Miniport Devices)/Microsoft Corporation)
PAGE portcls.sys!PcCaptureFormat + 33 BA062173 15 Bytes CALL BA05145C \SystemRoot\system32\drivers\portcls.sys (Port Class (Class Driver for Port/Miniport Devices)/Microsoft Corporation)
PAGE portcls.sys!PcCaptureFormat + 44 BA062184 13 Bytes [68, 50, 63, 44, 66, 56, 6A, ...]
PAGE portcls.sys!PcCaptureFormat + 52 BA062192 40 Bytes [85, C0, 8B, 55, 08, 89, 02, ...]
PAGE ...
PAGE portcls.sys!PcAcquireFormatResources + F BA06220E 19 Bytes [8D, 7D, D8, A5, A5, A5, A5, ...]
PAGE portcls.sys!PcAcquireFormatResources + 25 BA062224 4 Bytes [C7, 45, EC, 02]
PAGE portcls.sys!PcAcquireFormatResources + 2B BA06222A 13 Bytes [10, 89, 75, F0, 89, 75, F4, ...]
PAGE portcls.sys!PcAcquireFormatResources + 39 BA062238 17 Bytes CALL BA05145C \SystemRoot\system32\drivers\portcls.sys (Port Class (Class Driver for Port/Miniport Devices)/Microsoft Corporation)
PAGE portcls.sys!PcAcquireFormatResources + 4B BA06224A 15 Bytes CALL BA05145C \SystemRoot\system32\drivers\portcls.sys (Port Class (Class Driver for Port/Miniport Devices)/Microsoft Corporation)
PAGE ...
PAGE portcls.sys!PcTerminateConnection + 25 BA06231F 22 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGE portcls.sys!PcTerminateConnection + 3C BA062336 6 Bytes [C7, 46, 04, B0, C5, 05]
PAGE portcls.sys!PcTerminateConnection + 43 BA06233D 5 Bytes [C7, 07, 9C, C5, 05]
PAGE portcls.sys!PcTerminateConnection + 49 BA062343 8 Bytes CALL BA051D97 \SystemRoot\system32\drivers\portcls.sys (Port Class (Class Driver for Port/Miniport Devices)/Microsoft Corporation)
PAGE portcls.sys!PcTerminateConnection + 54 BA06234E 6 Bytes [85, C0, 0F, 85, 70, 50]
PAGE ...
PAGE portcls.sys!PcPinPropertyHandler + 1C BA0627B9 20 Bytes [C0, 74, 07, 8B, 56, 18, 3B, ...]
PAGE portcls.sys!PcPinPropertyHandler + 32 BA0627CF 6 Bytes [0F, B6, 92, 12, 28, 06]
PAGE portcls.sys!PcPinPropertyHandler + 39 BA0627D6 6 Bytes [FF, 24, 95, FA, 27, 06]
PAGE portcls.sys!PcPinPropertyHandler + 40 BA0627DD 15 Bytes [FF, 77, 08, FF, 37, FF, 75, ...]
PAGE portcls.sys!PcPinPropertyHandler + 50 BA0627ED 6 Bytes [5F, 5E, 5B, 5D, C2, 0C]
PAGE ...
PAGE portcls.sys!PcNewRegistryKey + 11 BA062A24 13 Bytes [56, 6A, 01, FF, 75, 0C, 8D, ...]
PAGE portcls.sys!PcNewRegistryKey + 1F BA062A32 26 Bytes CALL BA061D38 \SystemRoot\system32\drivers\portcls.sys (Port Class (Class Driver for Port/Miniport Devices)/Microsoft Corporation)
PAGE portcls.sys!PcNewRegistryKey + 3A BA062A4D 50 Bytes [57, FF, 10, 8B, F0, 85, F6, ...]
PAGE portcls.sys!PcNewRegistryKey + 6E BA062A81 16 Bytes [89, 03, 8B, 07, 57, FF, 50, ...]
PAGE portcls.sys!PcNewRegistryKey + 7F BA062A92 49 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGE ...
PAGE portcls.sys!PcNewServiceGroup + 11 BA062C11 2 Bytes [57, 6A]
PAGE portcls.sys!PcNewServiceGroup + 14 BA062C14 10 Bytes [FF, 75, 0C, 8D, 45, 08, 68, ...]
PAGE portcls.sys!PcNewServiceGroup + 1F BA062C1F 3 Bytes CALL BA062C63 \SystemRoot\system32\drivers\portcls.sys (Port Class (Class Driver for Port/Miniport Devices)/Microsoft Corporation)
PAGE portcls.sys!PcNewServiceGroup + 25 BA062C25 20 Bytes [8B, F8, 85, FF, 7C, 24, 56, ...]
PAGE portcls.sys!PcNewServiceGroup + 3A BA062C3A 28 Bytes [56, FF, 10, 8B, F8, 85, FF, ...]
PAGE ...
PAGE portcls.sys!PcHandleEnableEventWithTable + 7 BA0639FA 8 Bytes CALL BA0523B1 \SystemRoot\system32\drivers\portcls.sys (Port Class (Class Driver for Port/Miniport Devices)/Microsoft Corporation)
PAGE portcls.sys!PcHandleEnableEventWithTable + 10 BA063A03 17 Bytes [8B, 5D, 08, 8B, 7B, 60, 8B, ...]
PAGE portcls.sys!PcHandleEnableEventWithTable + 22 BA063A15 3 Bytes [80, 7B, 20]
PAGE portcls.sys!PcHandleEnableEventWithTable + 26 BA063A19 4 Bytes [0F, 85, EC, 36]
PAGE portcls.sys!PcHandleEnableEventWithTable + 2C BA063A1F 13 Bytes [8B, 47, 10, 8B, 40, 14, 89, ...]
PAGE ...
PAGE portcls.sys!PcFreePropertyTable + D BA063E13 39 Bytes [56, 8B, 75, 08, 8B, 46, 0C, ...]
PAGE portcls.sys!PcFreePropertyTable + 35 BA063E3B 31 Bytes [75, 09, 8B, 07, 85, C0, 74, ...]
PAGE portcls.sys!PcFreePropertyTable + 55 BA063E5B 10 Bytes [8B, 46, 04, 85, C0, 74, 10, ...]
PAGE portcls.sys!PcFreePropertyTable + 60 BA063E66 4 Bytes [75, 0A, 83, 26]
PAGE portcls.sys!PcFreePropertyTable + 65 BA063E6B 6 Bytes [50, FF, D3, 83, 66, 04]
PAGE ...
PAGE portcls.sys!PcDeleteSubdeviceDescriptor + 1D BA063FBF 127 Bytes [8B, 06, 85, C0, 8B, 7E, 20, ...]
PAGE portcls.sys!PcDeleteSubdeviceDescriptor + 9F BA064041 12 Bytes [83, C7, 10, 4B, 75, C7, 56, ...]
PAGE portcls.sys!PcDeleteSubdeviceDescriptor + AC BA06404E 6 Bytes [5F, 5E, 5B, 5D, C2, 04]
PAGE portcls.sys!PcDeleteSubdeviceDescriptor + B3 BA064055 17 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGE portcls.sys!PcFreeEventTable + D BA064067 16 Bytes [56, 8B, 75, 08, 8B, 46, 0C, ...]
PAGE portcls.sys!PcFreeEventTable + 1F BA064079 16 Bytes [8B, 46, 04, 85, C0, 75, 0A, ...]
PAGE portcls.sys!PcFreeEventTable + 30 BA06408A 3 Bytes [80, 7E, 08]
PAGE portcls.sys!PcFreeEventTable + 34 BA06408E 5 Bytes [75, F0, E9, B3, 32]
PAGE portcls.sys!PcFreeEventTable + 3B BA064095 25 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGE ...
PAGE portcls.sys!PcGetDeviceProperty + 21 BA064711 3 Bytes [5D, C2, 14]
PAGE portcls.sys!PcGetDeviceProperty + 25 BA064715 27 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGE portcls.sys!PcGetDeviceProperty + 41 BA064731 16 Bytes [83, F8, 01, 75, 1D, FF, 76, ...]
PAGE portcls.sys!PcGetDeviceProperty + 52 BA064742 4 Bytes [0F, 85, 4C, 29]
PAGE portcls.sys!PcGetDeviceProperty + 58 BA064748 10 Bytes CALL BA053071 \SystemRoot\system32\drivers\portcls.sys (Port Class (Class Driver for Port/Miniport Devices)/Microsoft Corporation)
PAGE ...
PAGE portcls.sys!PcAddToPropertyTable + 55 BA06499E 45 Bytes [89, 45, EC, FF, 36, FF, 75, ...]
PAGE portcls.sys!PcAddToPropertyTable + 83 BA0649CC 3 Bytes [83, 65, F0]
PAGE portcls.sys!PcAddToPropertyTable + 87 BA0649D0 25 Bytes [8D, 3C, BF, 68, 50, 63, 53, ...]
PAGE portcls.sys!PcAddToPropertyTable + A2 BA0649EB 21 Bytes [68, 50, 63, 53, 62, FF, 75, ...]
PAGE portcls.sys!PcAddToPropertyTable + B9 BA064A02 3 Bytes [83, 7D, 08]
PAGE ...
PAGE portcls.sys!PcCreateSubdeviceDescriptor + C BA064D42 3 Bytes [83, 65, E8]
PAGE portcls.sys!PcCreateSubdeviceDescriptor + 10 BA064D46 86 Bytes [53, 56, 57, 8B, 7D, 08, 8B, ...]
PAGE portcls.sys!PcCreateSubdeviceDescriptor + 68 BA064D9E 18 Bytes [50, FF, 73, 20, 8D, 75, E4, ...]
PAGE portcls.sys!PcCreateSubdeviceDescriptor + 7B BA064DB1 117 Bytes [75, DD, 68, 50, 63, 46, 70, ...]
PAGE portcls.sys!PcCreateSubdeviceDescriptor + F2 BA064E28 55 Bytes [8B, 77, 18, 8B, C1, 89, 42, ...]
PAGE ...
PAGE portcls.sys!PcRegisterSubdevice + 17 BA0651DA 7 Bytes [39, 7D, 0C, 0F, 84, 53, 01]
PAGE portcls.sys!PcRegisterSubdevice + 20 BA0651E3 9 Bytes [8B, 45, 10, 3B, C7, 0F, 84, ...]
PAGE portcls.sys!PcRegisterSubdevice + 2B BA0651EE 10 Bytes [8B, 08, 8D, 55, 10, 52, 68, ...]
PAGE portcls.sys!PcRegisterSubdevice + 36 BA0651F9 12 Bytes [50, FF, 11, 3B, C7, 89, 45, ...]
PAGE portcls.sys!PcRegisterSubdevice + 44 BA065207 21 Bytes [57, FF, 75, 0C, FF, 75, 10, ...]
PAGE ...
PAGE portcls.sys!PcInitializeAdapterDriver + 11 BA06551A 18 Bytes [74, 6B, 8B, 45, 10, 85, C0, ...]
PAGE portcls.sys!PcInitializeAdapterDriver + 24 BA06552D 12 Bytes [89, 41, 04, 6A, 0E, 57, C7, ...]
PAGE portcls.sys!PcInitializeAdapterDriver + 31 BA06553A 3 Bytes [C7, 87, A4]
PAGE portcls.sys!PcInitializeAdapterDriver + 37 BA065540 3 Bytes [BD, 17, 06]
PAGE portcls.sys!PcInitializeAdapterDriver + 3B BA065544 3 Bytes [C7, 87, 90]
PAGE ...
PAGE portcls.sys!PcNewPort + B BA065635 4 Bytes [0F, 84, 4E, 20]
PAGE portcls.sys!PcNewPort + 11 BA06563B 10 Bytes [56, 8D, 45, F8, 50, FF, 75, ...]
PAGE portcls.sys!PcNewPort + 1E BA065648 6 Bytes [85, C0, 0F, 8C, 43, 20]
PAGE portcls.sys!PcNewPort + 26 BA065650 1 Byte [6A]
PAGE portcls.sys!PcNewPort + 26 BA065650 3 Bytes [6A, 00, 6A]
PAGE ...
PAGE portcls.sys!PcAddAdapterDevice + 16 BA0656E4 7 Bytes [39, 75, 0C, 0F, 84, 56, 02]
PAGE portcls.sys!PcAddAdapterDevice + 1F BA0656ED 7 Bytes [39, 75, 10, 0F, 84, 4D, 02]
PAGE portcls.sys!PcAddAdapterDevice + 28 BA0656F6 9 Bytes [8B, 5D, 14, 3B, DE, 0F, 84, ...]
PAGE portcls.sys!PcAddAdapterDevice + 33 BA065701 9 Bytes [8B, 7D, 18, 3B, FE, 0F, 85, ...]
PAGE portcls.sys!PcAddAdapterDevice + 3E BA06570C 2 Bytes [BF, F0]
PAGE ...
PAGE portcls.sys!PcNewResourceList + 11 BA0659E8 14 Bytes [56, FF, 75, 10, 8D, 45, 08, ...]
PAGE portcls.sys!PcNewResourceList + 20 BA0659F7 3 Bytes CALL BA065A53 \SystemRoot\system32\drivers\portcls.sys (Port Class (Class Driver for Port/Miniport Devices)/Microsoft Corporation)
PAGE portcls.sys!PcNewResourceList + 26 BA0659FD 20 Bytes [8B, F0, 85, F6, 7C, 3C, 57, ...]
PAGE portcls.sys!PcNewResourceList + 3B BA065A12 52 Bytes [57, FF, 10, 8B, F0, 85, F6, ...]
PAGE portcls.sys!PcNewResourceList + 70 BA065A47 67 Bytes [8B, 08, 50, FF, 51, 08, EB, ...]
PAGE ...
PAGE portcls.sys!PcDmaMasterDescription + 56 BA06627C 4 Bytes [5F, 5D, C2, 28]
PAGE portcls.sys!PcDmaMasterDescription + 5B BA066281 38 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGE portcls.sys!PcDmaMasterDescription + 82 BA0662A8 1 Byte [6A]
PAGE portcls.sys!PcDmaMasterDescription + 82 BA0662A8 15 Bytes [6A, 00, 0F, 94, C0, 88, 46, ...]
PAGE portcls.sys!PcDmaMasterDescription + 92 BA0662B8 5 Bytes [FF, 15, C8, C4, 05]
PAGE ...
PAGE portcls.sys!PcNewDmaChannel + 14 BA066599 3 Bytes CALL BA0665F7 \SystemRoot\system32\drivers\portcls.sys (Port Class (Class Driver for Port/Miniport Devices)/Microsoft Corporation)
PAGE portcls.sys!PcNewDmaChannel + 1A BA06659F 20 Bytes [8B, F0, 85, F6, 7C, 3C, 57, ...]
PAGE portcls.sys!PcNewDmaChannel + 2F BA0665B4 51 Bytes [57, FF, 10, 8B, F0, 85, F6, ...]
PAGE portcls.sys!PcNewDmaChannel + 63 BA0665E8 70 Bytes [8B, 45, 10, 8B, 08, 50, FF, ...]
PAGE portcls.sys!PcNewDmaChannel + AA BA06662F 6 Bytes [33, C0, EB, E7, B8, 9A]
PAGE ...
PAGE portcls.sys!PcRegisterPhysicalConnection + 2A BA066669 3 Bytes [5D, C2, 14]
PAGE portcls.sys!PcRegisterPhysicalConnection + 2E BA06666D 2 Bytes [B8, 0D]
PAGE portcls.sys!PcRegisterPhysicalConnection + 32 BA066671 19 Bytes [C0, EB, F5, 90, 90, 90, 90, ...]
PAGE portcls.sys!PcRegisterPhysicalConnection + 46 BA066685 3 Bytes [83, 65, F4]
PAGE portcls.sys!PcRegisterPhysicalConnection + 4A BA066689 15 Bytes [85, C0, 53, 8B, 5D, 14, 56, ...]
PAGE ...
PAGE portcls.sys!PcNewInterruptSync + 11 BA066796 4 Bytes [74, 66, 56, 6A]
PAGE portcls.sys!PcNewInterruptSync + 16 BA06679B 10 Bytes [FF, 75, 0C, 8D, 45, 08, 68, ...]
PAGE portcls.sys!PcNewInterruptSync + 21 BA0667A6 3 Bytes CALL BA066809 \SystemRoot\system32\drivers\portcls.sys (Port Class (Class Driver for Port/Miniport Devices)/Microsoft Corporation)
PAGE portcls.sys!PcNewInterruptSync + 27 BA0667AC 20 Bytes [8B, F0, 85, F6, 7C, 3C, 57, ...]
PAGE portcls.sys!PcNewInterruptSync + 3C BA0667C1 52 Bytes [57, FF, 10, 8B, F0, 85, F6, ...]
PAGE ...
PAGE portcls.sys!DllInitialize + 5 BA066897 42 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGE portcls.sys!PcRegisterAdapterPowerManagement + 26 BA0668C2 13 Bytes [50, FF, 11, 85, C0, 7C, 0E, ...]
PAGE portcls.sys!PcRegisterAdapterPowerManagement + 36 BA0668D2 4 Bytes [5E, 5D, C2, 08]
PAGE portcls.sys!PcRegisterAdapterPowerManagement + 3B BA0668D7 3 Bytes [83, A6, 94]
PAGE portcls.sys!PcRegisterAdapterPowerManagement + 42 BA0668DE 4 Bytes [EB, F2, B8, 0D]
PAGE portcls.sys!PcRegisterAdapterPowerManagement + 48 BA0668E4 30 Bytes [C0, EB, EB, 8B, 45, 10, 3B, ...]
PAGE ...
PAGE portcls.sys!PcAddToEventTable + 47 BA066C35 19 Bytes [8B, 45, 14, 01, 45, 08, FF, ...]
PAGE portcls.sys!PcAddToEventTable + 5B BA066C49 3 Bytes [83, 65, F0]
PAGE portcls.sys!PcAddToEventTable + 5F BA066C4D 13 Bytes [8D, 3C, 7F, 68, 50, 63, 45, ...]
PAGE portcls.sys!PcAddToEventTable + 6D BA066C5B 11 Bytes [FF, D6, 85, C0, 89, 45, 08, ...]
PAGE portcls.sys!PcAddToEventTable + 7A BA066C68 21 Bytes [68, 50, 63, 53, 62, FF, 75, ...]
PAGE ...
PAGE portcls.sys!PcHandleDisableEventWithTable + 1F BA06706D 3 Bytes [5D, C2, 08]
PAGE portcls.sys!PcHandleDisableEventWithTable + 23 BA067071 3 Bytes [BF, 25, 02]
PAGE portcls.sys!PcHandleDisableEventWithTable + 27 BA067075 19 Bytes JMP BA063986 \SystemRoot\system32\drivers\portcls.sys (Port Class (Class Driver for Port/Miniport Devices)/Microsoft Corporation)
PAGE portcls.sys!PcHandleDisableEventWithTable + 3B BA067089 23 Bytes [0F, 85, 99, C8, FF, FF, E9, ...]
PAGE portcls.sys!PcHandleDisableEventWithTable + 54 BA0670A2 1 Byte [01]
PAGE ...
PAGE portcls.sys!PcDmaSlaveDescription + 21 BA068BF6 70 Bytes [C0, EB, 47, 8B, 55, 24, 57, ...]
PAGE portcls.sys!PcDmaSlaveDescription + 6A BA068C3F 8 Bytes [5F, 5E, 8B, C3, 5B, 5D, C2, ...]
PAGE portcls.sys!PcDmaSlaveDescription + 73 BA068C48 14 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGE portcls.sys!PcDmaSlaveDescription + 83 BA068C58 9 Bytes [8B, 55, 0C, 85, D2, 75, 0A, ...]
PAGE portcls.sys!PcDmaSlaveDescription + 8E BA068C63 4 Bytes JMP BA068E44 \SystemRoot\system32\drivers\portcls.sys (Port Class (Class Driver for Port/Miniport Devices)/Microsoft Corporation)
PAGE ...
PAGE portcls.sys!PcCompletePendingEventRequest + C BA068EA7 19 Bytes [C0, 8B, D1, 23, D0, 3B, D0, ...]
PAGE portcls.sys!PcCompletePendingEventRequest + 20 BA068EBB 16 Bytes [8B, 46, 18, 89, 48, 18, 8B, ...]
PAGE portcls.sys!PcCompletePendingEventRequest + 31 BA068ECC 6 Bytes [56, FF, 15, 14, C5, 05]
PAGE portcls.sys!PcCompletePendingEventRequest + 38 BA068ED3 6 Bytes [33, C0, 5E, 5D, C2, 08]
PAGE portcls.sys!PcCompletePendingEventRequest + 3F BA068EDA 19 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGE ...
PAGE portcls.sys!PcNewMiniport + B BA0694A3 4 Bytes [75, 07, B8, 0D]
PAGE portcls.sys!PcNewMiniport + 11 BA0694A9 21 Bytes [C0, EB, 5F, 56, 8D, 45, F8, ...]
PAGE portcls.sys!PcNewMiniport + 27 BA0694BF 1 Byte [6A]
PAGE portcls.sys!PcNewMiniport + 27 BA0694BF 30 Bytes [6A, 00, FF, 75, 0C, 8D, 45, ...]
PAGE portcls.sys!PcNewMiniport + 46 BA0694DE 23 Bytes [50, FF, 11, 8B, F0, 8B, 45, ...]
PAGE ...
PAGE portcls.sys!PcGetContentRights + 15 BA069589 22 Bytes [90, 90, 90, 90, 90, 33, C0, ...]
PAGE portcls.sys!DllUnload + 12 BA0695A0 48 Bytes [53, 56, 8B, 75, 0C, 85, F6, ...]
PAGE portcls.sys!DllUnload + 43 BA0695D1 55 Bytes [74, 40, 0F, B7, 46, 02, 57, ...]
PAGE portcls.sys!DllUnload + 7C BA06960A 6 Bytes [C0, FF, 15, 14, C5, 05]
PAGE portcls.sys!DllUnload + 83 BA069611 5 Bytes [EB, 1A, 83, 63, 04]
PAGE portcls.sys!DllUnload + 89 BA069617 11 Bytes [8B, 45, 08, 89, 18, EB, 0F, ...]
PAGE ...
PAGE portcls.sys!PcForwardIrpSynchronous + 26 BA06968E 6 Bytes [C0, FF, 15, A8, C4, 05]
PAGE portcls.sys!PcForwardIrpSynchronous + 2D BA069695 2 Bytes [B8, 0D]
PAGE portcls.sys!PcForwardIrpSynchronous + 31 BA069699 4 Bytes [C0, 5D, C2, 08] {RCR BYTE [EBP-0x3e], 0x8}
PAGE portcls.sys!PcForwardIrpSynchronous + 36 BA06969E 44 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGE portcls.sys!PcForwardIrpSynchronous + 63 BA0696CB 22 Bytes [8B, C6, EB, 0D, 56, E8, 6C, ...]
PAGE ...
PAGE portcls.sys!PcRegisterPhysicalConnectionToExternal + 30 BA069819 4 Bytes [C0, 5D, C2, 14] {RCR BYTE [EBP-0x3e], 0x14}
PAGE portcls.sys!PcRegisterPhysicalConnectionToExternal + 35 BA06981E 51 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGE portcls.sys!PcRegisterPhysicalConnectionFromExternal + 30 BA069853 4 Bytes [C0, 5D, C2, 14] {RCR BYTE [EBP-0x3e], 0x14}
PAGE portcls.sys!PcRegisterPhysicalConnectionFromExternal + 35 BA069858 16 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGE portcls.sys!PcRegisterPhysicalConnectionFromExternal + 46 BA069869 3 Bytes [83, 65, F4]
PAGE portcls.sys!PcRegisterPhysicalConnectionFromExternal + 4A BA06986D 14 Bytes [85, C0, 53, 56, 8B, 71, 28, ...]
PAGE portcls.sys!PcRegisterPhysicalConnectionFromExternal + 59 BA06987C 22 Bytes [74, 0F, 8B, 08, 8D, 55, F8, ...]
PAGE ...
PAGE portcls.sys!PcVerifyFilterIsReady + 32 BA069A84 6 Bytes [C0, 5F, 5E, 5D, C2, 08]
PAGE portcls.sys!PcVerifyFilterIsReady + 39 BA069A8B 103 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGE portcls.sys!PcVerifyFilterIsReady + A1 BA069AF3 100 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGE portcls.sys!PcVerifyFilterIsReady + 106 BA069B58 82 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGE portcls.sys!PcVerifyFilterIsReady + 159 BA069BAB 25 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGE ...
PAGE portcls.sys!PcRequestNewPowerState + 16 BA069DD0 15 Bytes [C0, EB, 64, 56, 8B, 70, 28, ...]
PAGE portcls.sys!PcRequestNewPowerState + 27 BA069DE1 10 Bytes [C0, EB, 52, 53, 8B, 5D, 0C, ...]
PAGE portcls.sys!PcRequestNewPowerState + 34 BA069DEE 14 Bytes [74, 45, 57, 6A, 01, 8D, 45, ...]
PAGE portcls.sys!PcRequestNewPowerState + 43 BA069DFD 15 Bytes [57, 8D, 45, E0, 89, 45, F0, ...]
PAGE portcls.sys!PcRequestNewPowerState + 53 BA069E0D 17 Bytes [53, 6A, 02, FF, 76, 08, 89, ...]
PAGE ...
PAGE portcls.sys!PcCompletePendingPropertyRequest + 11 BA069F95 7 Bytes [C0, EB, 33, 8B, 4D, 0C, B8]
PAGE portcls.sys!PcCompletePendingPropertyRequest + 1B BA069F9F 34 Bytes [C0, 8B, D1, 23, D0, 3B, D0, ...]
PAGE portcls.sys!PcCompletePendingPropertyRequest + 3E BA069FC2 6 Bytes [56, FF, 15, 14, C5, 05]
PAGE portcls.sys!PcCompletePendingPropertyRequest + 45 BA069FC9 6 Bytes [33, C0, 5E, 5D, C2, 08]
PAGE portcls.sys!PcCompletePendingPropertyRequest + 4C BA069FD0 16 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGE ...
PAGE portcls.sys!PcNewResourceSublist + 11 BA06A306 5 Bytes [74, 6A, 83, 7D, 18]
PAGE portcls.sys!PcNewResourceSublist + 17 BA06A30C 16 Bytes [74, 64, 56, FF, 75, 10, 8D, ...]
PAGE portcls.sys!PcNewResourceSublist + 28 BA06A31D 26 Bytes CALL BA065A53 \SystemRoot\system32\drivers\portcls.sys (Port Class (Class Driver for Port/Miniport Devices)/Microsoft Corporation)
PAGE portcls.sys!PcNewResourceSublist + 43 BA06A338 60 Bytes [57, FF, 10, 8B, F0, 85, F6, ...]
PAGE portcls.sys!PcNewResourceSublist + 81 BA06A376 5 Bytes [C0, 5B, 5D, C2, 14]
PAGE ...
PAGE ks.sys BA03F000 35 Bytes [85, FF, 74, 08, A8, 01, 74, ...]
PAGE ks.sys BA03F024 1 Byte [02]
PAGE ks.sys BA03F027 4 Bytes [EB, 2A, 81, FE]
PAGE ks.sys BA03F02C 1 Byte [20]
PAGE ks.sys BA03F02F 8 Bytes [0F, 84, FD, 7C, FF, FF, 81, ...]
PAGE ...
init C:\WINDOWS\system32\drivers\ALCXSENS.SYS entry point in "init" section [0xBA025510]
.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB998D360, 0x37388D, 0xE8000020]
.text VIDEOPRT.SYS!VideoPortInitialize B99793FA 3 Bytes [C0, 97, B9]
.text VIDEOPRT.SYS!VideoPortInitialize B997943E 3 Bytes [C1, 97, B9]
.text VIDEOPRT.SYS!VideoPortInitialize B997947F 3 Bytes [CB, 97, B9]
.text VIDEOPRT.SYS!VideoPortInitialize B9979486 3 Bytes [CB, 97, B9]
.text VIDEOPRT.SYS!VideoPortInitialize B99794B3 3 Bytes [CB, 97, B9]
.text ...
.text VIDEOPRT.SYS!VideoPortAllocateContiguousMemory + 1E B9979904 3 Bytes [C0, 97, B9]
.text VIDEOPRT.SYS! + 11 B997994F 3 Bytes [C0, 97, B9]
.text VIDEOPRT.SYS! + 1A B9979958 3 Bytes [C0, 97, B9]
.text VIDEOPRT.SYS! + 5D B997999B 3 Bytes [99, 97, B9]
.text VIDEOPRT.SYS! + 73 B99799B1 3 Bytes [C1, 97, B9]
.text VIDEOPRT.SYS!VideoPortCompleteDma + B B99799C9 3 Bytes [C0, 97, B9]
.text VIDEOPRT.SYS!VideoPortCompleteDma + 28 B99799E6 3 Bytes [C0, 97, B9]
.text VIDEOPRT.SYS! + 1C B9979A50 3 Bytes [C0, 97, B9]
.text VIDEOPRT.SYS! + 84 B9979AB8 3 Bytes [C0, 97, B9]
.text VIDEOPRT.SYS! + 90 B9979AC4 3 Bytes [99, 97, B9]
.text VIDEOPRT.SYS! + B4 B9979AE8 3 Bytes [C0, 97, B9]
.text VIDEOPRT.SYS! + C4 B9979AF8 3 Bytes [C1, 97, B9]
.text ...
.text VIDEOPRT.SYS!VideoPortDisableInterrupt + 26 B997A108 3 Bytes [C0, 97, B9]
.text VIDEOPRT.SYS!VideoPortEnableInterrupt + 33 B997A155 3 Bytes [C0, 97, B9]
.text VIDEOPRT.SYS!VideoPortGetBusData + 58 B997A1C0 3 Bytes [C0, 97, B9]
.text VIDEOPRT.SYS!VideoPortGetCurrentIrql + 3 B997A1CF 3 Bytes [C0, 97, B9]
.text VIDEOPRT.SYS! + 58 B997A230 3 Bytes [C0, 97, B9]
.text VIDEOPRT.SYS! + 6B B997A243 3 Bytes [A6, 98, B9]
.text VIDEOPRT.SYS! + 72 B997A24A 3 Bytes [A6, 98, B9]
.text VIDEOPRT.SYS!VideoPortQueueDpc + 1A B997A2EE 3 Bytes [C1, 97, B9]
.text VIDEOPRT.SYS!VideoPortQueueDpc + 44 B997A318 3 Bytes [CB, 97, B9]
.text VIDEOPRT.SYS!VideoPortQueueDpc + 5D B997A331 3 Bytes [CB, 97, B9]
.text VIDEOPRT.SYS!VideoPortQueueDpc + 76 B997A34A 3 Bytes [CB, 97, B9]
.text VIDEOPRT.SYS!VideoPortQueueDpc + 8A B997A35E 3 Bytes [CB, 97, B9]
.text ...
.text VIDEOPRT.SYS!PortNotification + 1E B997A904 3 Bytes [C1, 97, B9]
.text VIDEOPRT.SYS!PortNotification + 23 B997A909 3 Bytes [C1, 97, B9]
.text VIDEOPRT.SYS!PortNotification + 81 B997A967 3 Bytes [AC, 97, B9]
.text VIDEOPRT.SYS!PortNotification + 88 B997A96E 3 Bytes [A9, 97, B9]
.text VIDEOPRT.SYS!PortNotification + AB B997A991 3 Bytes [CB, 97, B9]
.text ...
.text VIDEOPRT.SYS!VideoPortDeleteSpinLock + D B997AA07 3 Bytes [C1, 97, B9]
.text VIDEOPRT.SYS!VideoPortAcquireSpinLock + B B997AA21 3 Bytes [C0, 97, B9]
.text VIDEOPRT.SYS!VideoPortAcquireSpinLockAtDpcLevel + B B997AA3D 3 Bytes [C1, 97, B9]
.text VIDEOPRT.SYS! + E B997AA58 3 Bytes [C0, 97, B9]
.text VIDEOPRT.SYS! + B B997AA6F 3 Bytes [C1, 97, B9]
.text VIDEOPRT.SYS!VideoPortDeleteEvent + 22 B997AA9E 3 Bytes [C1, 97, B9]
.text VIDEOPRT.SYS! + 11 B997AABD 3 Bytes [C0, 97, B9]
.text VIDEOPRT.SYS!VideoPortClearEvent + D B997AAD7 3 Bytes [C1, 97, B9]
.text VIDEOPRT.SYS!VideoPortReadStateEve + D B997AAF1 3 Bytes [C1, 97, B9]
.text VIDEOPRT.SYS! + 25 B997AB23 3 Bytes [C2, 97, B9] {RET 0xb997}
.text VIDEOPRT.SYS!VideoPortDebugPrint + 7 B997AB4D 3 Bytes [CB, 97, B9]
.text VIDEOPRT.SYS!VideoPortDebugPrint + 4D B997AB93 3 Bytes [C1, 97, B9]
.text VIDEOPRT.SYS!VideoPortDebugPrint + 61 B997ABA7 3 Bytes [C0, 97, B9]
.text VIDEOPRT.SYS!VideoPortDebugPrint + 7C B997ABC2 3 Bytes [C1, 97, B9]
.text VIDEOPRT.SYS!VideoPortDebugPrint + B5 B997ABFB 3 Bytes [C1, 97, B9]
.text ...
.text VIDEOPRT.SYS!VideoPortAllocatePool + 11 B997AE03 3 Bytes [C0, 97, B9]
.text VIDEOPRT.SYS!VideoPortFreePool + D B997AE1D 3 Bytes [C1, 97, B9]
.text VIDEOPRT.SYS!VideoPortFreePool + 3C B997AE4C 3 Bytes [C1, 97, B9]
.text VIDEOPRT.SYS!VideoPortFreePool + 45 B997AE55 3 Bytes [C1, 97, B9]
.text VIDEOPRT.SYS!VideoPortFreePool + 60 B997AE70 3 Bytes [CC, 97, B9]
.text VIDEOPRT.SYS!VideoPortFreePool + 6A B997AE7A 3 Bytes [CC, 97, B9]
.text ...
.text VIDEOPRT.SYS!VideoPortFlushRegistry + 64 B997B038 3 Bytes [C0, 97, B9]
.text VIDEOPRT.SYS!VideoPortFlushRegistry + 71 B997B045 3 Bytes CALL B951480A
.text VIDEOPRT.SYS!VideoPortFlushRegistry + 7A B997B04E 3 Bytes [C0, 97, B9]
.text VIDEOPRT.SYS! + 1A B997B094 3 Bytes [C2, 97, B9] {RET 0xb997}
.text VIDEOPRT.SYS! + 1A B997B0BA 3 Bytes [C2, 97, B9] {RET 0xb997}
.text VIDEOPRT.SYS! + 53 B997B0F3 3 Bytes [C2, 97, B9] {RET 0xb997}
.text VIDEOPRT.SYS!VideoPortEnumerateChildren + 13 B997B129 3 Bytes [C1, 97, B9]
.text VIDEOPRT.SYS!VideoPortQueryPerformanceCounter + B B997B143 3 Bytes [C0, 97, B9]
.text VIDEOPRT.SYS!VideoPortQueryPerformanceCounter + 69 B997B1A1 3 Bytes [C0, 97, B9]
.text VIDEOPRT.SYS!VideoPortQueryPerformanceCounter + 8A B997B1C2 3 Bytes [C2, 97, B9] {RET 0xb997}
.text VIDEOPRT.SYS!VideoPortQueryPerformanceCounter + A0 B997B1D8 3 Bytes [C1, 97, B9]
.text VIDEOPRT.SYS!VideoPortQueryPerformanceCounter + BA B997B1F2 3 Bytes [C0, 97, B9]
.text ...
.text VIDEOPRT.SYS!VideoPortGetVersion + D B997B4D7 3 Bytes [CB, 97, B9]
.text VIDEOPRT.SYS!VideoPortGetVersion + 3E B997B508 3 Bytes [C2, 97, B9] {RET 0xb997}
.text VIDEOPRT.SYS!VideoPortLogError + 35 B997B589 3 Bytes [AC, 97, B9]
.text VIDEOPRT.SYS! + 35 B997B5D3 3 Bytes [C0, 97, B9]
.text VIDEOPRT.SYS! + 4C B997B5EA 3 Bytes [C0, 97, B9]
.text VIDEOPRT.SYS! + 95 B997B633 3 Bytes [C1, 97, B9]
.text VIDEOPRT.SYS! + A3 B997B641 3 Bytes [B5, 97, B9]
.text VIDEOPRT.SYS! + FC B997B69A 3 Bytes [C0, 97, B9]
.text ...
PAGE VIDEOPRT.SYS!VideoPortInt10 + 7 B997D225 3 Bytes [C3, 97, B9]
PAGE VIDEOPRT.SYS!VideoPortInt10 + 11 B997D22F 3 Bytes [CB, 97, B9]
PAGE VIDEOPRT.SYS!VideoPortInt10 + 3D B997D25B 3 Bytes [C2, 97, B9] {RET 0xb997}
PAGE VIDEOPRT.SYS!VideoPortInt10 + 4B B997D269 3 Bytes [A6, 98, B9]
PAGE VIDEOPRT.SYS!VideoPortInt10 + 57 B997D275 3 Bytes [CB, 97, B9]
PAGE ...
PAGE VIDEOPRT.SYS! + 2C B997DF56 3 Bytes [C3, 97, B9]
PAGE VIDEOPRT.SYS! + 3C B997DF66 3 Bytes [CB, 97, B9]
PAGE VIDEOPRT.SYS! + 59 B997DF83 3 Bytes [C0, 97, B9]
PAGE VIDEOPRT.SYS! + 61 B997DF8B 3 Bytes [C2, 97, B9] {RET 0xb997}
PAGE VIDEOPRT.SYS! + 70 B997DF9A 3 Bytes [C2, 97, B9] {RET 0xb997}
PAGE ...
PAGE VIDEOPRT.SYS!VideoPortGetAgpServices + 34 B997F492 3 Bytes [EB, 97, B9]
PAGE VIDEOPRT.SYS!VideoPortGetAgpServices + 3B B997F499 3 Bytes [EC, 97, B9]
PAGE VIDEOPRT.SYS!VideoPortGetAgpServices + 42 B997F4A0 3 Bytes [EC, 97, B9]
PAGE VIDEOPRT.SYS!VideoPortGetAgpServices + 49 B997F4A7 3 Bytes [F1, 97, B9]
PAGE VIDEOPRT.SYS!VideoPortGetAgpServices + 50 B997F4AE 3 Bytes [F1, 97, B9]
PAGE ...
PAGE VIDEOPRT.SYS!VideoPortDDCMonitorHelper + 64 B997F73C 3 Bytes [C0, 97, B9]
PAGE VIDEOPRT.SYS!VideoPortGetDmaAdapter + 1C B997F8BA 3 Bytes [C0, 97, B9]
PAGE VIDEOPRT.SYS!VideoPortGetDmaAdapter + 90 B997F92E 3 Bytes [C0, 97, B9]
PAGE VIDEOPRT.SYS!VideoPortGetDmaAdapter + 9F B997F93D 3 Bytes [C1, 97, B9]
PAGE VIDEOPRT.SYS!VideoPortPutDmaAdapter + 48 B997F9AC 3 Bytes [C1, 97, B9]
PAGE VIDEOPRT.SYS!VideoPortLockBuffer + 4 B997FA36 3 Bytes CALL A25191FE
PAGE VIDEOPRT.SYS!VideoPortLockBuffer + 1A B997FA4C 3 Bytes [C0, 97, B9]
PAGE VIDEOPRT.SYS!VideoPortLockBuffer + 35 B997FA67 3 Bytes [C0, 97, B9]
PAGE VIDEOPRT.SYS!VideoPortLockBuffer + 47 B997FA79 3 Bytes [C0, 97, B9]
PAGE VIDEOPRT.SYS! + 83 B997FB9F 3 Bytes [C0, 97, B9]
PAGE VIDEOPRT.SYS! + 9E B997FBBA 3 Bytes [C3, 97, B9]
PAGE VIDEOPRT.SYS! + 16 B997FC14 3 Bytes [CB, 97, B9]
PAGE VIDEOPRT.SYS! + 26 B997FC24 3 Bytes [CB, 97, B9]
PAGE VIDEOPRT.SYS! + 3D B997FC3B 3 Bytes [A6, 98, B9]
PAGE ...
PAGE VIDEOPRT.SYS!VideoPortDbgReportCreate + A B9980322 3 Bytes [CB, 97, B9]
PAGE VIDEOPRT.SYS!VideoPortDbgReportCreate + 1F B9980337 3 Bytes [C0, 97, B9]
PAGE VIDEOPRT.SYS!VideoPortDbgReportCreate + 30 B9980348 3 Bytes [CB, 97, B9]
PAGE VIDEOPRT.SYS!VideoPortDbgReportCreate + 41 B9980359 3 Bytes [C1, 97, B9]
PAGE VIDEOPRT.SYS!VideoPortDbgReportCreate + 47 B998035F 3 Bytes [CB, 97, B9]
PAGE ...
PAGE VIDEOPRT.SYS!VideoPortDbgReportSecondaryData + 8 B998041A 3 Bytes [C0, 97, B9]
PAGE VIDEOPRT.SYS!VideoPortDbgReportSecondaryData + 53 B9980465 3 Bytes [03, 98, B9]
PAGE VIDEOPRT.SYS!VideoPortDbgReportComplete + A B998049E 3 Bytes [CB, 97, B9]
PAGE VIDEOPRT.SYS!VideoPortDbgReportComplete + 17 B99804AB 3 Bytes [C0, 97, B9]
PAGE VIDEOPRT.SYS!VideoPortDbgReportComplete + 2E B99804C2 3 Bytes [04, 98, B9]
PAGE VIDEOPRT.SYS!VideoPortDbgReportComplete + B6 B998054A 3 Bytes [C1, 97, B9]
PAGE VIDEOPRT.SYS!VideoPortDbgReportComplete + 12E B99805C2 3 Bytes [CB, 97, B9]
PAGE ...
PAGE VIDEOPRT.SYS!VideoPortGetRomImage + 22 B9981E92 3 Bytes [C1, 97, B9]
PAGE VIDEOPRT.SYS!VideoPortGetRomImage + 51 B9981EC1 3 Bytes [C0, 97, B9]
PAGE VIDEOPRT.SYS!VideoPortGetRomImage + 84 B9981EF4 3 Bytes [C1, 97, B9]
PAGE VIDEOPRT.SYS!VideoPortGetRomImage + FB B9981F6B 3 Bytes [C1, 97, B9]
PAGE VIDEOPRT.SYS!VideoPortAcquireDeviceLock + 1B B9982039 3 Bytes [C2, 97, B9] {RET 0xb997}
PAGE VIDEOPRT.SYS!VideoPortAcquireDeviceLock + 28 B9982046 3 Bytes [C2, 97, B9] {RET 0xb997}
PAGE VIDEOPRT.SYS!VideoPortAcquireDeviceLock + 35 B9982053 3 Bytes [C2, 97, B9] {RET 0xb997}
PAGE VIDEOPRT.SYS! + 13 B9982075 3 Bytes [C2, 97, B9] {RET 0xb997}
PAGE VIDEOPRT.SYS! + 36 B9982098 3 Bytes [C0, 97, B9]
PAGE VIDEOPRT.SYS! + 4F B99820B1 3 Bytes [C0, 97, B9]
PAGE VIDEOPRT.SYS! + 7A B99820DC 3 Bytes [C3, 97, B9]
PAGE VIDEOPRT.SYS! + AB B998210D 3 Bytes [C0, 97, B9]
PAGE ...
PAGE VIDEOPRT.SYS!VideoPortCheckForDeviceExistence + 29 B998215D 3 Bytes [C0, 97, B9]
PAGE VIDEOPRT.SYS!VideoPortCheckForDeviceExistence + 3F B9982173 3 Bytes [C0, 97, B9]
PAGE VIDEOPRT.SYS!VideoPortCheckForDeviceExistence + 69 B998219D 3 Bytes [C3, 97, B9]
PAGE VIDEOPRT.SYS!VideoPortCheckForDeviceExistence + 9B B99821CF 3 Bytes [C0, 97, B9]
PAGE VIDEOPRT.SYS!VideoPortCheckForDeviceExistence + B0 B99821E4 3 Bytes [C2, 97, B9] {RET 0xb997}
PAGE ...
PAGE VIDEOPRT.SYS! + 52 B998236C 3 Bytes [CB, 97, B9]
PAGE VIDEOPRT.SYS! + 65 B998237F 3 Bytes [CB, 97, B9]
PAGE VIDEOPRT.SYS!VideoPortGetVgaStatus + 51 B998240F 3 Bytes [C0, 97, B9]
PAGE VIDEOPRT.SYS!VideoPortGetVgaStatus + 6D B998242B 3 Bytes [C0, 97, B9]
PAGE VIDEOPRT.SYS!VideoPortGetVgaStatus + 91 B998244F 3 Bytes [A5, 97, B9]
PAGE VIDEOPRT.SYS!VideoPortGetVgaStatus + A6 B9982464 3 Bytes [C0, 97, B9]
PAGE VIDEOPRT.SYS!VideoPortGetVgaStatus + BD B998247B 3 Bytes [C2, 97, B9] {RET 0xb997}
PAGE ...
PAGE VIDEOPRT.SYS!VideoPortGetAccessRanges + D B9984209 3 Bytes [CB, 97, B9]
PAGE VIDEOPRT.SYS!VideoPortGetAccessRanges + 56 B9984252 3 Bytes [C0, 97, B9]
PAGE VIDEOPRT.SYS!VideoPortGetAccessRanges + C7 B99842C3 3 Bytes [C0, 97, B9]
PAGE VIDEOPRT.SYS!VideoPortGetAccessRanges + 119 B9984315 3 Bytes [A6, 98, B9]
PAGE VIDEOPRT.SYS!VideoPortGetAccessRanges + 120 B998431C 3 Bytes [C0, 97, B9]
PAGE ...
PAGE VIDEOPRT.SYS! + 46 B998464E 3 Bytes [A6, 98, B9]
PAGE VIDEOPRT.SYS! + 71 B9984679 3 Bytes [A6, 98, B9]
PAGE VIDEOPRT.SYS! + 87 B998468F 3 Bytes [C1, 97, B9]
PAGE VIDEOPRT.SYS! + 8D B9984695 3 Bytes [A6, 98, B9]
PAGE VIDEOPRT.SYS! + 93 B998469B 3 Bytes [A6, 98, B9]
PAGE ...
PAGE VIDEOPRT.SYS!VideoPortCreateSpinLock + 11 B99846FB 3 Bytes [C0, 97, B9]
PAGE VIDEOPRT.SYS!VideoPortCreateSpinLock + 21 B998470B 3 Bytes [C1, 97, B9]
PAGE VIDEOPRT.SYS!VideoPortCreateEvent + 12 B9984730 3 Bytes [C0, 97, B9]
PAGE VIDEOPRT.SYS!VideoPortCreateEvent + 3F B998475D 3 Bytes [C0, 97, B9]
PAGE VIDEOPRT.SYS!VideoPortCreateEvent + 65 B9984783 3 Bytes [CB, 97, B9]
PAGE VIDEOPRT.SYS!VideoPortCreateEvent + A9 B99847C7 3 Bytes [C1, 97, B9]
PAGE VIDEOPRT.SYS!VideoPortCreateEvent + B5 B99847D3 3 Bytes [C1, 97, B9]
PAGE ...
PAGE VIDEOPRT.SYS!VideoPortGetDeviceData + 57 B9984CF3 3 Bytes [4B, 98, B9]
PAGE VIDEOPRT.SYS!VideoPortGetDeviceData + 5C B9984CF8 3 Bytes [A6, 98, B9]
PAGE VIDEOPRT.SYS!VideoPortGetDeviceData + 61 B9984CFD 3 Bytes [A6, 98, B9]
PAGE VIDEOPRT.SYS!VideoPortGetDeviceData + 66 B9984D02 3 Bytes [A6, 98, B9]
PAGE VIDEOPRT.SYS!VideoPortGetDeviceData + 6B B9984D07 3 Bytes [A6, 98, B9]
PAGE ...
PAGE VIDEOPRT.SYS! + 44 B99862B4 3 Bytes [C2, 97, B9] {RET 0xb997}
PAGE VIDEOPRT.SYS! + 2D B9986315 3 Bytes [C2, 97, B9] {RET 0xb997}
PAGE VIDEOPRT.SYS! + E6 B99863CE 3 Bytes [C3, 97, B9]
PAGE VIDEOPRT.SYS! + ED B99863D5 3 Bytes [C2, 97, B9] {RET 0xb997}
PAGE VIDEOPRT.SYS! + 101 B99863E9 3 Bytes [C2, 97, B9] {RET 0xb997}
PAGE ...
PAGE VIDEOPRT.SYS!VideoPortGetRegistryParameters + 49 B9987A39 3 Bytes [C1, 97, B9]
PAGE VIDEOPRT.SYS!VideoPortGetRegistryParameters + 79 B9987A69 3 Bytes [A6, 98, B9]
PAGE VIDEOPRT.SYS!VideoPortGetRegistryParameters + A2 B9987A92 3 Bytes [C2, 97, B9] {RET 0xb997}
PAGE VIDEOPRT.SYS!VideoPortGetRegistryParameters + B2 B9987AA2 3 Bytes [A6, 98, B9]
PAGE VIDEOPRT.SYS!VideoPortGetRegistryParameters + B8 B9987AA8 3 Bytes [C1, 97, B9]
PAGE ...
PAGE VIDEOPRT.SYS!VideoPortQueryServices + 54 B9987C02 3 Bytes [63, 98, B9]
PAGE VIDEOPRT.SYS!VideoPortQueryServices + 5B B9987C09 3 Bytes [63, 98, B9]
PAGE VIDEOPRT.SYS!VideoPortQueryServices + 99 B9987C47 3 Bytes [16, 98, B9]
PAGE VIDEOPRT.SYS!VideoPortQueryServices + A0 B9987C4E 3 Bytes [17, 98, B9]
PAGE VIDEOPRT.SYS!VideoPortQueryServices + A7 B9987C55 3 Bytes [1B, 98, B9]
PAGE ...
PAGE VIDEOPRT.SYS!VideoPortCreateSecondaryDisplay + D B99888DB 3 Bytes [CB, 97, B9]
PAGE VIDEOPRT.SYS!VideoPortCreateSecondaryDisplay + 30 B99888FE 3 Bytes [C1, 97, B9]
PAGE VIDEOPRT.SYS!VideoPortCreateSecondaryDisplay + 43 B9988911 3 Bytes [A6, 98, B9]
PAGE VIDEOPRT.SYS!VideoPortCreateSecondaryDisplay + 48 B9988916 3 Bytes [87, 98, B9]
PAGE VIDEOPRT.SYS!VideoPortCreateSecondaryDisplay + 87 B9988955 3 Bytes [C1, 97, B9]
PAGE ...
PAGE VIDEOPRT.SYS!VideoPortInitialize + 9 B9988FB7 3 Bytes [A6, 98, B9]
PAGE VIDEOPRT.SYS!VideoPortInitialize + 12 B9988FC0 3 Bytes [A6, 98, B9]
PAGE VIDEOPRT.SYS!VideoPortInitialize + 5C B998900A 3 Bytes [A6, 98, B9]
PAGE VIDEOPRT.SYS!VideoPortInitialize + 79 B9989027 3 Bytes [6C, 98, B9]
PAGE VIDEOPRT.SYS!VideoPortInitialize + 91 B998903F 3 Bytes [5D, 98, B9]
PAGE ...
.text parport.sys B95AA30A 3 Bytes [AA, 5B, B9]
.text parport.sys B95AA346 3 Bytes [AF, 5B, B9]
.text parport.sys B95AA34F 3 Bytes [AA, 5B, B9]
.text parport.sys B95AA364 3 Bytes [AA, 5B, B9]
.text parport.sys B95AA386 3 Bytes [AA, 5B, B9]
.text ...
.text ndiswan.sys B956B308 3 Bytes [DA, 57, B9] {FICOM DWORD [EDI-0x47]}
.text ndiswan.sys B956B334 3 Bytes [CA, 57, B9] {RETF 0xb957}
.text ndiswan.sys B956B37B 3 Bytes [CA, 57, B9] {RETF 0xb957}
.text ndiswan.sys B956B394 3 Bytes [DA, 57, B9] {FICOM DWORD [EDI-0x47]}
.text ndiswan.sys B956B3C6 3 Bytes [C9, 57, B9]
.text ...
.text rdpdr.sys B317E001 6 Bytes [85, C0, 0F, 85, 58, 01]
.text rdpdr.sys B317E009 8 Bytes [8B, 47, 10, 53, 68, 98, DD, ...]
.text rdpdr.sys B317E012 3 Bytes [68, 3B, 04]
.text rdpdr.sys B317E017 11 Bytes [6A, 01, 6A, FF, FF, 70, 08, ...]
.text rdpdr.sys B317E023 6 Bytes [85, C0, 0F, 85, 2E, 01]
.text ...
.text update.sys B310FC1D 3 Bytes [FD, 10, B3]
.text update.sys B310FC9A 3 Bytes [FC, 10, B3]
.text ipsec.sys AF13D323 3 Bytes [CB, 14, AF] {RETF ; ADC AL, 0xaf}
.text ipsec.sys AF13D32F 3 Bytes [CB, 14, AF] {RETF ; ADC AL, 0xaf}
.text ipsec.sys AF13D338 3 Bytes [CF, 14, AF] {IRET ; ADC AL, 0xaf}
.text ipsec.sys AF13D345 3 Bytes [CF, 14, AF] {IRET ; ADC AL, 0xaf}
.text ipsec.sys AF13D35D 3 Bytes [D0, 14, AF] {RCL BYTE [EDI+EBP*4], 0x1}
.text ...
.text tcpip.sys!SendICMPErr AF0E4388 3 Bytes [34, 12, AF] {XOR AL, 0x12; SCASD }
.text tcpip.sys!SendICMPErr AF0E4393 3 Bytes [36, 12, AF]
.text tcpip.sys!SendICMPErr AF0E439E 3 Bytes [36, 12, AF]
.text tcpip.sys!IPRcvComplete + 8 AF0E43AE 3 Bytes [5A, 12, AF]
.text tcpip.sys!IPRcvComplete + 10 AF0E43B6 3 Bytes [5A, 12, AF]
.text tcpip.sys!IPRcvComplete + 21 AF0E43C7 3 Bytes [5A, 12, AF]
.text tcpip.sys!IPRcvComplete + 52 AF0E43F8 3 Bytes [34, 12, AF] {XOR AL, 0x12; SCASD }
.text tcpip.sys!IPRcvComplete + 67 AF0E440D 3 Bytes [87, 12, AF] {XCHG [EDX], EDX; SCASD }
.text ...
.text tcpip.sys!ARPRcvPacket + 62 AF0E4862 3 Bytes [35, 12, AF]
.text tcpip.sys!ARPRcvPacket + 139 AF0E4939 3 Bytes [DD, 12, AF] {FST QWORD [EDX]; SCASD }
.text tcpip.sys!ARPRcvPacket + 146 AF0E4946 3 Bytes [3A, 12, AF] {CMP DL, [EDX]; SCASD }
.text tcpip.sys!ARPRcvPacket + 170 AF0E4970 3 Bytes [83, 12, AF] {ADC DWORD [EDX], -0x51}
.text tcpip.sys!ARPRcvPacket + 188 AF0E4988 3 Bytes [44, 12, AF]
.text ...
.text tcpip.sys!IPRcvPacket + 38 AF0E55D8 3 Bytes [3C, 12, AF] {CMP AL, 0x12; SCASD }
.text tcpip.sys!IPRcvPacket + 18C AF0E572C 3 Bytes [81, 12, AF]
.text tcpip.sys!IPRcvPacket + 1D9 AF0E5779 3 Bytes [3E, 12, AF]
.text tcpip.sys!IPRcvPacket + 1ED AF0E578D 3 Bytes [3E, 12, AF]
.text tcpip.sys!IPRcvPacket + 24D AF0E57ED 3 Bytes [58, 12, AF]
.text ...
.text tcpip.sys!IPFreeBuff + 2C AF0E58ED 3 Bytes [36, 12, AF]
.text tcpip.sys!IPFreeBuff + C9 AF0E598A 3 Bytes [58, 12, AF]
.text tcpip.sys!IPFreeBuff + D7 AF0E5998 3 Bytes [54, 12, AF]
.text tcpip.sys!IPFreeBuff + 12E AF0E59EF 3 Bytes [58, 12, AF]
.text tcpip.sys!IPFreeBuff + 16F AF0E5A30 3 Bytes [81, 12, AF]
.text ...
.text tcpip.sys!IPGetAddrType + 19 AF0E6324 3 Bytes [3B, 12, AF] {CMP EDX, [EDX]; SCASD }
.text tcpip.sys!IPGetAddrType + 23 AF0E632E 3 Bytes [33, 12, AF] {XOR EDX, [EDX]; SCASD }
.text tcpip.sys!IPGetAddrType + 53 AF0E635E 3 Bytes [33, 12, AF] {XOR EDX, [EDX]; SCASD }
.text tcpip.sys!IPGetAddrType + 73 AF0E637E 3 Bytes [82, 12, AF] {ADC BYTE [EDX], -0x51}
.text tcpip.sys!IPGetAddrType + C0 AF0E63CB 3 Bytes [5B, 12, AF]
.text ...
.text tcpip.sys!LookupRoute + 9 AF0E6C11 3 Bytes [3B, 12, AF] {CMP EDX, [EDX]; SCASD }
.text tcpip.sys!LookupRoute + 11 AF0E6C19 3 Bytes [33, 12, AF] {XOR EDX, [EDX]; SCASD }
.text tcpip.sys!LookupRoute + 28 AF0E6C30 3 Bytes [33, 12, AF] {XOR EDX, [EDX]; SCASD }
.text tcpip.sys!IPTransmit + D AF0E6C4B 3 Bytes [39, 12, AF] {CMP [EDX], EDX; SCASD }
.text tcpip.sys!IPTransmit + 2B AF0E6C69 3 Bytes [3C, 12, AF] {CMP AL, 0x12; SCASD }
.text tcpip.sys!IPTransmit + 17E AF0E6DBC 3 Bytes [33, 12, AF] {XOR EDX, [EDX]; SCASD }
.text tcpip.sys!IPTransmit + 1B0 AF0E6DEE 3 Bytes [33, 12, AF] {XOR EDX, [EDX]; SCASD }
.text tcpip.sys!IPTransmit + 1FB AF0E6E39 3 Bytes [33, 12, AF] {XOR EDX, [EDX]; SCASD }
.text ...
.text tcpip.sys!ARPRcv + 1C AF0E96D1 3 Bytes [33, 12, AF] {XOR EDX, [EDX]; SCASD }
.text tcpip.sys!ARPRcv + 6C AF0E9721 3 Bytes [33, 12, AF] {XOR EDX, [EDX]; SCASD }
.text tcpip.sys!ARPRcv + BC AF0E9771 3 Bytes [C9, 12, AF]
.text tcpip.sys!ARPRcv + C5 AF0E977A 3 Bytes [C9, 12, AF]
.text tcpip.sys!ARPRcv + 1C1 AF0E9876 3 Bytes [DC, 12, AF] {FCOM QWORD [EDX]; SCASD }
.text ...
.text tcpip.sys!SetIPSecPtr + 3F AF0FAA91 13 Bytes [90, 90, 90, 90, 90, B8, 60, ...]
.text tcpip.sys!SetIPSecPtr + 4F AF0FAAA1 84 Bytes [80, 21, 0D, 6C, 58, 12, AF, ...]
.text tcpip.sys!SetIPSecPtr + A5 AF0FAAF7 3 Bytes [5D, C2, 04]
.text tcpip.sys!SetIPSecPtr + A9 AF0FAAFB 8 Bytes [A3, B8, 3E, 12, AF, E9, 1F, ...]
.text tcpip.sys!SetIPSecPtr + B3 AF0FAB05 14 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text tcpip.sys!IPGetInfo + C AF0FAB16 4 Bytes [0F, 82, B0, AD]
.text tcpip.sys!IPGetInfo + 12 AF0FAB1C 4 Bytes [8B, 45, 08, C7]
.text tcpip.sys!IPGetInfo + 17 AF0FAB21 1 Byte [01]
.text tcpip.sys!IPGetInfo + 1B AF0FAB25 4 Bytes [C7, 40, 04, 14]
.text tcpip.sys!IPGetInfo + 22 AF0FAB2C 213 Bytes [C7, 40, 08, 3E, 6C, 0E, AF, ...]
.text ...
.text tcpip.sys!IPAddInterface + 26 AF0FC807 14 Bytes [8D, 45, F0, 50, FF, 75, 10, ...]
.text tcpip.sys!IPAddInterface + 37 AF0FC818 7 Bytes [89, 5D, F4, E8, 22, 1D, 03]
.text tcpip.sys!IPAddInterface + 3F AF0FC820 6 Bytes [85, C0, 0F, 84, 05, 9B]
.text tcpip.sys!IPAddInterface + 47 AF0FC828 14 Bytes [FF, 75, 10, 8D, 45, 84, FF, ...]
.text tcpip.sys!IPAddInterface + 56 AF0FC837 6 Bytes [85, C0, 0F, 84, 39, 06]
.text ...
.text tcpip.sys!LookupRouteInformation + 13 AF0FCF11 1 Byte [6A]
.text tcpip.sys!LookupRouteInformation + 13 AF0FCF11 7 Bytes [6A, 00, FF, 75, 08, E8, 09]
.text tcpip.sys!LookupRouteInformation + 1D AF0FCF1B 3 Bytes [5D, C2, 14]
.text tcpip.sys!LookupRouteInformation + 21 AF0FCF1F 25 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text tcpip.sys!LookupRouteInformationWithBuffer + 16 AF0FCF3A 22 Bytes [F7, F1, BB, 80, 3B, 12, AF, ...]
.text tcpip.sys!LookupRouteInformationWithBuffer + 2D AF0FCF51 24 Bytes [6A, 20, FF, 76, 08, 88, 45, ...]
.text tcpip.sys!LookupRouteInformationWithBuffer + 47 AF0FCF6B 8 Bytes [F6, 47, 26, 04, 0F, 84, AF, ...]
.text tcpip.sys!LookupRouteInformationWithBuffer + 51 AF0FCF75 15 Bytes [8B, 75, 14, 85, F6, 8B, 47, ...]
.text tcpip.sys!LookupRouteInformationWithBuffer + 62 AF0FCF86 8 Bytes [8B, 4D, 18, 49, 0F, 85, 31, ...]
.text ...
.text tcpip.sys!IPRegisterARP + B AF0FD2BD 3 Bytes [81, 7D, 0C]
.text tcpip.sys!IPRegisterARP + F AF0FD2C1 2 Bytes [10, 05]
.text tcpip.sys!IPRegisterARP + 12 AF0FD2C4 4 Bytes [0F, 85, 77, 92]
.text tcpip.sys!IPRegisterARP + 18 AF0FD2CA 25 Bytes [53, 8B, 5D, 08, 0F, B7, 03, ...]
.text tcpip.sys!IPRegisterARP + 32 AF0FD2E4 10 Bytes [FF, D7, 8B, F0, 85, F6, 0F, ...]
.text ...
.text tcpip.sys!IPDelayedNdisReEnumerateBindings + 21 AF0FD3D7 3 Bytes [74, 0B, 6A]
.text tcpip.sys!IPDelayedNdisReEnumerateBindings + 25 AF0FD3DB 12 Bytes [FF, 75, 08, FF, 15, 24, 36, ...]
.text tcpip.sys!IPDelayedNdisReEnumerateBindings + 32 AF0FD3E8 9 Bytes [90, 90, 90, 90, 90, E8, 13, ...]
.text tcpip.sys!IPDelayedNdisReEnumerateBindings + 3C AF0FD3F2 13 Bytes [85, C0, 74, 2A, 56, 68, 54, ...]
.text tcpip.sys!IPDelayedNdisReEnumerateBindings + 4A AF0FD400 24 Bytes [FF, 15, 0C, 36, 12, AF, 8B, ...]
.text ...
.text tcpip.sys!IPRegisterProtocol + 28 AF0FEC01 15 Bytes [40, 83, C7, 1C, 3B, C1, 7C, ...]
.text tcpip.sys!IPRegisterProtocol + 39 AF0FEC12 73 Bytes [8B, C1, 6B, C0, 1C, 33, FF, ...]
.text tcpip.sys!IPRegisterProtocol + 83 AF0FEC5C 23 Bytes JMP AF0E69E7 \SystemRoot\system32\DRIVERS\tcpip.sys (TCP/IP Protocol Driver/Microsoft Corporation)
.text tcpip.sys!IPRegisterProtocol + 9C AF0FEC75 1 Byte [8B]
.text tcpip.sys!IPRegisterProtocol + 9C AF0FEC75 112 Bytes [8B, 00, 85, C0, 75, E8, 42, ...]
.text ...
.text tcpip.sys!tcpxsum + 10 AF101097 9 Bytes [8B, 74, 24, 10, 2B, D2, F7, ...]
.text tcpip.sys!tcpxsum + 1C AF1010A3 10 Bytes [74, 0A, 8A, 26, 46, 49, 0F, ...]
.text tcpip.sys!tcpxsum + 28 AF1010AF 11 Bytes JMP B39A1A27
.text tcpip.sys!tcpxsum + 35 AF1010BC 3 Bytes [F7, C6, 02]
.text tcpip.sys!tcpxsum + 3B AF1010C2 17 Bytes [74, 09, 66, 8B, 16, 83, C6, ...]
.text ...
.text tcpip.sys!IPAllocBuff + 1F AF1130CC 3 Bytes [36, 12, AF]
.text tcpip.sys!IPInjectPkt + 4B AF113135 3 Bytes [36, 12, AF]
.text tcpip.sys!IPInjectPkt + 175 AF11325F 3 Bytes [33, 12, AF] {XOR EDX, [EDX]; SCASD }
.text tcpip.sys!IPInjectPkt + 1BE AF1132A8 3 Bytes [33, 12, AF] {XOR EDX, [EDX]; SCASD }
.text tcpip.sys!IPInjectPkt + 1CE AF1132B8 3 Bytes [33, 12, AF] {XOR EDX, [EDX]; SCASD }
.text tcpip.sys!IPInjectPkt + 1E7 AF1132D1 3 Bytes [3C, 12, AF] {CMP AL, 0x12; SCASD }
.text ...
.text tcpip.sys!GetIFAndLink + A AF114BAD 3 Bytes [3B, 12, AF] {CMP EDX, [EDX]; SCASD }
.text tcpip.sys!GetIFAndLink + 12 AF114BB5 3 Bytes [33, 12, AF] {XOR EDX, [EDX]; SCASD }
.text tcpip.sys!GetIFAndLink + 69 AF114C0C 3 Bytes [33, 12, AF] {XOR EDX, [EDX]; SCASD }
.text tcpip.sys!GetIFAndLink + A2 AF114C45 3 Bytes [5A, 12, AF]
.text tcpip.sys!GetIFAndLink + DC AF114C7F 3 Bytes [81, 12, AF]
.text ...
.text tcpip.sys!IPDeregisterARP + 45 AF115D4E 1 Byte [6A]
.text tcpip.sys!IPDeregisterARP + 45 AF115D4E 17 Bytes [6A, 00, 56, FF, 15, 24, 36, ...]
.text tcpip.sys!IPDeregisterARP + 57 AF115D60 79 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text tcpip.sys!IPDeregisterARP + A7 AF115DB0 4 Bytes [5E, 5D, C2, 04]
.text tcpip.sys!IPDeregisterARP + AC AF115DB5 43 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text ...
.text tcpip.sys!IPGetBestInterface + 37 AF116C8A 19 Bytes [C0, 8A, D3, 8B, CE, FF, 15, ...]
.text tcpip.sys!IPGetBestInterface + 4B AF116C9E 108 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text tcpip.sys!IPGetBestInterface + B8 AF116D0B 2 Bytes [83, 27]
.text tcpip.sys!IPGetBestInterface + BB AF116D0E 52 Bytes [8B, 5D, 18, 66, 8B, 51, 14, ...]
.text tcpip.sys!IPGetBestInterface + F0 AF116D43 27 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text ...
.text tcpip.sys!IPProxyNdisRequest + 2B AF1170E5 4 Bytes [C0, 5D, C2, 18] {RCR BYTE [EBP-0x3e], 0x18}
.text tcpip.sys!IPProxyNdisRequest + 30 AF1170EA 84 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text tcpip.sys!IPEnableSniffer + 50 AF11713F 17 Bytes [FF, 15, 28, 36, 12, AF, 8B, ...]
.text tcpip.sys!IPEnableSniffer + 63 AF117152 3 Bytes JMP AF1171F8 \SystemRoot\system32\DRIVERS\tcpip.sys (TCP/IP Protocol Driver/Microsoft Corporation)
.text tcpip.sys!IPEnableSniffer + 69 AF117158 108 Bytes [0F, B7, 4D, F6, 8B, D1, C1, ...]
.text tcpip.sys!IPEnableSniffer + D8 AF1171C7 23 Bytes [50, 8D, 45, F4, 50, FF, 15, ...]
.text tcpip.sys!IPEnableSniffer + F1 AF1171E0 12 Bytes [C0, 8A, D3, 8B, CF, FF, 15, ...]
.text ...
.text tcpip.sys!IPDisableSniffer + 50 AF1172B9 17 Bytes [FF, 15, 28, 36, 12, AF, 8B, ...]
.text tcpip.sys!IPDisableSniffer + 63 AF1172CC 3 Bytes JMP AF117372 \SystemRoot\system32\DRIVERS\tcpip.sys (TCP/IP Protocol Driver/Microsoft Corporation)
.text tcpip.sys!IPDisableSniffer + 69 AF1172D2 108 Bytes [0F, B7, 4D, F6, 8B, D1, C1, ...]
.text tcpip.sys!IPDisableSniffer + D8 AF117341 23 Bytes [50, 8D, 45, F4, 50, FF, 15, ...]
.text tcpip.sys!IPDisableSniffer + F1 AF11735A 12 Bytes [C0, 8A, D3, 8B, CF, FF, 15, ...]
.text ...
.text tcpip.sys!IPSetIPSecStatus + 14 AF1173F5 30 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text tcpip.sys!IPSetIPSecStatus + 34 AF117415 2 Bytes JMP AF1174BA \SystemRoot\system32\DRIVERS\tcpip.sys (TCP/IP Protocol Driver/Microsoft Corporation)
.text tcpip.sys!IPSetIPSecStatus + 39 AF11741A 22 Bytes [53, B9, 80, 3B, 12, AF, FF, ...]
.text tcpip.sys!IPSetIPSecStatus + 51 AF117432 10 Bytes [85, C0, 74, 16, 39, 58, 04, ...]
.text tcpip.sys!IPSetIPSecStatus + 5C AF11743D 11 Bytes [85, C0, 75, F5, 85, C0, 74, ...]
.text ...
.text tcpip.sys!UnSetIPSecPtr + 45 AF1176BD 63 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text tcpip.sys!UnSetIPSecSendPtr + 3B AF1176FD 29 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text tcpip.sys!UnSetIPSecSendPtr + 59 AF11771B 54 Bytes [88, 45, FF, 75, 10, 8D, 45, ...]
.text tcpip.sys!UnSetIPSecSendPtr + 90 AF117752 91 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text tcpip.sys!UnSetIPSecSendPtr + EC AF1177AE 3 Bytes JMP AF117834 \SystemRoot\system32\DRIVERS\tcpip.sys (TCP/IP Protocol Driver/Microsoft Corporation)
.text tcpip.sys!UnSetIPSecSendPtr + F2 AF1177B4 125 Bytes [8B, CF, FF, 15, 88, 33, 12, ...]
.text ...
.text tcpip.sys!IPDelInterface + 23 AF117B81 28 Bytes [C0, 56, FF, D0, B9, 80, 3B, ...]
.text tcpip.sys!IPDelInterface + 41 AF117B9F 3 Bytes [2D, 4C, 01]
.text tcpip.sys!IPDelInterface + 46 AF117BA4 6 Bytes [EB, 0C, 8B, 88, 4C, 01]
.text tcpip.sys!IPDelInterface + 4E AF117BAC 10 Bytes [3B, CB, 74, 0A, 8B, C1, 39, ...]
.text tcpip.sys!IPDelInterface + 5A AF117BB8 5 Bytes [75, EC, 05, 4C, 01]
.text ...
.text tcpip.sys!SendICMPErr + 25 AF118D7F 13 Bytes CALL AF0E4E12 \SystemRoot\system32\DRIVERS\tcpip.sys (TCP/IP Protocol Driver/Microsoft Corporation)
.text tcpip.sys!SendICMPErr + 35 AF118D8F 5 Bytes [A8, 01, 0F, 85, A6]
.text tcpip.sys!SendICMPErr + 3D AF118D97 13 Bytes CALL AF0E4E12 \SystemRoot\system32\DRIVERS\tcpip.sys (TCP/IP Protocol Driver/Microsoft Corporation)
.text tcpip.sys!SendICMPErr + 4D AF118DA7 5 Bytes [A8, 01, 0F, 85, 8E]
.text tcpip.sys!SendICMPErr + 55 AF118DAF 11 Bytes [80, 7E, 10, 7F, 75, 08, 84, ...]
.text ...
.text netbt.sys AF0CD000 2 Bytes [03, 6A]
.text netbt.sys AF0CD003 7 Bytes [FF, 75, D4, FF, 75, D0, 6A]
.text netbt.sys AF0CD00B 2 Bytes JMP AF0CD0E4 \SystemRoot\system32\DRIVERS\netbt.sys (MBT Transport driver/Microsoft Corporation)
.text netbt.sys AF0CD010 10 Bytes [8A, 55, E4, 8B, CF, FF, 15, ...]
.text netbt.sys AF0CD01B 19 Bytes CALL AF0C15EC \SystemRoot\system32\DRIVERS\netbt.sys (MBT Transport driver/Microsoft Corporation)
.text ...
PAGEAFD afd.sys AF0AB000 35 Bytes [4F, 30, 8B, 47, 3C, 13, 47, ...]
PAGEAFD afd.sys AF0AB024 107 Bytes [0F, 85, 67, B6, FF, FF, EB, ...]
PAGEAFD afd.sys AF0AB092 112 Bytes [0F, 85, F9, B5, FF, FF, E9, ...]
PAGEAFD afd.sys AF0AB103 16 Bytes [8D, 7E, 38, EB, 73, 8B, 07, ...]
PAGEAFD afd.sys AF0AB114 17 Bytes [8D, 48, A8, 8B, 41, 60, 80, ...]
PAGEAFD ...
PAGE rdbss.sys!RxNameCacheCheckEntry + 189 AF080000 1 Byte [08]
PAGE rdbss.sys!RxNameCacheCheckEntry + 189 AF080000 9 Bytes [08, 00, 74, 0C, 39, 1D, AC, ...]
PAGE rdbss.sys!RxNameCacheCheckEntry + 193 AF08000A 4 Bytes [0F, 83, 4B, B4]
PAGE rdbss.sys!RxNameCacheCheckEntry + 199 AF080010 6 Bytes [85, FF, 0F, 84, 82, B4]
PAGE rdbss.sys!RxNameCacheCheckEntry + 1A1 AF080018 9 Bytes [8B, 4D, DC, 8B, 49, 38, 80, ...]
PAGE ...
PAGE rdbss.sys!RxFinalizeNetFobx + 11 AF080F06 3 Bytes [C6, 45, FF]
PAGE rdbss.sys!RxFinalizeNetFobx + 15 AF080F0A 4 Bytes [0F, 85, CE, F9]
PAGE rdbss.sys!RxFinalizeNetFobx + 1B AF080F10 24 Bytes [53, 8B, 58, 18, C1, EB, 1A, ...]
PAGE rdbss.sys!RxFinalizeNetFobx + 34 AF080F29 9 Bytes [04, 57, 89, 55, F8, BF, 78, ...]
PAGE rdbss.sys!RxFinalizeNetFobx + 3E AF080F33 4 Bytes [0F, 83, B4, F9]
PAGE ...
PAGE rdbss.sys!RxLockEnumerator + 16 AF081C27 17 Bytes [8B, 45, 0C, 56, 57, 8B, 38, ...]
PAGE rdbss.sys!RxLockEnumerator + 29 AF081C3A 6 Bytes [50, FF, 15, AC, 7E, 07]
PAGE rdbss.sys!RxLockEnumerator + 30 AF081C41 8 Bytes [8B, F0, 85, F6, 0F, 85, 1B, ...]
PAGE rdbss.sys!RxLockEnumerator + 3A AF081C4B 8 Bytes [32, C0, 5F, 5E, 5B, 5D, C2, ...]
PAGE rdbss.sys!RxLockEnumerator + 43 AF081C54 3 Bytes [3D, FB, EC]
PAGE ...
PAGE rdbss.sys!RxpAcquirePrefixTableLockExclusive + 15 AF081E7C 3 Bytes [5D, C2, 0C]
PAGE rdbss.sys!RxpAcquirePrefixTableLockExclusive + 19 AF081E80 17 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGE rdbss.sys!RxpAcquirePrefixTableLockExclusive + 2B AF081E92 4 Bytes [0F, 85, 80, 02]
PAGE rdbss.sys!RxpAcquirePrefixTableLockExclusive + 31 AF081E98 9 Bytes [8B, 46, 1C, 81, 78, 0C, 8F, ...]
PAGE rdbss.sys!RxpAcquirePrefixTableLockExclusive + 3B AF081EA2 5 Bytes [56, 0F, 85, 50, 02]
PAGE ...
PAGE rdbss.sys!RxCeTearDownConnection + 7 AF082AB6 21 Bytes CALL AF06F9D0 \SystemRoot\system32\DRIVERS\rdbss.sys (Redirected Drive Buffering SubSystem Driver/Microsoft Corporation)
PAGE rdbss.sys!RxCeTearDownConnection + 1D AF082ACC 15 Bytes [75, 5F, 8B, 47, 14, 3B, C6, ...]
PAGE rdbss.sys!RxCeTearDownConnection + 2E AF082ADD 11 Bytes [8B, 47, 14, 39, 70, 10, 7E, ...]
PAGE rdbss.sys!RxCeTearDownConnection + 3B AF082AEA 4 Bytes [68, 42, 2B, 08]
PAGE rdbss.sys!RxCeTearDownConnection + 40 AF082AEF 21 Bytes CALL AF06FA1D \SystemRoot\system32\DRIVERS\rdbss.sys (Redirected Drive Buffering SubSystem Driver/Microsoft Corporation)
PAGE ...
PAGE rdbss.sys!RxCeTearDownVC + 7 AF082BB1 25 Bytes CALL AF06F9D0 \SystemRoot\system32\DRIVERS\rdbss.sys (Redirected Drive Buffering SubSystem Driver/Microsoft Corporation)
PAGE rdbss.sys!RxCeTearDownVC + 22 AF082BCC 7 Bytes [39, 77, 0C, 0F, 85, 78, 01]
PAGE rdbss.sys!RxCeTearDownVC + 2B AF082BD5 26 Bytes [6A, 08, 59, 33, C0, F3, AB, ...]
PAGE rdbss.sys!RxCeTearDownVC + 46 AF082BF0 16 Bytes [90, 90, 90, 90, 90, E8, 16, ...]
PAGE rdbss.sys!RxCeTearDownVC + 58 AF082C02 39 Bytes [C3, 90, 90, 90, 90, 90, 8B, ...]
PAGE ...
PAGE rdbss.sys!RxFinalizeSrvCall + 1A AF082C99 7 Bytes [88, 5D, FF, 0F, 85, 0A, 68]
PAGE rdbss.sys!RxFinalizeSrvCall + 23 AF082CA2 5 Bytes [83, 3D, AC, 8A, 07]
PAGE rdbss.sys!RxFinalizeSrvCall + 29 AF082CA8 5 Bytes [04, 0F, 83, 01, DA] {ADD AL, 0xf; ADD DWORD [ECX], -0x26}
PAGE rdbss.sys!RxFinalizeSrvCall + 30 AF082CAF 64 Bytes [38, 58, 2C, 75, 63, 83, C0, ...]
PAGE rdbss.sys!RxFinalizeSrvCall + 71 AF082CF0 9 Bytes [3B, C6, 8B, 45, 08, 0F, 85, ...]
PAGE ...
PAGE rdbss.sys!RxSetSrvCallDomainName + 1C AF083339 17 Bytes [8B, 7D, 0C, 3B, FB, 74, 0C, ...]
PAGE rdbss.sys!RxSetSrvCallDomainName + 2F AF08334C 12 Bytes [89, 5E, 1C, 8B, 45, FC, 5F, ...]
PAGE rdbss.sys!RxSetSrvCallDomainName + 3C AF083359 35 Bytes [8D, 42, 08, 89, 45, 08, 8D, ...]
PAGE rdbss.sys!RxSetSrvCallDomainName + 61 AF08337E 9 Bytes [0F, 84, 64, EF, FF, FF, E9, ...]
PAGE rdbss.sys!RxSetSrvCallDomainName + 6C AF083389 31 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGE rdbss.sys!RxCreateSrvCall + 1C AF0833AA 6 Bytes [33, C0, 03, C3, 50, 6A]
PAGE rdbss.sys!RxCreateSrvCall + 23 AF0833B1 3 Bytes [68, 10, EB]
PAGE rdbss.sys!RxCreateSrvCall + 28 AF0833B6 12 Bytes CALL AF0822A3 \SystemRoot\system32\DRIVERS\rdbss.sys (Redirected Drive Buffering SubSystem Driver/Microsoft Corporation)
PAGE rdbss.sys!RxCreateSrvCall + 37 AF0833C5 4 Bytes [A1, C8, 8A, 07]
PAGE rdbss.sys!RxCreateSrvCall + 3C AF0833CA 8 Bytes [89, 46, 6C, FF, 05, C8, 8A, ...]
PAGE ...
PAGE rdbss.sys!RxFinalizeNetRoot + 16 AF0834A0 4 Bytes [89, 4D, F8, B9]
PAGE rdbss.sys!RxFinalizeNetRoot + 1C AF0834A6 1 Byte [04]
PAGE rdbss.sys!RxFinalizeNetRoot + 1C AF0834A6 8 Bytes [04, 00, 85, 48, 14, C6, 45, ...]
PAGE rdbss.sys!RxFinalizeNetRoot + 25 AF0834AF 4 Bytes [0F, 85, E1, D7]
PAGE rdbss.sys!RxFinalizeNetRoot + 2B AF0834B5 6 Bytes [09, 48, 14, 80, 7D, 0C]
PAGE ...
PAGE rdbss.sys!RxFinalizeVNetRoot + 1E AF08365E 3 Bytes [C6, 45, FF]
PAGE rdbss.sys!RxFinalizeVNetRoot + 22 AF083662 4 Bytes [0F, 85, 28, 24]
PAGE rdbss.sys!RxFinalizeVNetRoot + 28 AF083668 5 Bytes [83, 3D, AC, 8A, 07]
PAGE rdbss.sys!RxFinalizeVNetRoot + 2E AF08366E 9 Bytes [04, 53, 6A, 02, 5B, 0F, 83, ...]
PAGE rdbss.sys!RxFinalizeVNetRoot + 39 AF083679 3 Bytes [80, 78, 40]
PAGE ...
PAGE rdbss.sys!RxNameCacheFinalizeEx + 1D AF0838AF 26 Bytes CALL AF06F72A \SystemRoot\system32\DRIVERS\rdbss.sys (Redirected Drive Buffering SubSystem Driver/Microsoft Corporation)
PAGE rdbss.sys!RxNameCacheFinalizeEx + 38 AF0838CA 3 Bytes CALL AF0838D6 \SystemRoot\system32\DRIVERS\rdbss.sys (Redirected Drive Buffering SubSystem Driver/Microsoft Corporation)
PAGE rdbss.sys!RxNameCacheFinalizeEx + 3E AF0838D0 24 Bytes [EB, F3, 90, 90, 90, 90, 90, ...]
PAGE rdbss.sys!RxNameCacheFinalize + 12 AF0838E9 9 Bytes [8D, 77, 20, 39, 36, 0F, 85, ...]
PAGE rdbss.sys!RxNameCacheFinalize + 1D AF0838F4 9 Bytes [8D, 77, 28, 39, 36, 0F, 85, ...]
PAGE rdbss.sys!RxNameCacheFinalize + 28 AF0838FF 7 Bytes [8B, CF, FF, 15, 88, 7E, 07]
PAGE rdbss.sys!RxNameCacheFinalize + 30 AF083907 5 Bytes [5F, 5E, 5D, C2, 04]
PAGE rdbss.sys!RxNameCacheFinalize + 36 AF08390D 17 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGE rdbss.sys!RxCreateVNetRoot + D AF08391F 8 Bytes [57, 8B, 7D, 0C, 0F, B7, 8F, ...]
PAGE rdbss.sys!RxCreateVNetRoot + 18 AF08392A 5 Bytes [03, C1, 3D, FE, FF]
PAGE rdbss.sys!RxCreateVNetRoot + 1F AF083931 7 Bytes [89, 45, 0C, 0F, 87, DA, D1]
PAGE rdbss.sys!RxCreateVNetRoot + 28 AF08393A 11 Bytes [56, 50, 8B, 47, 08, 8B, 40, ...]
PAGE rdbss.sys!RxCreateVNetRoot + 36 AF083948 3 Bytes [68, 12, EB]
PAGE ...
PAGE rdbss.sys!RxCreateNetRoot + 1A AF083AA5 13 Bytes [89, 4D, FC, 0F, B7, 4F, 4C, ...]
PAGE rdbss.sys!RxCreateNetRoot + 29 AF083AB4 7 Bytes [89, 4D, 08, 0F, 87, 3A, CC]
PAGE rdbss.sys!RxCreateNetRoot + 32 AF083ABD 5 Bytes [56, 53, FF, B0, C4]
PAGE rdbss.sys!RxCreateNetRoot + 3A AF083AC5 3 Bytes [68, 11, EB]
PAGE rdbss.sys!RxCreateNetRoot + 3F AF083ACA 12 Bytes CALL AF0822A3 \SystemRoot\system32\DRIVERS\rdbss.sys (Redirected Drive Buffering SubSystem Driver/Microsoft Corporation)
PAGE ...
PAGE rdbss.sys!RxNameCacheInitialize + 23 AF083D33 7 Bytes [8D, 46, 20, 89, 40, 04, 89]
PAGE rdbss.sys!RxNameCacheInitialize + 2B AF083D3B 7 Bytes [8D, 46, 28, 89, 40, 04, 89]
PAGE rdbss.sys!RxNameCacheInitialize + 33 AF083D43 35 Bytes [8B, 45, 10, 89, 46, 3C, 8B, ...]
PAGE rdbss.sys!RxNameCacheInitialize + 57 AF083D67 39 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
PAGE rdbss.sys!RxNameCacheInitializeEx + 23 AF083D8F 10 Bytes [FF, 75, 20, 8D, 46, 20, 89, ...]
PAGE rdbss.sys!RxNameCacheInitializeEx + 2E AF083D9A 10 Bytes [FF, 75, 1C, 8D, 46, 28, 89, ...]
PAGE rdbss.sys!RxNameCacheInitializeEx + 39 AF083DA5 7 Bytes [8D, 46, 30, 89, 40, 04, 89]
PAGE rdbss.sys!RxNameCacheInitializeEx + 41 AF083DAD 7 Bytes [8D, 46, 50, 89, 40, 04, 89]
PAGE rdbss.sys!RxNameCacheInitializeEx + 49 AF083DB5 45 Bytes [8B, 45, 10, 89, 46, 3C, 8B, ...]
PAGE ...
PAGE rdbss.sys!RxNameCacheAddNameCacheControlToGlobalList + E AF083DFE 33 Bytes [8B, 4D, 10, 85, C9, 74, 12, ...]
PAGE rdbss.sys!RxNameCacheAddNameCacheControlToGlobalList + 30 AF083E20 3 Bytes [5D, C2, 0C]
PAGE rdbss.sys!RxNameCacheAddNameCacheControlToGlobalList + 34 AF083E24 21 Bytes CALL AF081EC2 \SystemRoot\system32\DRIVERS\rdbss.sys (Redirected Drive Buffering SubSystem Driver/Microsoft Corporation)
PAGE rdbss.sys!RxNameCacheAddNameCacheControlToGlobalList + 4A AF083E3A 1 Byte [01]
PAGE rdbss.sys!RxNameCacheAddNameCacheControlToGlobalList + 4D AF083E3D 6 Bytes [76, 0C, 39, 8E, 04, 01]
PAGE ...
PAGE rdbss.sys!RxCeQueryInformation + 7 AF083E74 9 Bytes CALL AF06F9D0 \SystemRoot\system32\DRIVERS\rdbss.sys (Redirected Drive Buffering SubSystem Driver/Microsoft Corporation)
PAGE rdbss.sys!RxCeQueryInformation + 12 AF083E7F 32 Bytes [C0, 33, DB, 89, 5D, FC, 8B, ...]
PAGE rdbss.sys!RxCeQueryInformation + 33 AF083EA0 7 Bytes [75, 42, 81, 38, 73, EB, 18]
PAGE rdbss.sys!RxCeQueryInformation + 3B AF083EA8 7 Bytes [75, 3A, 81, 39, 72, EB, 28]
PAGE rdbss.sys!RxCeQueryInformation + 43 AF083EB0 7 Bytes [75, 32, 81, 3A, 71, EB, 28]
PAGE ...
PAGE rdbss.sys!RxCeBuildConnectionOverMultipleTransports + 7 AF0841E8 40 Bytes CALL AF06F9D0 \SystemRoot\system32\DRIVERS\rdbss.sys (Redirected Drive Buffering SubSystem Driver/Microsoft Corporation)
PAGE rdbss.sys!RxCeBuildConnectionOverMultipleTransports + 31 AF084212 4 Bytes [68, 76, 43, 08]
PAGE rdbss.sys!RxCeBuildConnectionOverMultipleTransports + 36 AF084217 26 Bytes [BF, 52, 78, 43, 63, 57, 6A, ...]
PAGE rdbss.sys!RxCeBuildConnectionOverMultipleTransports + 52 AF084233 4 Bytes [68, 9E, 43, 08]
PAGE rdbss.sys!RxCeBuildConnectionOverMultipleTransports + 57 AF084238 15 Bytes CALL AF06FA3C \SystemRoot\system32\DRIVERS\rdbss.sys (Redirected Drive Buffering SubSystem Driver/Microsoft Corporation)
PAGE ...
PAGE rdbss.sys!RxFinalizeConnection + 7 AF0849C2 30 Bytes CALL AF06F9D0 \SystemRoot\system32\DRIVERS\rdbss.sys (Redirected Drive Buffering SubSystem Driver/Microsoft Corporation)
PAGE rdbss.sys!RxFinalizeConnection + 27 AF0849E2 13 Bytes [8B, 45, 08, 8B, 40, 08, 8B, ...]
PAGE rdbss.sys!RxFinalizeConnection + 36 AF0849F1 24 Bytes [89, 75, B8, FF, 75, DC, 8B, ...]
PAGE rdbss.sys!RxFinalizeConnection + 50 AF084A0B 22 Bytes [89, 5D, E0, 6A, 01, 6A, 01, ...]
PAGE rdbss.sys!RxFinalizeConnection + 68 AF084A23 4 Bytes [68, 92, 4A, 08]
PAGE ...
PAGE rdbss.sys!RxCeBuildVC + 7 AF084BD4 9 Bytes CALL AF06F9D0 \SystemRoot\system32\DRIVERS\rdbss.sys (Redirected Drive Buffering SubSystem Driver/Microsoft Corporation)
PAGE rdbss.sys!RxCeBuildVC + 12 AF084BDF 4 Bytes [C0, 83, 65, FC]
PAGE rdbss.sys!RxCeBuildVC + 17 AF084BE4 20 Bytes [8B, 75, 0C, 8B, 7E, 04, 89, ...]
PAGE rdbss.sys!RxCeBuildVC + 2C AF084BF9 7 Bytes [75, 3C, 81, 3F, 72, EB, 28]
PAGE rdbss.sys!RxCeBuildVC + 34 AF084C01 7 Bytes [75, 34, 81, 3B, 71, EB, 28]
PAGE ...
PAGE rdbss.sys!RxCeBuildConnection + 7 AF084CD0 8 Bytes CALL AF06F9D0 \SystemRoot\system32\DRIVERS\rdbss.sys (Redirected Drive Buffering SubSystem Driver/Microsoft Corporation)
PAGE rdbss.sys!RxCeBuildConnection + 10 AF084CD9 14 Bytes [8B, 45, 08, 8B, 48, 04, 89, ...]
PAGE rdbss.sys!RxCeBuildConnection + 1F AF084CE8 7 Bytes [75, 7C, 81, 39, 71, EB, 28]
PAGE rdbss.sys!RxCeBuildConnection + 27 AF084CF0 31 Bytes [75, 74, FF, 75, 14, FF, 75, ...]
PAGE rdbss.sys!RxCeBuildConnection + 48 AF084D11 18 Bytes CALL AF084BC9 \SystemRoot\system32\DRIVERS\rdbss.sys (Redirected Drive Buffering SubSystem Driver/Microsoft Corporation)
PAGE ...
PAGE rdbss.sys!RxResumeBlockedOperations_Serially + C AF084E31 7 Bytes [8B, CF, FF, 15, 84, 7E, 07]
PAGE rdbss.sys!RxResumeBlockedOperations_Serially + 14 AF084E39 6 Bytes [8B, 75, 08, 8D, 8E, E0]
PAGE rdbss.sys!RxResumeBlockedOperations_Serially + 1D AF084E42 14 Bytes [8B, 01, A8, 02, 74, 36, 83, ...]
PAGE rdbss.sys!RxResumeBlockedOperations_Serially + 2E AF084E53 20 Bytes [8B, 08, 8B, 50, 04, 89, 0A, ...]
PAGE rdbss.sys!RxResumeBlockedOperations_Serially + 45 AF084E6A 8 Bytes [8B, 01, 3B, C8, 0F, 85, C8, ...]
PAGE ...
PAGE rdbss.sys!__RxSynchronizeBlockingOperationsMaybeDroppingFcbLock + 7 AF084E98 32 Bytes CALL AF06F9D0 \SystemRoot\system32\DRIVERS\rdbss.sys (Redirected Drive Buffering SubSystem Driver/Microsoft Corporation)
PAGE rdbss.sys!__RxSynchronizeBlockingOperationsMaybeDroppingFcbLock + 28 AF084EB9 7 Bytes [8B, CE, FF, 15, 84, 7E, 07]
PAGE rdbss.sys!__RxSynchronizeBlockingOperationsMaybeDroppingFcbLock + 30 AF084EC1 12 Bytes [8B, 45, 08, F6, 40, 5E, 08, ...]
PAGE rdbss.sys!__RxSynchronizeBlockingOperationsMaybeDroppingFcbLock + 3F AF084ED0 6 Bytes [02, 8B, 45, 08, 05, C4] {ADD CL, [EBX-0x3bfaf7bb]}
PAGE rdbss.sys!__RxSynchronizeBlockingOperationsMaybeDroppingFcbLock + 48 AF084ED9 21 Bytes [8B, 4D, 0C, 8B, 51, 04, 89, ...]
PAGE ...
PAGE rdbss.sys!RxNameCacheFreeEntry + 15 AF084F94 4 Bytes [68, C2, 4F, 08]
PAGE rdbss.sys!RxNameCacheFreeEntry + 1A AF084F99 9 Bytes CALL AF06FA1F \SystemRoot\system32\DRIVERS\rdbss.sys (Redirected Drive Buffering SubSystem Driver/Microsoft Corporation)
PAGE rdbss.sys!RxNameCacheFreeEntry + 25 AF084FA4 4 Bytes [68, EA, 4F, 08]
PAGE rdbss.sys!RxNameCacheFreeEntry + 2A AF084FA9 23 Bytes CALL AF06FA1F \SystemRoot\system32\DRIVERS\rdbss.sys (Redirected Drive Buffering SubSystem Driver/Microsoft Corporation)
PAGE rdbss.sys!RxNameCacheFreeEntry + 42 AF084FC1 37 Bytes [90, 64, 3A, 5C, 78, 70, 73, ...]
PAGE ...
PAGE rdbss.sys!RxCeSendDatagram + 4 AF0854C5 2 Bytes [85, 07] {TEST [EDI], EAX}
PAGE rdbss.sys!RxCeSendDatagram + 7 AF0854C8 8 Bytes CALL AF06F9D0 \SystemRoot\system32\DRIVERS\rdbss.sys (Redirected Drive Buffering SubSystem Driver/Microsoft Corporation)
PAGE rdbss.sys!RxCeSendDatagram + 10 AF0854D1 3 Bytes [83, 65, FC]
PAGE rdbss.sys!RxCeSendDatagram + 14 AF0854D5 5 Bytes [C7, 45, E4, 0C, 02]
PAGE rdbss.sys!RxCeSendDatagram + 1A AF0854DB 15 Bytes [C0, 8B, 45, 08, 8B, 48, 04, ...]
PAGE ...
PAGE rdbss.sys!RxCeBuildTransport + 7 AF085C8E 17 Bytes CALL AF06F9D0 \SystemRoot\system32\DRIVERS\rdbss.sys (Redirected Drive Buffering SubSystem Driver/Microsoft Corporation)
PAGE rdbss.sys!RxCeBuildTransport + 19 AF085CA0 3 Bytes [71, EB, 28]
PAGE rdbss.sys!RxCeBuildTransport + 1D AF085CA4 60 Bytes [8B, 45, 08, 89, 58, 1C, 8B, ...]
PAGE rdbss.sys!RxCeBuildTransport + 5A AF085CE1 27 Bytes [BF, 52, 78, 43, 74, 57, 6A, ...]
PAGE rdbss.sys!RxCeBuildTransport + 76 AF085CFD 30 Bytes [57, 8B, 45, 08, 0F, B7, 40, ...]
PAGE ...
PAGE rdbss.sys!RxCeBuildAddress + 7 AF085DE2 9 Bytes CALL AF06F9D0 \SystemRoot\system32\DRIVERS\rdbss.sys (Redirected Drive Buffering SubSystem Driver/Microsoft Corporation)
PAGE rdbss.sys!RxCeBuildAddress + 12 AF085DED 14 Bytes [C0, 33, DB, 89, 5D, FC, 8B, ...]
PAGE rdbss.sys!RxCeBuildAddress + 21 AF085DFC 3 Bytes [0F, 85, AC]
PAGE rdbss.sys!RxCeBuildAddress + 27 AF085E02 4 Bytes [8B, 45, 08, C7]
PAGE rdbss.sys!RxCeBuildAddress + 2C AF085E07 3 Bytes [72, EB, 28]
PAGE ...
PAGE rdbss.sys!RxSetDomainForMailslotBroadcast + A AF08609D 6 Bytes [85, C0, 0F, 85, 29, 80]
PAGE rdbss.sys!RxSetDomainForMailslotBroadcast + 12 AF0860A5 5 Bytes [83, 3D, AC, 8A, 07]
PAGE rdbss.sys!RxSetDomainForMailslotBroadcast + 18 AF0860AB 10 Bytes [04, 53, 56, 8B, 75, 08, BB, ...]
PAGE rdbss.sys!RxSetDomainForMailslotBroadcast + 23 AF0860B6 4 Bytes [0F, 83, 27, 80]
PAGE rdbss.sys!RxSetDomainForMailslotBroadcast + 29 AF0860BC 11 Bytes [66, 8B, 06, 66, 85, C0, 66, ...]
PAGE ...
PAGE rdbss.sys!RxRegisterMinirdr + 14 AF086839 18 Bytes [57, 8B, 7D, 18, 8D, 45, 08, ...]
PAGE rdbss.sys!RxRegisterMinirdr + 28 AF08684D 13 Bytes [FF, 75, 20, 57, 50, FF, 75, ...]
PAGE rdbss.sys!RxRegisterMinirdr + 36 AF08685B 6 Bytes [3B, C6, 0F, 85, D2, 02]
PAGE rdbss.sys!RxRegisterMinirdr + 3E AF086863 5 Bytes [39, 35, E4, 8E, 07]
PAGE rdbss.sys!RxRegisterMinirdr + 44 AF086869 4 Bytes [0F, 84, 5F, 68]
PAGE ...
PAGE rdbss.sys!RxPurgeRelatedFobxs + 16 AF0878DB 10 Bytes [57, 33, DB, 89, 45, E0, 8B, ...]
PAGE rdbss.sys!RxPurgeRelatedFobxs + 22 AF0878E7 23 Bytes [53, 89, 45, F8, 8B, 45, 08, ...]
PAGE rdbss.sys!RxPurgeRelatedFobxs + 3A AF0878FF 22 Bytes [57, 89, 5D, EC, 89, 45, DC, ...]
PAGE rdbss.sys!RxPurgeRelatedFobxs + 52 AF087917 9 Bytes [C6, 42, 08, 01, 83, 3D, AC, ...]
PAGE rdbss.sys!RxPurgeRelatedFobxs + 5C AF087921 5 Bytes [04, 0F, 83, D3, 9A] {ADD AL, 0xf; ADC EBX, -0x66}
PAGE ...
PAGE rdbss.sys!RxIndicateChangeOfBufferingStateForSrvOpen + C AF088231 6 Bytes [3C, 01, 0F, 87, 43, 7E]
PAGE rdbss.sys!RxIndicateChangeOfBufferingStateForSrvOpen + 14 AF088239 14 Bytes [8B, 75, 0C, 8B, 46, 08, FF, ...]
PAGE rdbss.sys!RxIndicateChangeOfBufferingStateForSrvOpen + 23 AF088248 6 Bytes [84, C0, 0F, 84, 23, 7E]
PAGE rdbss.sys!RxIndicateChangeOfBufferingStateForSrvOpen + 2B AF088250 15 Bytes [6A, 01, FF, 75, 14, 56, E8, ...]
PAGE rdbss.sys!RxIndicateChangeOfBufferingStateForSrvOpen + 3B AF088260 11 Bytes [90, 90, 90, 90, 90, 6A, 68, ...]
PAGE ...
PAGE rdbss.sys!RxCeInitiateVCDisconnect + 7 AF089213 50 Bytes CALL AF06F9D0 \SystemRoot\system32\DRIVERS\rdbss.sys (Redirected Drive Buffering SubSystem Driver/Microsoft Corporation)
PAGE rdbss.sys!RxCeInitiateVCDisconnect + 3A AF089246 7 Bytes [75, 3B, 81, 39, 73, EB, 18]
PAGE rdbss.sys!RxCeInitiateVCDisconnect + 42 AF08924E 7 Bytes [75, 33, 81, 3A, 72, EB, 28]
PAGE rdbss.sys!RxCeInitiateVCDisconnect + 4A AF089256 7 Bytes [75, 2B, 81, 3B, 71, EB, 28]
PAGE rdbss.sys!RxCeInitiateVCDisconnect + 52 AF08925E 4 Bytes [75, 23, BF, BB]
PAGE ...
.text mrxsmb.sys AF010000 12 Bytes JMP AF00B12D \SystemRoot\system32\DRIVERS\mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation)
.text mrxsmb.sys AF01000E 19 Bytes JMP AF00B12C \SystemRoot\system32\DRIVERS\mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation)
.text mrxsmb.sys AF010024 12 Bytes [0F, 85, 4E, B1, FF, FF, 8B, ...]
.text mrxsmb.sys AF010031 28 Bytes [E1, 01, AF, 83, C0, 0E, 50, ...]
.text mrxsmb.sys AF010050 15 Bytes JMP AF00B177 \SystemRoot\system32\DRIVERS\mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation)
.text ...
.text ipnat.sys AEFAE000 26 Bytes [66, 89, 51, 02, 8B, 4B, 04, ...]
.text ipnat.sys AEFAE01B 5 Bytes [75, 3A, 03, 87, 94]
.text ipnat.sys AEFAE023 20 Bytes [8B, C8, 0F, B7, C0, C1, E9, ...]
.text ipnat.sys AEFAE038 9 Bytes [F7, D0, 66, 89, 46, 0A, 0F, ...]
.text ipnat.sys AEFAE044 6 Bytes [8B, 4D, 0C, 03, 8F, 9C]
.text ...
.text win32k.sys!EngFreeUserMem + 7695 BF811000 36 Bytes CALL BF80F0FB \SystemRoot\System32\win32k.sys (Współużytkowany sterownik Win32/Microsoft Corporation)
.text win32k.sys!EngFreeUserMem + 76BA BF811025 30 Bytes [8B, 47, 04, 85, C0, 7D, 02, ...]
.text win32k.sys!EngFreeUserMem + 76D9 BF811044 5 Bytes [74, 3E, 83, 7D, 18]
.text win32k.sys!EngFreeUserMem + 76DF BF81104A 18 Bytes [75, 21, 8D, 45, E0, 50, 8D, ...]
.text win32k.sys!EngFreeUserMem + 76F2 BF81105D 13 Bytes [57, 8D, 45, 14, 50, 8D, 45, ...]
.text ...
.text win32k.sys!EngDeleteSurface + C BF8138C5 5 Bytes [75, 04, 5D, C2, 04]
.text win32k.sys!EngDeleteSurface + 12 BF8138CB 12 Bytes JMP BF8137EE \SystemRoot\System32\win32k.sys (Współużytkowany sterownik Win32/Microsoft Corporation)
.text win32k.sys!EngDeleteSurface + 1F BF8138D8 1 Byte [6A]
.text win32k.sys!EngDeleteSurface + 1F BF8138D8 7 Bytes [6A, 00, 57, E8, 0F, 54, 06]
.text win32k.sys!EngDeleteSurface + 27 BF8138E0 41 Bytes CALL BF8137EC \SystemRoot\System32\win32k.sys (Współużytkowany sterownik Win32/Microsoft Corporation)
.text ...
.text win32k.sys!EngNineGrid + 6E BF817092 5 Bytes [5F, 5E, C9, C2, 24]
.text win32k.sys!EngNineGrid + 74 BF817098 5 Bytes [6A, 57, E8, 95, 9F]
.text win32k.sys!EngNineGrid + 7B BF81709F 25 Bytes [33, C0, EB, F0, 90, 90, 90, ...]
.text win32k.sys!EngNineGrid + 95 BF8170B9 1 Byte [07]
.text win32k.sys!EngNineGrid + 98 BF8170BC 22 Bytes [85, C0, 75, 05, B8, F9, 74, ...]
.text ...
.text win32k.sys!EngTransparentBlt + B BF819146 20 Bytes [8B, 4D, 1C, 53, 8B, 5D, 08, ...]
.text win32k.sys!EngTransparentBlt + 20 BF81915B 1 Byte [03]
.text win32k.sys!EngTransparentBlt + 23 BF81915E 11 Bytes [8B, 55, 0C, 66, 39, 42, 30, ...]
.text win32k.sys!EngTransparentBlt + 30 BF81916B 93 Bytes [8D, 7D, F0, A5, A5, A5, A5, ...]
.text win32k.sys!EngTransparentBlt + 8E BF8191C9 16 Bytes CALL BF818A31 \SystemRoot\System32\win32k.sys (Współużytkowany sterownik Win32/Microsoft Corporation)
.text ...
.text win32k.sys!EngCreateDeviceBitmap + C BF8196CB 4 Bytes [FF, 75, 14, 6A]
.text win32k.sys!EngCreateDeviceBitmap + 11 BF8196D0 19 Bytes [FF, 75, 10, FF, 75, 0C, FF, ...]
.text win32k.sys!EngCreateDeviceBitmap + 25 BF8196E4 51 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!EngCreateDeviceBitmap + 59 BF819718 42 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!EngCreateDeviceBitmap + 84 BF819743 30 Bytes [EB, F0, 8B, 48, 08, 3B, 4D, ...]
.text ...
.text win32k.sys!EngAssociateSurface + 15 BF81979C 23 Bytes [53, 8B, 5D, 08, 56, 53, 8D, ...]
.text win32k.sys!EngAssociateSurface + 2D BF8197B4 1 Byte [03]
.text win32k.sys!EngAssociateSurface + 30 BF8197B7 52 Bytes CALL BF819698 \SystemRoot\System32\win32k.sys (Współużytkowany sterownik Win32/Microsoft Corporation)
.text win32k.sys!EngAssociateSurface + 65 BF8197EC 1 Byte [03]
.text win32k.sys!EngAssociateSurface + 68 BF8197EF 12 Bytes CALL BF8196E5 \SystemRoot\System32\win32k.sys (Współużytkowany sterownik Win32/Microsoft Corporation)
.text ...
.text win32k.sys!EngRestoreFloatingPointState + B BF819835 4 Bytes [74, 1A, 83, 20]
.text win32k.sys!EngRestoreFloatingPointState + 10 BF81983A 22 Bytes [83, C0, 04, 50, FF, 15, E0, ...]
.text win32k.sys!EngRestoreFloatingPointState + 27 BF819851 32 Bytes [33, C0, EB, F8, 33, C0, EB, ...]
.text win32k.sys!EngSaveFloatingPointState + 14 BF819872 40 Bytes [74, 27, 83, 7D, 0C, 24, 72, ...]
.text win32k.sys!EngSaveFloatingPointState + 3D BF81989B 40 Bytes [8D, 45, E0, 50, FF, 15, E4, ...]
.text win32k.sys!EngQueryPerformanceCounter + 7 BF8198C4 17 Bytes [FF, 15, 10, CB, 98, BF, 8B, ...]
.text win32k.sys!EngQueryPerformanceCounter + 19 BF8198D6 55 Bytes [33, F6, EB, 51, 90, 90, 90, ...]
.text win32k.sys!EngQueryPerformanceCounter + 53 BF819910 9 Bytes [85, C0, 7C, DB, FF, 75, E4, ...]
.text win32k.sys!EngQueryPerformanceCounter + 5F BF81991C 37 Bytes [84, C0, 75, B6, FF, 75, E4, ...]
.text win32k.sys!EngQueryPerformanceCounter + 85 BF819942 3 Bytes [83, 65, FC]
.text ...
.text win32k.sys!BRUSHOBJ_pvGetRbrush + 1C BF81B45B 19 Bytes [8B, 4E, 48, 50, 56, 51, E8, ...]
.text win32k.sys!BRUSHOBJ_pvGetRbrush + 30 BF81B46F 10 Bytes CALL A7D80484
.text win32k.sys!BRUSHOBJ_pvGetRbrush + 3D BF81B47C 7 Bytes [8B, 46, 04, 5E, 5D, C2, 04]
.text win32k.sys!BRUSHOBJ_pvGetRbrush + 45 BF81B484 20 Bytes [85, C0, 75, 04, 33, C0, EB, ...]
.text win32k.sys!BRUSHOBJ_pvGetRbrush + 5A BF81B499 26 Bytes [EB, ED, 90, 90, 90, 90, 90, ...]
.text ...
.text win32k.sys!BRUSHOBJ_pvAllocRbrush + C BF81B543 44 Bytes [56, 8B, 75, 0C, 74, D2, 33, ...]
.text win32k.sys!BRUSHOBJ_pvAllocRbrush + 39 BF81B570 12 Bytes CALL BF802A5F \SystemRoot\System32\win32k.sys (Współużytkowany sterownik Win32/Microsoft Corporation)
.text win32k.sys!BRUSHOBJ_pvAllocRbrush + 48 BF81B57F 10 Bytes [8B, 08, 89, 4D, D8, 8B, 50, ...]
.text win32k.sys!BRUSHOBJ_pvAllocRbrush + 55 BF81B58C 13 Bytes [FF, 15, 74, CB, 98, BF, A1, ...]
.text win32k.sys!BRUSHOBJ_pvAllocRbrush + 65 BF81B59C 10 Bytes [8B, 08, 89, 4D, D0, 8B, 50, ...]
.text ...
.text win32k.sys!EngMulDiv + 14 BF81F4E6 67 Bytes [7C, DE, 8B, 4D, 10, 85, C9, ...]
.text win32k.sys!EngMulDiv + 58 BF81F52A 27 Bytes [F7, D8, EB, F7, 90, 90, 90, ...]
.text win32k.sys!EngMulDiv + 74 BF81F546 1 Byte [8B]
.text win32k.sys!EngMulDiv + 74 BF81F546 13 Bytes [8B, 00, 74, 03, C1, F8, 02, ...]
.text win32k.sys!EngMulDiv + 82 BF81F554 3 Bytes [68, A7, 05]
.text ...
.text win32k.sys!EngPaint + 42A4 BF830E00 18 Bytes [FF, 75, 30, 8D, 4D, 0C, FF, ...]
.text win32k.sys!EngPaint + 42B7 BF830E13 5 Bytes [85, C0, 0F, 84, A1]
.text win32k.sys!EngPaint + 42BF BF830E1B 6 Bytes [83, 3D, 7C, 8C, 9A, BF]
.text win32k.sys!EngPaint + 42C6 BF830E22 41 Bytes [8B, 45, 0C, 89, 45, 34, 0F, ...]
.text win32k.sys!EngPaint + 42F0 BF830E4C 31 Bytes CALL BF82B4A1 \SystemRoot\System32\win32k.sys (Współużytkowany sterownik Win32/Microsoft Corporation)
.text ...
.text win32k.sys!EngUnlockSurface + 12 BF833A9F 4 Bytes [B2, 05, E8, 22]
.text win32k.sys!EngUnlockSurface + 19 BF833AA6 13 Bytes [8D, 4E, F0, 3B, C8, 75, 11, ...]
.text win32k.sys!EngUnlockSurface + 29 BF833AB6 12 Bytes CALL BF80487F \SystemRoot\System32\win32k.sys (Współużytkowany sterownik Win32/Microsoft Corporation)
.text win32k.sys!EngUnlockSurface + 36 BF833AC3 14 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!EngUnlockSurface + 46 BF833AD3 38 Bytes [33, C0, 3B, 35, D4, 67, 9A, ...]
.text ...
.text win32k.sys!EngLockSurface + A BF833B29 44 Bytes [56, FF, 75, 08, 8D, 4D, FC, ...]
.text win32k.sys!EngLockSurface + 37 BF833B56 28 Bytes [33, C0, EB, F7, 90, 90, 90, ...]
.text win32k.sys!EngLockSurface + 54 BF833B73 19 Bytes [8B, 0E, 8B, 46, 10, 57, 8B, ...]
.text win32k.sys!EngLockSurface + 68 BF833B87 6 Bytes [75, 2D, 8B, 89, C0, 05]
.text win32k.sys!EngLockSurface + 70 BF833B8F 38 Bytes [85, C9, 74, 23, 3B, 78, 2C, ...]
.text ...
.text win32k.sys!EngCopyBits + B BF836928 19 Bytes [53, 8B, 5D, 0C, 8B, C3, F7, ...]
.text win32k.sys!EngCopyBits + 1F BF83693C 9 Bytes [56, 57, 89, 45, FC, 0F, 85, ...]
.text win32k.sys!EngCopyBits + 2A BF836947 88 Bytes [8B, 75, 08, 8B, 46, 0C, 33, ...]
.text win32k.sys!EngCopyBits + 84 BF8369A1 24 Bytes [6A, 04, 59, 8B, 43, 24, 89, ...]
.text win32k.sys!EngCopyBits + 9E BF8369BB 3 Bytes [83, 65, 0C]
.text ...
.text win32k.sys!EngMapFontFileFD + 15 BF836EFB 3 Bytes [5D, C2, 0C]
.text win32k.sys!EngMapFontFileFD + 19 BF836EFF 39 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!EngMapFontFileFD + 41 BF836F27 9 Bytes [33, C0, EB, F8, 89, 7D, FC, ...]
.text win32k.sys!EngMapFontFileFD + 4D BF836F33 7 Bytes [39, 7E, 20, 0F, 84, 89, 01]
.text win32k.sys!EngMapFontFileFD + 56 BF836F3C 8 Bytes [8B, 46, 14, 3B, C7, 0F, 84, ...]
.text ...
.text win32k.sys!EngUnmapFontFileFD + 40 BF837141 8 Bytes [8D, 45, E0, 50, E8, 6E, C8, ...]
.text win32k.sys!EngUnmapFontFileFD + 49 BF83714A 8 Bytes [EB, F1, 85, C9, 0F, 84, 2E, ...]
.text win32k.sys!EngUnmapFontFileFD + 53 BF837154 7 Bytes [F6, C1, 01, 0F, 85, 25, 03]
.text win32k.sys!EngUnmapFontFileFD + 5C BF83715D 23 Bytes [8B, 40, 4C, 49, 83, E1, FE, ...]
.text win32k.sys!EngUnmapFontFileFD + 75 BF837176 7 Bytes [8D, 4D, F4, E8, 4B, 34, 03]
.text ...
.text win32k.sys!EngCreateBitmap + 19 BF837EE1 1 Byte [6A]
.text win32k.sys!EngCreateBitmap + 19 BF837EE1 10 Bytes CALL BF8141F5 \SystemRoot\System32\win32k.sys (Współużytkowany sterownik Win32/Microsoft Corporation)
.text win32k.sys!EngCreateBitmap + 24 BF837EEC 3 Bytes [3D, 07, 01]
.text win32k.sys!EngCreateBitmap + 29 BF837EF1 34 Bytes [77, 24, 8B, 4D, 0C, C1, E9, ...]
.text win32k.sys!EngCreateBitmap + 4D BF837F15 5 Bytes [73, D5, 5D, C2, 08]
.text ...
.text win32k.sys!EngMultiByteToWideChar + 1340 BF850C00 20 Bytes [C1, 89, 7D, 08, F6, 40, 4A, ...]
.text win32k.sys!EngMultiByteToWideChar + 1355 BF850C15 1 Byte [04]
.text win32k.sys!EngMultiByteToWideChar + 1358 BF850C18 18 Bytes [23, D8, 74, 97, 3B, DF, 74, ...]
.text win32k.sys!EngMultiByteToWideChar + 136C BF850C2C 27 Bytes [FF, 75, 14, FF, 75, 14, 57, ...]
.text win32k.sys!EngMultiByteToWideChar + 1388 BF850C48 4 Bytes [8D, 4D, 08, E8]
.text ...
.text win32k.sys!EngDeviceIoControl + 23 BF85A22C 7 Bytes [C0, 3B, C1, 7E, 11, 3D, C0]
.text win32k.sys!EngDeviceIoControl + 2C BF85A235 12 Bytes [C0, 74, C1, 85, C0, 75, AF, ...]
.text win32k.sys!EngDeviceIoControl + 39 BF85A242 4 Bytes [74, A3, 3D, 05]
.text win32k.sys!EngDeviceIoControl + 3F BF85A248 5 Bytes [80, 74, B2, 3D, 02] {XOR BYTE [EDX+ESI*4+0x3d], 0x2}
.text win32k.sys!EngDeviceIoControl + 46 BF85A24F 5 Bytes [C0, 74, 90, 3D, 0D] {SAL BYTE [EAX+EDX*4+0x3d], 0xd}
.text ...
.text win32k.sys!EngWaitForSingleObject + 30 BF85A696 32 Bytes [33, C0, EB, F8, 90, 90, 90, ...]
.text win32k.sys!EngUnicodeToMultiByteN + 19 BF85A6B8 21 Bytes [FE, 7F, 8B, 02, F7, 62, 04, ...]
.text win32k.sys!EngUnicodeToMultiByteN + 30 BF85A6CF 10 Bytes [39, 45, 08, 1B, C0, F7, D8, ...]
.text win32k.sys!EngUnicodeToMultiByteN + 3B BF85A6DA 6 Bytes [8B, CB, E8, D3, 71, 0E]
.text win32k.sys!EngUnicodeToMultiByteN + 42 BF85A6E1 3 Bytes JMP BF85AD71 \SystemRoot\System32\win32k.sys (Współużytkowany sterownik Win32/Microsoft Corporation)
.text win32k.sys!EngUnicodeToMultiByteN + 47 BF85A6E6 4 Bytes [8B, 88, 80, 01]
.text ...
.text win32k.sys!EngAllocMem + 19 BF85B6BE 12 Bytes [71, 02, 73, C0, F6, 45, 08, ...]
.text win32k.sys!EngAllocMem + 26 BF85B6CB 22 Bytes CALL BF802AE5 \SystemRoot\System32\win32k.sys (Współużytkowany sterownik Win32/Microsoft Corporation)
.text win32k.sys!EngAllocMem + 3D BF85B6E2 16 Bytes CALL BF85B639 \SystemRoot\System32\win32k.sys (Współużytkowany sterownik Win32/Microsoft Corporation)
.text win32k.sys!EngAllocMem + 4E BF85B6F3 28 Bytes [6A, 04, EB, D4, 90, 90, 90, ...]
.text win32k.sys!EngFreeMem + 16 BF85B712 10 Bytes CALL BF802A5F \SystemRoot\System32\win32k.sys (Współużytkowany sterownik Win32/Microsoft Corporation)
.text win32k.sys!EngFreeMem + 21 BF85B71D 56 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!EngFreeMem + 5A BF85B756 18 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!EngFreeMem + 6E BF85B76A 10 Bytes [57, 83, CF, FF, 83, 3D, 9C, ...]
.text win32k.sys!EngFreeMem + 79 BF85B775 37 Bytes [74, 2E, 51, 8D, 4D, FC, E8, ...]
.text ...
.text win32k.sys!EngTextOut + 800 BF870A00 17 Bytes CALL BF802AE9 \SystemRoot\System32\win32k.sys (Współużytkowany sterownik Win32/Microsoft Corporation)
.text win32k.sys!EngTextOut + 812 BF870A12 9 Bytes [74, 1A, C7, 85, D4, FB, FF, ...]
.text win32k.sys!EngTextOut + 81E BF870A1E 36 Bytes JMP BF87039D \SystemRoot\System32\win32k.sys (Współużytkowany sterownik Win32/Microsoft Corporation)
.text win32k.sys!EngTextOut + 845 BF870A45 4 Bytes [10, 75, 29, A9]
.text win32k.sys!EngTextOut + 84C BF870A4C 154 Bytes [20, 0F, 85, BD, F8, FF, FF, ...]
.text ...
.text win32k.sys!XLATEOBJ_iXlate + 2E BF871604 1 Byte [BF]
.text win32k.sys!XLATEOBJ_iXlate + 2E BF871604 3 Bytes [BF, 00, 08]
.text win32k.sys!XLATEOBJ_iXlate + 33 BF871609 20 Bytes [85, 7E, 38, 75, 8F, 8B, 46, ...]
.text win32k.sys!XLATEOBJ_iXlate + 48 BF87161E 1 Byte [01]
.text win32k.sys!XLATEOBJ_iXlate + 4B BF871621 17 Bytes [74, 36, 8B, 46, 24, FF, 75, ...]
.text ...
.text win32k.sys!EngStretchBltROP + 2C BF873F04 9 Bytes [89, 4D, F0, 89, 45, F4, 0F, ...]
.text win32k.sys!EngStretchBltROP + 38 BF873F10 48 Bytes [8B, 71, 1C, 8B, 50, 1C, FF, ...]
.text win32k.sys!EngStretchBltROP + 6A BF873F42 42 Bytes [FF, 75, 2C, F7, DF, 56, FF, ...]
.text win32k.sys!EngStretchBltROP + 95 BF873F6D 4 Bytes [8B, B6, E8, 05]
.text win32k.sys!EngStretchBltROP + 9B BF873F73 24 Bytes [EB, B4, 3B, D3, 0F, 84, FB, ...]
.text ...
.text win32k.sys!EngStretchBlt + B BF87507D 3 Bytes [83, 7D, 30]
.text win32k.sys!EngStretchBlt + F BF875081 133 Bytes [53, 56, 57, 0F, 84, 98, FD, ...]
.text win32k.sys!EngStretchBlt + 95 BF875107 1 Byte [07]
.text win32k.sys!EngStretchBlt + 98 BF87510A 10 Bytes [8B, 4E, 04, 3B, 4E, 0C, 0F, ...]
.text win32k.sys!EngStretchBlt + A4 BF875116 12 Bytes [8B, 4D, 24, 8B, 39, 3B, 79, ...]
.text ...
.text win32k.sys!EngCreatePalette + 19 BF879324 1 Byte [80]
.text win32k.sys!EngCreatePalette + 1C BF879327 16 Bytes [83, F9, 02, 57, 8B, 7D, 14, ...]
.text win32k.sys!EngCreatePalette + 2D BF879338 1 Byte [02]
.text win32k.sys!EngCreatePalette + 30 BF87933B 33 Bytes [FF, 75, 1C, FF, 75, 18, 57, ...]
.text win32k.sys!EngCreatePalette + 54 BF87935F 5 Bytes [8B, 18, 83, 65, F8]
.text ...
.text win32k.sys!EngGetCurrentCodePage + 3E61 BF890800 13 Bytes [3B, DF, 74, 10, 57, 57, 6A, ...]
.text win32k.sys!EngGetCurrentCodePage + 3E6F BF89080E 5 Bytes [53, E8, 22, B7, 02]
.text win32k.sys!EngGetCurrentCodePage + 3E75 BF890814 22 Bytes CALL BF852E10 \SystemRoot\System32\win32k.sys (Współużytkowany sterownik Win32/Microsoft Corporation)
.text win32k.sys!EngGetCurrentCodePage + 3E8D BF89082C 6 Bytes [EB, CF, E8, 47, 31, 03]
.text win32k.sys!EngGetCurrentCodePage + 3E94 BF890833 3 Bytes JMP BF890A09 \SystemRoot\System32\win32k.sys (Współużytkowany sterownik Win32/Microsoft Corporation)
.text ...
.text win32k.sys!EngFntCacheLookUp + 3D BF89A3E7 25 Bytes [33, C0, EB, F6, 8B, 4D, 1C, ...]
.text win32k.sys!EngFntCacheLookUp + 58 BF89A402 34 Bytes [03, 02, 83, C2, 04, EB, EF, ...]
.text win32k.sys!EngFntCacheLookUp + 7C BF89A426 12 Bytes [8B, 0C, 91, 8B, 71, 10, 03, ...]
.text win32k.sys!EngFntCacheLookUp + 8A BF89A434 6 Bytes [03, 31, 69, F6, 01, 01]
.text win32k.sys!EngFntCacheLookUp + 92 BF89A43C 28 Bytes [03, 71, 04, 42, 3B, 55, 14, ...]
.text ...
.text win32k.sys!EngFntCacheAlloc + 16 BF89A887 63 Bytes [56, 57, 50, 8D, 4D, FC, E8, ...]
.text win32k.sys!EngFntCacheAlloc + 56 BF89A8C7 5 Bytes [75, 54, 83, 78, 14]
.text win32k.sys!EngFntCacheAlloc + 5C BF89A8CD 45 Bytes [75, 4E, 8B, 0D, 6C, 56, 9A, ...]
.text win32k.sys!EngFntCacheAlloc + 8C BF89A8FD 31 Bytes CALL BF80197F \SystemRoot\System32\win32k.sys (Współużytkowany sterownik Win32/Microsoft Corporation)
.text win32k.sys!EngFntCacheAlloc + AC BF89A91D 33 Bytes [83, 48, 18, 01, EB, CE, 33, ...]
.text ...
.text win32k.sys!EngWideCharToMultiByte + 7 BF89BF28 23 Bytes [FF, 75, 18, FF, 75, 14, FF, ...]
.text win32k.sys!EngWideCharToMultiByte + 1F BF89BF40 93 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!EngWideCharToMultiByte + 7D BF89BF9E 12 Bytes [33, C0, 40, EB, F7, 3B, 47, ...]
.text win32k.sys!EngWideCharToMultiByte + 8B BF89BFAC 23 Bytes JMP C76A42B4
.text win32k.sys!EngWideCharToMultiByte + A4 BF89BFC5 27 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text ...
.text win32k.sys!EngMultiByteToUnicodeN + 24 BF89DF31 4 Bytes [5E, 5D, C2, 04]
.text win32k.sys!EngMultiByteToUnicodeN + 29 BF89DF36 10 Bytes [3C, 07, 74, 40, 3C, 08, C7, ...]
.text win32k.sys!EngMultiByteToUnicodeN + 36 BF89DF43 26 Bytes [74, 35, EB, 3A, 90, 90, 90, ...]
.text win32k.sys!EngMultiByteToUnicodeN + 51 BF89DF5E 32 Bytes [99, BF, 6A, 16, 57, E8, A2, ...]
.text win32k.sys!EngMultiByteToUnicodeN + 74 BF89DF81 6 Bytes [6A, FB, 6A, 01, E8, 2C]
.text ...
.text win32k.sys!EngGradientFill + 19E2 BF8B0600 23 Bytes [45, CC, 7C, 03, 89, 4D, CC, ...]
.text win32k.sys!EngGradientFill + 19FC BF8B061A 22 Bytes [57, 8B, 7E, 1C, 8B, 4F, 28, ...]
.text win32k.sys!EngGradientFill + 1A14 BF8B0632 16 Bytes [3B, FB, 74, 09, 8B, 4F, 04, ...]
.text win32k.sys!EngGradientFill + 1A27 BF8B0645 56 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!EngGradientFill + 1A60 BF8B067E 157 Bytes [89, 45, D8, 33, C0, 40, 50, ...]
.text ...
.text win32k.sys!EngModifySurface + 18 BF8B9480 55 Bytes [89, 7D, F4, 89, 7D, F8, 0F, ...]
.text win32k.sys!EngModifySurface + 51 BF8B94B9 4 Bytes [8B, 4E, 48, BF]
.text win32k.sys!EngModifySurface + 57 BF8B94BF 1 Byte [40]
.text win32k.sys!EngModifySurface + 57 BF8B94BF 31 Bytes [40, 00, 85, CF, 0F, 84, 2C, ...]
.text win32k.sys!EngModifySurface + 77 BF8B94DF 1 Byte [03]
.text ...
.text win32k.sys!EngAlphaBlend + B BF8B9F6C 66 Bytes [8B, 55, 08, 53, 8B, 5D, 0C, ...]
.text win32k.sys!EngAlphaBlend + 4E BF8B9FAF 32 Bytes [8D, 7D, BC, A5, A5, A5, A5, ...]
.text win32k.sys!EngAlphaBlend + 71 BF8B9FD2 6 Bytes [89, 75, A8, C6, 45, AC]
.text win32k.sys!EngAlphaBlend + 78 BF8B9FD9 6 Bytes [89, 75, CC, C6, 45, D0]
.text win32k.sys!EngAlphaBlend + 7F BF8B9FE0 77 Bytes [74, 04, 80, 49, 22, 04, F6, ...]
.text ...
.text win32k.sys!EngStrokePath + 7D75 BF8D0400 39 Bytes [75, 20, FF, 75, 1C, FF, 75, ...]
.text win32k.sys!EngStrokePath + 7D9D BF8D0428 8 Bytes [C7, 05, 7C, 92, 9A, BF, 10, ...]
.text win32k.sys!EngStrokePath + 7DA7 BF8D0432 22 Bytes [A1, 80, 92, 9A, BF, C3, 3B, ...]
.text win32k.sys!EngStrokePath + 7DBF BF8D044A 95 Bytes [A1, 80, 92, 9A, BF, C3, 90, ...]
.text win32k.sys!EngStrokePath + 7E1F BF8D04AA 26 Bytes [EB, 8C, C3, 90, 90, 90, 90, ...]
.text ...
.text win32k.sys!EngSort + B BF8D2C67 64 Bytes [53, 8B, 5D, 10, F6, C3, 03, ...]
.text win32k.sys!EngSort + 4D BF8D2CA9 71 Bytes [39, B5, 50, FF, FF, FF, 0F, ...]
.text win32k.sys!EngSort + 97 BF8D2CF3 70 Bytes [33, DB, 2B, 75, 10, 3B, F3, ...]
.text win32k.sys!EngSort + E0 BF8D2D3C 43 Bytes [EB, B7, 90, 90, 90, 90, 90, ...]
.text win32k.sys!EngSort + 10C BF8D2D68 35 Bytes [85, DB, 74, 22, FF, 75, 10, ...]
.text ...
.text win32k.sys!EngLineTo + B BF8D471F 97 Bytes [8B, 45, 08, 53, 56, 8B, F0, ...]
.text win32k.sys!EngLineTo + 6E BF8D4782 27 Bytes [0F, 85, 2C, FF, FF, FF, 8B, ...]
.text win32k.sys!EngLineTo + 8C BF8D47A0 9 Bytes [8B, 45, FC, 5F, 5E, 5B, C9, ...]
.text win32k.sys!EngLineTo + 96 BF8D47AA 20 Bytes [6A, 08, 59, 33, C0, 8D, 7D, ...]
.text win32k.sys!EngLineTo + AB BF8D47BF 18 Bytes [3B, C3, 89, 45, 18, 74, DA, ...]
.text ...
.text win32k.sys!PATHOBJ_bCloseFigure + 423E BF8F0201 2 Bytes JMP BF8F02CD \SystemRoot\System32\win32k.sys (Współużytkowany sterownik Win32/Microsoft Corporation)
.text win32k.sys!PATHOBJ_bCloseFigure + 4243 BF8F0206 14 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!PATHOBJ_bCloseFigure + 4253 BF8F0216 59 Bytes [A1, 34, AB, 99, BF, 89, 45, ...]
.text win32k.sys!PATHOBJ_bCloseFigure + 4291 BF8F0254 63 Bytes [89, 85, EC, FD, FF, FF, 0F, ...]
.text win32k.sys!PATHOBJ_bCloseFigure + 42D2 BF8F0295 52 Bytes [0F, 0F, 85, C2, FE, FF, FF, ...]
.text ...
.text win32k.sys!EngDeletePalette + 3C BF8F9CD2 24 Bytes CALL BF804882 \SystemRoot\System32\win32k.sys (Współużytkowany sterownik Win32/Microsoft Corporation)
.text win32k.sys!EngDeletePalette + 55 BF8F9CEB 7 Bytes [8B, 01, 56, 8B, B0, 40, 06]
.text win32k.sys!EngDeletePalette + 5E BF8F9CF4 22 Bytes [74, 17, 51, 8D, 4D, FC, E8, ...]
.text win32k.sys!EngDeletePalette + 75 BF8F9D0B 6 Bytes [75, 05, 5E, C9, C2, 08]
.text win32k.sys!EngDeletePalette + 7C BF8F9D12 49 Bytes [FF, 15, 44, CE, 98, BF, EB, ...]
.text ...
.text win32k.sys!FONTOBJ_pifi + 1A BF8FAAE7 14 Bytes CALL BF80490D \SystemRoot\System32\win32k.sys (Współużytkowany sterownik Win32/Microsoft Corporation)
.text win32k.sys!FONTOBJ_pifi + 29 BF8FAAF6 41 Bytes [33, F6, EB, E9, 90, 90, 90, ...]
.text win32k.sys!FONTOBJ_pifi + 55 BF8FAB22 8 Bytes [83, 0E, 01, 8B, C8, E8, 47, ...]
.text win32k.sys!FONTOBJ_pifi + 5F BF8FAB2C 7 Bytes [83, 26, FE, 5E, 5D, C2, 04]
.text win32k.sys!FONTOBJ_pifi + 67 BF8FAB34 24 Bytes [33, C0, EB, F8, 33, C0, EB, ...]
.text ...
.text win32k.sys!HT_Get8BPPMaskPalette + 20 BF8FC3D6 3 Bytes [C9, C2, 18]
.text win32k.sys!HT_Get8BPPMaskPalette + 24 BF8FC3DA 32 Bytes [0F, B6, 45, 10, 8B, C8, 49, ...]
.text win32k.sys!HT_Get8BPPMaskPalette + 45 BF8FC3FB 33 Bytes [89, 4D, 18, 89, 7D, 0C, 89, ...]
.text win32k.sys!HT_Get8BPPMaskPalette + 69 BF8FC41F 26 Bytes [89, 45, 0C, 89, 45, 18, 89, ...]
.text win32k.sys!HT_Get8BPPMaskPalette + 85 BF8FC43B 13 Bytes [53, 33, DB, 81, 3E, 52, 47, ...]
.text ...
.text win32k.sys!HT_Get8BPPFormatPalette + 16 BF8FC78B 15 Bytes [53, 57, 89, 45, F8, 89, 45, ...]
.text win32k.sys!HT_Get8BPPFormatPalette + 28 BF8FC79D 4 Bytes [BF, 20, A1, 07]
.text win32k.sys!HT_Get8BPPFormatPalette + 2D BF8FC7A2 4 Bytes [BB, 40, 42, 0F]
.text win32k.sys!HT_Get8BPPFormatPalette + 32 BF8FC7A7 45 Bytes [6A, 05, FF, 75, 08, E8, CC, ...]
.text win32k.sys!HT_Get8BPPFormatPalette + 62 BF8FC7D7 13 Bytes [03, C7, 99, 8B, CB, F7, F9, ...]
.text ...
.text win32k.sys!STROBJ_bEnumPositionsOnly + 23 BF8FCA39 11 Bytes [FF, 75, 10, FF, 75, 0C, 50, ...]
.text win32k.sys!STROBJ_bEnumPositionsOnly + 2F BF8FCA45 6 Bytes [EB, EE, 33, C0, E9, B7]
.text win32k.sys!STROBJ_bEnumPositionsOnly + 38 BF8FCA4E 5 Bytes [FF, 31, 83, 65, FC]
.text win32k.sys!STROBJ_bEnumPositionsOnly + 3E BF8FCA54 19 Bytes [8D, 45, B8, 8D, 4D, F4, 89, ...]
.text win32k.sys!STROBJ_bEnumPositionsOnly + 54 BF8FCA6A 6 Bytes [83, FF, 01, 0F, 85, D9]
.text ...
.text win32k.sys!XFORMOBJ_bApplyXform + 3E BF8FCB03 6 Bytes [5E, 5B, 5F, C9, C2, 14]
.text win32k.sys!XFORMOBJ_bApplyXform + 45 BF8FCB0A 16 Bytes [3B, F3, 0F, 84, 68, FF, FF, ...]
.text win32k.sys!XFORMOBJ_bApplyXform + 58 BF8FCB1D 64 Bytes [85, C0, 74, 3F, 8D, 0C, FB, ...]
.text win32k.sys!XFORMOBJ_bApplyXform + 99 BF8FCB5E 104 Bytes [EB, A3, 33, C0, EB, 9F, 8B, ...]
.text win32k.sys!XFORMOBJ_bApplyXform + 102 BF8FCBC7 3 Bytes [68, 16, 02]
.text ...
.text win32k.sys!FONTOBJ_vGetInfo + 1C BF8FCD39 9 Bytes [8B, 4D, 0C, 8B, 7D, 10, 83, ...]
.text win32k.sys!FONTOBJ_vGetInfo + 26 BF8FCD43 30 Bytes JMP A4055A4A
.text win32k.sys!FONTOBJ_vGetInfo + 45 BF8FCD62 29 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!FONTOBJ_vGetInfo + 65 BF8FCD82 4 Bytes [8B, 06, 8B, 80]
.text win32k.sys!FONTOBJ_vGetInfo + 6A BF8FCD87 1 Byte [02]
.text ...
.text win32k.sys!FONTOBJ_cGetGlyphs + 11 BF8FCFDC 43 Bytes [89, 45, F0, 8B, 45, 08, 56, ...]
.text win32k.sys!FONTOBJ_cGetGlyphs + 3D BF8FD008 4 Bytes [8D, 4D, 14, E8]
.text win32k.sys!FONTOBJ_cGetGlyphs + 42 BF8FD00D 9 Bytes [79, F0, FF, 8B, C6, 5E, C9, ...]
.text win32k.sys!FONTOBJ_cGetGlyphs + 4C BF8FD017 28 Bytes [33, C0, EB, F8, 90, 90, 90, ...]
.text win32k.sys!FONTOBJ_cGetGlyphs + 6A BF8FD035 3 Bytes [5D, C2, 0C]
.text ...
.text win32k.sys!STROBJ_bGetAdvanceWidths + 39 BF8FD0CC 42 Bytes [74, 3D, 3B, CA, 73, 1E, 8B, ...]
.text win32k.sys!STROBJ_bGetAdvanceWidths + 64 BF8FD0F7 29 Bytes [8B, 71, 04, 8B, 7D, 14, 83, ...]
.text win32k.sys!STROBJ_bGetAdvanceWidths + 83 BF8FD116 2 Bytes JMP BF8FD1B0 \SystemRoot\System32\win32k.sys (Współużytkowany sterownik Win32/Microsoft Corporation)
.text win32k.sys!STROBJ_bGetAdvanceWidths + 88 BF8FD11B 4 Bytes [89, 31, E9, EB]
.text win32k.sys!STROBJ_bGetAdvanceWidths + 8F BF8FD122 20 Bytes [90, 90, 90, 90, 90, 33, C0, ...]
.text ...
.text win32k.sys!BRUSHOBJ_hGetColorTransform + 18 BF8FD36D 4 Bytes [33, F6, E9, D9]
.text win32k.sys!BRUSHOBJ_hGetColorTransform + 1F BF8FD374 21 Bytes [FF, 75, F8, 8B, CE, FF, 75, ...]
.text win32k.sys!BRUSHOBJ_hGetColorTransform + 35 BF8FD38A 2 Bytes JMP BF8FD44A \SystemRoot\System32\win32k.sys (Współużytkowany sterownik Win32/Microsoft Corporation)
.text win32k.sys!BRUSHOBJ_hGetColorTransform + 3A BF8FD38F 24 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!BRUSHOBJ_hGetColorTransform + 55 BF8FD3AA 8 Bytes [89, 7D, F4, 89, 7D, F8, E8, ...]
.text ...
.text win32k.sys!EngAllocUserMem + 1A BF8FDCFD 1 Byte [30]
.text win32k.sys!EngAllocUserMem + 1D BF8FDD00 153 Bytes [8D, 45, 08, 50, 53, 8D, 45, ...]
.text win32k.sys!EngAllocUserMem + B7 BF8FDD9A 8 Bytes [57, FF, 15, F4, CF, 98, BF, ...]
.text win32k.sys!EngAllocUserMem + C0 BF8FDDA3 1 Byte [80]
.text win32k.sys!EngAllocUserMem + C3 BF8FDDA6 38 Bytes [8D, 45, 08, 50, 8D, 45, E0, ...]
.text ...
.text win32k.sys!EngMarkBandingSurface + D BF8FE2B7 26 Bytes CALL BF8137CE \SystemRoot\System32\win32k.sys (Współużytkowany sterownik Win32/Microsoft Corporation)
.text win32k.sys!EngMarkBandingSurface + 28 BF8FE2D2 4 Bytes [33, F6, E9, E7]
.text win32k.sys!EngMarkBandingSurface + 2F BF8FE2D9 29 Bytes [8D, 45, EC, 50, 8D, 45, F8, ...]
.text win32k.sys!EngMarkBandingSurface + 4F BF8FE2F9 4 Bytes CALL BF977278 \SystemRoot\System32\win32k.sys (Współużytkowany sterownik Win32/Microsoft Corporation)
.text win32k.sys!EngMarkBandingSurface + 54 BF8FE2FE 29 Bytes [89, 45, FC, EB, 35, 90, 90, ...]
.text ...
.text win32k.sys!BRUSHOBJ_ulGetBrushColor + 1D BF8FEBC9 51 Bytes [83, C8, FF, EB, F7, F6, 40, ...]
.text win32k.sys!BRUSHOBJ_ulGetBrushColor + 53 BF8FEBFF 41 Bytes [01, 53, 57, 8B, 7D, 08, 57, ...]
.text win32k.sys!BRUSHOBJ_ulGetBrushColor + 7F BF8FEC2B 9 Bytes [FE, 5F, 8B, C3, 5B, 5E, 5D, ...]
.text win32k.sys!BRUSHOBJ_ulGetBrushColor + 89 BF8FEC35 9 Bytes [33, C0, EB, F7, 33, C0, 40, ...]
.text win32k.sys!BRUSHOBJ_ulGetBrushColor + 95 BF8FEC41 4 Bytes [B9, 40, 42, 0F]
.text ...
.text win32k.sys!PALOBJ_cGetColors + 1EDE BF910000 140 Bytes [FF, 8A, 11, 8A, 59, 01, 0F, ...]
.text win32k.sys!PALOBJ_cGetColors + 1F6C BF91008E 141 Bytes [49, 89, 4D, 2C, 33, DB, 83, ...]
.text win32k.sys!PALOBJ_cGetColors + 1FFB BF91011D 5 Bytes [EB, C5, 83, 7D, 28]
.text win32k.sys!PALOBJ_cGetColors + 2001 BF910123 3 Bytes [0F, 84, 8A]
.text win32k.sys!PALOBJ_cGetColors + 2007 BF910129 134 Bytes [8B, CF, 8B, FA, C1, E7, 03, ...]
.text ...
.text win32k.sys!EngCreateClip + 13 BF910C91 23 Bytes CALL BF85B6A3 \SystemRoot\System32\win32k.sys (Współużytkowany sterownik Win32/Microsoft Corporation)
.text win32k.sys!EngCreateClip + 2D BF910CAB 28 Bytes [F8, 89, 45, F0, 89, 45, EC, ...]
.text win32k.sys!EngCreateClip + 4A BF910CC8 7 Bytes [C6, 46, 15, 01, C6, 46, 16]
.text win32k.sys!EngCreateClip + 52 BF910CD0 71 Bytes CALL BF8057EF \SystemRoot\System32\win32k.sys (Współużytkowany sterownik Win32/Microsoft Corporation)
.text win32k.sys!EngCreateClip + 9A BF910D18 3 Bytes [83, 7E, 34]
.text ...
.text win32k.sys!EngSetPointerTag + 5 BF91600D 8 Bytes [8B, FF, 55, 8B, EC, 81, EC, ...]
.text win32k.sys!EngSetPointerTag + 10 BF916018 394 Bytes [33, C0, 56, 8B, 35, D8, B7, ...]
.text win32k.sys!EngSetPointerTag + 19B BF9161A3 1 Byte [68]
.text win32k.sys!EngSetPointerTag + 19E BF9161A6 1 Byte [05]
.text win32k.sys!EngSetPointerTag + 19E BF9161A6 13 Bytes [05, 00, FF, 75, FC, FF, 75, ...]
.text ...
.text win32k.sys!XFORMOBJ_iGetFloatObjXform + 16 BF93349C 11 Bytes [74, 0A, FF, 75, 0C, 8B, CE, ...]
.text win32k.sys!XFORMOBJ_iGetFloatObjXform + 22 BF9334A8 40 Bytes [8B, 06, 8B, 40, 38, 83, E0, ...]
.text win32k.sys!XFORMOBJ_iGetFloatObjXform + 4B BF9334D1 24 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!FLOATOBJ_SetFloat + 14 BF9334EA 24 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!FLOATOBJ_SetLong + 14 BF933503 27 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!FLOATOBJ_GetLong + 7 BF93351F 18 Bytes [8D, 45, 08, 50, FF, 75, 08, ...]
.text win32k.sys!FLOATOBJ_GetLong + 1A BF933532 42 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!FLOATOBJ_AddFloat + 26 BF93355D 42 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!FLOATOBJ_AddLong + 26 BF933588 27 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!FLOATOBJ_Add + 17 BF9335A4 42 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!FLOATOBJ_SubFloat + 26 BF9335CF 42 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!FLOATOBJ_SubLong + 26 BF9335FA 27 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!FLOATOBJ_Sub + 17 BF933616 42 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!FLOATOBJ_MulFloat + 26 BF933641 42 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!FLOATOBJ_MulLong + 26 BF93366C 27 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!FLOATOBJ_Mul + 17 BF933688 42 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!FLOATOBJ_DivFloat + 26 BF9336B3 42 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!FLOATOBJ_DivLong + 26 BF9336DE 27 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!FLOATOBJ_Div + 17 BF9336FA 21 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!FLOATOBJ_Neg + 11 BF933710 67 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!FLOATOBJ_EqualLong + 3F BF933754 15 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!FLOATOBJ_GreaterThanLong + B BF933764 16 Bytes [75, 1A, 8B, 4D, 08, 8B, 01, ...]
.text win32k.sys!FLOATOBJ_GreaterThanLong + 1C BF933775 38 Bytes [74, 05, 33, C0, 40, EB, 1C, ...]
.text win32k.sys!FLOATOBJ_GreaterThanLong + 43 BF93379C 15 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!FLOATOBJ_LessThanLong + B BF9337AC 40 Bytes [75, 0C, 8B, 4D, 08, 33, C0, ...]
.text win32k.sys!FLOATOBJ_LessThanLong + 34 BF9337D5 24 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!FLOATOBJ_Equal + 14 BF9337EE 24 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!FLOATOBJ_GreaterThan + 14 BF933807 24 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!FLOATOBJ_LessThan + 14 BF933820 31 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!FLOATOBJ_LessThan + 34 BF933840 18 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!FLOATOBJ_LessThan + 47 BF933853 34 Bytes [75, 31, 8B, 45, 0C, 8D, 70, ...]
.text win32k.sys!FLOATOBJ_LessThan + 6A BF933876 7 Bytes [89, 70, 04, C7, 40, 0C, 01]
.text win32k.sys!FLOATOBJ_LessThan + 74 BF933880 14 Bytes [83, C0, 10, 89, 47, 04, 8B, ...]
.text ...
.text win32k.sys!CLIPOBJ_ppoGetPath + 11 BF933B2E 31 Bytes [90, 90, 90, 90, 90, 33, C0, ...]
.text win32k.sys!EngGetCurrentThreadId + 13 BF933B4E 12 Bytes [74, 14, FF, 75, 08, FF, 15, ...]
.text win32k.sys!EngGetCurrentThreadId + 20 BF933B5B 12 Bytes [FF, 75, 08, FF, 15, FC, CB, ...]
.text win32k.sys!EngGetCurrentThreadId + 2D BF933B68 25 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!EngIsSemaphoreOwned + 15 BF933B82 30 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!EngDebugPrint + B BF933BA2 24 Bytes [A1, 34, AB, 99, BF, 56, 8B, ...]
.text win32k.sys!EngDebugPrint + 24 BF933BBB 13 Bytes [57, 8D, 85, FC, FE, FF, FF, ...]
.text win32k.sys!EngDebugPrint + 32 BF933BC9 11 Bytes [8D, 85, FC, FE, FF, FF, 50, ...]
.text win32k.sys!EngDebugPrint + 3E BF933BD5 16 Bytes [8B, 4D, FC, 83, C4, 14, 5F, ...]
.text win32k.sys!EngDebugPrint + 4F BF933BE6 93 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!EngProbeForRead + 3A BF933C44 37 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!EngAllocSectionMem + 23 BF933C6C 13 Bytes [08, 6A, 04, 89, 45, F4, 8D, ...]
.text win32k.sys!EngAllocSectionMem + 31 BF933C7A 1 Byte [0F]
.text win32k.sys!EngAllocSectionMem + 31 BF933C7A 97 Bytes [0F, 00, 56, 89, 7D, F8, FF, ...]
.text win32k.sys!EngAllocSectionMem + 93 BF933CDC 13 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!EngFreeSectionMem + 9 BF933CEA 27 Bytes [74, 09, FF, 75, 0C, FF, 15, ...]
.text win32k.sys!EngFreeSectionMem + 25 BF933D06 146 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!EngMapSection + 8E BF933D99 39 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!EngInitializeSafeSemaphore + 12 BF933DC1 36 Bytes CALL BF86A1E2 \SystemRoot\System32\win32k.sys (Współużytkowany sterownik Win32/Microsoft Corporation)
.text win32k.sys!EngInitializeSafeSemaphore + 37 BF933DE6 34 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!EngDeleteSafeSemaphore + 1E BF933E09 12 Bytes CALL BF804940 \SystemRoot\System32\win32k.sys (Współużytkowany sterownik Win32/Microsoft Corporation)
.text win32k.sys!EngDeleteSafeSemaphore + 2B BF933E16 98 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!EngDeleteSafeSemaphore + 8E BF933E79 1 Byte [10]
.text win32k.sys!EngDeleteSafeSemaphore + 8E BF933E79 18 Bytes [10, 00, C3, 90, 90, 90, 90, ...]
.text win32k.sys!EngDeleteSafeSemaphore + A1 BF933E8C 15 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text ...
.text win32k.sys!HeapVidMemAllocAligned + 11 BF93430F 20 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!VidMemFree + 11 BF934325 20 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!EngAllocPrivateUserMem + 11 BF93433B 20 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!EngFreePrivateUserMem + 11 BF934351 20 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!EngDxIoctl + 11 BF934367 20 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!EngLockDirectDrawSurface + 11 BF93437D 20 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!EngUnlockDirectDrawSurface + 11 BF934393 20 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!EngUnlockDirectDrawSurface + 27 BF9343A9 20 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!EngUnlockDirectDrawSurface + 3D BF9343BF 56 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!EngUnlockDirectDrawSurface + 76 BF9343F8 61 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!EngUnlockDirectDrawSurface + B4 BF934436 36 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text ...
.text win32k.sys!EngGetType1FontList + 13 BF934EB5 14 Bytes [89, 7D, FC, 75, 0B, E8, 7B, ...]
.text win32k.sys!EngGetType1FontList + 23 BF934EC5 4 Bytes [39, BE, CC, 02]
.text win32k.sys!EngGetType1FontList + 29 BF934ECB 4 Bytes [8B, 86, D4, 02]
.text win32k.sys!EngGetType1FontList + 2F BF934ED1 7 Bytes [75, 08, 3B, C7, 0F, 84, EB]
.text win32k.sys!EngGetType1FontList + 39 BF934EDB 20 Bytes [8B, 55, 18, 89, 3A, EB, 05, ...]
.text ...
.text win32k.sys!EngQueryLocalTime + 6F BF935043 18 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!EngQueryLocalTime + 84 BF935058 6 Bytes [8B, 40, 04, 83, 89, A8]
.text win32k.sys!EngQueryLocalTime + 8D BF935061 4 Bytes [04, 89, 81, B0]
.text win32k.sys!EngQueryLocalTime + 94 BF935068 3 Bytes [5D, C2, 04]
.text win32k.sys!EngQueryLocalTime + 98 BF93506C 63 Bytes [90, 90, 90, 90, 90, 8B, 01, ...]
.text ...
.text win32k.sys!EngCheckAbort + 17 BF935278 6 Bytes [74, 0A, 8B, 40, 48, 25]
.text win32k.sys!EngCheckAbort + 20 BF935281 8 Bytes [40, EB, 02, 33, C0, 5D, C2, ...]
.text win32k.sys!EngCheckAbort + 29 BF93528A 26 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!EngCheckAbort + 44 BF9352A5 15 Bytes [74, 10, FF, 75, 0C, 8D, 4D, ...]
.text win32k.sys!EngCheckAbort + 54 BF9352B5 7 Bytes [EB, 02, 33, C0, C9, C2, 08]
.text ...
.text win32k.sys!EngDeleteEvent + 1F BF936A84 59 Bytes [90, 90, 90, 90, 90, 6A, 18, ...]
.text win32k.sys!EngMapEvent + 39 BF936AC2 63 Bytes [10, FF, 75, 0C, FF, 15, 90, ...]
.text win32k.sys!EngMapEvent + 79 BF936B02 43 Bytes [C3, 90, 90, 90, 90, 90, 8B, ...]
.text win32k.sys!EngMapEvent + A5 BF936B2E 45 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!EngUnmapEvent + 29 BF936B5C 14 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!EngSetEvent + A BF936B6B 1 Byte [6A]
.text win32k.sys!EngSetEvent + A BF936B6B 13 Bytes [6A, 00, FF, 30, FF, 15, A4, ...]
.text win32k.sys!EngSetEvent + 18 BF936B79 24 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!EngClearEvent + 14 BF936B92 24 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!EngReadStateEvent + 14 BF936BAB 25 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!EngReadStateEvent + 2E BF936BC5 147 Bytes [8B, F0, 59, 8D, 5C, 36, 3A, ...]
.text win32k.sys!EngReadStateEvent + C2 BF936C59 23 Bytes [74, 08, 68, 04, 27, 99, BF, ...]
.text win32k.sys!EngReadStateEvent + DA BF936C71 43 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!EngGetFilePath + 27 BF936C9D 30 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!EngGetFileChangeTime + 1C BF936CBE 20 Bytes [39, 70, 18, 74, 12, 8B, 10, ...]
.text win32k.sys!EngGetFileChangeTime + 33 BF936CD5 26 Bytes [51, 8D, 45, F4, 50, FF, 15, ...]
.text win32k.sys!EngGetFileChangeTime + 50 BF936CF2 19 Bytes [50, 56, 8D, 4D, EC, 51, 8D, ...]
.text win32k.sys!EngGetFileChangeTime + 66 BF936D08 8 Bytes [89, 75, D8, C7, 45, E0, 40, ...]
.text win32k.sys!EngGetFileChangeTime + 70 BF936D12 86 Bytes [89, 75, E4, 89, 75, E8, FF, ...]
.text ...
.text win32k.sys!EngDeleteFile + 1D BF936F3D 3 Bytes [83, 65, F0]
.text win32k.sys!EngDeleteFile + 21 BF936F41 3 Bytes [83, 65, F4]
.text win32k.sys!EngDeleteFile + 25 BF936F45 14 Bytes [8D, 45, F8, 89, 45, E8, 8D, ...]
.text win32k.sys!EngDeleteFile + 36 BF936F56 4 Bytes [C7, 45, EC, 40]
.text win32k.sys!EngDeleteFile + 3D BF936F5D 18 Bytes [FF, 15, 40, D0, 98, BF, 85, ...]
.text ...
.text win32k.sys!EngControlSprites + 22 BF9380FA 89 Bytes [8B, 40, 10, 56, 57, 8B, 78, ...]
.text win32k.sys!EngControlSprites + 7C BF938154 92 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!EngControlSprites + DB BF9381B3 26 Bytes CALL BF827A4C \SystemRoot\System32\win32k.sys (Współużytkowany sterownik Win32/Microsoft Corporation)
.text win32k.sys!EngControlSprites + F6 BF9381CE 55 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!EngControlSprites + 130 BF938208 68 Bytes CALL BF827A4C \SystemRoot\System32\win32k.sys (Współużytkowany sterownik Win32/Microsoft Corporation)
.text ...
.text win32k.sys!EngMovePointer + 1E BF938A56 4 Bytes [0F, 84, 53, 01]
.text win32k.sys!EngMovePointer + 24 BF938A5C 16 Bytes [8D, 45, FC, 50, 8D, 4D, EC, ...]
.text win32k.sys!EngMovePointer + 36 BF938A6E 4 Bytes [3B, 86, 7C, 01]
.text win32k.sys!EngMovePointer + 3C BF938A74 3 Bytes [0F, 84, A9]
.text win32k.sys!EngMovePointer + 42 BF938A7A 1 Byte [BA]
.text ...
.text win32k.sys!EngSetPointerShape + 1F BF938BD9 4 Bytes [C7, 45, FC, 02]
.text win32k.sys!EngSetPointerShape + 26 BF938BE0 16 Bytes [8B, C8, 75, 07, 33, DB, 89, ...]
.text win32k.sys!EngSetPointerShape + 38 BF938BF2 30 Bytes [F7, F1, 33, DB, 89, 45, 2C, ...]
.text win32k.sys!EngSetPointerShape + 58 BF938C12 25 Bytes [3B, C3, 74, 0F, 8B, 78, 10, ...]
.text win32k.sys!EngSetPointerShape + 73 BF938C2D 4 Bytes [89, 9E, C0, 01]
.text ...
.text win32k.sys!EngUnlockDriverObj + 33 BF93924E 126 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!EngQueryPalette + 7A BF9392CD 78 Bytes [90, 90, 90, 90, 90, 8B, 49, ...]
.text win32k.sys!EngQueryPalette + C9 BF93931C 40 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!EngQueryPalette + F2 BF939345 1 Byte [05]
.text win32k.sys!EngQueryPalette + F6 BF939349 57 Bytes [80, 3B, C8, 7D, F1, 33, C0, ...]
.text win32k.sys!EngQueryPalette + 130 BF939383 84 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text ...
.text win32k.sys!EngDeletePath + 9 BF9395BD 19 Bytes [74, 0E, 8B, 4D, 08, E8, 4A, ...]
.text win32k.sys!EngDeletePath + 1D BF9395D1 63 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!EngDeletePath + 5D BF939611 21 Bytes [03, 03, 8B, CF, 89, 45, F8, ...]
.text win32k.sys!EngDeletePath + 73 BF939627 20 Bytes CALL BF84B921 \SystemRoot\System32\win32k.sys (Współużytkowany sterownik Win32/Microsoft Corporation)
.text win32k.sys!EngDeletePath + 88 BF93963C 14 Bytes CALL BF84BC85 \SystemRoot\System32\win32k.sys (Współużytkowany sterownik Win32/Microsoft Corporation)
.text ...
.text win32k.sys!PATHOBJ_bPolyBezierTo + 10 BF9396A5 8 Bytes CALL BF88239E \SystemRoot\System32\win32k.sys (Współużytkowany sterownik Win32/Microsoft Corporation)
.text win32k.sys!PATHOBJ_bPolyBezierTo + 19 BF9396AE 16 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!PATHOBJ_bPolyBezierTo + 2C BF9396C1 6 Bytes [83, E0, 20, 5D, C2, 04]
.text win32k.sys!PATHOBJ_bPolyBezierTo + 33 BF9396C8 32 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!WNDOBJ_cEnumStart + 1C BF9396E9 16 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!WNDOBJ_vSetConsumer + E BF9396FC 14 Bytes [3B, 41, 08, 74, 06, 8B, 4D, ...]
.text win32k.sys!WNDOBJ_vSetConsumer + 1D BF93970B 17 Bytes [90, 90, 90, 90, 90, 81, 79, ...]
.text win32k.sys!WNDOBJ_vSetConsumer + 31 BF93971F 29 Bytes [81, 38, 54, 52, 41, 43, 75, ...]
.text win32k.sys!WNDOBJ_vSetConsumer + 4F BF93973D 47 Bytes [68, 20, B6, 99, BF, FF, 75, ...]
.text win32k.sys!WNDOBJ_vSetConsumer + 7F BF93976D 13 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text ...
.text win32k.sys!EngCreateWnd + 3E BF939876 3 Bytes [F7, 45, 14]
.text win32k.sys!EngCreateWnd + 42 BF93987A 7 Bytes [FE, FF, F7, 0F, 85, A6, 02]
.text win32k.sys!EngCreateWnd + 4B BF939883 35 Bytes [FF, 35, CC, BF, 9A, BF, 8D, ...]
.text win32k.sys!EngCreateWnd + 71 BF9398A9 4 Bytes [0F, 84, CE, 01]
.text win32k.sys!EngCreateWnd + 77 BF9398AF 3 Bytes [8B, 80, 80]
.text ...
.text win32k.sys!EngDeleteWnd + 18 BF939C78 5 Bytes [85, C0, 74, 08, 6A]
.text win32k.sys!EngDeleteWnd + 1E BF939C7E 16 Bytes CALL BF924575 \SystemRoot\System32\win32k.sys (Współużytkowany sterownik Win32/Microsoft Corporation)
.text win32k.sys!EngDeleteWnd + 2F BF939C8F 73 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!EngDeleteWnd + 79 BF939CD9 11 Bytes CALL BF80D664 \SystemRoot\System32\win32k.sys (Współużytkowany sterownik Win32/Microsoft Corporation)
.text win32k.sys!EngDeleteWnd + 87 BF939CE7 25 Bytes [85, FF, 74, 28, EB, E2, 3B, ...]
.text ...
.text win32k.sys!EngDitherColor + 14 BF93A9B8 4 Bytes [08, 0F, 85, A5]
.text win32k.sys!EngDitherColor + 1B BF93A9BF 5 Bytes [66, 83, B9, 2E, 04]
.text win32k.sys!EngDitherColor + 22 BF93A9C6 4 Bytes [08, 0F, 85, 97]
.text win32k.sys!EngDitherColor + 29 BF93A9CD 11 Bytes [83, 7D, 0C, 02, 56, 74, 41, ...]
.text win32k.sys!EngDitherColor + 36 BF93A9DA 83 Bytes [83, FE, 03, 74, 05, 83, FE, ...]
.text ...
.text win32k.sys!EngEnumForms + 15 BF93B24D 6 Bytes [39, 45, 1C, 0F, 84, C0]
.text win32k.sys!EngEnumForms + 1E BF93B256 28 Bytes [53, 56, 57, BB, 47, 73, 70, ...]
.text win32k.sys!EngEnumForms + 3D BF93B275 20 Bytes [8B, 45, 0C, 89, 3E, 8B, 7D, ...]
.text win32k.sys!EngEnumForms + 52 BF93B28A 40 Bytes CALL BF802AE7 \SystemRoot\System32\win32k.sys (Współużytkowany sterownik Win32/Microsoft Corporation)
.text win32k.sys!EngEnumForms + 7B BF93B2B3 111 Bytes [8B, 45, 18, 89, 08, 8B, 4B, ...]
.text ...
.text win32k.sys!EngGetPrinter + B BF93B333 3 Bytes [83, 7D, 18]
.text win32k.sys!EngGetPrinter + F BF93B337 35 Bytes [75, 04, 6A, 57, EB, 14, 8B, ...]
.text win32k.sys!EngGetPrinter + 35 BF93B35D 68 Bytes [C7, 45, FC, B0, BA, 99, BF, ...]
.text win32k.sys!EngGetPrinter + 7C BF93B3A4 20 Bytes [8B, 45, 0C, 89, 3B, 8B, 7D, ...]
.text win32k.sys!EngGetPrinter + 91 BF93B3B9 17 Bytes CALL BF802AE7 \SystemRoot\System32\win32k.sys (Współużytkowany sterownik Win32/Microsoft Corporation)
.text ...
.text win32k.sys!EngGetForm + 1F BF93B45F 16 Bytes [39, 75, 0C, 74, 0D, FF, 75, ...]
.text win32k.sys!EngGetForm + 30 BF93B470 24 Bytes [02, 53, 57, 68, 47, 73, 70, ...]
.text win32k.sys!EngGetForm + 4B BF93B48B 3 Bytes [83, 7D, 0C]
.text win32k.sys!EngGetForm + 4F BF93B48F 46 Bytes [8B, 45, 18, 8B, 4D, 10, 89, ...]
.text win32k.sys!EngGetForm + 7E BF93B4BE 21 Bytes [68, 47, 73, 70, 6C, 57, E8, ...]
.text ...
.text win32k.sys!EngGetPrinterData + 13 BF93B6E9 14 Bytes CALL BF821030 \SystemRoot\System32\win32k.sys (Współużytkowany sterownik Win32/Microsoft Corporation)
.text win32k.sys!EngGetPrinterData + 24 BF93B6FA 18 Bytes [56, 8B, 75, 0C, 3B, F3, 57, ...]
.text win32k.sys!EngGetPrinterData + 37 BF93B70D 23 Bytes [02, 68, 47, 73, 70, 6C, 8D, ...]
.text win32k.sys!EngGetPrinterData + 51 BF93B727 68 Bytes [85, F6, 8B, 4D, 18, 89, 38, ...]
.text win32k.sys!EngGetPrinterData + 96 BF93B76C 2 Bytes [68, 09]
.text ...
.text win32k.sys!EngSetPrinterData + B BF93B7EE 7 Bytes [53, 56, 57, C7, 45, F8, 08]
.text win32k.sys!EngSetPrinterData + 15 BF93B7F8 12 Bytes [74, 12, FF, 75, 0C, E8, 93, ...]
.text win32k.sys!EngSetPrinterData + 22 BF93B805 10 Bytes [02, 59, 89, 7D, FC, EB, 07, ...]
.text win32k.sys!EngSetPrinterData + 2D BF93B810 35 Bytes [8B, 7D, FC, 8B, 45, 14, F7, ...]
.text win32k.sys!EngSetPrinterData + 53 BF93B836 68 Bytes [89, 33, 8B, 75, 0C, 85, F6, ...]
.text ...
.text win32k.sys!EngWritePrinter + 24 BF93B8ED 6 Bytes [89, 75, E4, 8D, BB, B0]
.text win32k.sys!EngWritePrinter + 2D BF93B8F6 39 Bytes [8B, 75, 10, 8D, 46, 10, 89, ...]
.text win32k.sys!EngWritePrinter + 56 BF93B91F 1 Byte [01]
.text win32k.sys!EngWritePrinter + 56 BF93B91F 14 Bytes [01, 00, 72, 19, 89, 57, 04, ...]
.text win32k.sys!EngWritePrinter + 67 BF93B930 4 Bytes [C7, 43, 6C, 10]
.text ...
.text win32k.sys!EngFileWrite + B BF93BB27 1 Byte [6A]
.text win32k.sys!EngFileWrite + B BF93BB27 3 Bytes [6A, 00, 6A]
.text win32k.sys!EngFileWrite + F BF93BB2B 11 Bytes [57, FF, 75, 0C, FF, 75, 08, ...]
.text win32k.sys!EngFileWrite + 1B BF93BB37 9 Bytes [85, C0, 8B, 45, 14, 7D, 05, ...]
.text win32k.sys!EngFileWrite + 25 BF93BB41 8 Bytes [EB, 02, 89, 38, 5F, 5D, C2, ...]
.text ...
.text win32k.sys!EngFileIoControl + 27 BF93BB76 11 Bytes [8B, 4D, 20, 8B, 55, FC, 89, ...]
.text win32k.sys!EngFileIoControl + 33 BF93BB82 6 Bytes [90, 90, 90, 90, 90, BA]
.text win32k.sys!EngGetTickCount + 3 BF93BB8A 61 Bytes [FE, 7F, 8B, 02, F7, 62, 04, ...]
.text win32k.sys!EngGetTickCount + 41 BF93BBC8 13 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!EngGetTickCount + 4F BF93BBD6 115 Bytes [74, 77, 53, 56, 8B, 75, 08, ...]
.text win32k.sys!EngGetTickCount + C3 BF93BC4A 10 Bytes [75, 98, 5F, 5E, 5B, 33, C0, ...]
.text win32k.sys!EngGetTickCount + CE BF93BC55 7 Bytes [90, 90, 90, 90, 90, 68, DC]
.text ...
.text win32k.sys!EngHangNotification + 1B BF93E418 4 Bytes [8B, B7, 74, 05]
.text win32k.sys!EngHangNotification + 21 BF93E41E 6 Bytes [83, FE, FC, 0F, 84, B9]
.text win32k.sys!EngHangNotification + 2A BF93E427 5 Bytes [85, F6, 0F, 84, B1]
.text win32k.sys!EngHangNotification + 32 BF93E42F 14 Bytes [53, 8D, 46, 20, 50, 68, F0, ...]
.text win32k.sys!EngHangNotification + 41 BF93E43E 8 Bytes CALL BF80EC94 \SystemRoot\System32\win32k.sys (Współużytkowany sterownik Win32/Microsoft Corporation)
.text ...
.text win32k.sys!XLATEOBJ_hGetColorTransform + 8751 BF94FC00 14 Bytes [FC, 5F, 8B, C6, 5E, 5B, E8, ...]
.text win32k.sys!XLATEOBJ_hGetColorTransform + 8760 BF94FC0F 38 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!XLATEOBJ_hGetColorTransform + 8789 BF94FC38 137 Bytes CALL BF821034 \SystemRoot\System32\win32k.sys (Współużytkowany sterownik Win32/Microsoft Corporation)
.text win32k.sys!XLATEOBJ_hGetColorTransform + 8813 BF94FCC2 40 Bytes [90, 90, 90, 90, 90, 6A, 60, ...]
.text win32k.sys!XLATEOBJ_hGetColorTransform + 883C BF94FCEB 10 Bytes [8B, 7D, 0C, 83, FF, 20, 0F, ...]
.text ...
.text win32k.sys!EngDeleteClip + 2B BF976C4F 27 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!EngDeleteClip + 49 BF976C6D 8 Bytes [EB, 03, 83, C8, FF, 5D, C2, ...]
.text win32k.sys!EngDeleteClip + 52 BF976C76 211 Bytes [90, 90, 90, 90, 90, 8B, FF, ...]
.text win32k.sys!EngDeleteClip + 126 BF976D4A 1 Byte [01]
.text win32k.sys!EngDeleteClip + 129 BF976D4D 4 Bytes [74, 10, 81, FE]
.text ...
.text win32k.sys!HT_ComputeRGBGammaTable + 10 BF97E146 1 Byte [01]
.text win32k.sys!HT_ComputeRGBGammaTable + 13 BF97E149 7 Bytes [89, 75, F4, 0F, 8F, 14, 01]
.text win32k.sys!HT_ComputeRGBGammaTable + 1C BF97E152 7 Bytes [83, FE, 02, 0F, 8C, 0B, 01]
.text win32k.sys!HT_ComputeRGBGammaTable + 25 BF97E15B 3 Bytes [83, 65, FC]
.text win32k.sys!HT_ComputeRGBGammaTable + 29 BF97E15F 80 Bytes [53, 57, 8D, 46, FF, 33, DB, ...]
.text ...
.text dxg.sys!DriverEntry BF00A00D 2 Bytes [00, BF]
.text dxg.sys!DriverEntry BF00A015 2 Bytes [00, BF]
.text dxg.sys!DriverEntry BF00A0DC 2 Bytes [00, BF]
.text dxg.sys!DriverEntry BF00A10D 2 Bytes [00, BF]
.text dxg.sys!DriverEntry BF00A13B 2 Bytes [00, BF]
.text ...
.text dxg.sys!DxDdStartupDxGraphics + 23 BF00EF85 2 Bytes [00, BF]
.text dxg.sys!DxDdStartupDxGraphics + 29 BF00EF8B 2 Bytes [00, BF]
.text dxg.sys!DxDdStartupDxGraphics + 2F BF00EF91 2 Bytes [00, BF]
.text dxg.sys!DxDdStartupDxGraphics + 3B BF00EF9D 2 Bytes [00, BF]
.text dxg.sys!DxDdStartupDxGraphics + 45 BF00EFA7 2 Bytes [00, BF]
.text ...
.text dxg.sys!DxDdCleanupDxGraphics + E BF00F050 2 Bytes [00, BF]
.text dxg.sys!DxDdCleanupDxGraphics + 15 BF00F057 2 Bytes [00, BF]
.text dxg.sys!DxDdCleanupDxGraphics + 21 BF00F063 2 Bytes [00, BF]
.text dxg.sys!DxDdCleanupDxGraphics + 27 BF00F069 2 Bytes [00, BF]
.text dxg.sys!DxDdCleanupDxGraphics + 2D BF00F06F 2 Bytes [00, BF]
.text ...
.text wdmaud.sys AC9AD394 3 Bytes [F8, 9A, AC]
.text wdmaud.sys AC9AD3BD 3 Bytes [F5, 9A, AC]
.text wdmaud.sys AC9AD3E8 3 Bytes [F6, 9A, AC]
.text wdmaud.sys AC9AD43F 3 Bytes [F6, 9A, AC]
.text wdmaud.sys AC9AD44A 3 Bytes [00, 9B, AC]
.text ...
PAGE mrxdav.sys ABDE7000 36 Bytes [5D, 18, 89, 5E, 58, 74, 0D, ...]
PAGE mrxdav.sys ABDE7026 19 Bytes [5B, 74, 09, 8D, 45, 0C, 50, ...]
PAGE mrxdav.sys ABDE703A 38 Bytes [CC, CC, CC, CC, CC, 8B, FF, ...]
PAGE mrxdav.sys ABDE7061 43 Bytes [CC, CC, CC, CC, CC, 8B, FF, ...]
PAGE mrxdav.sys ABDE708F 9 Bytes [8B, 7D, 0C, 33, DB, 53, 8D, ...]
PAGE ...
PAGE srv.sys ABD1D000 1 Byte [D2]
PAGE srv.sys ABD1D003 8 Bytes [8B, 4D, FC, 5F, 5E, 88, 1D, ...]
PAGE srv.sys ABD1D00C 1 Byte [D1]
PAGE srv.sys ABD1D00C 27 Bytes CALL ABD0C701 \SystemRoot\system32\DRIVERS\srv.sys (Server driver/Microsoft Corporation)
PAGE srv.sys ABD1D028 20 Bytes [53, 56, 89, 45, FC, 57, 8D, ...]
PAGE ...
.text HTTP.sys AB46831E 3 Bytes [F9, 47, AB] {STC ; INC EDI; STOSD }
.text HTTP.sys AB46834D 3 Bytes [F9, 47, AB] {STC ; INC EDI; STOSD }
.text HTTP.sys AB468373 3 Bytes [F6, 47, AB]
.text HTTP.sys AB4683AE 3 Bytes [F6, 47, AB]
.text HTTP.sys AB468405 3 Bytes [F6, 47, AB]
.text ...

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT \SystemRoot\system32\DRIVERS\ipsec.sys[ntoskrnl.exe!] [804DC1A0] \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation)
IAT \SystemRoot\system32\DRIVERS\ipsec.sys[ntoskrnl.exe!] [804E37C5] \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation)
IAT \SystemRoot\system32\DRIVERS\ipsec.sys[ntoskrnl.exe!] [80503421] \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation)
IAT \SystemRoot\system32\DRIVERS\ipsec.sys[ntoskrnl.exe!] [804E8784] \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation)
IAT \SystemRoot\system32\DRIVERS\ipsec.sys[ntoskrnl.exe!] [80591859] \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation)
IAT \SystemRoot\system32\DRIVERS\ipsec.sys[ntoskrnl.exe!] [804E3BF6] \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation)
IAT \SystemRoot\system32\DRIVERS\ipsec.sys[ntoskrnl.exe!] [804E3B9C] \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation)
IAT \SystemRoot\system32\DRIVERS\ipsec.sys[ntoskrnl.exe!] [804DB1BA] \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation)
IAT \SystemRoot\system32\DRIVERS\ipsec.sys[ntoskrnl.exe!] [804DC8B0] \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation)
IAT \SystemRoot\system32\DRIVERS\ipsec.sys[ntoskrnl.exe!] [805072B7] \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation)
IAT \SystemRoot\system32\DRIVERS\ipsec.sys[ntoskrnl.exe!] [80506941] \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation)
IAT \SystemRoot\system32\DRIVERS\ipsec.sys[ntoskrnl.exe!] [80505480] \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation)
IAT \SystemRoot\system32\DRIVERS\ipsec.sys[ntoskrnl.exe!] [805C5B99] \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation)
IAT \SystemRoot\system32\DRIVERS\ipsec.sys[ntoskrnl.exe!] [804DBF09] \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation)
IAT \SystemRoot\system32\DRIVERS\ipsec.sys[ntoskrnl.exe!] [804E6431] \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation)
IAT \SystemRoot\system32\DRIVERS\ipsec.sys[ntoskrnl.exe!] [805A9C8B] \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation)
IAT \SystemRoot\system32\DRIVERS\ipsec.sys[ntoskrnl.exe!] [8059FA51] \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation)
IAT \SystemRoot\system32\DRIVERS\ipsec.sys[ntoskrnl.exe!] [804DA5E4] \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation)
IAT \SystemRoot\system32\DRIVERS\ipsec.sys[ntoskrnl.exe!] [804DA5D4] \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation)
IAT \SystemRoot\system32\DRIVERS\ipsec.sys[ntoskrnl.exe!] [804D9050] \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation)
IAT \SystemRoot\system32\DRIVERS\ipsec.sys[ntoskrnl.exe!] [8058F3F9] \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation)
IAT \SystemRoot\system32\DRIVERS\ipsec.sys[ntoskrnl.exe!] [8058F47B] \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation)
IAT \SystemRoot\system32\DRIVERS\ipsec.sys[ntoskrnl.exe!] [804E644A] \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation)
IAT \SystemRoot\system32\DRIVERS\ipsec.sys[ntoskrnl.exe!] [80552000] \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation)
IAT \SystemRoot\system32\DRIVERS\ipsec.sys[ntoskrnl.exe!] [805337F3] \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation)
IAT \SystemRoot\system32\DRIVERS\ipsec.sys[ntoskrnl.exe!] [804E7410] \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation)
IAT \SystemRoot\system32\DRIVERS\ipsec.sys[ntoskrnl.exe!] [80508666] \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation)
IAT \SystemRoot\system32\DRIVERS\ipsec.sys[ntoskrnl.exe!] [80508801] \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation)
IAT \SystemRoot\system32\DRIVERS\ipsec.sys[ntoskrnl.exe!] [804EE4FE] \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation)
IAT \SystemRoot\system32\DRIVERS\ipsec.sys[ntoskrnl.exe!] [804F7F2E] \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation)
IAT \SystemRoot\system32\DRIVERS\ipsec.sys[ntoskrnl.exe!] [80546B1D] \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation)
IAT \SystemRoot\system32\DRIVERS\ipsec.sys[ntoskrnl.exe!] [804DA5C4] \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation)
IAT \SystemRoot\system32\DRIVERS\ipsec.sys[ntoskrnl.exe!] [8054B6C4] \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation)
IAT \SystemRoot\system32\DRIVERS\ipsec.sys[ntoskrnl.exe!] [8054B587] \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation)
IAT \SystemRoot\system32\DRIVERS\ipsec.sys[ntoskrnl.exe!] [804DD490] \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation)
IAT \SystemRoot\system32\DRIVERS\ipsec.sys[ntoskrnl.exe!] [804D92A7] \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation)
IAT \SystemRoot\system32\DRIVERS\ipsec.sys[ntoskrnl.exe!] [804DD008] \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation)
IAT \SystemRoot\system32\DRIVERS\ipsec.sys[ntoskrnl.exe!] [804E20F2] \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation)
IAT \SystemRoot\system32\DRIVERS\ipsec.sys[ntoskrnl.exe!] [804D9D75] \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation)
IAT \SystemRoot\system32\DRIVERS\ipsec.sys[ntoskrnl.exe!] [804E4167] \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation)
IAT \SystemRoot\system32\DRIVERS\ipsec.sys[ntoskrnl.exe!] [804D968D] \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation)
IAT \SystemRoot\system32\DRIVERS\ipsec.sys[ntoskrnl.exe!] [804EE80B] \WINDOWS\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software)

AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

Device \Driver\Gpc \Device\Gpc msgpc.sys (MS General Packet Classifier/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----

[/log]

Natsuki Kuga
komentarz
komentarz

Plik:

C:\WINDOWS\System32\crash

Wrzuć na jakiś serwer i podaj link.

bykufgf
komentarz
komentarz

Proszę bardzo:
[spoiler][url="http://www.speedyshare.com/file/eHBps/crash"]http://www.speedyshare.com/file/eHBps/crash[/url][/spoiler]

Natsuki Kuga
komentarz
komentarz

Logi są czyste, nie widzę nic niepokojącego.

W OTL kliknij [b]Sprzątanie[/b] - to usunie go wraz z jego kwarantanną. Inne narzędzia też możesz usunąć.

Napisz, czy problem nadal występuje - wtedy przesunę temat do innego działu.

bykufgf
komentarz
komentarz

Więc tak większość problemów ustała za co serdecznie dziękuję, ale błąd z przeglądarką ,która musi ona zostać natychmiastowo zamknięta nie znikł, czasami też pojawia się na chwile czarny ekran i potem pulpit się zawiesza tak jakby to było zwykłe zdjęcie. Chodzi mi oto ,że kolory na nim są jakieś dziwne tak jakby 16bit'owe. Ale wydaje mi się ,że to nie jest już problem wirusów.

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.