porcu / 7 lat, 7 miesięcy temu | Download | Plaintext | Odpowiedz |

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
OTL logfile created on: 2010-09-02 12:12:49 - Run 2
OTL by OldTimer - Version 3.2.10.0     Folder = C:\Users\tomek
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000415 | Country: Poland | Language: PLK | Date Format: yyyy-MM-dd
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 44,00% Memory free
4,00 Gb Paging File | 2,00 Gb Available in Paging File | 59,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 111,69 Gb Total Space | 18,25 Gb Free Space | 16,34% Space Free | Partition Type: NTFS
Drive D: | 108,19 Gb Total Space | 22,99 Gb Free Space | 21,25% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 3,73 Gb Total Space | 0,61 Gb Free Space | 16,49% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive J: | 1,83 Gb Total Space | 0,15 Gb Free Space | 8,33% Space Free | Partition Type: FAT
 
Computer Name: ACER-PC
Current User Name: tomek
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
 
[color=#E56717]========== Processes (All) ==========[/color]
 
PRC - [2010-08-18 10:49:44 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\tomek\OTL.exe
PRC - [2010-08-10 15:10:58 | 002,349,776 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
PRC - [2010-05-07 12:39:36 | 000,344,736 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
PRC - [2010-04-06 02:27:46 | 026,102,056 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe
PRC - [2010-04-02 18:44:33 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009-12-23 09:49:01 | 001,607,168 | ---- | M] () -- C:\Program Files\ChomikBox\ChomikBox.exe
PRC - [2009-10-09 14:11:12 | 000,078,008 | R--- | M] (Skype Technologies) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe
PRC - [2009-06-15 14:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe
PRC - [2009-05-14 00:43:22 | 000,440,616 | ---- | M] (GFI Software Ltd.) -- C:\Program Files\GFI\GFI Backup 2009 - Home Edition\GFIHInst.exe
PRC - [2009-05-14 00:43:20 | 001,012,520 | ---- | M] (GFI Software Ltd.) -- C:\Program Files\GFI\GFI Backup 2009 - Home Edition\GFIHSched.exe
PRC - [2009-04-11 08:28:15 | 000,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe
PRC - [2009-04-11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe
PRC - [2009-04-11 08:28:08 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe
PRC - [2009-04-11 08:28:07 | 000,169,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe
PRC - [2009-04-11 08:28:05 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe
PRC - [2009-04-11 08:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe
PRC - [2009-04-11 08:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe
PRC - [2009-04-11 08:27:59 | 000,441,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe
PRC - [2009-04-11 08:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe
PRC - [2009-04-11 08:27:49 | 003,408,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe
PRC - [2009-04-11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009-04-11 08:27:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe
PRC - [2009-03-08 13:34:00 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\ielowutil.exe
PRC - [2008-10-25 11:44:34 | 000,031,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
PRC - [2008-05-28 12:10:11 | 000,581,632 | ---- | M] (THOMSON Telecom Belgium) -- C:\Program Files\Thomson\ST330\service\st330service.exe
PRC - [2008-05-28 12:10:10 | 000,557,149 | ---- | M] (THOMSON Telecom Belgium) -- C:\Program Files\Thomson\ST330\diagnostics\diagnostics.exe
PRC - [2008-03-13 02:29:14 | 000,066,872 | ---- | M] () -- C:\Windows\System32\PnkBstrA.exe
PRC - [2008-03-08 20:49:06 | 000,208,896 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\tomek\AppData\Local\Temp\RtkBtMnt.exe
PRC - [2008-02-14 01:09:40 | 000,486,856 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\daemon.exe
PRC - [2008-01-19 09:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008-01-19 09:33:40 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exe
PRC - [2008-01-19 09:33:37 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe
PRC - [2008-01-19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe  [comLaunch]
PRC - [2008-01-19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe  [comLaunch]
PRC - [2008-01-19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe  [comLaunch]
PRC - [2008-01-19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe  [comLaunch]
PRC - [2008-01-19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe  [comLaunch]
PRC - [2008-01-19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe  [comLaunch]
PRC - [2008-01-19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe  [comLaunch]
PRC - [2008-01-19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe  [comLaunch]
PRC - [2008-01-19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe  [comLaunch]
PRC - [2008-01-19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe  [comLaunch]
PRC - [2008-01-19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe  [comLaunch]
PRC - [2008-01-19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe  [comLaunch]
PRC - [2008-01-19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe  [comLaunch]
PRC - [2008-01-19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe  [comLaunch]
PRC - [2008-01-19 09:33:14 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe
PRC - [2008-01-19 09:33:09 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehtray.exe
PRC - [2008-01-19 09:33:09 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehmsas.exe
PRC - [2008-01-19 09:33:05 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe
PRC - [2007-10-06 16:56:10 | 000,081,920 | R--- | M] () -- C:\Windows\System32\TDSupportApp\cdrom_mon.exe
PRC - [2007-09-04 12:39:00 | 004,702,208 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007-08-29 12:35:38 | 000,323,584 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe
PRC - [2007-08-21 13:01:28 | 000,450,560 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
PRC - [2007-07-31 03:36:00 | 000,707,080 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\QtZgAcer.EXE
PRC - [2007-07-03 19:40:10 | 000,053,248 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
PRC - [2007-06-29 03:50:52 | 000,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
PRC - [2007-06-26 09:33:00 | 000,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.exe
PRC - [2007-06-14 01:56:18 | 000,765,952 | R--- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eNet\eNMTray.exe
PRC - [2007-06-14 01:54:36 | 000,135,168 | R--- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eNet\eNet Service.exe
PRC - [2007-06-13 13:23:54 | 000,167,936 | ---- | M] (acer) -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
PRC - [2007-06-11 23:54:58 | 001,286,144 | ---- | M] (CyberLink) -- C:\Acer\Empowering Technology\eAudio\eAudio.exe
PRC - [2007-05-24 22:38:22 | 000,206,952 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
PRC - [2007-05-09 07:09:20 | 000,865,840 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2007-04-26 01:34:30 | 000,457,512 | ---- | M] (HiTRSUT) -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
PRC - [2007-04-26 01:33:36 | 000,457,216 | ---- | M] (HiTRUST) -- C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
PRC - [2007-04-23 18:53:48 | 000,024,576 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
PRC - [2007-02-12 16:38:04 | 000,355,096 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007-02-12 16:37:58 | 000,174,872 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2007-02-09 15:35:54 | 000,397,312 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
PRC - [2007-01-26 23:24:42 | 000,050,688 | ---- | M] () -- C:\Acer\ALaunch\ALaunchSvc.exe
PRC - [2007-01-23 15:48:12 | 000,266,343 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe
PRC - [2007-01-17 20:20:10 | 000,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2006-11-24 21:57:54 | 000,107,008 | ---- | M] () -- C:\Acer\Mobility Center\MobilityService.exe
PRC - [2006-11-02 11:45:37 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rundll32.exe
 
 
[color=#E56717]========== Modules (All) ==========[/color]
 
MOD - [2010-08-18 10:49:44 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\tomek\OTL.exe
MOD - [2010-07-26 17:51:48 | 011,584,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll
MOD - [2009-09-25 00:54:55 | 000,258,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv
MOD - [2009-07-17 15:54:43 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll
MOD - [2009-06-15 16:53:43 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll
MOD - [2009-06-15 16:52:42 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll
MOD - [2009-04-23 14:15:07 | 000,784,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll
MOD - [2009-04-11 08:28:25 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll
MOD - [2009-04-11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll
MOD - [2009-04-11 08:28:25 | 000,502,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll
MOD - [2009-04-11 08:28:25 | 000,287,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll
MOD - [2009-04-11 08:28:25 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll
MOD - [2009-04-11 08:28:25 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll
MOD - [2009-04-11 08:28:24 | 001,591,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll
MOD - [2009-04-11 08:28:24 | 001,068,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll
MOD - [2009-04-11 08:28:24 | 000,353,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll
MOD - [2009-04-11 08:28:24 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll
MOD - [2009-04-11 08:28:24 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll
MOD - [2009-04-11 08:28:23 | 001,316,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll
MOD - [2009-04-11 08:28:23 | 000,754,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll
MOD - [2009-04-11 08:28:23 | 000,563,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll
MOD - [2009-04-11 08:28:23 | 000,467,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netapi32.dll
MOD - [2009-04-11 08:28:23 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll
MOD - [2009-04-11 08:28:23 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll
MOD - [2009-04-11 08:28:22 | 000,679,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll
MOD - [2009-04-11 08:28:20 | 000,891,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll
MOD - [2009-04-11 08:28:20 | 000,807,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll
MOD - [2009-04-11 08:28:20 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll
MOD - [2009-04-11 08:28:20 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll
MOD - [2009-04-11 08:28:19 | 000,297,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll
MOD - [2009-04-11 08:28:18 | 000,450,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll
MOD - [2009-04-11 08:28:18 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authz.dll
MOD - [2009-04-11 08:28:17 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll
MOD - [2009-04-11 08:28:17 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll
MOD - [2009-04-11 08:27:49 | 001,202,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll
MOD - [2009-04-11 08:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2008-01-19 09:37:12 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll
MOD - [2008-01-19 09:37:09 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ws2_32.dll
MOD - [2008-01-19 09:36:48 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll
MOD - [2008-01-19 09:36:47 | 000,240,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll
MOD - [2008-01-19 09:36:35 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll
MOD - [2008-01-19 09:35:57 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll
MOD - [2008-01-19 09:33:52 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll
MOD - [2008-01-19 09:33:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2006-11-02 11:46:12 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - [2010-05-07 12:39:36 | 000,344,736 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe -- (AVP)
SRV - [2009-09-25 03:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009-05-14 00:43:22 | 000,440,616 | ---- | M] (GFI Software Ltd.) [Auto | Running] -- C:\Program Files\GFI\GFI Backup 2009 - Home Edition\GFIHInst.exe -- (GFIBckHAtt)
SRV - [2009-05-14 00:43:20 | 001,012,520 | ---- | M] (GFI Software Ltd.) [Auto | Running] -- C:\Program Files\GFI\GFI Backup 2009 - Home Edition\GFIHSched.exe -- (GFIBckHSched)
SRV - [2008-05-28 12:10:11 | 000,581,632 | ---- | M] (THOMSON Telecom Belgium) [Auto | Running] -- C:\Program Files\Thomson\ST330\service\st330service.exe -- (st330service)
SRV - [2008-01-19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007-10-06 16:56:10 | 000,081,920 | R--- | M] () [Auto | Running] -- C:\Windows\System32\TDSupportApp\cdrom_mon.exe -- (Autorun CDROM Monitor)
SRV - [2007-07-03 19:40:10 | 000,053,248 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe -- (eRecoveryService)
SRV - [2007-06-29 03:50:52 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe -- (eSettingsService)
SRV - [2007-06-14 01:54:36 | 000,135,168 | R--- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eNet\eNet Service.exe -- (eNet Service)
SRV - [2007-06-13 13:23:54 | 000,167,936 | ---- | M] (acer) [Auto | Running] -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe -- (WMIService)
SRV - [2007-04-26 01:34:30 | 000,457,512 | ---- | M] (HiTRSUT) [Auto | Running] -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe -- (eDataSecurity Service)
SRV - [2007-04-23 18:53:48 | 000,024,576 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe -- (eLockService)
SRV - [2007-02-12 16:38:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2007-01-26 23:24:42 | 000,050,688 | ---- | M] () [Auto | Running] -- C:\Acer\ALaunch\ALaunchSvc.exe -- (ALaunchService)
SRV - [2006-11-24 21:57:54 | 000,107,008 | ---- | M] () [Auto | Running] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2010-08-10 15:41:18 | 000,475,224 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2010-05-07 00:19:06 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\kl2.sys -- (kl2)
DRV - [2010-05-07 00:19:02 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\kl1.sys -- (KL1)
DRV - [2010-04-22 19:07:34 | 000,022,104 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)
DRV - [2009-11-02 20:27:16 | 000,019,984 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009-08-19 13:35:46 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008-09-15 08:56:34 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2008-09-15 08:56:24 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2008-09-15 08:56:24 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008-09-15 08:56:24 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2008-08-22 20:56:12 | 000,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2008-08-22 20:56:08 | 000,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2008-08-22 20:55:54 | 000,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2008-08-22 20:55:46 | 000,007,168 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\massfilter.sys -- (massfilter)
DRV - [2008-05-28 11:16:35 | 000,032,000 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stppp.sys -- (stppp)
DRV - [2007-09-04 12:39:00 | 001,950,552 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007-08-14 01:55:54 | 000,006,144 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV - [2007-07-31 03:36:00 | 000,021,264 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\DKbFltr.sys -- (DKbFltr)
DRV - [2007-06-26 09:33:00 | 007,120,768 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007-06-26 09:33:00 | 000,984,064 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2007-06-26 09:33:00 | 000,660,480 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2007-06-26 09:33:00 | 000,208,384 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2007-06-26 09:33:00 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007-06-12 19:38:26 | 001,729,152 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2007-05-09 07:28:28 | 000,185,392 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2007-04-26 01:34:44 | 000,016,680 | ---- | M] (HiTRUST) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\PSDNServ.sys -- (PSDNServ)
DRV - [2007-04-26 01:34:40 | 000,060,712 | ---- | M] (HiTRUST) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\psdvdisk.sys -- (psdvdisk)
DRV - [2007-04-26 01:34:38 | 000,020,776 | ---- | M] (HiTRUST) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\psdfilter.sys -- (PSDFilter)
DRV - [2007-04-19 09:09:00 | 000,043,008 | ---- | M] (Winbond Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winbondcir.sys -- (winbondcir)
DRV - [2007-03-22 07:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007-03-19 20:58:00 | 000,030,464 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\st330.sys -- (ST330)
DRV - [2007-03-19 20:58:00 | 000,012,672 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stbus.sys -- (STBUS)
DRV - [2007-02-25 00:14:00 | 002,216,448 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel(R)
DRV - [2007-02-24 23:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007-02-12 07:36:54 | 000,277,784 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iastor.sys -- (iaStor)
DRV - [2007-02-08 09:03:20 | 000,179,712 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2007-01-24 01:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006-12-08 03:12:02 | 000,076,584 | ---- | M] () [Kernel | Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15)
DRV - [2006-11-03 01:51:58 | 000,013,560 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796})
DRV - [2006-11-02 11:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006-11-02 11:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006-11-02 11:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006-11-02 11:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006-11-02 11:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006-11-02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006-11-02 11:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006-11-02 11:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006-11-02 11:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006-11-02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006-11-02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006-11-02 11:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006-11-02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006-11-02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006-11-02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006-11-02 11:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006-11-02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006-11-02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006-11-02 11:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006-11-02 11:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006-11-02 11:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006-11-02 11:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006-11-02 11:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006-11-02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006-11-02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006-11-02 11:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006-11-02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006-11-02 11:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006-11-02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006-11-02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006-11-02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006-11-02 11:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006-11-02 11:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006-11-02 11:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006-11-02 11:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006-11-02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006-11-02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006-11-02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006-11-02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006-11-02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006-11-02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006-11-02 09:41:49 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2006-11-02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006-11-02 09:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2005-04-06 11:54:44 | 000,050,048 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TosRfSnd.sys -- (TosRfSnd) Bluetooth Audio Device (WDM)
DRV - [2004-09-29 02:02:00 | 000,016,752 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ctpdusb2.sys -- (Jukebox)
DRV - [2003-08-07 05:15:30 | 000,076,928 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TosRfbd.sys -- (Tosrfbd)
DRV - [2003-07-26 17:23:20 | 000,036,608 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TosRfhid.sys -- (Tosrfhid)
DRV - [2003-06-21 12:13:04 | 000,062,063 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2003-05-23 07:20:12 | 000,034,944 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TOSRFUSB.SYS -- (Tosrfusb)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.us.acer.yahoo.com
IE - HKLM\..\URLSearchHook: {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SEARCH PAGE = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.supermakler.pkobp.pl/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
IE - HKCU\..\URLSearchHook: {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.selectedEngine: "YoRapid.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}: C:\Program Files\Crawler\Toolbar\firefox\ [2010-01-18 16:09:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-04-02 18:45:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-07-27 20:13:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\THBExt [2010-08-10 15:43:11 | 000,000,000 | ---D | M]
 
[2008-08-27 16:33:47 | 000,000,000 | ---D | M] -- C:\Users\tomek\AppData\Roaming\mozilla\Extensions
[2010-08-27 16:08:05 | 000,000,000 | ---D | M] -- C:\Users\tomek\AppData\Roaming\mozilla\Firefox\Profiles\b1w9pva1.default\extensions
[2008-11-02 21:48:58 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Users\tomek\AppData\Roaming\mozilla\Firefox\Profiles\b1w9pva1.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2010-08-18 15:11:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\tomek\AppData\Roaming\mozilla\Firefox\Profiles\b1w9pva1.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2009-10-09 09:08:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\tomek\AppData\Roaming\mozilla\Firefox\Profiles\b1w9pva1.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2010-07-29 09:21:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\tomek\AppData\Roaming\mozilla\Firefox\Profiles\b1w9pva1.default\extensions\{C20C76E7-E8F7-4109-8498-CF3B2CA4E570}
[2010-06-05 22:10:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\tomek\AppData\Roaming\mozilla\Firefox\Profiles\b1w9pva1.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009-11-09 16:08:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\tomek\AppData\Roaming\mozilla\Firefox\Profiles\b1w9pva1.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2009-06-08 09:53:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\tomek\AppData\Roaming\mozilla\Firefox\Profiles\b1w9pva1.default\extensions\{eaf8a4ef-d221-45ca-9deb-d0934b45fa34}
[2009-08-10 10:17:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\tomek\AppData\Roaming\mozilla\Firefox\Profiles\b1w9pva1.default\extensions\{fce36c1e-58d8-498a-b2a5-66ad1cedebbb}
[2010-08-27 13:19:44 | 000,000,000 | ---D | M] -- C:\Users\tomek\AppData\Roaming\mozilla\Firefox\Profiles\b1w9pva1.default\extensions\FirefoxAddon@similarWeb.com
[2009-09-11 11:02:50 | 000,000,000 | ---D | M] -- C:\Users\tomek\AppData\Roaming\mozilla\Firefox\Profiles\b1w9pva1.default\extensions\isreaditlater@ideashower.com
[2009-10-09 09:16:03 | 000,000,000 | ---D | M] -- C:\Users\tomek\AppData\Roaming\mozilla\Firefox\Profiles\b1w9pva1.default\extensions\smarterwiki@wikiatic.com
[2010-08-27 13:19:44 | 000,000,000 | ---D | M] -- C:\Users\tomek\AppData\Roaming\mozilla\Firefox\Profiles\b1w9pva1.default\extensions\staged-xpis
[2008-03-13 02:13:57 | 000,002,920 | ---- | M] () -- C:\Users\tomek\AppData\Roaming\Mozilla\FireFox\Profiles\b1w9pva1.default\searchplugins\daemon-search.xml
[2010-08-27 08:33:19 | 000,001,636 | ---- | M] () -- C:\Users\tomek\AppData\Roaming\Mozilla\FireFox\Profiles\b1w9pva1.default\searchplugins\dodatki-dla-firefox.xml
[2010-07-29 09:31:37 | 000,004,431 | ---- | M] () -- C:\Users\tomek\AppData\Roaming\Mozilla\FireFox\Profiles\b1w9pva1.default\searchplugins\lingpl.xml
[2010-09-02 08:22:00 | 000,001,254 | ---- | M] () -- C:\Users\tomek\AppData\Roaming\Mozilla\FireFox\Profiles\b1w9pva1.default\searchplugins\megasownik-ang-pol-ang.xml
[2008-05-31 07:33:17 | 000,001,395 | ---- | M] () -- C:\Users\tomek\AppData\Roaming\Mozilla\FireFox\Profiles\b1w9pva1.default\searchplugins\miasto-ulica---mapa-polski-targeo.xml
[2010-09-01 06:53:55 | 000,002,319 | ---- | M] () -- C:\Users\tomek\AppData\Roaming\Mozilla\FireFox\Profiles\b1w9pva1.default\searchplugins\yorapidcom.xml
[2010-08-10 15:45:26 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010-04-28 15:16:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010-08-10 15:45:24 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru
[2010-08-10 15:45:27 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
[2009-08-09 19:56:41 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org
[2010-04-12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010-03-20 20:00:23 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2009-09-21 12:24:16 | 000,001,329 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml
[2010-03-20 20:00:24 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-03-20 20:00:24 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-03-20 20:00:24 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-03-20 20:00:24 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-03-20 20:00:24 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml
 
O1 HOSTS File: ([2008-09-05 12:29:02 | 000,000,734 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: () - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (free-downloads.net Toolbar) - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O3 - HKLM\..\Toolbar: (free-downloads.net Toolbar) - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O3 - HKCU\..\Toolbar\WebBrowser: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O3 - HKCU\..\Toolbar\WebBrowser: (free-downloads.net Toolbar) - {ECDEE021-0D17-467F-A1FF-C7A115230949} - C:\Program Files\free-downloads.net\tbfree.dll (Conduit Ltd.)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [diagnostics] C:\Program Files\Thomson\ST330\diagnostics\diagnostics.exe (THOMSON Telecom Belgium)
O4 - HKLM..\Run: [eAudio] C:\Acer\Empowering Technology\eAudio\eAudio.exe (CyberLink)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe (HiTRUST)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MSConfig] C:\Windows\System32\msconfig.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [PLFSet] C:\Windows\PLFSet.DLL ( )
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartupDelayer] C:\Program Files\r2 Studios\Startup Delayer\Startup Launcher.exe (r2 studios)
O4 - HKLM..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (Acer Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKLM..\RunServices: [SSDPSRV] C:\Windows\System32\ssdpsrv.exe (Microsoft Corporation)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00  [binary data]
O8 - Extra context menu item: Dodaj do blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: &Klawiatura wirtualna - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: &Sprawdzanie adresów internetowych - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: musicmatch.com ([online] https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~2\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\mzvkbd3.dll (Kaspersky Lab ZAO)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~2\kloehk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\kloehk.dll (Kaspersky Lab ZAO)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\Windows\system32\klogon.dll - C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{01ab84fc-5f72-11de-87bb-001b77dda20f}\Shell - "" = AutoRun
O33 - MountPoints2\{0841b7ae-edc0-11dc-8687-001b77dda20f}\Shell - "" = AutoRun
O33 - MountPoints2\{12a600f5-f092-11dc-9ae7-001b77dda20f}\Shell - "" = AutoRun
O33 - MountPoints2\{12a600f5-f092-11dc-9ae7-001b77dda20f}\Shell\AutoRun\command - "" = E:\run.exe -- File not found
O33 - MountPoints2\{b871daad-ed44-11dc-b2bc-001b77dda20f}\Shell - "" = AutoRun
O33 - MountPoints2\{b871daad-ed44-11dc-b2bc-001b77dda20f}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found
O33 - MountPoints2\{e75225ea-256f-11dd-9f4e-001b77dda20f}\Shell - "" = AutoRun
O33 - MountPoints2\{eda89528-61be-11de-bcc4-001b77dda20f}\Shell - "" = AutoRun
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2010-09-02 04:57:30 | 000,000,000 | ---D | C] -- C:\Users\tomek\Desktop\083010a_pliki
[2010-08-31 12:20:56 | 000,000,000 | ---D | C] -- C:\Users\tomek\DoctorWeb
[2010-08-31 10:36:17 | 000,000,000 | ---D | C] -- C:\Users\tomek\AppData\Roaming\Malwarebytes
[2010-08-31 10:35:36 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010-08-31 10:35:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010-08-31 10:35:34 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010-08-31 10:35:34 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010-08-31 10:33:43 | 006,153,352 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\tomek\mbam-setup-1.46(dobreprogramy.pl).exe
[2010-08-30 09:24:50 | 000,000,000 | ---D | C] -- C:\Users\tomek\AppData\Roaming\IObit
[2010-08-30 09:24:49 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2010-08-30 09:22:13 | 007,487,104 | ---- | C] (IObit                                                       ) -- C:\Users\tomek\asc-setup.exe
[2010-08-30 09:10:50 | 000,000,000 | ---D | C] -- C:\ProgramData\F-Secure
[2010-08-19 08:37:57 | 000,000,000 | ---D | C] -- C:\Users\tomek\Documents\Any DVD Converter Professional
[2010-08-19 08:37:44 | 000,000,000 | ---D | C] -- C:\Users\tomek\AppData\Roaming\AnvSoft
[2010-08-18 10:49:38 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\tomek\OTL.exe
[2010-08-17 20:16:49 | 000,000,000 | ---D | C] -- C:\Users\tomek\AppData\Local\Threat Expert
[2010-08-17 19:36:06 | 000,000,000 | ---D | C] -- C:\Users\tomek\Documents\kaspersky k
[2010-08-17 07:30:21 | 000,000,000 | ---D | C] -- C:\Program Files\AnvSoft
[2010-08-17 07:25:48 | 018,331,280 | ---- | C] (Any-DVD-Converter.com                                       ) -- C:\Users\tomek\any-dvd-converter.exe
[2010-08-16 11:16:47 | 000,000,000 | ---D | C] -- C:\Users\tomek\Desktop\komentarze,693460,,3696647,,3_pliki
[2010-08-15 12:11:41 | 000,000,000 | ---D | C] -- C:\Users\tomek\Anubis
[2010-08-12 13:35:14 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010-08-12 13:35:14 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010-08-12 13:35:13 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010-08-12 13:35:13 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010-08-12 13:35:13 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010-08-12 13:35:12 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010-08-12 13:35:11 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010-08-12 13:35:11 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010-08-12 13:35:11 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010-08-12 13:35:11 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010-08-12 13:35:10 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010-08-12 13:35:09 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010-08-12 13:35:09 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010-08-12 13:35:09 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010-08-12 13:35:08 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010-08-12 13:35:05 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2010-08-12 13:34:54 | 002,037,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010-08-12 13:34:51 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2010-08-12 13:34:29 | 003,600,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010-08-12 13:34:28 | 003,548,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010-08-10 15:41:18 | 000,475,224 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2010-08-10 15:05:52 | 109,003,944 | ---- | C] (Kaspersky Lab) -- C:\Users\tomek\kis11.0.0.232pl.exe
[2010-08-05 23:37:56 | 000,000,000 | ---D | C] -- C:\Users\tomek\frankie goes to hollywood
[2007-09-25 00:02:04 | 000,172,032 | ---- | C] ( ) -- C:\Windows\System32\rsnp2uvc.dll
[2007-09-25 00:02:04 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll
[2007-08-14 02:06:52 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\Interop.Shell32.dll
[2007-08-14 00:49:41 | 000,045,056 | ---- | C] ( ) -- C:\Windows\PLFSet.dll
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2010-09-02 12:35:01 | 003,407,872 | -HS- | M] () -- C:\Users\tomek\ntuser.dat
[2010-09-02 12:27:00 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3561320143-2492355488-1897880304-1000UA.job
[2010-09-02 12:09:03 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{D33C66AB-B431-4977-9EA4-AFD4D20BD38C}.job
[2010-09-02 11:49:28 | 000,703,448 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010-09-02 11:49:28 | 000,608,706 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010-09-02 11:49:28 | 000,109,542 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010-09-02 11:20:13 | 000,027,335 | ---- | M] () -- C:\Users\tomek\AppData\Roaming\nvModes.001
[2010-09-02 11:17:06 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\AWC Startup.job
[2010-09-02 11:16:56 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010-09-02 11:16:56 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010-09-02 11:16:55 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010-09-02 11:16:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010-09-02 08:27:02 | 000,001,006 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3561320143-2492355488-1897880304-1000Core.job
[2010-09-02 04:57:35 | 000,027,094 | ---- | M] () -- C:\Users\tomek\Desktop\083010a.html
[2010-09-01 20:44:04 | 000,002,432 | ---- | M] () -- C:\Users\tomek\AppData\Local\TempyDs552.html
[2010-09-01 20:44:04 | 000,002,089 | ---- | M] () -- C:\Users\tomek\AppData\Local\Temperu552.html
[2010-09-01 09:00:43 | 000,175,616 | ---- | M] () -- C:\Users\tomek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-09-01 06:46:44 | 000,081,646 | ---- | M] () -- C:\Users\tomek\form_krk_osoba.pdf
[2010-09-01 06:46:37 | 000,012,679 | ---- | M] () -- C:\Users\tomek\power_JB.docx
[2010-08-31 21:12:39 | 000,524,288 | -HS- | M] () -- C:\Users\tomek\NTUSER.DAT{4af96d01-850d-11de-b3bd-000000000000}.TMContainer00000000000000000001.regtrans-ms
[2010-08-31 21:12:39 | 000,065,536 | -HS- | M] () -- C:\Users\tomek\NTUSER.DAT{4af96d01-850d-11de-b3bd-000000000000}.TM.blf
[2010-08-31 19:52:35 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010-08-31 19:51:33 | 003,390,226 | -H-- | M] () -- C:\Users\tomek\AppData\Local\IconCache.db
[2010-08-31 19:49:21 | 000,024,064 | ---- | M] () -- C:\Users\tomek\Desktop\http.doc
[2010-08-31 12:17:22 | 048,855,664 | ---- | M] () -- C:\Users\tomek\launch.exe
[2010-08-31 10:35:40 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010-08-31 10:34:42 | 006,153,352 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\tomek\mbam-setup-1.46(dobreprogramy.pl).exe
[2010-08-30 09:24:58 | 000,001,042 | ---- | M] () -- C:\Users\tomek\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced SystemCare.lnk
[2010-08-30 09:24:58 | 000,001,018 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare.lnk
[2010-08-30 09:24:58 | 000,000,135 | ---- | M] () -- C:\Users\tomek\Desktop\IObit Freeware.url
[2010-08-30 09:23:43 | 007,487,104 | ---- | M] (IObit                                                       ) -- C:\Users\tomek\asc-setup.exe
[2010-08-25 13:09:55 | 000,002,432 | ---- | M] () -- C:\Users\tomek\AppData\Local\TemptU4636.html
[2010-08-25 09:54:18 | 000,196,175 | ---- | M] () -- C:\Users\tomek\Desktop\oswiadczenie_o_odstapieniu.pdf
[2010-08-25 06:21:08 | 000,002,432 | ---- | M] () -- C:\Users\tomek\AppData\Local\TempVn6680.html
[2010-08-25 06:21:08 | 000,002,089 | ---- | M] () -- C:\Users\tomek\AppData\Local\TempYo6680.html
[2010-08-24 21:19:00 | 003,062,941 | ---- | M] () -- C:\Users\tomek\Gary_Jules_-_Mad_World.wma
[2010-08-24 15:23:50 | 000,028,672 | ---- | M] () -- C:\Users\tomek\Desktop\List Motyw. - Przeds. Handlowy.doc
[2010-08-23 20:15:32 | 000,287,687 | ---- | M] () -- C:\Users\tomek\Desktop\techbrief_7.pdf
[2010-08-20 19:39:24 | 000,002,089 | ---- | M] () -- C:\Users\tomek\AppData\Local\Templj5412.html
[2010-08-20 09:08:02 | 001,542,692 | ---- | M] () -- C:\Users\tomek\EW1017HowdoIgethelpJuly2010.pdf
[2010-08-20 05:28:37 | 000,002,046 | ---- | M] () -- C:\Users\tomek\Desktop\Google Chrome.lnk
[2010-08-20 05:28:37 | 000,002,008 | ---- | M] () -- C:\Users\tomek\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010-08-18 12:44:56 | 000,085,537 | ---- | M] () -- C:\Users\tomek\378401.matlab
[2010-08-18 10:49:44 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\tomek\OTL.exe
[2010-08-17 09:02:27 | 000,005,514 | ---- | M] () -- C:\Users\tomek\Documents\cc_20100817_090215.reg
[2010-08-17 07:29:14 | 018,331,280 | ---- | M] (Any-DVD-Converter.com                                       ) -- C:\Users\tomek\any-dvd-converter.exe
[2010-08-16 18:05:29 | 000,013,631 | ---- | M] () -- C:\Users\tomek\Comprehension_test.docx
[2010-08-16 14:12:19 | 000,089,100 | ---- | M] () -- C:\Users\tomek\Desktop\cv_polskie.pdf
[2010-08-16 11:16:54 | 000,107,878 | ---- | M] () -- C:\Users\tomek\Desktop\komentarze,693460,,3696647,,3.htm
[2010-08-16 10:45:43 | 000,096,256 | ---- | M] () -- C:\Users\tomek\2.oświadczenie_o_doświadczeniu_trenerskim.doc
[2010-08-13 15:23:41 | 056,023,199 | ---- | M] () -- C:\Users\tomek\520 - 2010-06-26.ogg
[2010-08-13 14:39:12 | 000,002,432 | ---- | M] () -- C:\Users\tomek\AppData\Local\TempjM5832.html
[2010-08-13 14:39:12 | 000,002,089 | ---- | M] () -- C:\Users\tomek\AppData\Local\TempTb5832.html
[2010-08-13 13:40:10 | 000,256,512 | ---- | M] () -- C:\Users\tomek\formularz_aplikacyjny.doc
[2010-08-13 09:41:27 | 000,029,194 | ---- | M] () -- C:\Users\tomek\capricorn79-42291a198964022fff38f185c2a42319.jpg
[2010-08-12 20:18:49 | 000,381,944 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010-08-11 16:17:55 | 000,062,976 | ---- | M] () -- C:\Users\tomek\Desktop\cv_polskie + FOTO.doc
[2010-08-11 16:11:16 | 000,028,160 | ---- | M] () -- C:\Users\tomek\Desktop\List Motyw. - Kierownik.doc
[2010-08-10 17:20:06 | 000,000,022 | ---- | M] () -- C:\Users\tomek\invoice_N8359420.zip
[2010-08-10 16:00:02 | 000,113,933 | ---- | M] () -- C:\Windows\System32\drivers\klin.dat
[2010-08-10 16:00:02 | 000,097,549 | ---- | M] () -- C:\Windows\System32\drivers\klick.dat
[2010-08-10 15:41:18 | 000,475,224 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2010-08-10 15:19:52 | 109,003,944 | ---- | M] (Kaspersky Lab) -- C:\Users\tomek\kis11.0.0.232pl.exe
[2010-08-10 14:02:13 | 000,028,160 | ---- | M] () -- C:\Users\tomek\Desktop\List Motyw.,Puławy.doc
[2010-08-09 12:19:10 | 000,027,335 | ---- | M] () -- C:\Users\tomek\AppData\Roaming\nvModes.dat
[2010-08-07 21:45:38 | 000,024,980 | ---- | M] () -- C:\Users\tomek\Documents\cc_20100807_214528.reg
[2010-08-05 23:46:18 | 000,041,576 | ---- | M] () -- C:\Users\tomek\Desktop\531_duza_scena_armia_koncert_xvi_przystanek_woodstock.html
[2010-08-05 23:13:54 | 000,032,288 | ---- | M] () -- C:\Users\tomek\Desktop\c1222cb399.jpeg
[2010-08-05 21:36:32 | 000,002,432 | ---- | M] () -- C:\Users\tomek\AppData\Local\TempfgC364.html
[2010-08-05 21:36:32 | 000,002,089 | ---- | M] () -- C:\Users\tomek\AppData\Local\TempLNw364.html
[2010-08-05 09:22:17 | 000,000,680 | ---- | M] () -- C:\Users\tomek\AppData\Local\d3d9caps.dat
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2010-09-02 04:57:29 | 000,027,094 | ---- | C] () -- C:\Users\tomek\Desktop\083010a.html
[2010-09-01 20:44:04 | 000,002,432 | ---- | C] () -- C:\Users\tomek\AppData\Local\TempyDs552.html
[2010-09-01 20:44:04 | 000,002,089 | ---- | C] () -- C:\Users\tomek\AppData\Local\Temperu552.html
[2010-09-01 06:46:44 | 000,081,646 | ---- | C] () -- C:\Users\tomek\form_krk_osoba.pdf
[2010-09-01 06:46:35 | 000,012,679 | ---- | C] () -- C:\Users\tomek\power_JB.docx
[2010-08-31 12:10:53 | 048,855,664 | ---- | C] () -- C:\Users\tomek\launch.exe
[2010-08-31 10:35:40 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010-08-30 09:25:09 | 000,000,370 | ---- | C] () -- C:\Windows\tasks\AWC Startup.job
[2010-08-30 09:24:58 | 000,001,042 | ---- | C] () -- C:\Users\tomek\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced SystemCare.lnk
[2010-08-30 09:24:58 | 000,001,018 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare.lnk
[2010-08-30 09:24:58 | 000,000,135 | ---- | C] () -- C:\Users\tomek\Desktop\IObit Freeware.url
[2010-08-25 13:09:55 | 000,002,432 | ---- | C] () -- C:\Users\tomek\AppData\Local\TemptU4636.html
[2010-08-25 09:54:18 | 000,196,175 | ---- | C] () -- C:\Users\tomek\Desktop\oswiadczenie_o_odstapieniu.pdf
[2010-08-24 21:18:22 | 003,062,941 | ---- | C] () -- C:\Users\tomek\Gary_Jules_-_Mad_World.wma
[2010-08-23 20:15:32 | 000,287,687 | ---- | C] () -- C:\Users\tomek\Desktop\techbrief_7.pdf
[2010-08-20 19:40:35 | 000,002,432 | ---- | C] () -- C:\Users\tomek\AppData\Local\TempVn6680.html
[2010-08-20 19:40:35 | 000,002,089 | ---- | C] () -- C:\Users\tomek\AppData\Local\TempYo6680.html
[2010-08-20 19:27:58 | 000,002,089 | ---- | C] () -- C:\Users\tomek\AppData\Local\Templj5412.html
[2010-08-20 09:07:51 | 001,542,692 | ---- | C] () -- C:\Users\tomek\EW1017HowdoIgethelpJuly2010.pdf
[2010-08-18 12:44:56 | 000,085,537 | ---- | C] () -- C:\Users\tomek\378401.matlab
[2010-08-17 09:02:18 | 000,005,514 | ---- | C] () -- C:\Users\tomek\Documents\cc_20100817_090215.reg
[2010-08-16 18:05:23 | 000,013,631 | ---- | C] () -- C:\Users\tomek\Comprehension_test.docx
[2010-08-16 14:12:17 | 000,089,100 | ---- | C] () -- C:\Users\tomek\Desktop\cv_polskie.pdf
[2010-08-16 11:16:44 | 000,107,878 | ---- | C] () -- C:\Users\tomek\Desktop\komentarze,693460,,3696647,,3.htm
[2010-08-16 10:45:41 | 000,096,256 | ---- | C] () -- C:\Users\tomek\2.oświadczenie_o_doświadczeniu_trenerskim.doc
[2010-08-13 15:16:22 | 056,023,199 | ---- | C] () -- C:\Users\tomek\520 - 2010-06-26.ogg
[2010-08-13 14:39:12 | 000,002,432 | ---- | C] () -- C:\Users\tomek\AppData\Local\TempjM5832.html
[2010-08-13 14:39:12 | 000,002,089 | ---- | C] () -- C:\Users\tomek\AppData\Local\TempTb5832.html
[2010-08-13 13:40:08 | 000,256,512 | ---- | C] () -- C:\Users\tomek\formularz_aplikacyjny.doc
[2010-08-13 09:41:23 | 000,029,194 | ---- | C] () -- C:\Users\tomek\capricorn79-42291a198964022fff38f185c2a42319.jpg
[2010-08-11 16:11:40 | 000,062,976 | ---- | C] () -- C:\Users\tomek\Desktop\cv_polskie + FOTO.doc
[2010-08-11 15:34:03 | 000,028,160 | ---- | C] () -- C:\Users\tomek\Desktop\List Motyw. - Kierownik.doc
[2010-08-11 15:06:20 | 000,028,672 | ---- | C] () -- C:\Users\tomek\Desktop\List Motyw. - Przeds. Handlowy.doc
[2010-08-10 15:44:53 | 000,113,933 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat
[2010-08-10 15:44:53 | 000,097,549 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat
[2010-08-10 13:49:45 | 000,028,160 | ---- | C] () -- C:\Users\tomek\Desktop\List Motyw.,Puławy.doc
[2010-08-07 21:45:31 | 000,024,980 | ---- | C] () -- C:\Users\tomek\Documents\cc_20100807_214528.reg
[2010-08-05 23:46:17 | 000,041,576 | ---- | C] () -- C:\Users\tomek\Desktop\531_duza_scena_armia_koncert_xvi_przystanek_woodstock.html
[2010-08-05 23:13:49 | 000,032,288 | ---- | C] () -- C:\Users\tomek\Desktop\c1222cb399.jpeg
[2010-08-05 21:36:32 | 000,002,432 | ---- | C] () -- C:\Users\tomek\AppData\Local\TempfgC364.html
[2010-08-05 21:36:32 | 000,002,089 | ---- | C] () -- C:\Users\tomek\AppData\Local\TempLNw364.html
[2010-07-29 04:16:33 | 000,002,432 | ---- | C] () -- C:\Users\tomek\AppData\Local\TempFV1380.html
[2010-07-29 04:16:33 | 000,002,089 | ---- | C] () -- C:\Users\tomek\AppData\Local\TemphZ1380.html
[2010-07-28 19:24:03 | 000,002,432 | ---- | C] () -- C:\Users\tomek\AppData\Local\TemphnT156.html
[2010-07-27 18:29:50 | 000,002,432 | ---- | C] () -- C:\Users\tomek\AppData\Local\TempWY4840.html
[2010-07-27 18:29:50 | 000,002,089 | ---- | C] () -- C:\Users\tomek\AppData\Local\Temptm4840.html
[2010-07-25 22:05:36 | 000,002,432 | ---- | C] () -- C:\Users\tomek\AppData\Local\TempyY5924.html
[2010-07-25 22:05:36 | 000,002,089 | ---- | C] () -- C:\Users\tomek\AppData\Local\TempyC5924.html
[2010-07-24 21:00:42 | 000,002,432 | ---- | C] () -- C:\Users\tomek\AppData\Local\Tempuv8168.html
[2010-07-24 21:00:42 | 000,002,089 | ---- | C] () -- C:\Users\tomek\AppData\Local\Templu8168.html
[2010-07-15 20:52:22 | 000,002,432 | ---- | C] () -- C:\Users\tomek\AppData\Local\TempAu2916.html
[2010-07-15 20:52:22 | 000,002,089 | ---- | C] () -- C:\Users\tomek\AppData\Local\TempYr2916.html
[2010-07-09 21:22:56 | 000,002,432 | ---- | C] () -- C:\Users\tomek\AppData\Local\TempMR5976.html
[2010-07-01 07:35:51 | 000,000,680 | ---- | C] () -- C:\Users\tomek\AppData\Local\d3d9caps.dat
[2010-06-18 22:32:22 | 000,002,432 | ---- | C] () -- C:\Users\tomek\AppData\Local\Tempzo7476.html
[2010-06-18 22:32:22 | 000,002,089 | ---- | C] () -- C:\Users\tomek\AppData\Local\TemphQ7476.html
[2010-06-01 19:54:59 | 000,002,432 | ---- | C] () -- C:\Users\tomek\AppData\Local\TempOJ6672.html
[2010-06-01 19:54:59 | 000,002,089 | ---- | C] () -- C:\Users\tomek\AppData\Local\TempIL6672.html
[2010-05-29 21:51:17 | 000,002,432 | ---- | C] () -- C:\Users\tomek\AppData\Local\TempDhe804.html
[2010-05-29 21:51:17 | 000,002,089 | ---- | C] () -- C:\Users\tomek\AppData\Local\TempaJD804.html
[2010-05-29 19:16:04 | 000,002,432 | ---- | C] () -- C:\Users\tomek\AppData\Local\TempYu5460.html
[2010-05-29 19:16:04 | 000,002,089 | ---- | C] () -- C:\Users\tomek\AppData\Local\TemptZ5460.html
[2010-05-27 13:10:14 | 000,002,432 | ---- | C] () -- C:\Users\tomek\AppData\Local\TempPg1244.html
[2010-05-27 13:10:14 | 000,002,089 | ---- | C] () -- C:\Users\tomek\AppData\Local\TempYw1244.html
[2010-05-26 19:18:52 | 000,002,432 | ---- | C] () -- C:\Users\tomek\AppData\Local\TempkI2440.html
[2010-05-26 19:18:52 | 000,002,089 | ---- | C] () -- C:\Users\tomek\AppData\Local\Tempht2440.html
[2010-05-17 19:57:39 | 000,002,432 | ---- | C] () -- C:\Users\tomek\AppData\Local\TempkF6432.html
[2010-05-17 19:57:39 | 000,002,089 | ---- | C] () -- C:\Users\tomek\AppData\Local\TempNK6432.html
[2010-05-02 20:17:02 | 000,002,432 | ---- | C] () -- C:\Users\tomek\AppData\Local\TempiL6388.html
[2010-04-30 19:37:23 | 000,002,432 | ---- | C] () -- C:\Users\tomek\AppData\Local\Tempey7188.html
[2010-04-30 19:37:23 | 000,002,089 | ---- | C] () -- C:\Users\tomek\AppData\Local\TempJl7188.html
[2010-04-27 15:42:15 | 000,002,432 | ---- | C] () -- C:\Users\tomek\AppData\Local\TempPu3608.html
[2010-04-27 15:42:15 | 000,002,089 | ---- | C] () -- C:\Users\tomek\AppData\Local\TempRw3608.html
[2010-04-21 08:48:30 | 000,002,432 | ---- | C] () -- C:\Users\tomek\AppData\Local\TemphM6060.html
[2010-04-21 08:48:30 | 000,002,089 | ---- | C] () -- C:\Users\tomek\AppData\Local\Temppg6060.html
[2010-04-18 14:42:37 | 000,002,432 | ---- | C] () -- C:\Users\tomek\AppData\Local\Tempfn2864.html
[2010-04-18 14:42:37 | 000,002,089 | ---- | C] () -- C:\Users\tomek\AppData\Local\TempYg2864.html
[2010-04-16 20:19:55 | 000,002,432 | ---- | C] () -- C:\Users\tomek\AppData\Local\TempSS8184.html
[2010-04-16 20:19:55 | 000,002,089 | ---- | C] () -- C:\Users\tomek\AppData\Local\TempNx8184.html
[2010-04-10 16:17:51 | 000,002,432 | ---- | C] () -- C:\Users\tomek\AppData\Local\Temphy4944.html
[2010-04-04 20:29:27 | 000,002,432 | ---- | C] () -- C:\Users\tomek\AppData\Local\TempRH5748.html
[2010-04-04 20:29:27 | 000,002,089 | ---- | C] () -- C:\Users\tomek\AppData\Local\TempGE5748.html
[2010-04-03 22:01:26 | 000,002,432 | ---- | C] () -- C:\Users\tomek\AppData\Local\TempnT6556.html
[2010-04-03 22:01:26 | 000,002,089 | ---- | C] () -- C:\Users\tomek\AppData\Local\TempfH6556.html
[2010-04-02 19:25:12 | 000,002,432 | ---- | C] () -- C:\Users\tomek\AppData\Local\TempNE6292.html
[2010-04-02 19:25:12 | 000,002,089 | ---- | C] () -- C:\Users\tomek\AppData\Local\TempZq6292.html
[2010-03-30 21:38:33 | 000,002,432 | ---- | C] () -- C:\Users\tomek\AppData\Local\TempTH5436.html
[2010-03-30 21:38:33 | 000,002,089 | ---- | C] () -- C:\Users\tomek\AppData\Local\TempzI5436.html
[2010-03-28 19:13:37 | 000,002,432 | ---- | C] () -- C:\Users\tomek\AppData\Local\Tempkx7264.html
[2010-03-28 19:13:37 | 000,002,089 | ---- | C] () -- C:\Users\tomek\AppData\Local\Temppj7264.html
[2010-03-27 22:08:33 | 000,002,432 | ---- | C] () -- C:\Users\tomek\AppData\Local\TempZv9204.html
[2010-03-27 22:08:33 | 000,002,089 | ---- | C] () -- C:\Users\tomek\AppData\Local\Tempfr9204.html
[2010-03-26 08:35:44 | 000,002,432 | ---- | C] () -- C:\Users\tomek\AppData\Local\TempvW4388.html
[2010-03-26 08:35:44 | 000,002,089 | ---- | C] () -- C:\Users\tomek\AppData\Local\Tempoi4388.html
[2010-03-25 23:58:59 | 000,002,432 | ---- | C] () -- C:\Users\tomek\AppData\Local\TempzJ4472.html
[2010-03-25 23:58:59 | 000,002,089 | ---- | C] () -- C:\Users\tomek\AppData\Local\TempQf4472.html
[2010-03-24 17:35:42 | 000,002,432 | ---- | C] () -- C:\Users\tomek\AppData\Local\TempAl3764.html
[2010-03-24 17:35:42 | 000,002,089 | ---- | C] () -- C:\Users\tomek\AppData\Local\TemplD3764.html
[2010-03-23 23:51:30 | 000,002,432 | ---- | C] () -- C:\Users\tomek\AppData\Local\TempAf4476.html
[2010-03-23 23:51:30 | 000,002,089 | ---- | C] () -- C:\Users\tomek\AppData\Local\TempUM4476.html
[2010-03-21 16:25:13 | 000,002,432 | ---- | C] () -- C:\Users\tomek\AppData\Local\TempDF4320.html
[2010-03-21 16:25:13 | 000,002,089 | ---- | C] () -- C:\Users\tomek\AppData\Local\TempVP4320.html
[2010-03-19 16:03:54 | 000,002,432 | ---- | C] () -- C:\Users\tomek\AppData\Local\Tempej4224.html
[2010-03-18 04:48:26 | 000,002,432 | ---- | C] () -- C:\Users\tomek\AppData\Local\TempKf4288.html
[2010-03-18 04:48:26 | 000,002,089 | ---- | C] () -- C:\Users\tomek\AppData\Local\TempBa4288.html
[2010-03-17 16:05:50 | 000,002,432 | ---- | C] () -- C:\Users\tomek\AppData\Local\TempMb4104.html
[2010-03-17 16:05:50 | 000,002,089 | ---- | C] () -- C:\Users\tomek\AppData\Local\TempPV4104.html
[2010-03-16 16:00:13 | 000,002,432 | ---- | C] () -- C:\Users\tomek\AppData\Local\TempVC2912.html
[2010-03-13 21:25:35 | 000,002,432 | ---- | C] () -- C:\Users\tomek\AppData\Local\TempUj4124.html
[2010-03-13 21:25:35 | 000,002,089 | ---- | C] () -- C:\Users\tomek\AppData\Local\TempMa4124.html
[2010-01-30 00:08:27 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009-10-20 18:20:44 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009-08-09 19:30:55 | 000,000,100 | ---- | C] () -- C:\Users\tomek\AppData\Roaming\vispa.ini
[2008-10-17 16:50:18 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2008-10-17 16:50:18 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2008-09-23 19:06:04 | 000,000,092 | ---- | C] () -- C:\Windows\mp3wavcon.ini
[2008-09-23 18:57:21 | 000,237,568 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2008-08-20 20:54:11 | 000,765,952 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2008-08-20 20:54:11 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2008-05-15 16:58:09 | 000,031,007 | ---- | C] () -- C:\Users\tomek\AppData\Roaming\UserTile.png
[2008-03-13 02:35:09 | 000,000,093 | ---- | C] () -- C:\Users\tomek\AppData\Local\fusioncache.dat
[2008-03-13 02:29:26 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2008-03-13 02:29:26 | 000,022,328 | ---- | C] () -- C:\Users\tomek\AppData\Roaming\PnkBstrK.sys
[2008-03-13 02:10:26 | 000,721,904 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2008-03-09 15:14:13 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat
[2008-03-08 21:18:08 | 000,027,335 | ---- | C] () -- C:\Users\tomek\AppData\Roaming\nvModes.001
[2008-03-08 21:18:07 | 000,027,335 | ---- | C] () -- C:\Users\tomek\AppData\Roaming\nvModes.dat
[2008-03-08 20:53:46 | 000,175,616 | ---- | C] () -- C:\Users\tomek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007-12-12 14:44:44 | 000,466,944 | ---- | C] () -- C:\Windows\System32\RemoveDevice.dll
[2007-09-25 00:57:46 | 000,000,030 | ---- | C] () -- C:\Windows\SetPanel.ini
[2007-09-25 00:57:25 | 000,000,092 | ---- | C] () -- C:\Windows\CLEANUP.INI
[2007-09-25 00:01:39 | 000,001,132 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2007-08-14 03:29:38 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dll
[2007-08-14 03:14:52 | 000,005,495 | R--- | C] () -- C:\Windows\0x0409.ini
[2007-08-14 02:12:24 | 000,076,584 | ---- | C] () -- C:\Windows\System32\drivers\int15.sys
[2007-08-14 02:12:24 | 000,015,656 | ---- | C] () -- C:\Windows\System32\drivers\int15_64.sys
[2007-08-14 02:11:46 | 000,065,536 | ---- | C] () -- C:\Windows\System32\NATTraversal.dll
[2007-08-14 02:06:49 | 000,331,776 | ---- | C] () -- C:\Windows\System32\ScrollBarLib.dll
[2007-08-14 01:59:53 | 000,323,584 | ---- | C] () -- C:\Windows\AEITAddInRdr.dll
[2007-08-14 01:59:53 | 000,001,730 | ---- | C] () -- C:\Windows\Abcpy.ini
[2007-08-14 01:15:52 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2007-08-14 00:49:41 | 001,729,152 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2007-08-14 00:47:20 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2007-04-26 01:33:22 | 000,266,240 | ---- | C] () -- C:\Windows\System32\NotesExtmngr.dll
[2007-04-26 01:32:50 | 000,204,800 | ---- | C] () -- C:\Windows\System32\NotesActnMenu.dll
[2007-04-26 01:32:46 | 000,086,016 | ---- | C] () -- C:\Windows\System32\MSNSpook.dll
[2007-04-26 01:31:00 | 000,028,672 | ---- | C] () -- C:\Windows\System32\BatchCrypto.dll
[2007-04-26 01:30:52 | 000,073,728 | ---- | C] () -- C:\Windows\System32\APISlice.dll
[2007-04-26 01:30:44 | 000,063,488 | ---- | C] () -- C:\Windows\System32\ShowErrMsg.dll
[2006-12-26 00:44:48 | 000,022,016 | ---- | C] () -- C:\Windows\System32\MailFormat_U.dll
[2006-11-02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006-11-02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2003-07-31 04:33:26 | 000,061,440 | ---- | C] () -- C:\Windows\System32\TosHidAPI.dll
[2003-03-21 14:38:22 | 000,114,688 | ---- | C] () -- C:\Windows\System32\TosBtacc.dll
[2003-02-28 10:48:40 | 000,114,688 | ---- | C] () -- C:\Windows\System32\TBTMonUI.dll
[2002-12-14 14:16:30 | 000,077,824 | ---- | C] () -- C:\Windows\System32\tosbthcrpapi.dll
[2002-10-16 00:54:04 | 000,153,088 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2002-10-06 20:42:57 | 000,237,568 | ---- | C] () -- C:\Windows\System32\OggDS.dll
[2002-10-05 01:04:25 | 000,921,600 | ---- | C] () -- C:\Windows\System32\vorbisenc.dll
[2002-10-05 01:04:24 | 000,188,416 | ---- | C] () -- C:\Windows\System32\vorbis.dll
[2002-10-05 01:04:17 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ogg.dll
[2002-06-06 06:58:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommApi.dll
[2002-01-01 01:12:45 | 000,098,304 | ---- | C] () -- C:\Windows\System32\PdeSrv2p.dll
[2001-12-27 01:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001-09-04 08:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001-07-31 01:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001-07-24 07:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2008-03-08 20:49:32 | 000,000,000 | ---D | M] -- C:\Users\tomek\AppData\Roaming\Acer
[2010-08-19 08:37:44 | 000,000,000 | ---D | M] -- C:\Users\tomek\AppData\Roaming\AnvSoft
[2010-08-22 08:17:42 | 000,000,000 | ---D | M] -- C:\Users\tomek\AppData\Roaming\Any Video Converter
[2008-07-03 20:36:55 | 000,000,000 | ---D | M] -- C:\Users\tomek\AppData\Roaming\Ashampoo
[2009-08-09 21:19:39 | 000,000,000 | ---D | M] -- C:\Users\tomek\AppData\Roaming\Avanquest
[2010-08-09 11:24:36 | 000,000,000 | ---D | M] -- C:\Users\tomek\AppData\Roaming\AVI ReComp
[2009-01-08 21:42:46 | 000,000,000 | ---D | M] -- C:\Users\tomek\AppData\Roaming\BESTplayer
[2009-06-22 22:17:37 | 000,000,000 | ---D | M] -- C:\Users\tomek\AppData\Roaming\Birdstep Technology
[2009-08-11 22:24:25 | 000,000,000 | ---D | M] -- C:\Users\tomek\AppData\Roaming\ChomikBox
[2009-12-24 13:42:09 | 000,000,000 | ---D | M] -- C:\Users\tomek\AppData\Roaming\COWON
[2010-02-28 20:32:51 | 000,000,000 | ---D | M] -- C:\Users\tomek\AppData\Roaming\DAEMON Tools
[2009-12-09 20:50:57 | 000,000,000 | ---D | M] -- C:\Users\tomek\AppData\Roaming\dBpoweramp
[2008-03-09 16:30:38 | 000,000,000 | ---D | M] -- C:\Users\tomek\AppData\Roaming\FlashGet
[2010-08-21 19:40:09 | 000,000,000 | ---D | M] -- C:\Users\tomek\AppData\Roaming\foobar2000
[2010-03-27 22:15:40 | 000,000,000 | ---D | M] -- C:\Users\tomek\AppData\Roaming\Gadu-Gadu
[2010-03-13 13:51:41 | 000,000,000 | ---D | M] -- C:\Users\tomek\AppData\Roaming\Gadu-Gadu 10
[2010-08-30 09:24:50 | 000,000,000 | ---D | M] -- C:\Users\tomek\AppData\Roaming\IObit
[2010-05-22 17:45:14 | 000,000,000 | ---D | M] -- C:\Users\tomek\AppData\Roaming\ipla
[2010-02-05 19:55:04 | 000,000,000 | ---D | M] -- C:\Users\tomek\AppData\Roaming\Musicmatch
[2010-03-13 14:12:55 | 000,000,000 | ---D | M] -- C:\Users\tomek\AppData\Roaming\OpenFM
[2008-05-15 16:58:09 | 000,000,000 | ---D | M] -- C:\Users\tomek\AppData\Roaming\PeerNetworking
[2009-08-08 10:32:30 | 000,000,000 | ---D | M] -- C:\Users\tomek\AppData\Roaming\r2 Studios
[2008-09-01 20:33:06 | 000,000,000 | ---D | M] -- C:\Users\tomek\AppData\Roaming\Thinstall
[2009-12-24 20:27:11 | 000,000,000 | ---D | M] -- C:\Users\tomek\AppData\Roaming\Uniblue
[2009-12-22 23:56:06 | 000,000,000 | ---D | M] -- C:\Users\tomek\AppData\Roaming\VSRevoGroup
[2010-09-02 11:17:06 | 000,000,370 | ---- | M] () -- C:\Windows\Tasks\AWC Startup.job
[2010-08-31 19:52:35 | 000,032,578 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009-12-24 20:25:27 | 000,000,378 | ---- | M] () -- C:\Windows\Tasks\Uniblue DiskRescue 2009.job
[2010-09-02 12:09:03 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{D33C66AB-B431-4977-9EA4-AFD4D20BD38C}.job
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:CB0AACC9
@Alternate Data Stream - 217 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 176 bytes -> C:\ProgramData\TEMP:EEFF768F
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:FB1B13D8
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:7B212553
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A8ADE5D8
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:94188BC6
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:D74B6CF5
< End of report >