wklejto.pl

Dodane przez: ~Anonim (2013-02-04 18:51) -> text
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83.
84.
85.
86.
87.
88.
89.
90.
91.
92.
93.
94.
95.
96.
97.
98.
99.
100.
101.
102.
103.
104.
105.
106.
107.
108.
109.
110.
111.
112.
113.
114.
115.
116.
117.
118.
119.
120.
121.
122.
123.
124.
125.
126.
127.
128.
129.
130.
131.
132.
133.
134.
135.
136.
137.
138.
139.
140.
141.
142.
143.
144.
145.
146.
147.
148.
149.
150.
151.
152.
153.
154.
155.
156.
157.
158.
159.
160.
161.
162.
163.
164.
165.
166.
167.
168.
169.
170.
171.
172.
173.
174.
175.
176.
177.
178.
179.
180.
181.
182.
183.
184.
185.
186.
187.
188.
189.
190.
191.
192.
193.
194.
195.
196.
197.
198.
199.
200.
201.
202.
203.
204.
205.
206.
207.
208.
209.
210.
211.
212.
213.
214.
215.
216.
217.
218.
219.
220.
221.
222.
223.
224.
225.
226.
227.
228.
229.
230.
231.
232.
233.
234.
235.
236.
237.
238.
239.
240.
241.
242.
243.
244.
245.
246.
247.
248.
249.
250.
251.
252.
253.
254.
255.
256.
257.
258.
259.
260.
261.
262.
263.
264.
265.
266.
267.
268.
269.
270.
271.
272.
273.
274.
275.
276.
277.
278.
279.
280.
281.
282.
283.
284.
285.
286.
287.
288.
289.
290.
291.
292.
293.
294.
295.
296.
297.
298.
299.
300.
301.
302.
303.
304.
305.
306.
307.
308.
309.
310.
311.
312.
313.
314.
315.
316.
317.
318.
319.
320.
321.
322.
323.
324.
325.
326.
327.
328.
329.
330.
331.
332.
333.
334.
335.
336.
337.
338.
339.
340.
341.
342.
343.
344.
345.
346.
347.
348.
349.
350.
351.
352.
353.
354.
355.
356.
357.
358.
359.
360.
361.
362.
363.
364.
365.
366.
367.
368.
369.
370.
371.
372.
373.
374.
375.
376.
377.
378.
379.
380.
381.
382.
383.
384.
385.
386.
387.
388.
389.
390.
391.
392.
393.
394.
395.
396.
397.
398.
399.
400.
401.
402.
403.
404.
405.
406.
407.
408.
409.
410.
411.
412.
413.
414.
415.
416.
417.
418.
419.
420.
421.
422.
423.
424.
425.
426.
427.
428.
429.
430.
431.
432.
433.
434.
435.
436.
437.
438.
439.
440.
441.
442.
443.
444.
445.
446.
447.
448.
449.
450.
451.
452.
453.
454.
455.
456.
457.
458.
459.
460.
461.
462.
463.
464.
465.
466.
467.
468.
469.
470.
471.
472.
473.
474.
475.
476.
477.
478.
479.
480.
481.
482.
483.
484.
485.
486.
487.
488.
489.
490.
491.
492.
493.
494.
495.
496.
497.
498.
499.
500.
501.
502.
503.
504.
505.
506.
507.
508.
509.
510.
511.
512.
513.
514.
515.
516.
517.
518.
519.
520.
521.
522.
523.
524.
525.
526.
527.
528.
529.
530.
531.
532.
533.
534.
535.
536.
537.
538.
539.
540.
541.
542.
543.
544.
545.
546.
547.
548.
549.
550.
551.
552.
553.
554.
555.
556.
557.
558.
559.
560.
561.
562.
563.
564.
565.
566.
567.
568.
569.
570.
571.
572.
573.
574.
575.
576.
577.
578.
579.
580.
581.
582.
583.
584.
585.
586.
587.
588.
589.
590.
591.
592.
593.
594.
595.
596.
597.
598.
599.
600.
601.
602.
603.
604.
605.
606.
607.
608.
609.
610.
611.
612.
613.
614.
615.
616.
617.
618.
619.
620.
621.
622.
623.
624.
625.
626.
627.
628.
629.
630.
631.
632.
633.
634.
635.
636.
637.
638.
639.
640.
641.
642.
643.
644.
645.
646.
647.
648.
649.
650.
651.
652.
653.
654.
655.
656.
657.
658.
659.
660.
661.
662.
663.
664.
665.
666.
667.
668.
669.
670.
671.
672.
673.
674.
OTL logfile created on: 2013-02-04 18:23:48 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Dżasta\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
3,86 Gb Total Physical Memory | 2,19 Gb Available Physical Memory | 56,73% Memory free
7,96 Gb Paging File | 5,87 Gb Available in Paging File | 73,81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,88 Gb Total Space | 128,67 Gb Free Space | 55,25% Space Free | Partition Type: NTFS
Drive D: | 232,49 Gb Total Space | 98,58 Gb Free Space | 42,40% Space Free | Partition Type: NTFS
 
Computer Name: MUNDZIA | User Name: Dżasta | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2013-02-04 18:17:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dżasta\Desktop\OTL.exe
PRC - [2013-01-28 20:04:50 | 000,212,432 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.124\GoogleCrashHandler.exe
PRC - [2012-12-18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012-11-03 16:56:18 | 000,296,096 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2010-10-01 20:06:36 | 000,348,760 | ---- | M] (Kaspersky Lab) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe
PRC - [2010-03-22 15:24:00 | 000,743,992 | ---- | M] (Infowatch) -- C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
PRC - [2009-11-09 08:56:20 | 000,246,272 | ---- | M] () -- C:\Program Files (x86)\Join Air\AssistantServices.exe
PRC - [2009-11-09 08:55:42 | 000,132,096 | ---- | M] () -- C:\Program Files (x86)\Join Air\UIExec.exe
PRC - [2009-10-02 13:26:12 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2009-10-02 13:26:10 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2009-09-30 19:34:22 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009-09-30 19:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009-03-10 18:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2009-01-13 21:33:40 | 000,034,088 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2012-02-20 16:16:03 | 011,824,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\2df79ab909c782d3796e4107d040327d\System.Web.ni.dll
MOD - [2012-02-20 16:15:53 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0a894f77b9aa64acbd3ce791916357d8\System.Runtime.Remoting.ni.dll
MOD - [2012-02-20 16:15:08 | 012,431,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ff30db6905f8ec024fc808ed8779c0f3\System.Windows.Forms.ni.dll
MOD - [2012-02-20 16:14:57 | 001,586,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\a09ee392fa90849f2e9313a1ebbe0279\System.Drawing.ni.dll
MOD - [2012-02-20 16:14:30 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\585ac5899ab444221c8b41df13b194bc\WindowsBase.ni.dll
MOD - [2012-02-20 16:14:20 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49f4cb0755ccc34cd35ff96dc2ef9e3\System.Xml.ni.dll
MOD - [2012-02-20 16:14:14 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\15742b3597258ce67cbe219005c197e5\System.Configuration.ni.dll
MOD - [2012-02-20 16:14:11 | 007,952,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\1f14b3e1ee0847f8662f513e67f92547\System.ni.dll
MOD - [2011-10-17 12:45:36 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll
MOD - [2010-10-01 20:05:46 | 008,972,888 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\QtGui4.dll
MOD - [2010-10-01 20:05:42 | 002,456,152 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\QtCore4.dll
MOD - [2010-10-01 19:07:46 | 000,733,184 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\localization_manager.dll
MOD - [2009-11-09 08:55:42 | 000,132,096 | ---- | M] () -- C:\Program Files (x86)\Join Air\UIExec.exe
MOD - [2009-10-30 18:32:30 | 000,410,496 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\dblite.dll
MOD - [2009-07-14 18:55:04 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2009-11-10 13:54:54 | 000,824,688 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV:[b]64bit:[/b] - [2009-11-05 22:05:28 | 000,489,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:[b]64bit:[/b] - [2009-11-05 09:19:12 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:[b]64bit:[/b] - [2009-09-28 14:46:02 | 000,251,760 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV:[b]64bit:[/b] - [2009-09-08 23:56:12 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2009-07-28 14:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV - [2012-12-18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012-01-18 14:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2010-10-22 13:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010-10-16 13:31:14 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010-10-01 20:06:36 | 000,348,760 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe -- (AVP)
SRV - [2010-03-22 15:24:00 | 000,743,992 | ---- | M] (Infowatch) [Auto | Running] -- C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe -- (CSObjectsSrv)
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-11-09 08:56:20 | 000,246,272 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Join Air\AssistantServices.exe -- (UI Assistant Service)
SRV - [2009-10-27 20:12:14 | 000,252,784 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe -- (cfWiMAXService)
SRV - [2009-10-15 16:49:56 | 000,116,104 | ---- | M] (Toshiba Europe GmbH) [Auto | Running] -- C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService)
SRV - [2009-10-06 09:21:50 | 000,051,512 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2009-10-02 13:26:12 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2009-09-30 19:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009-09-30 19:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009-03-10 18:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2012-10-21 13:13:21 | 000,353,296 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:[b]64bit:[/b] - [2012-03-01 07:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2011-03-11 07:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011-03-11 07:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010-08-30 10:47:57 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:[b]64bit:[/b] - [2010-08-30 10:47:57 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:[b]64bit:[/b] - [2010-04-07 20:03:52 | 000,163,888 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:[b]64bit:[/b] - [2010-02-17 11:04:36 | 000,085,048 | ---- | M] (Infowatch) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\CSCrySec.sys -- (CSCrySec)
DRV:[b]64bit:[/b] - [2010-02-17 11:04:36 | 000,066,104 | ---- | M] (Infowatch) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CSVirtualDiskDrv.sys -- (CSVirtualDiskDrv)
DRV:[b]64bit:[/b] - [2009-11-05 22:15:40 | 000,291,328 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2009-10-15 20:11:26 | 000,307,760 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:[b]64bit:[/b] - [2009-10-14 19:18:38 | 000,040,464 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\klbg.sys -- (KLBG)
DRV:[b]64bit:[/b] - [2009-10-10 13:57:54 | 000,119,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV:[b]64bit:[/b] - [2009-10-10 13:57:54 | 000,119,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV:[b]64bit:[/b] - [2009-10-10 13:57:54 | 000,119,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV:[b]64bit:[/b] - [2009-10-02 17:39:32 | 000,021,008 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:[b]64bit:[/b] - [2009-10-02 13:33:48 | 000,946,688 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192se.sys -- (rtl8192se)
DRV:[b]64bit:[/b] - [2009-10-02 12:58:58 | 000,537,112 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2009-09-23 10:00:10 | 000,011,776 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter.sys -- (massfilter)
DRV:[b]64bit:[/b] - [2009-09-22 17:39:56 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:[b]64bit:[/b] - [2009-09-17 12:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:[b]64bit:[/b] - [2009-09-14 12:46:42 | 000,027,152 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:[b]64bit:[/b] - [2009-09-09 00:31:52 | 006,204,928 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:[b]64bit:[/b] - [2009-09-01 13:29:56 | 000,157,712 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (kl1)
DRV:[b]64bit:[/b] - [2009-07-30 21:02:36 | 000,044,912 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LPCFilter.sys -- (LPCFilter)
DRV:[b]64bit:[/b] - [2009-07-30 19:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:[b]64bit:[/b] - [2009-07-24 15:57:08 | 000,482,384 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tos_sps64.sys -- (tos_sps64)
DRV:[b]64bit:[/b] - [2009-07-14 16:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-06-22 17:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:[b]64bit:[/b] - [2009-06-19 19:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
DRV:[b]64bit:[/b] - [2009-06-10 22:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009-05-20 18:04:56 | 000,202,016 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:[b]64bit:[/b] - [2007-09-13 12:55:20 | 000,050,688 | ---- | M] (ASIX Electronics Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ax88772.sys -- (AX88772)
DRV - [2009-09-22 17:39:56 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2002-07-17 15:20:32 | 000,084,832 | ---- | M] (Adaptec) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\ASPI32.SYS -- (ASPI)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{47C52502-2DBA-4C3B-B61A-C6DD040E640D}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TSEH&bmod=TSEH
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.claro-search.com/?q={searchTerms}&affID=117423&tt=4712_2&babsrc=SP_ss&mntrId=424e57e9000000000000701a04fb2a9e
IE - HKCU\..\SearchScopes\{5F3ADAA2-924D-4C37-81F7-AFFA65F6922E}: "URL" = http://rover.ebay.com/rover/1/4908-44618-9400-8/4?satitle={searchTerms}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://startsear.ch/?aff=1&q={searchTerms}
IE - HKCU\..\SearchScopes\{B84EA284-95B9-4B93-A9D2-BF7DBB4A1203}: "URL" = http://www.amazon.co.uk/gp/search?ie=UTF8&keywords={searchTerms}&tag=tochibauk-win7-ie-search-21&index=blended&linkCode=ur2
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
[color=#E56717]========== FireFox ==========[/color]
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_278.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-10-03 17:37:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-11-03 16:57:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-11-03 16:57:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\THBExt [2012-10-21 13:14:31 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-10-03 17:37:38 | 000,000,000 | ---D | M]
 
[2012-11-21 17:42:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.gazeta.pl/0,0.html?p=128
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\12.0.742.100\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.140.8 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeploytk.dll
CHR - plugin: Java(TM) Platform SE 6 U14 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll
CHR - plugin: Chrome NaCl (Disabled) = C:\Program Files (x86)\Google\Chrome\Application\12.0.742.100\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\12.0.742.100\pdf.dll
CHR - plugin: vShare.tv plug-in (Enabled) = C:\Users\D\u017Casta\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\chvsharetvplg.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Dżasta\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.4_0\
CHR - Extension: vshare plugin = C:\Users\Dżasta\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\
 
O1 HOSTS File: ([2011-04-10 21:19:48 | 000,000,860 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:[b]64bit:[/b] - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\ievkbd.dll (Kaspersky Lab)
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2:[b]64bit:[/b] - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\klwtbbho.dll (Kaspersky Lab)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {038CB5C7-48EA-4AF9-94E0-A1646542E62B} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:[b]64bit:[/b] - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [SmartFaceVWatcher] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Toshiba TEMPRO] C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH)
O4:[b]64bit:[/b] - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TWebCamera] C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
O4 - HKLM..\Run: [UIExec] C:\Program Files (x86)\Join Air\UIExec.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O8:[b]64bit:[/b] - Extra context menu item: Dodaj do blokowanych banerów - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ie_banner_deny.htm ()
O8 - Extra context menu item: Dodaj do blokowanych banerów - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ie_banner_deny.htm ()
O9:[b]64bit:[/b] - Extra Button: &Klawiatura wirtualna - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\klwtbbho.dll (Kaspersky Lab)
O9:[b]64bit:[/b] - Extra Button: &Sprawdzanie adresów internetowych - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: &Klawiatura wirtualna - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: &Sprawdzanie adresów internetowych - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O16:[b]64bit:[/b] - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Java Plug-in 10.9.2)
O16:[b]64bit:[/b] - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16:[b]64bit:[/b] - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.7.0_09)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 10.13.2)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5158D81D-7E5E-4C20-83C5-DFA1F163669F}: DhcpNameServer = 213.172.186.4 213.172.186.5
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{57DBBED6-C051-4913-8C63-3DF735EB4D5F}: DhcpNameServer = 213.172.186.4 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C5A2086F-C952-4179-AA10-E964600B7486}: DhcpNameServer = 192.168.0.1
O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-itss - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:[b]64bit:[/b] - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\sbhook64.dll (Kaspersky Lab)
O20:[b]64bit:[/b] - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\kloehk.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (c:\progra~3\browse~1\25911~1.18\{c16c1~1\mngr.dll C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll) -  File not found
O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\sbhook.dll (Kaspersky Lab)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 0
O33 - MountPoints2\{c111bfa8-b4f1-11df-b0ed-705ab6750a03}\Shell - "" = AutoRun
O33 - MountPoints2\{c111bfa8-b4f1-11df-b0ed-705ab6750a03}\Shell\AutoRun\command - "" = F:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2013-02-04 18:17:21 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Dżasta\Desktop\OTL.exe
[2013-02-04 16:35:29 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2013-02-04 16:30:30 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Dżasta\Desktop\tdsskiller.exe
[2013-02-04 07:35:12 | 013,171,208 | ---- | C] (Opera Software ASA) -- C:\Users\Dżasta\Desktop\Opera_1213_int_Setup.exe
[2013-02-02 02:19:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013-02-02 02:19:28 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013-02-02 02:18:36 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013-02-02 02:18:36 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013-02-02 02:18:36 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013-01-28 20:08:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2013-01-28 00:03:37 | 000,000,000 | ---D | C] -- C:\Users\Dżasta\AppData\Roaming\EurekaLog
[2013-01-16 22:44:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\foobar2000
[2013-01-16 22:42:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Last.fm
[2013-01-06 02:45:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MoorHunt
[2013-01-06 02:29:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Peer2Mail
[2008-01-28 05:26:24 | 006,167,480 | ---- | C] (STOPzilla                                                   ) -- C:\Users\Dżasta\AppData\Roaming\STOPzilla_Setup.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2013-02-04 18:17:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dżasta\Desktop\OTL.exe
[2013-02-04 18:10:02 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013-02-04 17:39:50 | 000,303,287 | ---- | M] () -- C:\Users\Dżasta\Desktop\tumblr_mhnqdrT5af1qixosbo1_1280.png
[2013-02-04 16:55:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-02-04 16:44:13 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013-02-04 16:44:13 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013-02-04 16:36:43 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013-02-04 16:36:14 | 3112,386,560 | -HS- | M] () -- C:\hiberfil.sys
[2013-02-04 16:30:30 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Dżasta\Desktop\tdsskiller.exe
[2013-02-04 11:24:00 | 000,001,076 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013-02-04 07:36:56 | 013,171,208 | ---- | M] (Opera Software ASA) -- C:\Users\Dżasta\Desktop\Opera_1213_int_Setup.exe
[2013-02-04 07:36:12 | 000,234,931 | ---- | M] () -- C:\Users\Dżasta\Desktop\Screeny 2013.02.04.07.36.09.jpg
[2013-02-02 21:15:50 | 000,195,490 | ---- | M] () -- C:\Users\Dżasta\Desktop\tumblr_mhlypirBpv1r2jpv8o1_500.jpg
[2013-02-02 20:57:43 | 000,442,794 | ---- | M] () -- C:\Users\Dżasta\Desktop\tumblr_inline_mhkxapAgEt1qfd4ju.gif
[2013-02-02 20:52:33 | 000,701,650 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2013-02-02 20:52:33 | 000,619,178 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013-02-02 20:52:33 | 000,137,070 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2013-02-02 20:52:32 | 001,560,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013-02-02 20:52:32 | 000,108,166 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013-02-02 20:40:12 | 000,195,490 | ---- | M] () -- C:\Users\Dżasta\Desktop\tumblr_lwm3dgi6LI1qgfn35o1_500.jpg
[2013-02-02 18:14:59 | 000,795,438 | ---- | M] () -- C:\Users\Dżasta\Desktop\tumblr_inline_mhlbrgABAS1qz4rgp.gif
[2013-02-02 02:18:08 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013-02-02 02:18:07 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npdeployJava1.dll
[2013-02-02 02:18:07 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013-02-02 02:18:07 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013-02-02 02:18:07 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013-02-02 02:18:07 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013-01-31 22:34:49 | 000,006,012 | ---- | M] () -- C:\Users\Dżasta\Desktop\TB wykład - zagadnienia na egzamin.odt
[2013-01-28 20:08:07 | 000,002,179 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2013-01-27 21:10:03 | 000,002,432 | ---- | M] () -- C:\Users\Dżasta\AppData\Local\Temptz6472.html
[2013-01-22 22:16:15 | 000,002,432 | ---- | M] () -- C:\Users\Dżasta\AppData\Local\TempPh5228.html
[2013-01-21 00:41:12 | 000,002,432 | ---- | M] () -- C:\Users\Dżasta\AppData\Local\TempbR4160.html
[2013-01-20 17:11:56 | 000,002,432 | ---- | M] () -- C:\Users\Dżasta\AppData\Local\TempRt1380.html
[2013-01-18 21:49:42 | 000,002,432 | ---- | M] () -- C:\Users\Dżasta\AppData\Local\TempUU7040.html
[2013-01-17 22:47:47 | 000,002,432 | ---- | M] () -- C:\Users\Dżasta\AppData\Local\TempTV6940.html
[2013-01-17 19:39:47 | 000,002,432 | ---- | M] () -- C:\Users\Dżasta\AppData\Local\Tempmb1512.html
[2013-01-16 23:38:09 | 000,002,432 | ---- | M] () -- C:\Users\Dżasta\AppData\Local\Tempdel816.html
[2013-01-15 23:59:47 | 000,002,432 | ---- | M] () -- C:\Users\Dżasta\AppData\Local\TemppU1284.html
[2013-01-15 23:59:47 | 000,002,089 | ---- | M] () -- C:\Users\Dżasta\AppData\Local\TempcE1284.html
[2013-01-15 21:17:00 | 000,002,432 | ---- | M] () -- C:\Users\Dżasta\AppData\Local\TempGQ5600.html
[2013-01-14 23:05:15 | 000,002,432 | ---- | M] () -- C:\Users\Dżasta\AppData\Local\TempPE3836.html
[2013-01-13 22:43:20 | 000,002,432 | ---- | M] () -- C:\Users\Dżasta\AppData\Local\TempRH8084.html
[2013-01-13 16:20:15 | 000,002,432 | ---- | M] () -- C:\Users\Dżasta\AppData\Local\TempAm4340.html
[2013-01-13 00:34:15 | 000,002,432 | ---- | M] () -- C:\Users\Dżasta\AppData\Local\Tempsr1224.html
[2013-01-10 21:58:53 | 000,002,432 | ---- | M] () -- C:\Users\Dżasta\AppData\Local\TempkP7036.html
[2013-01-09 21:13:05 | 000,002,432 | ---- | M] () -- C:\Users\Dżasta\AppData\Local\TempOp6616.html
[2013-01-09 17:18:50 | 000,002,432 | ---- | M] () -- C:\Users\Dżasta\AppData\Local\Tempil6436.html
[2013-01-09 13:35:38 | 000,002,432 | ---- | M] () -- C:\Users\Dżasta\AppData\Local\TempdM5640.html
[2013-01-08 22:01:00 | 000,002,432 | ---- | M] () -- C:\Users\Dżasta\AppData\Local\TempuL3436.html
[2013-01-07 23:50:14 | 000,002,432 | ---- | M] () -- C:\Users\Dżasta\AppData\Local\TempWN2144.html
[2013-01-06 19:05:21 | 000,002,432 | ---- | M] () -- C:\Users\Dżasta\AppData\Local\Tempo18592.html
[2013-01-06 17:32:05 | 000,002,432 | ---- | M] () -- C:\Users\Dżasta\AppData\Local\Tempi17564.html
[2013-01-06 02:45:00 | 000,000,910 | ---- | M] () -- C:\Users\Dżasta\Desktop\MoorHunt.lnk
[2013-01-05 20:40:59 | 000,002,432 | ---- | M] () -- C:\Users\Dżasta\AppData\Local\TempvZ1244.html
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013-02-04 17:43:38 | 000,303,287 | ---- | C] () -- C:\Users\Dżasta\Desktop\tumblr_mhnqdrT5af1qixosbo1_1280.png
[2013-02-04 07:36:12 | 000,234,931 | ---- | C] () -- C:\Users\Dżasta\Desktop\Screeny 2013.02.04.07.36.09.jpg
[2013-02-02 21:15:50 | 000,195,490 | ---- | C] () -- C:\Users\Dżasta\Desktop\tumblr_mhlypirBpv1r2jpv8o1_500.jpg
[2013-02-02 20:57:43 | 000,442,794 | ---- | C] () -- C:\Users\Dżasta\Desktop\tumblr_inline_mhkxapAgEt1qfd4ju.gif
[2013-02-02 20:40:12 | 000,195,490 | ---- | C] () -- C:\Users\Dżasta\Desktop\tumblr_lwm3dgi6LI1qgfn35o1_500.jpg
[2013-02-02 18:14:59 | 000,795,438 | ---- | C] () -- C:\Users\Dżasta\Desktop\tumblr_inline_mhlbrgABAS1qz4rgp.gif
[2013-01-31 22:19:25 | 000,006,012 | ---- | C] () -- C:\Users\Dżasta\Desktop\TB wykład - zagadnienia na egzamin.odt
[2013-01-28 20:08:07 | 000,002,179 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2013-01-27 20:13:02 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\Temptz6472.html
[2013-01-22 22:15:36 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempPh5228.html
[2013-01-20 19:33:46 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempbR4160.html
[2013-01-20 17:11:33 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempRt1380.html
[2013-01-18 19:55:14 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempUU7040.html
[2013-01-17 22:21:42 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempTV6940.html
[2013-01-17 19:39:30 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\Tempmb1512.html
[2013-01-16 20:57:42 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\Tempdel816.html
[2013-01-15 22:31:32 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TemppU1284.html
[2013-01-15 22:31:32 | 000,002,089 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempcE1284.html
[2013-01-15 21:05:24 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempGQ5600.html
[2013-01-14 22:32:55 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempPE3836.html
[2013-01-13 19:56:26 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempRH8084.html
[2013-01-13 16:19:48 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempAm4340.html
[2013-01-12 19:49:06 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\Tempsr1224.html
[2013-01-10 21:58:25 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempkP7036.html
[2013-01-09 20:39:33 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempOp6616.html
[2013-01-09 17:18:15 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\Tempil6436.html
[2013-01-09 13:35:20 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempdM5640.html
[2013-01-08 22:00:41 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempuL3436.html
[2013-01-07 21:30:19 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempWN2144.html
[2013-01-06 19:05:09 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\Tempo18592.html
[2013-01-06 17:31:32 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\Tempi17564.html
[2013-01-06 02:45:00 | 000,000,910 | ---- | C] () -- C:\Users\Dżasta\Desktop\MoorHunt.lnk
[2013-01-05 20:40:39 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempvZ1244.html
[2013-01-04 21:17:41 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempWV1508.html
[2013-01-04 19:26:13 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TemplZ3024.html
[2013-01-03 22:06:18 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\Tempaz4948.html
[2013-01-02 21:23:51 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempGg4108.html
[2013-01-02 19:19:31 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempGn3560.html
[2013-01-01 23:49:18 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempBh6152.html
[2013-01-01 23:01:10 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempeD6720.html
[2013-01-01 22:17:37 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempmH7036.html
[2013-01-01 13:20:32 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempgvW932.html
[2013-01-01 02:07:15 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\Tempfh6668.html
[2013-01-01 01:06:39 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempFo6668.html
[2012-12-31 20:38:48 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempoV3496.html
[2012-12-31 17:38:08 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TemppJ5784.html
[2012-12-30 22:31:49 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\Tempoi6224.html
[2012-12-29 21:17:41 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempIK3052.html
[2012-12-29 14:48:31 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\Tempmn3788.html
[2012-12-27 18:47:35 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempLS1808.html
[2012-12-27 15:54:45 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempvQ4432.html
[2012-12-26 13:55:33 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempWb1152.html
[2012-12-25 23:45:35 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempmT5844.html
[2012-12-25 17:49:51 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TemprP4484.html
[2012-12-24 22:33:07 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempYD5924.html
[2012-12-23 21:47:52 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempOx1884.html
[2012-12-23 19:58:27 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempIw2908.html
[2012-12-21 23:05:50 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempAX3020.html
[2012-12-21 23:05:50 | 000,002,089 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\Tempuf3020.html
[2012-12-21 22:52:43 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempJgN748.html
[2012-12-21 20:12:49 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempMs7140.html
[2012-12-20 20:36:51 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempGIy444.html
[2012-12-19 23:18:34 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempmH1568.html
[2012-12-19 20:07:14 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempFH7712.html
[2012-12-19 19:25:21 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempmK6188.html
[2012-12-19 18:33:50 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TemphYl992.html
[2012-12-17 20:38:34 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempUv2040.html
[2012-12-16 18:38:31 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempoM5540.html
[2012-12-16 16:39:02 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\Tempek6084.html
[2012-12-16 00:13:13 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempAk7120.html
[2012-12-15 23:11:55 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempxB5040.html
[2012-12-15 16:03:14 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TemppG5220.html
[2012-12-13 19:51:33 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempMl5612.html
[2012-12-12 21:10:59 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TemppX2740.html
[2012-12-12 19:21:25 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempoN4164.html
[2012-12-12 19:21:25 | 000,002,089 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempeF4164.html
[2012-12-12 19:10:41 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempaY6020.html
[2012-12-12 19:10:41 | 000,002,089 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempRx6020.html
[2012-12-10 23:12:01 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempMz6796.html
[2012-12-08 22:20:48 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempgH5952.html
[2012-12-08 20:14:14 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempMy6004.html
[2012-12-08 17:31:14 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\Tempoy3268.html
[2012-12-06 21:17:09 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempuW5736.html
[2012-12-05 19:06:37 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempFP4996.html
[2012-12-04 22:51:26 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TemppJ7120.html
[2012-12-04 20:51:45 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempoU6424.html
[2012-12-03 19:47:03 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempXx5552.html
[2012-12-03 19:22:35 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\Tempod5476.html
[2012-12-03 17:32:39 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempGN5832.html
[2012-12-03 16:22:44 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempjJT792.html
[2012-12-02 23:51:14 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempiK6816.html
[2012-12-01 22:27:46 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempcD2604.html
[2012-11-29 20:32:06 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\Tempnw5968.html
[2012-11-29 18:51:44 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempVq6512.html
[2012-11-28 20:49:09 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempRa4140.html
[2012-11-27 21:01:55 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempSS5212.html
[2012-11-26 20:27:15 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempnR1784.html
[2012-11-25 22:06:53 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempqW5332.html
[2012-11-25 19:46:37 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempPc2940.html
[2012-11-25 18:47:34 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempId5440.html
[2012-11-25 00:05:35 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempNG7208.html
[2012-11-24 16:30:49 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempHf4212.html
[2012-11-23 21:00:40 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempDP7620.html
[2012-11-23 16:16:21 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempMP6032.html
[2012-11-22 20:37:53 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\Tempab6040.html
[2012-11-21 21:13:06 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\Tempaew800.html
[2012-11-21 19:16:01 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempFT6140.html
[2012-11-20 20:10:22 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempQA6624.html
[2012-11-19 20:45:14 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempST7340.html
[2012-11-19 20:02:22 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\Tempea3832.html
[2012-11-19 17:36:39 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempvM8100.html
[2012-11-18 16:53:42 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempdH4380.html
[2012-11-18 16:44:49 | 000,000,032 | ---- | C] () -- C:\Windows\kaio.INI
[2012-11-18 16:28:02 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempSc1036.html
[2012-11-18 00:08:36 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempNc8028.html
[2012-11-17 23:12:34 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempWl8116.html
[2012-11-17 21:44:34 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempGG1076.html
[2012-11-17 20:10:46 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempAb6852.html
[2012-11-17 18:25:16 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempVw4840.html
[2012-11-17 15:57:59 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempYCC904.html
[2012-11-17 00:43:05 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\Tempnl8048.html
[2012-11-17 00:43:05 | 000,002,089 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TemptD8048.html
[2012-11-17 00:04:29 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\Tempyc5800.html
[2012-11-16 23:25:28 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\Temptr5072.html
[2012-11-16 20:34:05 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempZA6640.html
[2012-11-16 19:04:03 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempRf5616.html
[2012-11-15 21:30:39 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempLE4628.html
[2012-11-15 19:20:04 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempuQ4004.html
[2012-11-14 21:43:06 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempGc6832.html
[2012-11-12 19:57:39 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\Temprx4256.html
[2012-11-12 17:26:36 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\Tempbe4688.html
[2012-11-11 22:57:54 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempmR7476.html
[2012-11-11 20:28:34 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempGm1036.html
[2012-11-10 21:55:43 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempCm7984.html
[2012-11-10 21:09:01 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempyL5388.html
[2012-11-10 19:58:10 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\Tempuz4668.html
[2012-11-10 19:21:23 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\Tempxj3276.html
[2012-11-10 18:28:49 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempnB3740.html
[2012-11-10 15:49:15 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\Tempjg3200.html
[2012-11-09 21:33:49 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\Tempyh5924.html
[2012-11-08 21:39:41 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempcK5284.html
[2012-11-04 20:36:48 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempBk5388.html
[2012-11-03 21:54:03 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempHO4804.html
[2012-11-02 18:54:17 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempYB5512.html
[2012-11-01 21:48:23 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TemprZR832.html
[2012-11-01 17:52:42 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\Tempnp5092.html
[2012-10-31 21:32:56 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempWW3052.html
[2012-10-29 20:59:30 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempyH4136.html
[2012-10-28 21:22:02 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempEV5020.html
[2012-10-28 13:15:01 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempiK1068.html
[2012-10-27 19:41:57 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\Tempbv3756.html
[2012-10-25 20:02:41 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempWX1308.html
[2012-10-21 14:09:34 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempKA4548.html
[2012-10-19 17:12:04 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\Tempik5260.html
[2012-10-18 20:18:12 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\Tempbu5200.html
[2012-10-18 18:58:47 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempgJ6108.html
[2012-10-18 18:31:44 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempVp5524.html
[2012-10-18 17:42:06 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempHm2984.html
[2012-10-17 20:55:06 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempOm1964.html
[2012-10-17 20:55:06 | 000,002,089 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\Temprv1964.html
[2012-10-17 18:27:54 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempFz4624.html
[2012-10-16 21:30:11 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TemprT3476.html
[2012-10-15 19:33:48 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\Tempni6760.html
[2012-10-15 18:34:11 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempnM4200.html
[2012-10-15 18:05:07 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempsG4984.html
[2012-10-13 17:13:53 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempKh5144.html
[2012-10-13 15:08:24 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempMm2780.html
[2012-10-13 14:22:40 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempRq3348.html
[2012-10-13 14:07:05 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempsZ2432.html
[2012-10-12 22:40:31 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\Tempev6564.html
[2012-10-12 21:18:22 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\Temprn7032.html
[2012-10-12 20:21:21 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempRk6544.html
[2012-10-12 17:49:27 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\Tempun3200.html
[2012-10-10 23:25:38 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempKt4696.html
[2012-10-10 16:27:09 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempEZ5768.html
[2012-10-09 19:23:49 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempDg6684.html
[2012-10-09 19:23:49 | 000,002,089 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempXQ6684.html
[2012-10-07 19:54:35 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempUQ6252.html
[2012-10-07 15:37:34 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempsJ6832.html
[2012-10-07 12:10:36 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempTZ2996.html
[2012-10-07 02:57:33 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempZH4496.html
[2012-10-06 18:59:03 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\Tempvq3948.html
[2012-10-06 16:33:48 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempUC5256.html
[2012-10-04 19:47:44 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\Tempxd7128.html
[2012-10-04 12:37:20 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempaM4992.html
[2012-10-03 17:48:14 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempBM5636.html
[2012-10-03 12:09:36 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempRI4036.html
[2012-10-03 12:09:36 | 000,002,089 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempfW4036.html
[2012-10-02 19:52:19 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TemprV3792.html
[2012-10-01 22:11:01 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempOL1184.html
[2012-09-30 19:14:44 | 000,002,432 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\TempmS2804.html
[2011-12-13 23:11:09 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011-12-13 23:11:09 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011-12-13 23:11:08 | 000,074,752 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011-09-30 17:52:49 | 000,000,001 | ---- | C] () -- C:\Windows\SysWow64\SI.bin
[2011-09-16 20:07:56 | 000,001,079 | ---- | C] () -- C:\Windows\jfqcghd48.ini
[2011-04-11 19:28:54 | 000,001,278 | ---- | C] () -- C:\Users\Dżasta\fix.reg
[2011-02-26 23:33:37 | 000,020,900 | ---- | C] () -- C:\Users\Dżasta\AppData\Roaming\UserTile.png
[2010-12-17 00:26:27 | 000,007,667 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\Resmon.ResmonCfg
[2010-10-13 22:08:59 | 000,016,896 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-08-29 00:11:54 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010-08-28 20:39:12 | 000,000,023 | ---- | C] () -- C:\Users\Dżasta\AppData\Local\kodakpcd.ini
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012-01-04 10:59:19 | 014,164,480 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-01-04 10:03:45 | 012,868,096 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009-07-14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2011-10-21 14:40:55 | 000,000,000 | ---D | M] -- C:\Users\Dżasta\AppData\Roaming\Ashampoo
[2011-12-06 13:46:22 | 000,000,000 | ---D | M] -- C:\Users\Dżasta\AppData\Roaming\Astroburn Pro
[2012-11-21 17:42:00 | 000,000,000 | ---D | M] -- C:\Users\Dżasta\AppData\Roaming\Babylon
[2012-10-05 21:51:18 | 000,000,000 | ---D | M] -- C:\Users\Dżasta\AppData\Roaming\BESTplayer
[2012-02-05 01:28:45 | 000,000,000 | ---D | M] -- C:\Users\Dżasta\AppData\Roaming\CoreCodec
[2012-11-21 23:52:29 | 000,000,000 | ---D | M] -- C:\Users\Dżasta\AppData\Roaming\DAEMON Tools Lite
[2010-10-05 16:12:57 | 000,000,000 | ---D | M] -- C:\Users\Dżasta\AppData\Roaming\ESET
[2013-01-28 00:03:44 | 000,000,000 | ---D | M] -- C:\Users\Dżasta\AppData\Roaming\EurekaLog
[2010-08-28 23:08:33 | 000,000,000 | ---D | M] -- C:\Users\Dżasta\AppData\Roaming\Gadu-Gadu 10
[2011-04-10 14:58:11 | 000,000,000 | ---D | M] -- C:\Users\Dżasta\AppData\Roaming\GetRightToGo
[2010-11-07 14:29:09 | 000,000,000 | ---D | M] -- C:\Users\Dżasta\AppData\Roaming\HTML Executable
[2011-11-02 21:26:11 | 000,000,000 | ---D | M] -- C:\Users\Dżasta\AppData\Roaming\NapiProjekt
[2011-04-03 00:53:56 | 000,000,000 | ---D | M] -- C:\Users\Dżasta\AppData\Roaming\OpenFM
[2011-02-28 00:21:06 | 000,000,000 | ---D | M] -- C:\Users\Dżasta\AppData\Roaming\Opera
[2011-04-03 03:31:04 | 000,000,000 | ---D | M] -- C:\Users\Dżasta\AppData\Roaming\Plane9
[2012-02-20 18:14:50 | 000,000,000 | ---D | M] -- C:\Users\Dżasta\AppData\Roaming\Podatnik.info
[2010-08-28 20:36:05 | 000,000,000 | ---D | M] -- C:\Users\Dżasta\AppData\Roaming\Skinux
[2011-01-23 00:20:43 | 000,000,000 | ---D | M] -- C:\Users\Dżasta\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011-09-14 20:17:13 | 000,000,000 | ---D | M] -- C:\Users\Dżasta\AppData\Roaming\Thinstall
[2011-01-15 21:05:29 | 000,000,000 | ---D | M] -- C:\Users\Dżasta\AppData\Roaming\Toshiba
[2013-02-04 15:46:07 | 000,000,000 | ---D | M] -- C:\Users\Dżasta\AppData\Roaming\uTorrent
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A8ADE5D8
 
< End of report >
 
Wygenerowano w 0.401s, przy pomocy GeSHi 1.0.8
'
Podziel się na Facebook Podziel się na BLIP Podziel się na Twitter Podziel się na Buzz Podziel się na Flaker Dodaj zakładkę Google Podziel się na Delicious Wykop to!

Nowy Komentarz:

Komentarze:

Brak Komentarzy!