makavel1983

Komputer strasznie muli, filmy tna

12 postów w tym temacie

Witam mam problem z komputerem moich rodzicow, strasznie wszystko muli, ostatnio wykrylem z pomoca "malwarebytes , anti malware" trojan.downloadera i prawdopodobnie go usunalem, ale komputer muli dalej : oto LOGI:

OTL
[i][b][log] OTL logfile created on: 2011-12-20 19:40:58 - Run 1[/b][/i]
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Właściciel\Moje dokumenty\Downloads
Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1023,48 Mb Total Physical Memory | 183,63 Mb Available Physical Memory | 17,94% Memory free
1,66 Gb Paging File | 0,92 Gb Available in Paging File | 55,65% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 18,63 Gb Total Space | 2,32 Gb Free Space | 12,48% Space Free | Partition Type: FAT32
Drive D: | 18,64 Gb Total Space | 7,88 Gb Free Space | 42,28% Space Free | Partition Type: NTFS
Drive E: | 18,64 Gb Total Space | 3,86 Gb Free Space | 20,72% Space Free | Partition Type: NTFS
Drive F: | 18,64 Gb Total Space | 4,78 Gb Free Space | 25,64% Space Free | Partition Type: NTFS
Drive I: | 298,02 Gb Total Space | 241,28 Gb Free Space | 80,96% Space Free | Partition Type: FAT32

Computer Name: W-0CD416825FCE4 | User Name: Właściciel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2011-12-20 19:38:54 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Właściciel\Moje dokumenty\Downloads\OTL.exe
PRC - [2011-12-07 12:16:30 | 001,047,096 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2011-12-04 10:22:08 | 000,855,904 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe
PRC - [2011-12-04 10:21:56 | 000,827,232 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
PRC - [2011-12-03 01:22:12 | 002,415,456 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2011-11-28 01:19:04 | 001,229,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2011-10-24 14:28:52 | 000,421,888 | ---- | M] (Apple Inc.) -- C:\Program Files\QuickTime\QTTask.exe
PRC - [2011-10-12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011-09-08 20:53:26 | 000,743,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2011-08-31 17:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011-08-31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011-08-15 06:21:40 | 000,337,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2011-08-02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2011-05-04 04:52:36 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2011-04-08 12:59:52 | 000,507,624 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2011-04-08 12:59:52 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2011-01-20 11:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2010-09-20 23:07:44 | 000,932,288 | R--- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
PRC - [2010-09-03 14:43:14 | 001,424,384 | ---- | M] (Siliten) -- C:\Program Files\SilverCrest MTS2219-SL Driver\KbClient_FD2.exe
PRC - [2010-09-03 14:42:50 | 000,860,672 | ---- | M] (Siliten) -- C:\Program Files\SilverCrest MTS2219-SL Driver\MouClient_FD2.exe
PRC - [2010-08-17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2010-04-06 02:27:46 | 026,102,056 | ---- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe
PRC - [2010-04-06 02:27:46 | 000,078,008 | R--- | M] (Skype Technologies) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe
PRC - [2009-08-21 11:36:46 | 000,878,080 | ---- | M] (ActMask Co.,Ltd - [url="http://www.all2pdf.com"]http://www.all2pdf.com[/url]) -- C:\WINDOWS\system32\PrintDisp.exe
PRC - [2009-06-26 15:25:24 | 000,356,352 | ---- | M] () -- C:\Program Files\ScanWizard 5\ScannerFinder.exe
PRC - [2009-06-16 07:38:34 | 000,077,824 | ---- | M] (ActMask Co.,Ltd - [url="HTTP://WWW.ALL2PDF.COM"]HTTP://WWW.ALL2PDF.COM[/url]) -- C:\WINDOWS\system32\PrintCtrl.exe
PRC - [2009-02-09 13:25:58 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2008-06-20 12:08:08 | 000,065,536 | ---- | M] (France Telecom SA) -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
PRC - [2008-05-02 22:46:00 | 000,159,812 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2008-04-15 12:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-15 12:00:00 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-15 12:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008-04-15 12:00:00 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2008-04-15 12:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
PRC - [2008-04-15 12:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2008-04-15 12:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008-04-15 12:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008-04-15 12:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-15 12:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-15 12:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-15 12:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2008-04-15 12:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-15 12:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-15 12:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008-04-14 22:51:32 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
PRC - [2006-11-13 14:57:16 | 001,289,000 | ---- | M] (Microsoft Corporation) -- D:\medion\wcescomm.exe
PRC - [2006-11-13 14:57:06 | 000,199,464 | ---- | M] (Microsoft Corporation) -- D:\medion\rapimgr.exe
PRC - [2004-06-09 08:37:02 | 000,040,960 | R--- | M] (BIGDOG) -- C:\WINDOWS\VM_STI.EXE


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2011-12-20 19:38:54 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Właściciel\Moje dokumenty\Downloads\OTL.exe
MOD - [2011-12-17 18:32:16 | 000,859,488 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1857_0\plugins\avgnpss.dll
MOD - [2011-12-16 12:24:06 | 005,094,240 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcorex.dll
MOD - [2011-12-07 12:16:30 | 001,047,096 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
MOD - [2011-12-07 12:16:30 | 000,411,192 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\16.0.912.63\ppgooglenaclpluginchrome.dll
MOD - [2011-12-07 12:16:28 | 003,767,864 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\16.0.912.63\pdf.dll
MOD - [2011-12-07 12:15:06 | 009,848,888 | ---- | M] (The ICU Project) -- C:\Program Files\Google\Chrome\Application\16.0.912.63\icudt.dll
MOD - [2011-12-07 12:15:00 | 028,802,616 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\16.0.912.63\chrome.dll
MOD - [2011-12-07 12:14:58 | 000,122,952 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\16.0.912.63\avutil-51.dll
MOD - [2011-12-07 12:14:56 | 000,222,280 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\16.0.912.63\avformat-53.dll
MOD - [2011-12-07 12:14:54 | 001,746,504 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\16.0.912.63\avcodec-53.dll
MOD - [2011-12-07 08:22:34 | 008,593,056 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\16.0.912.63\gcswf32.dll
MOD - [2011-12-04 10:22:08 | 000,855,904 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe
MOD - [2011-12-04 10:21:56 | 000,827,232 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
MOD - [2011-12-03 01:22:12 | 002,415,456 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
MOD - [2011-12-02 03:16:40 | 000,913,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgxpl.dll
MOD - [2011-11-29 11:56:54 | 001,866,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwd.dll
MOD - [2011-11-29 11:56:48 | 000,823,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcslx.dll
MOD - [2011-11-28 01:19:04 | 001,229,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
MOD - [2011-11-23 20:06:44 | 000,022,400 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\Skype\Plugins\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games\53F537B72987463CB06D78F5541A3239\skGamesUpdate.dll
MOD - [2011-11-22 02:26:48 | 003,111,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avguires.dll
MOD - [2011-11-12 01:20:06 | 000,327,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgidpmx.dll
MOD - [2011-11-05 14:13:50 | 011,081,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ieframe.dll
MOD - [2011-11-04 20:13:50 | 002,000,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iertutil.dll
MOD - [2011-11-04 20:13:50 | 001,212,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\urlmon.dll
MOD - [2011-11-04 20:13:50 | 000,916,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wininet.dll
MOD - [2011-11-01 17:07:04 | 001,288,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2011-10-24 14:28:52 | 000,421,888 | ---- | M] (Apple Inc.) -- C:\Program Files\QuickTime\QTTask.exe
MOD - [2011-10-12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
MOD - [2011-10-10 06:23:48 | 000,891,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgntopensslx.dll
MOD - [2011-10-10 06:23:48 | 000,137,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgopensslx.dll
MOD - [2011-10-10 06:23:44 | 000,934,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcfgx.dll
MOD - [2011-10-10 06:23:42 | 001,159,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgidpsdkx.dll
MOD - [2011-10-06 06:42:44 | 000,276,320 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avglogx.dll
MOD - [2011-10-04 06:23:16 | 000,365,408 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgsysx.dll
MOD - [2011-10-04 06:22:56 | 000,244,064 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgclitx.dll
MOD - [2011-09-28 08:06:42 | 000,602,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\crypt32.dll
MOD - [2011-09-26 11:41:20 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleacc.dll
MOD - [2011-09-08 20:53:26 | 000,743,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
MOD - [2011-08-31 17:00:50 | 002,223,176 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll
MOD - [2011-08-31 17:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
MOD - [2011-08-31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
MOD - [2011-08-31 17:00:48 | 000,173,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll
MOD - [2011-08-15 06:21:40 | 000,337,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
MOD - [2011-08-15 06:21:38 | 000,429,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgchjwx.dll
MOD - [2011-08-15 06:21:38 | 000,364,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcclix.dll
MOD - [2011-08-15 06:21:36 | 000,225,632 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcertx.dll
MOD - [2011-08-05 06:10:54 | 000,515,936 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgdecider.dll
MOD - [2011-08-02 06:09:10 | 000,376,128 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdwsc.dll
MOD - [2011-08-02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
MOD - [2011-08-02 06:08:36 | 000,499,040 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgsrmx.dll
MOD - [2011-08-02 06:08:34 | 000,548,704 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgsched.dll
MOD - [2011-08-02 06:08:32 | 000,176,992 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avglngx.dll
MOD - [2011-08-02 06:08:14 | 000,172,384 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgchclx.dll
MOD - [2011-05-14 01:17:40 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
MOD - [2011-05-14 01:12:34 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll
MOD - [2011-05-04 04:52:36 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
MOD - [2011-04-29 19:25:12 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schannel.dll
MOD - [2011-04-08 12:59:52 | 000,507,624 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
MOD - [2011-04-08 12:59:52 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
MOD - [2011-03-04 08:36:56 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\jscript.dll
MOD - [2011-03-03 08:55:00 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dnsapi.dll
MOD - [2011-02-08 15:33:58 | 000,978,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42.dll
MOD - [2011-02-08 15:33:58 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42u.dll
MOD - [2011-01-21 15:44:12 | 008,491,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2011-01-20 11:20:44 | 002,834,240 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\Engine.dll
MOD - [2011-01-20 11:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
MOD - [2011-01-20 11:19:46 | 001,455,424 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTCommonRes.dll
MOD - [2010-12-22 13:34:22 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kerberos.dll
MOD - [2010-12-21 10:33:52 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Java\jre6\bin\msvcr71.dll
MOD - [2010-12-20 19:32:08 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2010-12-20 18:25:52 | 000,732,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsasrv.dll
MOD - [2010-12-09 16:15:26 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2010-11-29 09:38:50 | 000,292,160 | ---- | M] (DT Soft Ltd.) -- C:\Program Files\DAEMON Tools Lite\imgengine.dll
MOD - [2010-11-18 14:50:14 | 000,770,384 | ---- | M] (Microsoft Corporation) -- C:\Program Files\DAEMON Tools Lite\msvcr100.dll
MOD - [2010-11-18 14:50:14 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files\DAEMON Tools Lite\msvcp100.dll
MOD - [2010-11-18 14:50:12 | 004,368,720 | ---- | M] (Microsoft Corporation) -- C:\Program Files\DAEMON Tools Lite\mfc100u.dll
MOD - [2010-11-09 15:52:36 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbc32.dll
MOD - [2010-10-23 02:47:24 | 001,748,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22509_x-ww_c7dad023\GdiPlus.dll
MOD - [2010-09-22 18:12:42 | 000,378,264 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll
MOD - [2010-09-20 23:07:44 | 000,932,288 | R--- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
MOD - [2010-09-03 14:43:14 | 001,424,384 | ---- | M] (Siliten) -- C:\Program Files\SilverCrest MTS2219-SL Driver\KbClient_FD2.exe
MOD - [2010-09-03 14:42:50 | 000,860,672 | ---- | M] (Siliten) -- C:\Program Files\SilverCrest MTS2219-SL Driver\MouClient_FD2.exe
MOD - [2010-09-03 14:31:36 | 000,053,248 | ---- | M] () -- C:\Program Files\SilverCrest MTS2219-SL Driver\UniFunc.dll
MOD - [2010-08-27 07:54:14 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srvsvc.dll
MOD - [2010-08-23 18:12:56 | 000,617,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comctl32.dll
MOD - [2010-08-23 18:12:54 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010-08-17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
MOD - [2010-08-16 10:45:10 | 000,590,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2010-07-25 11:40:44 | 000,077,824 | ---- | M] (Siliten) -- C:\Program Files\SilverCrest MTS2219-SL Driver\BackInDll.dll
MOD - [2010-06-14 09:43:18 | 001,172,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msxml3.dll
MOD - [2010-04-16 17:38:54 | 000,406,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usp10.dll
MOD - [2010-04-06 02:27:46 | 026,102,056 | ---- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe
MOD - [2010-04-06 02:27:46 | 003,347,640 | R--- | M] (EasyBits Media AS) -- C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll
MOD - [2010-04-06 02:27:46 | 000,078,008 | R--- | M] (Skype Technologies) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe
MOD - [2010-03-10 06:43:04 | 001,509,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shdocvw.dll
MOD - [2010-03-10 06:43:00 | 001,025,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browseui.dll
MOD - [2009-12-24 09:04:54 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wintrust.dll
MOD - [2009-12-08 11:25:46 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2009-10-13 12:34:26 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oakley.dll
MOD - [2009-10-12 15:40:14 | 000,150,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rastls.dll
MOD - [2009-10-12 15:40:14 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\raschap.dll
MOD - [2009-09-11 16:19:44 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msv1_0.dll
MOD - [2009-09-04 23:05:36 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msasn1.dll
MOD - [2009-08-25 11:19:46 | 000,354,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winhttp.dll
MOD - [2009-08-21 11:36:46 | 000,878,080 | ---- | M] (ActMask Co.,Ltd - [url="http://www.all2pdf.com"]http://www.all2pdf.com[/url]) -- C:\WINDOWS\system32\PrintDisp.exe
MOD - [2009-08-06 19:23:46 | 001,929,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuaueng.dll
MOD - [2009-07-28 00:19:10 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shsvcs.dll
MOD - [2009-07-22 16:58:26 | 000,258,048 | ---- | M] () -- C:\Program Files\ScanWizard 5\SFRes.dll
MOD - [2009-07-17 21:04:02 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\atl.dll
MOD - [2009-07-17 18:17:58 | 001,439,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\query.dll
MOD - [2009-07-12 00:02:02 | 003,780,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll
MOD - [2009-07-12 00:02:02 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
MOD - [2009-07-12 00:02:00 | 000,569,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
MOD - [2009-06-26 15:25:24 | 000,356,352 | ---- | M] () -- C:\Program Files\ScanWizard 5\ScannerFinder.exe
MOD - [2009-06-25 10:27:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2009-06-25 10:27:54 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdigest.dll
MOD - [2009-06-16 07:38:34 | 000,077,824 | ---- | M] (ActMask Co.,Ltd - [url="HTTP://WWW.ALL2PDF.COM"]HTTP://WWW.ALL2PDF.COM[/url]) -- C:\WINDOWS\system32\PrintCtrl.exe
MOD - [2009-06-10 08:16:42 | 000,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wkssvc.dll
MOD - [2009-05-07 17:34:14 | 000,347,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\localspl.dll
MOD - [2009-05-01 11:47:08 | 000,029,184 | ---- | M] (ActMask Co.,Ltd) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\ActPrint.dll
MOD - [2009-03-21 16:09:00 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2009-03-08 04:34:48 | 000,236,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\webcheck.dll
MOD - [2009-03-08 04:32:48 | 000,128,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advpack.dll
MOD - [2009-03-06 16:22:12 | 000,285,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pdh.dll
MOD - [2009-02-09 13:25:58 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
MOD - [2009-02-09 12:53:44 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2009-02-09 12:53:44 | 000,473,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\fastprox.dll
MOD - [2009-02-09 12:53:44 | 000,453,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvsd.dll
MOD - [2009-02-09 12:53:44 | 000,401,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcss.dll
MOD - [2009-02-05 10:16:26 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\ScanWizard 5\Scanners\Mssti.dll
MOD - [2009-01-07 18:20:36 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\normaliz.dll
MOD - [2008-12-17 14:19:40 | 000,090,112 | R--- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 9.0\Reader\LogTransport2.dll
MOD - [2008-10-23 14:42:42 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-10-15 18:36:56 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netapi32.dll
MOD - [2008-07-07 22:29:10 | 000,253,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\es.dll
MOD - [2008-06-24 18:46:34 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mscms.dll
MOD - [2008-06-20 18:04:24 | 000,246,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mswsock.dll
MOD - [2008-06-20 12:08:08 | 000,065,536 | ---- | M] (France Telecom SA) -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
MOD - [2008-06-20 12:07:50 | 000,026,112 | ---- | M] (France Telecom SA) -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\IfHelper.dll
MOD - [2008-06-12 16:23:52 | 000,428,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msdtcprx.dll
MOD - [2008-06-12 16:23:52 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msdtcuiu.dll
MOD - [2008-06-12 16:23:52 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mtxclu.dll
MOD - [2008-05-02 22:46:00 | 000,425,984 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvapi.dll
MOD - [2008-05-02 22:46:00 | 000,258,048 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvrspl.dll
MOD - [2008-05-02 22:46:00 | 000,159,812 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
MOD - [2008-05-02 22:46:00 | 000,086,016 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvmctray.dll
MOD - [2008-04-15 14:00:00 | 001,267,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comsvcs.dll
MOD - [2008-04-15 14:00:00 | 000,531,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemcore.dll
MOD - [2008-04-15 14:00:00 | 000,510,976 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\System\wab32.dll
MOD - [2008-04-15 14:00:00 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2008-04-15 14:00:00 | 000,409,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\qmgr.dll
MOD - [2008-04-15 14:00:00 | 000,296,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\termsrv.dll
MOD - [2008-04-15 14:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemess.dll
MOD - [2008-04-15 14:00:00 | 000,255,488 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\System\wab32res.dll
MOD - [2008-04-15 14:00:00 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\esscli.dll
MOD - [2008-04-15 14:00:00 | 000,214,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemcomn.dll
MOD - [2008-04-15 14:00:00 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schedsvc.dll
MOD - [2008-04-15 14:00:00 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-15 14:00:00 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\repdrvfs.dll
MOD - [2008-04-15 14:00:00 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srsvc.dll
MOD - [2008-04-15 14:00:00 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmisvc.dll
MOD - [2008-04-15 14:00:00 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msoert2.dll
MOD - [2008-04-15 14:00:00 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiutils.dll
MOD - [2008-04-15 14:00:00 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiaprpl.dll
MOD - [2008-04-15 14:00:00 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-15 14:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\colbact.dll
MOD - [2008-04-15 14:00:00 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\ncprov.dll
MOD - [2008-04-15 14:00:00 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemsvc.dll
MOD - [2008-04-15 14:00:00 | 000,038,400 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
MOD - [2008-04-15 14:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemprox.dll
MOD - [2008-04-15 14:00:00 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\icaapi.dll
MOD - [2008-04-15 14:00:00 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauserv.dll
MOD - [2008-04-15 12:00:00 | 002,953,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\xpsp2res.dll
MOD - [2008-04-15 12:00:00 | 002,843,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msi.dll
MOD - [2008-04-15 12:00:00 | 002,113,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dxdiagn.dll
MOD - [2008-04-15 12:00:00 | 001,852,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\AcGenral.dll
MOD - [2008-04-15 12:00:00 | 001,710,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netshell.dll
MOD - [2008-04-15 12:00:00 | 001,689,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\d3d9.dll
MOD - [2008-04-15 12:00:00 | 001,092,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\esent.dll
MOD - [2008-04-15 12:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
MOD - [2008-04-15 12:00:00 | 001,000,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msgina.dll
MOD - [2008-04-15 12:00:00 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-15 12:00:00 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2008-04-15 12:00:00 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2008-04-15 12:00:00 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sxs.dll
MOD - [2008-04-15 12:00:00 | 000,675,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasdlg.dll
MOD - [2008-04-15 12:00:00 | 000,629,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netcfgx.dll
MOD - [2008-04-15 12:00:00 | 000,586,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mlang.dll
MOD - [2008-04-15 12:00:00 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-15 12:00:00 | 000,520,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptui.dll
MOD - [2008-04-15 12:00:00 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
MOD - [2008-04-15 12:00:00 | 000,483,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsvc.dll
MOD - [2008-04-15 12:00:00 | 000,436,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\d3dim.dll
MOD - [2008-04-15 12:00:00 | 000,433,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\riched20.dll
MOD - [2008-04-15 12:00:00 | 000,430,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\vssapi.dll
MOD - [2008-04-15 12:00:00 | 000,427,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samsrv.dll
MOD - [2008-04-15 12:00:00 | 000,427,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\xpob2res.dll
MOD - [2008-04-15 12:00:00 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll
MOD - [2008-04-15 12:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netlogon.dll
MOD - [2008-04-15 12:00:00 | 000,388,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\themeui.dll
MOD - [2008-04-15 12:00:00 | 000,367,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dsound.dll
MOD - [2008-04-15 12:00:00 | 000,346,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hnetcfg.dll
MOD - [2008-04-15 12:00:00 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-15 12:00:00 | 000,334,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wiaservc.dll
MOD - [2008-04-15 12:00:00 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscui.dll
MOD - [2008-04-15 12:00:00 | 000,330,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipnathlp.dll
MOD - [2008-04-15 12:00:00 | 000,325,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scesrv.dll
MOD - [2008-04-15 12:00:00 | 000,304,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\duser.dll
MOD - [2008-04-15 12:00:00 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll
MOD - [2008-04-15 12:00:00 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-15 12:00:00 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ddraw.dll
MOD - [2008-04-15 12:00:00 | 000,266,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\h323.tsp
MOD - [2008-04-15 12:00:00 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapisrv.dll
MOD - [2008-04-15 12:00:00 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui1.dll
MOD - [2008-04-15 12:00:00 | 000,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasapi32.dll
MOD - [2008-04-15 12:00:00 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-15 12:00:00 | 000,210,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasppp.dll
MOD - [2008-04-15 12:00:00 | 000,208,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsaenh.dll
MOD - [2008-04-15 12:00:00 | 000,207,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\unimdm.tsp
MOD - [2008-04-15 12:00:00 | 000,198,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netman.dll
MOD - [2008-04-15 12:00:00 | 000,197,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\certcli.dll
MOD - [2008-04-15 12:00:00 | 000,195,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msutb.dll
MOD - [2008-04-15 12:00:00 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\activeds.dll
MOD - [2008-04-15 12:00:00 | 000,186,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scecli.dll
MOD - [2008-04-15 12:00:00 | 000,186,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasmans.dll
MOD - [2008-04-15 12:00:00 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipsecsvc.dll
MOD - [2008-04-15 12:00:00 | 000,181,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapi32.dll
MOD - [2008-04-15 12:00:00 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winmm.dll
MOD - [2008-04-15 12:00:00 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTFIME.IME
MOD - [2008-04-15 12:00:00 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\w32time.dll
MOD - [2008-04-15 12:00:00 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll
MOD - [2008-04-15 12:00:00 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\credui.dll
MOD - [2008-04-15 12:00:00 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-15 12:00:00 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wiavusd.dll
MOD - [2008-04-15 12:00:00 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\onex.dll
MOD - [2008-04-15 12:00:00 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntshrui.dll
MOD - [2008-04-15 12:00:00 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imagehlp.dll
MOD - [2008-04-15 12:00:00 | 000,143,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\adsldpc.dll
MOD - [2008-04-15 12:00:00 | 000,140,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc_os.dll
MOD - [2008-04-15 12:00:00 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dssenh.dll
MOD - [2008-04-15 12:00:00 | 000,133,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\upnp.dll
MOD - [2008-04-15 12:00:00 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eappcfg.dll
MOD - [2008-04-15 12:00:00 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dhcpcsvc.dll
MOD - [2008-04-15 12:00:00 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll
MOD - [2008-04-15 12:00:00 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\umpnpmgr.dll
MOD - [2008-04-15 12:00:00 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oledlg.dll
MOD - [2008-04-15 12:00:00 | 000,122,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\stobject.dll
MOD - [2008-04-15 12:00:00 | 000,122,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvfw32.dll
MOD - [2008-04-15 12:00:00 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll
MOD - [2008-04-15 12:00:00 | 000,116,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mstlsapi.dll
MOD - [2008-04-15 12:00:00 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mapi32.dll
MOD - [2008-04-15 12:00:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008-04-15 12:00:00 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2008-04-15 12:00:00 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32spl.dll
MOD - [2008-04-15 12:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscdll.dll
MOD - [2008-04-15 12:00:00 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winscard.dll
MOD - [2008-04-15 12:00:00 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\loadperf.dll
MOD - [2008-04-15 12:00:00 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcint.dll
MOD - [2008-04-15 12:00:00 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\actxprxy.dll
MOD - [2008-04-15 12:00:00 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psbase.dll
MOD - [2008-04-15 12:00:00 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iphlpapi.dll
MOD - [2008-04-15 12:00:00 | 000,093,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wlnotify.dll
MOD - [2008-04-15 12:00:00 | 000,091,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mydocs.dll
MOD - [2008-04-15 12:00:00 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\trkwks.dll
MOD - [2008-04-15 12:00:00 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mprapi.dll
MOD - [2008-04-15 12:00:00 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-15 12:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2_32.dll
MOD - [2008-04-15 12:00:00 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui0.dll
MOD - [2008-04-15 12:00:00 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscsvc.dll
MOD - [2008-04-15 12:00:00 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browser.dll
MOD - [2008-04-15 12:00:00 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\qutil.dll
MOD - [2008-04-15 12:00:00 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolss.dll
MOD - [2008-04-15 12:00:00 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetpp.dll
MOD - [2008-04-15 12:00:00 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.dll
MOD - [2008-04-15 12:00:00 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wlanapi.dll
MOD - [2008-04-15 12:00:00 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sti.dll
MOD - [2008-04-15 12:00:00 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browselc.dll
MOD - [2008-04-15 12:00:00 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdsapi.dll
MOD - [2008-04-15 12:00:00 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shimeng.dll
MOD - [2008-04-15 12:00:00 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptnet.dll
MOD - [2008-04-15 12:00:00 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll
MOD - [2008-04-15 12:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptsvc.dll
MOD - [2008-04-15 12:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\authz.dll
MOD - [2008-04-15 12:00:00 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasqec.dll
MOD - [2008-04-15 12:00:00 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasman.dll
MOD - [2008-04-15 12:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cabinet.dll
MOD - [2008-04-15 12:00:00 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mpr.dll
MOD - [2008-04-15 12:00:00 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\devenum.dll
MOD - [2008-04-15 12:00:00 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\resutils.dll
MOD - [2008-04-15 12:00:00 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rastapi.dll
MOD - [2008-04-15 12:00:00 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clusapi.dll
MOD - [2008-04-15 12:00:00 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ndptsp.tsp
MOD - [2008-04-15 12:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eventlog.dll
MOD - [2008-04-15 12:00:00 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winsta.dll
MOD - [2008-04-15 12:00:00 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42loc.dll
MOD - [2008-04-15 12:00:00 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsapi.dll
MOD - [2008-04-15 12:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
MOD - [2008-04-15 12:00:00 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\xmlprovi.dll
MOD - [2008-04-15 12:00:00 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\regapi.dll
MOD - [2008-04-15 12:00:00 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cnbjmon.dll
MOD - [2008-04-15 12:00:00 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msprivs.dll
MOD - [2008-04-15 12:00:00 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tcpmon.dll
MOD - [2008-04-15 12:00:00 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rtutils.dll
MOD - [2008-04-15 12:00:00 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlanman.dll
MOD - [2008-04-15 12:00:00 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\audiosrv.dll
MOD - [2008-04-15 12:00:00 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfctrs.dll
MOD - [2008-04-15 12:00:00 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eappprxy.dll
MOD - [2008-04-15 12:00:00 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sens.dll
MOD - [2008-04-15 12:00:00 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\AcAdProc.dll
MOD - [2008-04-15 12:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ncobjapi.dll
MOD - [2008-04-15 12:00:00 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfproc.dll
MOD - [2008-04-15 12:00:00 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ssdpapi.dll
MOD - [2008-04-15 12:00:00 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pstorsvc.dll
MOD - [2008-04-15 12:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
MOD - [2008-04-15 12:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kmddsp.tsp
MOD - [2008-04-15 12:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptdll.dll
MOD - [2008-04-15 12:00:00 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winipsec.dll
MOD - [2008-04-15 12:00:00 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\traffic.dll
MOD - [2008-04-15 12:00:00 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eapolqec.dll
MOD - [2008-04-15 12:00:00 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hidphone.tsp
MOD - [2008-04-15 12:00:00 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mspatcha.dll
MOD - [2008-04-15 12:00:00 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\batmeter.dll
MOD - [2008-04-15 12:00:00 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\profmap.dll
MOD - [2008-04-15 12:00:00 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfdisk.dll
MOD - [2008-04-15 12:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\utildll.dll
MOD - [2008-04-15 12:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dot3api.dll
MOD - [2008-04-15 12:00:00 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\davclnt.dll
MOD - [2008-04-15 12:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shfolder.dll
MOD - [2008-04-15 12:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfos.dll
MOD - [2008-04-15 12:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcbcp.dll
MOD - [2008-04-15 12:00:00 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wsock32.dll
MOD - [2008-04-15 12:00:00 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-15 12:00:00 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ersvc.dll
MOD - [2008-04-15 12:00:00 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lpk.dll
MOD - [2008-04-15 12:00:00 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.drv
MOD - [2008-04-15 12:00:00 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hid.dll
MOD - [2008-04-15 12:00:00 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2help.dll
MOD - [2008-04-15 12:00:00 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\linkinfo.dll
MOD - [2008-04-15 12:00:00 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wshtcpip.dll
MOD - [2008-04-15 12:00:00 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dimsntfy.dll
MOD - [2008-04-15 12:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-15 12:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\seclogon.dll
MOD - [2008-04-15 12:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\midimap.dll
MOD - [2008-04-15 12:00:00 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wtsapi32.dll
MOD - [2008-04-15 12:00:00 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\nddeapi.dll
MOD - [2008-04-15 12:00:00 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfnet.dll
MOD - [2008-04-15 12:00:00 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\powrprof.dll
MOD - [2008-04-15 12:00:00 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipconf.tsp
MOD - [2008-04-15 12:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winrnr.dll
MOD - [2008-04-15 12:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usbmon.dll
MOD - [2008-04-15 12:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cfgmgr32.dll
MOD - [2008-04-15 12:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pjlmon.dll
MOD - [2008-04-15 12:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
MOD - [2008-04-15 12:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe
MOD - [2008-04-15 12:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drprov.dll
MOD - [2008-04-15 12:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008-04-15 12:00:00 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uniplat.dll
MOD - [2008-04-15 12:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
MOD - [2008-04-15 12:00:00 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasctrs.dll
MOD - [2008-04-15 12:00:00 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfts.dll
MOD - [2008-04-15 12:00:00 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netrap.dll
MOD - [2008-04-15 12:00:00 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pschdprf.dll
MOD - [2008-04-15 12:00:00 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsvpperf.dll
MOD - [2008-04-15 12:00:00 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dot3dlg.dll
MOD - [2008-04-15 12:00:00 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dciman32.dll
MOD - [2008-04-15 12:00:00 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlsapi.dll
MOD - [2008-04-15 12:00:00 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\d3d8thk.dll
MOD - [2008-04-15 12:00:00 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasadhlp.dll
MOD - [2008-04-15 12:00:00 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sensapi.dll
MOD - [2008-04-15 12:00:00 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msidle.dll
MOD - [2008-04-15 12:00:00 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wmi.dll
MOD - [2008-04-15 12:00:00 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapiperf.dll
MOD - [2008-04-15 12:00:00 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc.dll
MOD - [2008-04-15 12:00:00 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msimg32.dll
MOD - [2008-04-14 22:51:58 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdmaud.drv
MOD - [2008-04-14 22:51:54 | 000,129,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ksproxy.ax
MOD - [2008-04-14 22:51:54 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kswdmcap.ax
MOD - [2008-04-14 22:51:32 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
MOD - [2008-04-14 22:50:36 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ksuser.dll
MOD - [2008-04-14 22:50:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hidserv.dll
MOD - [2008-03-28 15:45:38 | 000,106,496 | R--- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 9.0\Reader\logsession.dll
MOD - [2006-11-13 15:57:02 | 000,138,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rapi.dll
MOD - [2006-11-13 15:56:26 | 000,023,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ceutil.dll
MOD - [2006-11-13 14:57:16 | 001,289,000 | ---- | M] (Microsoft Corporation) -- D:\medion\wcescomm.exe
MOD - [2006-11-13 14:57:06 | 000,199,464 | ---- | M] (Microsoft Corporation) -- D:\medion\rapimgr.exe
MOD - [2006-11-13 14:56:28 | 000,025,384 | ---- | M] (Microsoft Corporation) -- D:\medion\tcp2udp.dll
MOD - [2006-11-13 14:56:26 | 000,022,312 | ---- | M] (Microsoft Corporation) -- D:\medion\rapiproxystub.dll
MOD - [2006-11-13 14:56:20 | 000,018,216 | ---- | M] (Microsoft Corporation) -- D:\medion\dtptdns.dll
MOD - [2006-10-18 21:47:22 | 000,133,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WPDShServiceObj.dll
MOD - [2006-10-18 21:47:18 | 000,284,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\PortableDeviceApi.dll
MOD - [2006-10-18 21:47:18 | 000,166,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\PortableDeviceTypes.dll
MOD - [2004-08-31 06:26:36 | 000,233,539 | R--- | M] (Vimicro) -- C:\WINDOWS\system32\VM31bPrp.Ax
MOD - [2004-06-15 08:00:00 | 000,116,736 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\CNMLM61.DLL
MOD - [2004-06-15 08:00:00 | 000,017,920 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD61.DLL
MOD - [2004-06-09 08:37:02 | 000,040,960 | R--- | M] (BIGDOG) -- C:\WINDOWS\VM_STI.EXE
MOD - [2003-10-14 11:52:32 | 002,301,952 | ---- | M] (C-Media Corporation) -- C:\WINDOWS\system\cmicnfg.cpl
MOD - [2003-04-24 13:29:08 | 000,032,768 | ---- | M] (C-Media Corporation) -- C:\WINDOWS\system32\udaprop.dll
MOD - [2003-03-19 06:20:00 | 001,060,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MFC71.dll
MOD - [2003-02-21 13:42:22 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSVCR71.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011-12-04 10:22:08 | 000,855,904 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe -- (vToolbarUpdater)
SRV - [2011-10-12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011-08-31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011-08-02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011-03-18 08:11:02 | 000,947,528 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2011-03-09 18:02:58 | 000,212,352 | ---- | M] (FileOpen Systems Inc.) [Disabled | Stopped] -- C:\Documents and Settings\All Users\Dane aplikacji\FileOpen\Services\FileOpenManagerSvc32.exe -- (FileOpenManagerSvc)
SRV - [2009-06-16 07:38:34 | 000,077,824 | ---- | M] (ActMask Co.,Ltd - [url="HTTP://WWW.ALL2PDF.COM"]HTTP://WWW.ALL2PDF.COM[/url]) [Auto | Running] -- C:\WINDOWS\system32\PrintCtrl.exe -- (Printer Control)
SRV - [2008-06-20 12:08:08 | 000,065,536 | ---- | M] (France Telecom SA) [Auto | Running] -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2011-10-07 06:23:48 | 000,230,608 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2011-10-04 06:21:42 | 000,016,720 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011-09-13 06:30:10 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011-08-31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011-08-08 06:08:58 | 000,040,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011-07-11 01:14:38 | 000,295,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011-07-11 01:14:28 | 000,024,272 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011-07-11 01:14:28 | 000,023,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011-07-11 01:14:26 | 000,134,608 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011-05-21 18:24:14 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2010-06-19 08:30:12 | 000,014,848 | ---- | M] (Siliten) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\InputFilter_FlexDef2b.sys -- (InputFilter_Hid_FlexDef2b) Siliten HID Devices(FlexDef2b)
DRV - [2008-04-14 00:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2006-03-01 19:53:54 | 000,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcandis5.sys -- (PCANDIS5)
DRV - [2006-01-19 17:33:26 | 000,402,432 | R--- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WlanBZXP.sys -- (SG762_XP)
DRV - [2004-09-07 09:11:50 | 000,090,568 | R--- | M] (VM) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbVM31b.sys -- (ZSMC302)
DRV - [2003-09-23 11:38:34 | 000,034,688 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcampr5.sys -- (PCAMPR5)
DRV - [2002-12-27 04:41:00 | 000,026,880 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\viaagp1.sys -- (viaagp1)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [url="http://www.google.com/ie"]http://www.google.com/ie[/url]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = [url="http://www.google.com/ie"]http://www.google.com/ie[/url]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [url="http://www.google.com"]http://www.google.com[/url]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.gazeta.pl/0,0.html?p=125"]http://www.gazeta.pl/0,0.html?p=125[/url]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = [url="http://www.google.com/ie"]http://www.google.com/ie[/url]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = [url="http://www.google.com/ie"]http://www.google.com/ie[/url]
IE - HKCU\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Livebox\SearchURLHook\SearchPageURL.dll ()
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.775: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.775: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0: C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.775: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010-09-05 17:42:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2011-11-04 20:02:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\Documents and Settings\All Users\Dane aplikacji\AVG Secure Search\9.0.0.18\ [2011-12-04 10:22:24 | 000,000,000 | ---D | M]


[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.63\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.63\gears.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.63\gcswf32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\
CHR - Extension: Szukaj w Google = C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.2\
CHR - Extension: AVG Safe Search = C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1857_0\
CHR - Extension: Gmail = C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\

O1 HOSTS File: ([2008-04-15 12:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\9.0.0.18\AVG Secure Search_toolbar.dll ()
O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\9.0.0.18\AVG Secure Search_toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE (BIGDOG)
O4 - HKLM..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd File not found
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [Launch SilverCrest MTS2219-SL-K] C:\Program Files\SilverCrest MTS2219-SL Driver\KbClient_FD2.exe (Siliten)
O4 - HKLM..\Run: [Launch SilverCrest MTS2219-SL-M] C:\Program Files\SilverCrest MTS2219-SL Driver\MouClient_FD2.exe (Siliten)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [ORAHSSSessionManager] C:\Program Files\Livebox\SessionManager\SessionManager.exe (France Telecom SA)
O4 - HKLM..\Run: [PrintDisp] C:\WINDOWS\system32\PrintDisp.exe (ActMask Co.,Ltd - [url="http://www.all2pdf.com"]http://www.all2pdf.com[/url])
O4 - HKLM..\Run: [TkBellExe] "C:\Program Files\Real Alternative\Update_OB\realsched.exe" -osboot File not found
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe ()
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [H/PC Connection Agent] D:\medion\Wcescomm.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Scanner Finder.lnk = C:\Program Files\ScanWizard 5\ScannerFinder.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Easy-WebPrint Add To Print List - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint High Speed Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Preview - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Funkcja Google Sidewiki - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html File not found
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\medion\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Utwórz Ulubione dla urządzenia przenośnego... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\medion\INetRepl.dll (Microsoft Corporation)
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} [url="http://kitchenplanner.ikea.com/PL/Core/Player/2020PlayerAX_IKEA_Win32.cab"]http://kitchenplanne..._IKEA_Win32.cab[/url] (20-20 3D Viewer for IKEA)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [url="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab"]http://download.macr...ash/swflash.cab[/url] (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 0.0.0.0
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{91426ABC-68C9-4790-9FF4-737C2A759427}: DhcpNameServer = 192.168.1.1 0.0.0.0
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\9.0.1\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-04-24 10:23:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found


SafeBootMin: AppMgmt - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: AppMgmt - File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2011-12-18 21:56:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Dane aplikacji\Malwarebytes
[2011-12-18 21:55:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes' Anti-Malware
[2011-12-18 21:55:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
[2011-12-18 21:55:48 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011-12-18 21:55:48 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011-12-18 21:38:18 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011-12-18 21:38:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Menu Start\Programy\HiJackThis
[2011-12-18 21:25:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Dane aplikacji\Apple Computer
[2011-12-18 21:21:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\QuickTime
[2011-12-18 21:16:37 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2011-12-18 21:16:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Apple Computer
[2011-12-18 21:15:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2011-12-18 21:15:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\Apple
[2011-12-18 21:15:13 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2011-12-18 21:15:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Apple
[2011-12-18 21:14:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\Apple Computer
[2011-12-18 18:41:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\nvidia icons
[2011-12-18 18:19:56 | 000,000,000 | -HSD | C] -- C:\FOUND.034
[2011-12-18 17:57:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\NapiProjekt
[2011-12-18 17:57:47 | 000,000,000 | ---D | C] -- C:\Program Files\NapiProjekt
[2011-12-18 11:31:51 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Właściciel\Recent
[2011-12-04 10:53:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Dane aplikacji\AVG Secure Search
[2011-12-04 10:22:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cache
[2011-12-04 10:22:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG Secure Search
[2011-12-01 20:13:54 | 000,000,000 | -HSD | C] -- C:\FOUND.033
[2011-11-04 20:05:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\AVG 2012
[2011-11-04 20:04:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVG Secure Search
[2011-11-04 20:04:54 | 000,000,000 | ---D | C] -- C:\Program Files\AVG Secure Search
[2011-11-04 20:02:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Dane aplikacji\AVG2012
[2011-11-04 19:59:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG2012
[2011-11-01 07:10:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\20-20 Technologies
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2011-12-20 19:55:10 | 000,000,472 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{9893095B-8A5A-409F-B9B3-853C4E3B8ACF}.job
[2011-12-20 19:41:04 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011-12-20 15:03:16 | 000,175,314 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011-12-20 15:02:42 | 000,001,040 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011-12-20 15:02:42 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1454471165-854245398-1177238915-1003.job
[2011-12-20 15:02:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011-12-20 15:02:08 | 1073,270,784 | -HS- | M] () -- C:\hiberfil.sys
[2011-12-19 22:08:04 | 000,199,551 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\Drucken - Gmail - Zamówienie ze sklepu Electromarket.pdf
[2011-12-18 23:30:06 | 000,000,296 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1454471165-854245398-1177238915-1003.job
[2011-12-18 21:55:54 | 000,000,688 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2011-12-18 21:50:26 | 000,002,453 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\HiJackThis.lnk
[2011-12-18 21:21:36 | 000,001,508 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\QuickTime Player.lnk
[2011-12-18 18:43:34 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011-12-18 18:41:34 | 000,001,078 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Play Portal Now.lnk
[2011-12-18 18:21:12 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011-12-18 17:57:58 | 000,000,561 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\NapiProjekt.lnk
[2011-12-18 17:57:36 | 000,874,496 | ---- | M] () -- C:\WINDOWS\is-N0TCI.exe
[2011-12-18 17:57:36 | 000,011,761 | ---- | M] () -- C:\WINDOWS\is-N0TCI.msg
[2011-12-18 17:57:36 | 000,002,388 | ---- | M] () -- C:\WINDOWS\is-N0TCI.lst
[2011-12-18 17:57:36 | 000,000,598 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\ALLPlayer V5.0.lnk
[2011-12-18 17:54:54 | 000,080,384 | ---- | M] () -- C:\WINDOWS\System32\mkzlib.dll
[2011-12-18 17:54:52 | 000,024,576 | ---- | M] () -- C:\WINDOWS\System32\mkunicode.dll
[2011-12-18 09:55:22 | 000,000,040 | ---- | M] () -- C:\Documents and Settings\All Users\Dokumenty\_rgpl
[2011-12-17 18:50:54 | 000,001,717 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk
[2011-12-14 22:56:30 | 000,114,968 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011-12-14 15:32:40 | 000,000,636 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\AVG 2012.lnk
[2011-11-20 15:52:44 | 000,080,896 | ---- | M] () -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-10-31 08:53:44 | 000,044,544 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\noname3
[2011-10-31 08:53:34 | 000,045,056 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\noname1
[2011-10-31 08:53:16 | 000,045,056 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\noname
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011-12-19 22:08:01 | 000,199,551 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\Drucken - Gmail - Zamówienie ze sklepu Electromarket.pdf
[2011-12-18 21:55:53 | 000,000,688 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2011-12-18 21:38:18 | 000,002,453 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\HiJackThis.lnk
[2011-12-18 21:21:34 | 000,001,508 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\QuickTime Player.lnk
[2011-12-18 21:15:16 | 000,001,830 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Apple Software Update.lnk
[2011-12-18 18:43:21 | 1073,270,784 | -HS- | C] () -- C:\hiberfil.sys
[2011-12-18 18:41:32 | 000,001,078 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Play Portal Now.lnk
[2011-12-18 18:26:42 | 000,182,347 | ---- | C] () -- C:\WINDOWS\System32\nvapps.nvb
[2011-12-18 18:21:11 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011-12-18 17:57:57 | 000,000,561 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\NapiProjekt.lnk
[2011-12-18 17:57:35 | 000,874,496 | ---- | C] () -- C:\WINDOWS\is-N0TCI.exe
[2011-12-18 17:57:35 | 000,011,761 | ---- | C] () -- C:\WINDOWS\is-N0TCI.msg
[2011-12-18 17:57:35 | 000,002,388 | ---- | C] () -- C:\WINDOWS\is-N0TCI.lst
[2011-12-18 17:57:34 | 000,000,598 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\ALLPlayer V5.0.lnk
[2011-12-18 09:55:21 | 000,000,040 | ---- | C] () -- C:\Documents and Settings\All Users\Dokumenty\_rgpl
[2011-11-04 20:05:07 | 000,000,636 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\AVG 2012.lnk
[2011-10-31 08:53:42 | 000,044,544 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\noname3
[2011-10-31 08:53:33 | 000,045,056 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\noname1
[2011-10-31 08:53:12 | 000,045,056 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\noname
[2011-09-15 18:33:58 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Właściciel\Dane aplikacji\$_hpcst$.hpc
[2010-12-23 09:57:27 | 001,391,616 | ---- | C] () -- C:\WINDOWS\System32\ActPDF.dll
[2010-12-23 09:55:40 | 000,691,200 | ---- | C] () -- C:\WINDOWS\System32\PrintLog.exe
[2010-12-23 09:55:40 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\PrtPass.exe
[2010-12-22 20:21:02 | 000,207,360 | ---- | C] () -- C:\WINDOWS\System32\evrprop.dll
[2010-12-22 20:20:04 | 000,080,384 | ---- | C] () -- C:\WINDOWS\System32\mkzlib.dll
[2010-12-22 20:20:01 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\mkunicode.dll
[2010-12-22 20:11:07 | 000,644,608 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010-12-22 20:11:06 | 000,258,048 | ---- | C] () -- C:\WINDOWS\System32\libFLAC.dll
[2010-10-16 08:04:10 | 000,000,112 | ---- | C] () -- C:\WINDOWS\SCRABMAN.INI
[2010-09-24 18:37:13 | 000,067,584 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010-09-23 17:32:39 | 000,000,050 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2010-07-05 17:55:56 | 000,000,035 | ---- | C] () -- C:\WINDOWS\Ulead32.INI
[2010-07-05 17:55:25 | 000,000,039 | ---- | C] () -- C:\WINDOWS\System32\mscandc.ini
[2010-04-27 20:48:00 | 000,080,896 | ---- | C] () -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-04-26 19:58:46 | 000,044,491 | ---- | C] () -- C:\WINDOWS\System32\MiiIniFile13.ini
[2010-04-26 19:58:38 | 000,285,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\Onsio.sys
[2010-04-26 19:58:38 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\drivers\Onsreged.sys
[2010-04-26 19:37:50 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS61.DLL
[2010-04-24 17:02:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2010-04-24 16:34:44 | 000,118,784 | ---- | C] () -- C:\WINDOWS\ShowBmp.exe
[2010-04-24 16:34:44 | 000,014,385 | ---- | C] () -- C:\WINDOWS\Tw561a.ini
[2010-04-24 16:34:44 | 000,000,081 | ---- | C] () -- C:\WINDOWS\Setup8a.ini
[2010-04-24 15:34:56 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010-04-24 15:15:01 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll.old
[2010-04-24 14:36:31 | 000,000,427 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010-04-24 14:28:34 | 000,049,152 | R--- | C] () -- C:\WINDOWS\amcap.exe
[2010-04-24 14:28:34 | 000,024,576 | R--- | C] () -- C:\WINDOWS\System32\RunSetup.dll
[2010-04-24 12:12:05 | 000,000,092 | ---- | C] () -- C:\WINDOWS\CMISETUP.INI
[2010-04-24 12:12:05 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CMCDPLAY.INI
[2010-04-24 12:12:03 | 000,233,472 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.exe
[2010-04-24 12:12:03 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll
[2010-04-24 12:12:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Wininit.ini
[2010-04-24 12:12:02 | 000,266,240 | ---- | C] () -- C:\WINDOWS\CMIUninstall.exe
[2010-04-24 12:12:02 | 000,225,280 | ---- | C] () -- C:\WINDOWS\CmiRmRedundDir.exe
[2010-04-24 12:12:02 | 000,028,672 | ---- | C] () -- C:\WINDOWS\CMIRmDriver.dll
[2010-04-24 10:27:15 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010-04-24 10:20:12 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010-04-24 10:01:58 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010-04-24 10:00:46 | 000,114,968 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008-04-15 12:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2008-04-15 12:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008-04-15 12:00:00 | 000,355,486 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat
[2008-04-15 12:00:00 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat
[2008-04-15 12:00:00 | 000,311,604 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008-04-15 12:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008-04-15 12:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008-04-15 12:00:00 | 000,049,492 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat
[2008-04-15 12:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008-04-15 12:00:00 | 000,039,992 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008-04-15 12:00:00 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat
[2008-04-15 12:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008-04-15 12:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008-04-15 12:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2008-04-15 12:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008-04-15 12:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2006-10-22 12:22:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006-10-22 12:22:00 | 001,630,208 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2006-10-22 12:22:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006-10-22 12:22:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2006-10-22 12:22:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006-10-22 12:22:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006-10-22 12:22:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006-10-22 12:22:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2006-10-22 12:22:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2006-10-22 12:22:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[1999-01-22 18:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

[color=#E56717]========== LOP Check ==========[/color]

[2010-04-24 15:03:52 | 000,000,000 | RHSD | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2010-05-08 22:33:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\WinZip
[2010-07-23 17:10:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Panda Security
[2010-10-15 14:47:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MFAData
[2010-10-15 14:55:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG Security Toolbar
[2010-10-15 14:56:18 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files
[2010-12-22 20:12:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ALLConverter
[2010-12-23 09:55:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Iceni
[2011-02-27 10:47:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\e-file
[2011-05-09 20:28:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\FileOpen
[2011-05-21 18:23:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2011-11-04 20:00:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG2012
[2011-12-04 10:22:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG Secure Search
[2010-04-24 20:25:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\Panda Security
[2010-08-23 21:10:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\BESTplayer
[2010-12-23 09:55:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\Iceni
[2011-05-09 20:30:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\FileOpen
[2011-05-21 18:23:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\DAEMON Tools Lite
[2011-09-15 18:33:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\GoPal Assistant
[2011-11-04 20:02:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\AVG2012
[2011-12-04 10:53:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\AVG Secure Search
[2011-12-20 19:55:10 | 000,000,472 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{9893095B-8A5A-409F-B9B3-853C4E3B8ACF}.job

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2011-12-20 15:02:06 | 805,306,368 | -HS- | M] () -- C:\pagefile.sys
[2008-04-15 12:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2008-04-15 12:00:00 | 000,251,152 | RHS- | M] () -- C:\ntldr
[2008-04-15 12:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2010-04-24 10:10:56 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010-04-24 10:23:08 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010-04-24 10:23:08 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010-04-24 10:23:08 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010-04-24 10:23:08 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2011-12-20 15:02:08 | 1073,270,784 | -HS- | M] () -- C:\hiberfil.sys


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2008-04-15 12:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2008-04-15 12:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008-04-15 12:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2008-04-15 12:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2008-04-15 12:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2008-04-15 12:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008-04-15 12:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2009-12-22 20:39:20 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\system32\dllcache\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2008-04-15 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008-04-15 12:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-04-15 12:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008-04-15 12:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2008-04-15 14:00:00 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008-04-15 12:00:00 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe

< End of report >

[i][b][/log][/b][/i]

RSIT:

[i][b][log][/b][/i]

[i][b]info.txt logfile of random's system information tool 1.09 2011-12-20 20:17:36[/b][/i]

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
7-Zip 4.65-->"C:\Program Files\7-Zip\Uninstall.exe"
ABBYY FineReader 6.0 Sprint-->MsiExec.exe /X{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
ABBYY FineReader OCR Engine for ScanWizard-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{345C90FB-FA10-11D5-9C2A-0080C85A0C2D}\setup.exe"
Adobe Reader 9.4.4-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A94000000001}
Aktualizacja dla systemu Windows Internet Explorer 8 (KB976662)-->"C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe"
Aktualizacja dla systemu Windows Internet Explorer 8 (KB980182)-->"C:\WINDOWS\ie8updates\KB980182-IE8\spuninst\spuninst.exe"
Aktualizacja dla systemu Windows Internet Explorer 8 (KB980302)-->"C:\WINDOWS\ie8updates\KB980302-IE8\spuninst\spuninst.exe"
Aktualizacja dla systemu Windows XP (KB2467659)-->"C:\WINDOWS\$NtUninstallKB2467659$\spuninst\spuninst.exe"
Aktualizacja dla systemu Windows XP (KB2541763)-->"C:\WINDOWS\$NtUninstallKB2541763$\spuninst\spuninst.exe"
Aktualizacja dla systemu Windows XP (KB2607712)-->"C:\WINDOWS\$NtUninstallKB2607712$\spuninst\spuninst.exe"
Aktualizacja dla systemu Windows XP (KB2616676)-->"C:\WINDOWS\$NtUninstallKB2616676$\spuninst\spuninst.exe"
Aktualizacja dla systemu Windows XP (KB2641690)-->"C:\WINDOWS\$NtUninstallKB2641690$\spuninst\spuninst.exe"
Aktualizacja dla systemu Windows XP (KB971029)-->"C:\WINDOWS\$NtUninstallKB971029$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla Microsoft Windows (KB2564958)-->"C:\WINDOWS\$NtUninstallKB2564958$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB2183461)-->"C:\WINDOWS\ie8updates\KB2183461-IE8\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB2360131)-->"C:\WINDOWS\ie8updates\KB2360131-IE8\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB2416400)-->"C:\WINDOWS\ie8updates\KB2416400-IE8\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB2482017)-->"C:\WINDOWS\ie8updates\KB2482017-IE8\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB2497640)-->"C:\WINDOWS\ie8updates\KB2497640-IE8\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB2510531)-->"C:\WINDOWS\ie8updates\KB2510531-IE8\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB2530548)-->"C:\WINDOWS\ie8updates\KB2530548-IE8\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB2544521)-->"C:\WINDOWS\ie8updates\KB2544521-IE8\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB2559049)-->"C:\WINDOWS\ie8updates\KB2559049-IE8\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB2586448)-->"C:\WINDOWS\ie8updates\KB2586448-IE8\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB2618444)-->"C:\WINDOWS\ie8updates\KB2618444-IE8\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB981332)-->"C:\WINDOWS\ie8updates\KB981332-IE8\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB982381)-->"C:\WINDOWS\ie8updates\KB982381-IE8\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2296199)-->"C:\WINDOWS\$NtUninstallKB2296199$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2393802)-->"C:\WINDOWS\$NtUninstallKB2393802$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2412687)-->"C:\WINDOWS\$NtUninstallKB2412687$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2419632)-->"C:\WINDOWS\$NtUninstallKB2419632$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2423089)-->"C:\WINDOWS\$NtUninstallKB2423089$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2436673)-->"C:\WINDOWS\$NtUninstallKB2436673$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2440591)-->"C:\WINDOWS\$NtUninstallKB2440591$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2443105)-->"C:\WINDOWS\$NtUninstallKB2443105$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2476490)-->"C:\WINDOWS\$NtUninstallKB2476490$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2476687)-->"C:\WINDOWS\$NtUninstallKB2476687$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2478960)-->"C:\WINDOWS\$NtUninstallKB2478960$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2478971)-->"C:\WINDOWS\$NtUninstallKB2478971$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2479628)-->"C:\WINDOWS\$NtUninstallKB2479628$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2479943)-->"C:\WINDOWS\$NtUninstallKB2479943$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2481109)-->"C:\WINDOWS\$NtUninstallKB2481109$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2483185)-->"C:\WINDOWS\$NtUninstallKB2483185$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2485376)-->"C:\WINDOWS\$NtUninstallKB2485376$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2485663)-->"C:\WINDOWS\$NtUninstallKB2485663$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2503658)-->"C:\WINDOWS\$NtUninstallKB2503658$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2503665)-->"C:\WINDOWS\$NtUninstallKB2503665$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2506212)-->"C:\WINDOWS\$NtUninstallKB2506212$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2506223)-->"C:\WINDOWS\$NtUninstallKB2506223$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2507618)-->"C:\WINDOWS\$NtUninstallKB2507618$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2507938)-->"C:\WINDOWS\$NtUninstallKB2507938$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2508272)-->"C:\WINDOWS\$NtUninstallKB2508272$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2508429)-->"C:\WINDOWS\$NtUninstallKB2508429$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2509553)-->"C:\WINDOWS\$NtUninstallKB2509553$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2511455)-->"C:\WINDOWS\$NtUninstallKB2511455$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2524375)-->"C:\WINDOWS\$NtUninstallKB2524375$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2535512)-->"C:\WINDOWS\$NtUninstallKB2535512$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2536276)-->"C:\WINDOWS\$NtUninstallKB2536276$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2536276-v2)-->"C:\WINDOWS\$NtUninstallKB2536276-v2$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2544893)-->"C:\WINDOWS\$NtUninstallKB2544893$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2544893-v2)-->"C:\WINDOWS\$NtUninstallKB2544893-v2$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2555917)-->"C:\WINDOWS\$NtUninstallKB2555917$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2562937)-->"C:\WINDOWS\$NtUninstallKB2562937$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2566454)-->"C:\WINDOWS\$NtUninstallKB2566454$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2567053)-->"C:\WINDOWS\$NtUninstallKB2567053$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2567680)-->"C:\WINDOWS\$NtUninstallKB2567680$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2570222)-->"C:\WINDOWS\$NtUninstallKB2570222$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2570947)-->"C:\WINDOWS\$NtUninstallKB2570947$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2592799)-->"C:\WINDOWS\$NtUninstallKB2592799$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2618451)-->"C:\WINDOWS\$NtUninstallKB2618451$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2619339)-->"C:\WINDOWS\$NtUninstallKB2619339$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2620712)-->"C:\WINDOWS\$NtUninstallKB2620712$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2624667)-->"C:\WINDOWS\$NtUninstallKB2624667$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2633171)-->"C:\WINDOWS\$NtUninstallKB2633171$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2639417)-->"C:\WINDOWS\$NtUninstallKB2639417$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
ALLConverter PRO 1.0-->"C:\Program Files\ALLConverter PRO\unins000.exe"
ALLPlayer V5.X-->"C:\Program Files\ALLPlayer\unins000.exe"
Apple Application Support-->MsiExec.exe /I{A83279FD-CA4B-4206-9535-90974DE76654}
Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
Archiwizator WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Assistant 5.05.010-->D:\Assistant\Uninstall.exe
AVG 2012-->"C:\Program Files\AVG\AVG2012\avgmfapx.exe" /AppMode=SETUP /Uninstall
AVG 2012-->MsiExec.exe /I{4E74D41C-5864-4561-9F6B-069372513A0B}
AVG 2012-->MsiExec.exe /I{8398852A-7B61-4808-8F58-D0A40D1B2CB6}
Canon Camera Support Core Library-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{91F1A0D6-23AD-49FE-8D4E-379485652214} /l1033
Canon Camera Window DS for ZoomBrowser EX-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{91203BD3-6C3E-472F-ADBD-F60FDC7C4010}
Canon Camera Window DVC for ZoomBrowser EX-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{4C96958A-6562-4143-B820-FF4890D3B734}
Canon Camera Window for ZoomBrowser EX-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{C7281207-4AA4-425E-B57A-0E9EF8445635}
Canon Internet Library for ZoomBrowser EX-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{2F81FBFC-9A37-431F-9050-14B55485DF5A}
Canon MovieEdit Task for ZoomBrowser EX-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{8AF1E098-1A5C-4336-BBE2-D047ABB401ED}
Canon PhotoRecord-->MsiExec.exe /X{0878E100-C0BB-41E8-B4C6-C486B61FDA7B}
Canon PIXMA iP3000-->C:\WINDOWS\system32\CNMCP61.exe "-PRINTERNAMECanon PIXMA iP3000" "-HELPERDLLC:\BJPrinter\CNMWINDOWS\Canon PIXMA iP3000 Installer\Inst2\cnmis.dll" "-RCDLLC:\BJPrinter\CNMWINDOWS\Canon PIXMA iP3000 Installer\Inst2\cnmi0415.dll"
Canon RAW Image Task for ZoomBrowser EX-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{45EF4EE3-F591-4B74-A477-0CAE12934CE7}
Canon RemoteCapture Task for ZoomBrowser EX-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{28291BD5-92D2-4685-82DC-CCA925C53CCA}
Canon Utilities PhotoStitch 3.1-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{218BBBE3-FE63-4BB2-81A8-7435575A84FA}
Canon ZoomBrowser EX-->MsiExec.exe /X{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
CD-LabelPrint-->"C:\Program Files\Canon\CD-LabelPrint\Uninstal.exe" Canon.CDLabelPrint.Application
C-Media 3D Audio-->C:\WINDOWS\CMIUnInstall.exe
DAEMON Tools Lite-->C:\Program Files\DAEMON Tools Lite\uninst.exe
Easy-WebPrint-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Canon\Easy-WebPrint\Uninst.isu"
ffdshow [rev 2754] [2009-03-10]-->"C:\Program Files\ffdshow\unins000.exe"
FileOpen Client-->MsiExec.exe /X{ABC082A6-A587-493C-83C1-5F2C60A8BAA8}
Google Chrome-->"C:\Program Files\Google\Chrome\Application\16.0.912.63\Installer\setup.exe" --uninstall --multi-install --chrome --system-level
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7}
ICatch (VI) PC Camera-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F48C6EA5-3B43-11D6-86A6-0050BA0259A2}\setup.exe"
Infix 4.19-->"C:\Program Files\Iceni\Infix4\unins000.exe"
Java™ 6 Update 26-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216023FF}
Livebox-->C:\Program Files\Livebox\installation\core\Installgui.exe -u
Malwarebytes' Anti-Malware wersja 1.51.2.1300-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft ActiveSync-->MsiExec.exe /I{99052DB7-9592-4522-A558-5417BBAD48EE}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office 2000 Premium-->MsiExec.exe /I{00000415-78E1-11D2-B60F-006097C998E7}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
NapiProjekt 2.0.0 (build 2151)-->"C:\Program Files\NapiProjekt\unins000.exe"
Nero - Burning Rom-->MsiExec.exe /X{A4D7B764-4140-11D4-88EB-0050DA3579C0}
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe"
Poprawka dla systemu Windows XP (KB2443685)-->"C:\WINDOWS\$NtUninstallKB2443685$\spuninst\spuninst.exe"
Poprawka dla systemu Windows XP (KB2570791)-->"C:\WINDOWS\$NtUninstallKB2570791$\spuninst\spuninst.exe"
Poprawka dla systemu Windows XP (KB2633952)-->"C:\WINDOWS\$NtUninstallKB2633952$\spuninst\spuninst.exe"
Profesor Henry 6.0 Rozumienie ze słuchu i konwersacje-->"C:\Program Files\Edgard\Profesor Henry 6.0 Rozumienie ze słuchu i konwersacje\unins000.exe"
QuickTime-->MsiExec.exe /I{7BE15435-2D3E-4B58-867F-9C75BED0208C}
Real Alternative 1.9.0 Lite-->"C:\Program Files\Real Alternative\unins000.exe"
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|12.0
RealUpgrade 1.0-->MsiExec.exe /I{F4F4F84E-804F-4E9A-84D7-C34283F0088F}
ScanWizard 5-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B08D262E-D902-11D5-9C28-0080C85A0C2D}\setup.exe"
SilverCrest MTS2219-SL Driver-->"C:\Program Files\InstallShield Installation Information\{1E494817-D81E-4B0E-B379-F34DF4DCDA58}\setup.exe" -runfromtemp -l0x0015 -removeonly
Skype™ 4.2-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
Spelling Dictionaries Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004}
Sun ODF Plugin for Microsoft Office 3.1-->MsiExec.exe /X{DF204E20-C29C-4434-BCFE-D9BAF76CEF8D}
Super Kulki-->"C:\Program Files\Super Kulki\unins000.exe"
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"

======System event log======

Computer Name: W-0CD416825FCE4
Event Code: 4201
Message: System wykrył, że karta sieciowa \DEVICE\TCPIP_{91426ABC-68C9-4790-9FF4-737C2A759427} została podłączona do sieci
i ma zainicjowane normalne działanie na karcie sieciowej.

Record Number: 39015
Source Name: Tcpip
Time Written: 20111122190210.000000+060
Event Type: informacje
User:

Computer Name: W-0CD416825FCE4
Event Code: 4201
Message: System wykrył, że karta sieciowa \DEVICE\TCPIP_{91426ABC-68C9-4790-9FF4-737C2A759427} została podłączona do sieci
i ma zainicjowane normalne działanie na karcie sieciowej.

Record Number: 39014
Source Name: Tcpip
Time Written: 20111122190208.000000+060
Event Type: informacje
User:

Computer Name: W-0CD416825FCE4
Event Code: 35
Message: Usługa czasu synchronizuje teraz czas systemowy z czasem źródła
czasu time.windows.com (ntp.m|0x1|192.168.1.10:123->207.46.250.85:123).

Record Number: 39013
Source Name: W32Time
Time Written: 20111122190019.000000+060
Event Type: informacje
User:

Computer Name: W-0CD416825FCE4
Event Code: 29
Message: Dostawca czasu NtpClient jest skonfigurowany, tak aby pobierać czas z jednego lub kilku
źródeł czasu, jednak żadne ze źródeł jest obecnie niedostępne.
Przez 14 min nie nastąpi próba kontaktu ze źródłem.
NtpClient nie ma źródła dokładnego czasu.

Record Number: 39012
Source Name: W32Time
Time Written: 20111122184531.000000+060
Event Type: błąd
User:

Computer Name: W-0CD416825FCE4
Event Code: 17
Message: Dostawca czasu NtpClient: Wystąpił błąd podczas wyszukiwania serwera DNS
ręcznie skonfigurowanej końcówki „time.windows.com,0x1”. Klient NtpClient ponowi próbę
wyszukania serwera DNS za 15 min.
Wystąpił błąd: Próba przeprowadzenia operacji, wykonywanej przez gniazdo, na nieosiągalnym hoście. (0x80072751)

Record Number: 39011
Source Name: W32Time
Time Written: 20111122184531.000000+060
Event Type: błąd
User:

=====Application event log=====

Computer Name: W-0CD416825FCE4
Event Code: 7
Message: Pomyślnie wykonano automatyczne pobranie aktualizacji numeru sekwencji listy głównej innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>

Record Number: 4004
Source Name: crypt32
Time Written: 20101224204522.000000+060
Event Type: informacje
User:

Computer Name: W-0CD416825FCE4
Event Code: 11707
Message: Product: Solution Disk -- Installation operation completed successfully.

Record Number: 4003
Source Name: MsiInstaller
Time Written: 20101224204513.000000+060
Event Type: informacje
User: W-0CD416825FCE4\Właściciel

Computer Name: W-0CD416825FCE4
Event Code: 11707
Message: Product: ISScript -- Installation operation completed successfully.

Record Number: 4002
Source Name: MsiInstaller
Time Written: 20101224204454.000000+060
Event Type: informacje
User: W-0CD416825FCE4\Właściciel

Computer Name: W-0CD416825FCE4
Event Code: 11707
Message: Product: ISScript -- Installation operation completed successfully.

Record Number: 4001
Source Name: MsiInstaller
Time Written: 20101224204422.000000+060
Event Type: informacje
User: W-0CD416825FCE4\Właściciel

Computer Name: W-0CD416825FCE4
Event Code: 1000
Message: Aplikacja powodująca błąd svchost.exe, wersja 5.1.2600.5512, moduł powodujący błąd unknown, wersja 0.0.0.0, adres błędu 0x5e5262eb.

Record Number: 4000
Source Name: Application Error
Time Written: 20101224200957.000000+060
Event Type: błąd
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 8 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=0801
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------

[i][b][/log][/b][/i]

RSIT LOG:
[i][b][log][/b][/i]
Logfile of random's system information tool 1.09 (written by random/random)
Run by Właściciel at 2011-12-20 20:17:03
Microsoft Windows XP Home Edition Dodatek Service Pack 3
System drive C: has 2 GB (12%) free of 19 GB
Total RAM: 1023 MB (10% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:17:32, on 2011-12-20
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\Program Files\AVG\AVG2012\AVGRSX.EXE
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\VM_STI.EXE
C:\WINDOWS\system32\PrintDisp.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\SilverCrest MTS2219-SL Driver\KbClient_FD2.exe
C:\Program Files\SilverCrest MTS2219-SL Driver\MouClient_FD2.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PrintCtrl.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
D:\medion\Wcescomm.exe
C:\Program Files\ScanWizard 5\ScannerFinder.exe
D:\medion\rapimgr.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\notepad.exe
C:\WINDOWS\notepad.exe
C:\Documents and Settings\Właściciel\Moje dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\Właściciel.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.gazeta.pl/0,0.html?p=125"]http://www.gazeta.pl/0,0.html?p=125[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft....k/?LinkId=69157[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft....k/?LinkId=54896[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft....k/?LinkId=54896[/url]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft....k/?LinkId=69157[/url]
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Livebox\SearchURLHook\SearchPageURL.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\9.0.0.18\AVG Secure Search_toolbar.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: IplexToALLPlayer - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~1\ALLPLA~1\Iplex\IPLEXT~1.DLL
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\9.0.0.18\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [ORAHSSSessionManager] "C:\Program Files\Livebox\SessionManager\SessionManager.exe"
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real Alternative\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [PrintDisp] C:\WINDOWS\system32\PrintDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Launch SilverCrest MTS2219-SL-K] C:\Program Files\SilverCrest MTS2219-SL Driver\KbClient_FD2.exe
O4 - HKLM\..\Run: [Launch SilverCrest MTS2219-SL-M] C:\Program Files\SilverCrest MTS2219-SL Driver\MouClient_FD2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ALLUpdate] "C:\Program Files\ALLPlayer\ALLUpdate.exe" "sleep"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [H/PC Connection Agent] "D:\medion\Wcescomm.exe"
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Scanner Finder.lnk = C:\Program Files\ScanWizard 5\ScannerFinder.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Funkcja Google Sidewiki - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\medion\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\medion\INetRepl.dll
O9 - Extra 'Tools' menuitem: Utwórz Ulubione dla urządzenia przenośnego... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\medion\INetRepl.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} (20-20 3D Viewer for IKEA) - [url="http://kitchenplanner.ikea.com/PL/Core/Player/2020PlayerAX_IKEA_Win32.cab"]http://kitchenplanne..._IKEA_Win32.cab[/url]
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\9.0.1\ViProtocol.dll
O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - Unknown owner - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Usługa Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Usługa Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Printer Control - ActMask Co.,Ltd - [url="HTTP://WWW.ALL2PDF.COM"]HTTP://WWW.ALL2PDF.COM[/url] - C:\WINDOWS\system32\PrintCtrl.exe
O23 - Service: vToolbarUpdater - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe

--
End of file - 11180 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{9893095B-8A5A-409F-B9B3-853C4E3B8ACF}.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1454471165-854245398-1177238915-1003.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1454471165-854245398-1177238915-1003.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-09-05 341600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG2012\avgssie.dll [2011-11-11 1378144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Security Toolbar - C:\Program Files\AVG Secure Search\9.0.0.18\AVG Secure Search_toolbar.dll [2011-12-04 1547104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-04 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF925EF3-7A87-44E4-9CAF-8D7B280BF616}]
IplexToALLPlayer - C:\PROGRA~1\ALLPLA~1\Iplex\IPLEXT~1.DLL [2011-02-09 400384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-05-04 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2004-04-16 405504]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files\AVG Secure Search\9.0.0.18\AVG Secure Search_toolbar.dll [2011-12-04 1547104]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Cmaudio"=RunDll32 cmicnfg.cpl,CMICtrlWnd []
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-02 13529088]
"nwiz"=nwiz.exe /install []
"ORAHSSSessionManager"=C:\Program Files\Livebox\SessionManager\SessionManager.exe [2008-06-10 107248]
"BigDogPath"=C:\WINDOWS\VM_STI.EXE [2004-06-09 40960]
"NeroCheck"=C:\WINDOWS\system32\\NeroCheck.exe [2001-07-09 155648]
"TkBellExe"=C:\Program Files\Real Alternative\Update_OB\realsched.exe -osboot []
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"PrintDisp"=C:\WINDOWS\system32\PrintDisp.exe [2009-08-21 878080]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2011-10-24 421888]
"Launch SilverCrest MTS2219-SL-K"=C:\Program Files\SilverCrest MTS2219-SL Driver\KbClient_FD2.exe [2010-09-03 1424384]
"Launch SilverCrest MTS2219-SL-M"=C:\Program Files\SilverCrest MTS2219-SL Driver\MouClient_FD2.exe [2010-09-03 860672]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]
"AVG_TRAY"=C:\Program Files\AVG\AVG2012\avgtray.exe [2011-12-03 2415456]
"vProt"=C:\Program Files\AVG Secure Search\vprot.exe [2011-12-04 827232]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-05-02 86016]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 59240]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2011-08-31 449608]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-04-06 26102056]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-15 15360]
"ALLUpdate"=C:\Program Files\ALLPlayer\ALLUpdate.exe [2011-08-16 1379840]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"H/PC Connection Agent"=D:\medion\Wcescomm.exe [2006-11-13 1289000]

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE
Scanner Finder.lnk - C:\Program Files\ScanWizard 5\ScannerFinder.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\AVG\AVG10\avgmfapx.exe"="C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:Instalator AVG"
"C:\WINDOWS\System32\RUNDLL32.EXE"="C:\WINDOWS\System32\RUNDLL32.EXE:*:Enabled:Uruchamia plik DLL jako aplikację"
"C:\WINDOWS\System32\dpvsetup.exe"="C:\WINDOWS\System32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\mIRC\mirc.exe"="C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC"
"C:\Program Files\Livebox\Connectivity\ConnectivityManager.exe"="C:\Program Files\Livebox\Connectivity\ConnectivityManager.exe:*:enabled:CSS"
"D:\medion\rapimgr.exe"="D:\medion\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"D:\medion\wcescomm.exe"="D:\medion\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"D:\medion\WCESMgr.exe"="D:\medion\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\AVG\AVG2012\avgmfapx.exe"="C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:Instalator AVG"
"C:\Program Files\AVG\AVG2012\avgnsx.exe"="C:\Program Files\AVG\AVG2012\avgnsx.exe:*:Enabled:Ochrona Sieci"
"C:\Program Files\AVG\AVG2012\avgdiagex.exe"="C:\Program Files\AVG\AVG2012\avgdiagex.exe:*:Enabled:Diagnostyka AVG 2012"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\medion\rapimgr.exe"="D:\medion\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"D:\medion\wcescomm.exe"="D:\medion\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"D:\medion\WCESMgr.exe"="D:\medion\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FFDS"=ff_vfw.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv

======List of files/folders created in the last 1 month======

2011-12-20 20:17:03 ----D---- C:\rsit
2011-12-18 21:56:03 ----D---- C:\Documents and Settings\Właściciel\Dane aplikacji\Malwarebytes
2011-12-18 21:55:51 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
2011-12-18 21:55:48 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-12-18 21:55:48 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2011-12-18 21:38:18 ----D---- C:\Program Files\Trend Micro
2011-12-18 21:25:06 ----D---- C:\Documents and Settings\Właściciel\Dane aplikacji\Apple Computer
2011-12-18 21:16:37 ----D---- C:\Program Files\QuickTime
2011-12-18 21:16:34 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Apple Computer
2011-12-18 21:15:41 ----D---- C:\Program Files\Common Files\Apple
2011-12-18 21:15:13 ----D---- C:\Program Files\Apple Software Update
2011-12-18 21:15:13 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Apple
2011-12-18 18:43:21 ----ASH---- C:\hiberfil.sys
2011-12-18 18:41:32 ----D---- C:\WINDOWS\nvidia icons
2011-12-18 18:21:11 ----A---- C:\WINDOWS\system32\d3d9caps.dat
2011-12-18 18:19:56 ----SHD---- C:\FOUND.034
2011-12-18 17:57:47 ----D---- C:\Program Files\NapiProjekt
2011-12-18 17:57:35 ----A---- C:\WINDOWS\is-N0TCI.exe
2011-12-14 22:17:52 ----HD---- C:\WINDOWS\$NtUninstallKB2639417$
2011-12-14 22:17:44 ----HD---- C:\WINDOWS\$NtUninstallKB2624667$
2011-12-14 22:12:28 ----HD---- C:\WINDOWS\$NtUninstallKB2633952$
2011-12-14 22:12:22 ----HD---- C:\WINDOWS\$NtUninstallKB2619339$
2011-12-14 22:12:15 ----HD---- C:\WINDOWS\$NtUninstallKB2618451$
2011-12-14 22:12:10 ----HD---- C:\WINDOWS\$NtUninstallKB2620712$
2011-12-14 22:11:40 ----HD---- C:\WINDOWS\$NtUninstallKB2633171$
2011-12-04 10:53:45 ----D---- C:\Documents and Settings\Właściciel\Dane aplikacji\AVG Secure Search
2011-12-04 10:22:13 ----D---- C:\WINDOWS\system32\cache
2011-12-04 10:22:09 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\AVG Secure Search
2011-12-01 20:13:54 ----SHD---- C:\FOUND.033

======List of files/folders modified in the last 1 month======

2011-12-20 11:26:56 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-12-18 17:54:54 ----A---- C:\WINDOWS\system32\mkzlib.dll
2011-12-18 17:54:52 ----A---- C:\WINDOWS\system32\mkunicode.dll
2011-12-14 22:12:44 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSEH;AVGIDSEH; C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys [2011-07-11 23120]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx86.sys [2011-09-13 32592]
R0 uagp35;Filtr AGPv3.5 firmy Microsoft; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2008-04-14 44672]
R0 viaagp1;VIA AGP Filter; C:\WINDOWS\system32\DRIVERS\viaagp1.sys [2002-12-27 26880]
R1 AmdK7;Sterownik procesora AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-15 41856]
R1 Avgldx86;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx86.sys [2011-10-07 230608]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx86.sys [2011-08-08 40016]
R1 Avgtdix;AVG TDI Driver; C:\WINDOWS\system32\DRIVERS\avgtdix.sys [2011-07-11 295248]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2011-05-21 218688]
R1 kbdhid;Sterownik klawiatury HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R3 AVGIDSDriver;AVGIDSDriver; C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-11 134608]
R3 AVGIDSFilter;AVGIDSFilter; C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-11 24272]
R3 AVGIDSShim;AVGIDSShim; C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys [2011-10-04 16720]
R3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2003-10-17 754560]
R3 FETNDIS;Sterownik NT karty VIA PCI 10/100Mb Fast Ethernet; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 hidusb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-15 10368]
R3 InputFilter_Hid_FlexDef2b;Siliten HID Devices(FlexDef2b) Driver Service; C:\WINDOWS\system32\DRIVERS\InputFilter_FlexDef2b.sys [2010-06-19 14848]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 mouhid;Sterownik myszy HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-15 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-02 6554496]
R3 SG762_XP;SAGEM 802.11g XG762 1211B Driver; C:\WINDOWS\system32\DRIVERS\WlanBZXP.sys [2006-01-19 402432]
R3 usbaudio;Sterownik audio USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
R3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-15 20608]
R3 ZSMC302;VIMICRO USB PC Camera; C:\WINDOWS\System32\Drivers\usbVM31b.sys [2004-09-07 90568]
S3 CCDECODE;Dekoder napisów; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;Koder-dekoder NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Połączenie TV/wideo firmy Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []
S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbprint;Klasa PRINTER USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Sterownik skanera USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-11-06 28672]
S3 WSTCODEC;Kodery-dekodery teletekstu w standardzie światowym; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 WS2IFSL;Środowisko wspomagające dostawcę usług innych niż IFS - Windows Socket 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-04-15 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
R2 FTRTSVC;France Telecom Routing Table Service; C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [2008-06-20 65536]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-05-04 153376]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-02 159812]
R2 Printer Control;Printer Control; C:\WINDOWS\system32\PrintCtrl.exe [2009-06-16 77824]
R2 vToolbarUpdater;vToolbarUpdater; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe [2011-12-04 855904]
S2 gupdate;Usługa Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-24 135664]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-03-18 947528]
S3 gupdatem;Usługa Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-24 135664]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-04-24 182768]
S3 WMPNetworkSvc;Usługa udostępniania w sieci programu Windows Media Player; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-12-01 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-15 14336]
S4 FileOpenManagerSvc;FileOpenManagerSvc; C:\Documents and Settings\All Users\Dane aplikacji\FileOpen\Services\FileOpenManagerSvc32.exe [2011-03-09 212352]

-----------------EOF-----------------

[i][b][/log][/b][/i]



[i][b]WIELKIE DZIEKI ZA WSZELKA POMOC[/b][/i] Edytowane przez makavel1983

Udostępnij tego posta


Odnośnik do posta
Udostępnij na stronach
Ja tu nic nie widzę . Dla pewności przeskanuj system jeszcze tym [url="http://www.eset.pl/Pobierz/Dodatkowe_narzedzia/ESET_Online_Scanner"]http://www.eset.pl/Pobierz/Dodatkowe_narzedzia/ESET_Online_Scanner[/url]

Udostępnij tego posta


Odnośnik do posta
Udostępnij na stronach
OTL
[url="http://www.wklej.org/id/651904/"]http://www.wklej.org/id/651904/[/url]

LOG RSIT>
[url="http://www.wklej.org/id/651905/"]http://www.wklej.org/id/651905/[/url]

INFO RSIT
[url="http://www.wklej.org/id/651907/"]http://www.wklej.org/id/651907/[/url]

Udostępnij tego posta


Odnośnik do posta
Udostępnij na stronach
Do OTL wklej:
[code]
:OTL
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.

:Commands
[emptytemp]
[/code]
[b]Wykonaj skrypt,[/b] pokaż raport.

Do [url="http://jpshortstuff.247fixes.com/SystemLook.exe"][b]SystemLook[/b][/url] wklej:
[code]
:dir
C:\WINDOWS
C:\Documents and Settings\All Users\Dokumenty

:file
C:\WINDOWS\system32\mkzlib.dll
C:\WINDOWS\system32\mkunicode.dll
[/code]
[b]Look,[/b] pokaż raport.

Pokaż jeszcze log z Gmer. (w przyklejonych)

Pobierz [url="http://www.hdtune.com/"][b]HDTune[/b][/url] i pokaż screeny ze wszystkich jego zakładek.

Wszystkie pliki z folderu [b]C:\WINDOWS\Minidump[/b] spakuj w archiwum, wrzuć na jakiś serwer (np. mediafire) i podaj link.

Udostępnij tego posta


Odnośnik do posta
Udostępnij na stronach
LOG z OTL:
http://www.wklej.org/id/657166/

Jeszcze jeden LOG z OTL, bo w pierwszym nie poustawialem wszystkich parametrow, tak jak w

opisie na stronie:
http://www.wklej.org/id/657247/

LOG z systemlook
http://www.wklej.org/id/657169/

1. LOG GMER>QUICK SCAN

http://www.wklej.org/id/657215/

2.LOG GMER DYSKI:
http://www.wklej.org/id/657212/

3.LOG GMER USLUGI>
http://www.wklej.org/id/657220/

HDTune - niestety jak go wlaczam system sie zawiesza i pojawia sie blue screen (nie wiem czy

moze miec na to wplyw wymiana kosci RAMU albo karty graf., ktora ostatnio zrobilem - moj

ojciec sie skarzyl, ze kilka razy w tym tyg. po tej wymianie mial takiego samego blue screena)

C:\WINDOWS\Minidump jest pusty (patrzylem tez na pliki ukryte i szukalem folderu na innych dyskach)

Udostępnij tego posta


Odnośnik do posta
Udostępnij na stronach
jak chcesz się pozbyć śmieci z dysku to format dysku na pewno pomoże .

//+20% za namawianie do formatu
//raaz

Udostępnij tego posta


Odnośnik do posta
Udostępnij na stronach
[quote name='Quke' timestamp='1325200281' post='1407589']
jak chcesz się pozbyć śmieci z dysku to format dysku na pewno pomoże .
[/quote]
Skoro każdemu tak chętnie go polecasz, to może sam sobie go zrób i przestań polecać innym? To jest ostateczność, wątpię żeby komukolwiek chciałoby się co tydzień robić backup plików i przeinstalowywać system bo mu wystąpił jakiś drobny problem, a jest śmierdzącym leniem i nie chce poszukać w Google (licząc występowanie u przeciętnego użytkownika komputera).


@Autor
W OTL miało być [b]Wykonaj skrypt,[/b] a nie [b]Skanuj.[/b] Powtórz.

Cały czas widzę na dysku folderu FOUND.*** . To Ty uruchamiasz Scandiska, czy on sam wymusza skanowanie?

Pliki:
[code]
C:\WINDOWS\system32\mkzlib.dll
C:\WINDOWS\system32\mkunicode.dll
C:\WINDOWS\ap561.exe
C:\WINDOWS\ShowBmp.exe
C:\WINDOWS\is-N0TCI.lst
C:\WINDOWS\is-N0TCI.msg
C:\WINDOWS\is-N0TCI.exe
C:\WINDOWS\amcap.exe
[/code]
Przeskanuj na www.virustotal.com i pokaż wyniki.

Wejdź w Start ->PPM na Mój komputer -> Właściwości -> karta Zaawansowane -> Uruchamianie i odzyskiwanie -> Zwaria systemu -> ma być zaznaczone Zapisz zdarzenie do dziennika systemu, odznaczone automatycznie uruchom pownownie, w ścieżce Plik zrzutu ma być %SystemRoot%\MEMORY.DMP . Jeśli BSOD wystąpi, zrób mu zdjęcie + daj pliki z folderu Minidump (bo tak nie wiadomo, o co komputerowi chodzi).

Zamiast HDTune użyj [url="http://www.programosy.pl/program,crystaldiskinfo.html"][b]CrystalDiskInfo.[/b][/url] Edytowane przez Natsuki Kuga

Udostępnij tego posta


Odnośnik do posta
Udostępnij na stronach
1) OTO LOG z wykonania skryptu

[url="http://www.wklej.org/id/659486/"]http://www.wklej.org/id/659486/[/url]

2) Scandiska sam nie uruchamiam.
3) tylko w ponizszym pliku znaleziono trojana> , mam skasowac ten plik?


[size=1]0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is goodware. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is malware.[/size]
File name: [b]amcap.exe[/b]

Submission date: [b]2012-01-02 21:12:31 (UTC)[/b]

Current status: [b]finished[/b]


Result: [b][color=red]1[/color]/ 43 (2.3%[/b]
ByteHero 1.0.0.1 2011.12.31 Trojan.Malware.Win32.xPack.g

Zaraz postaram sie uzupelnic reszte informacji.

Pozdrawiam

________________________________________________________

Oto natomiast screenshot z programu crystal disc info:

[url="http://www.mediafire.com/?cyj1b94ghp10c6c"]http://www.mediafire...cyj1b94ghp10c6c[/url] Edytowane przez makavel1983

Udostępnij tego posta


Odnośnik do posta
Udostępnij na stronach
Mam rozumieć, że w innych plikach nic nie wykryto?

Dysk zaczyna realokować sektory - to najwyraźniej jest przyczyna włączania się Scandiska i wolnej pracy komputera.

Udostępnij tego posta


Odnośnik do posta
Udostępnij na stronach
Zwróć się jeszcze z tym screenem do działu sprzętowego, niech oni to dokładnie ocenią.

Co do tego pliku - przesuń go na razie w inne miejsce. Jeśli nie będzie żadnych błędów o jego braku, skasuj.

W OTL kliknij [b]Sprzątanie[/b]. Inne narzędzia też możesz usunąć.

Udostępnij tego posta


Odnośnik do posta
Udostępnij na stronach

Żeby dodać komentarz, musisz założyć konto lub zalogować się

Tylko zarejestrowani użytkownicy mogą dodawać komentarze

Dodaj konto

Załóż nowe konto. To bardzo proste!


Zarejestruj nowe konto

Zaloguj się

Posiadasz już konto? Zaloguj się tutaj.


Zaloguj się teraz

  • Przeglądający   0 użytkowników

    Brak zarejestrowanych użytkowników, przeglądających tę stronę.