slawek123 utworzono 13 września 2012 utworzono 13 września 2012 (edytowane) Witam. Od wczoraj nie mam dostępu do wyszukiwarki google i jej zasobów. Problem wygląda tak że jak wchodzę na google to wyrzuca mi komunikat [b] "Strona internetowa jest niedostępna" [/b] Problem występuje na każdej przeglądarce, czyściłem all pamięć podręczną, skanowałem antywirem(avast), narzędziami, cCleanerem i wszystkim co się dało. Nie znalazło NIC Nie działają także inne wyszukiwarki oparte na google, np ta z onetu. Jeżeli juz jakaś się otworzy to po wykonaniu wyszukania linki nie otwierają się. Jestem prawie pewny że to za sprawą jakiegoś śmiecia, ostatnio usuwałem jakiegoś wira który podszył się pod program ochrony, być może nie skasowałem go do końca albo coś jeszcze popsuł. Wir nazywał się [color=#333333]Live security Platinum. Teraz nie wiem co może siedzieć, ale na pewno noś jest. [/color][color=#333333]Proszę o pomoc, niżej wklejam log z OTL [/color] [font=lucida grande, tahoma, verdana, arial, sans-serif][color=#333333][size=3]Nie mam wyszukiwarki, dlatego [/size][/color][/font][font=lucida grande, tahoma, verdana, arial, sans-serif][size=2][color=#333333]proszę[/color][/size][/font][font=lucida grande, tahoma, verdana, arial, sans-serif][color=#333333][size=3] o podawanie konkretnych linków[/size][/color][/font] [color=#333333]Z góry dziekuje. [/color] [color=#333333][log] OTL logfile created on: 9/13/2012 8:13:44 PM - Run 1 OTL by OldTimer - Version 3.2.61.3 Folder = C:\Users\Przemek\Desktop Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: Poland | Language: PLK | Date Format: yyyy-MM-dd 2.00 Gb Total Physical Memory | 0.48 Gb Available Physical Memory | 23.82% Memory free 4.00 Gb Paging File | 1.90 Gb Available in Paging File | 47.49% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 40.04 Gb Total Space | 7.51 Gb Free Space | 18.76% Space Free | Partition Type: NTFS Drive D: | 58.59 Gb Total Space | 46.48 Gb Free Space | 79.33% Space Free | Partition Type: NTFS Drive E: | 134.25 Gb Total Space | 52.21 Gb Free Space | 38.89% Space Free | Partition Type: NTFS Drive H: | 76.33 Gb Total Space | 13.99 Gb Free Space | 18.33% Space Free | Partition Type: NTFS Computer Name: PRZEMEK-PC | User Name: Przemek | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012/09/13 20:11:51 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Users\Przemek\Desktop\OTL.exe PRC - [2012/07/16 11:15:40 | 010,354,176 | ---- | M] (Creative Team S.A.) -- C:\Program Files\WapSter\WapSter AQQ\AQQ.exe PRC - [2012/06/22 13:55:48 | 000,265,952 | ---- | M] () -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe PRC - [2012/05/04 15:43:20 | 001,561,768 | ---- | M] (Ask) -- C:\Program Files\Ask.com\Updater\Updater.exe PRC - [2012/04/25 19:53:38 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe PRC - [2012/03/19 11:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe PRC - [2012/01/18 14:02:04 | 000,508,136 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe PRC - [2011/11/28 18:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2011/11/28 18:01:23 | 000,127,192 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe PRC - [2011/11/28 18:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2011/09/27 03:34:31 | 000,813,568 | ---- | M] (6Outb) -- C:\Windows\sony.exe PRC - [2011/07/11 21:48:10 | 001,595,520 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Winamp\winamp.exe PRC - [2011/05/21 13:01:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe PRC - [2011/04/11 18:38:28 | 001,232,896 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe PRC - [2011/02/25 05:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010/11/20 12:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2010/11/20 12:16:54 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe PRC - [2010/04/17 00:10:58 | 000,036,864 | ---- | M] (Realtek) -- C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtlService.exe PRC - [2009/12/23 21:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe PRC - [2008/01/29 11:19:46 | 002,157,096 | ---- | M] (Palit Microsystems, Inc.) -- C:\Program Files\VDOTool\TBPANEL.exe PRC - [2007/09/02 11:58:52 | 000,495,616 | ---- | M] () -- D:\Programy Użytkowe\Różne\RocketDock\RocketDock.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012/09/13 20:04:38 | 000,323,584 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\winamp.lng MOD - [2012/09/13 20:04:38 | 000,003,584 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\winampa.lng MOD - [2012/09/13 20:04:36 | 000,161,792 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\vis_milk2.lng MOD - [2012/09/13 20:04:36 | 000,087,552 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\vis_avs.lng MOD - [2012/09/13 20:04:36 | 000,007,680 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\vis_nsfs.lng MOD - [2012/09/13 20:04:35 | 000,041,984 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\pmp_wifi.lng MOD - [2012/09/13 20:04:35 | 000,016,896 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\out_ds.lng MOD - [2012/09/13 20:04:35 | 000,010,752 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\pmp_usb.lng MOD - [2012/09/13 20:04:35 | 000,010,752 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\pmp_android.lng MOD - [2012/09/13 20:04:35 | 000,007,168 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\out_wave.lng MOD - [2012/09/13 20:04:35 | 000,006,656 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\pmp_ipod.lng MOD - [2012/09/13 20:04:35 | 000,006,144 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\tagz.lng MOD - [2012/09/13 20:04:35 | 000,004,608 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\pmp_activesync.lng MOD - [2012/09/13 20:04:35 | 000,004,096 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\pmp_p4s.lng MOD - [2012/09/13 20:04:35 | 000,003,584 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\pmp_njb.lng MOD - [2012/09/13 20:04:35 | 000,003,072 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\playlist.lng MOD - [2012/09/13 20:04:34 | 000,046,592 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\ml_pmp.lng MOD - [2012/09/13 20:04:34 | 000,036,864 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\ombrowser.lng MOD - [2012/09/13 20:04:34 | 000,014,336 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\ml_wire.lng MOD - [2012/09/13 20:04:34 | 000,008,192 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\ml_transcode.lng MOD - [2012/09/13 20:04:34 | 000,006,144 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\out_disk.lng MOD - [2012/09/13 20:04:34 | 000,005,632 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\ml_rg.lng MOD - [2012/09/13 20:04:33 | 000,054,272 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\ml_local.lng MOD - [2012/09/13 20:04:33 | 000,014,336 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\ml_online.lng MOD - [2012/09/13 20:04:33 | 000,013,312 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\ml_playlists.lng MOD - [2012/09/13 20:04:33 | 000,012,800 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\ml_plg.lng MOD - [2012/09/13 20:04:33 | 000,004,096 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\ml_orb.lng MOD - [2012/09/13 20:04:33 | 000,003,584 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\ml_nowplaying.lng MOD - [2012/09/13 20:04:32 | 000,047,616 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\ml_disc.lng MOD - [2012/09/13 20:04:32 | 000,009,216 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\ml_downloads.lng MOD - [2012/09/13 20:04:32 | 000,008,704 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\ml_history.lng MOD - [2012/09/13 20:04:32 | 000,008,192 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\ml_devices.lng MOD - [2012/09/13 20:04:32 | 000,005,120 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\ml_impex.lng MOD - [2012/09/13 20:04:31 | 000,007,168 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\ml_autotag.lng MOD - [2012/09/13 20:04:31 | 000,005,120 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\ml_bookmarks.lng MOD - [2012/09/13 20:04:31 | 000,003,584 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\ml_addons.lng MOD - [2012/09/13 20:04:30 | 000,014,848 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\in_wm.lng MOD - [2012/09/13 20:04:30 | 000,005,632 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\in_wave.lng MOD - [2012/09/13 20:04:29 | 000,011,264 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\in_vorbis.lng MOD - [2012/09/13 20:04:29 | 000,011,264 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\in_nsv.lng MOD - [2012/09/13 20:04:29 | 000,003,584 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\in_swf.lng MOD - [2012/09/13 20:04:28 | 000,022,528 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\in_mp3.lng MOD - [2012/09/13 20:04:28 | 000,018,432 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\in_mod.lng MOD - [2012/09/13 20:04:28 | 000,004,608 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\in_mp4.lng MOD - [2012/09/13 20:04:28 | 000,004,608 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\in_mkv.lng MOD - [2012/09/13 20:04:27 | 000,020,992 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\in_midi.lng MOD - [2012/09/13 20:04:27 | 000,006,144 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\in_flac.lng MOD - [2012/09/13 20:04:27 | 000,003,584 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\in_linein.lng MOD - [2012/09/13 20:04:27 | 000,003,584 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\in_flv.lng MOD - [2012/09/13 20:04:26 | 000,013,312 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\in_cdda.lng MOD - [2012/09/13 20:04:26 | 000,007,168 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\in_dshow.lng MOD - [2012/09/13 20:04:26 | 000,005,120 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\in_avi.lng MOD - [2012/09/13 20:04:25 | 000,007,680 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\gen_tray.lng MOD - [2012/09/13 20:04:23 | 000,007,168 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\gen_orgler.lng MOD - [2012/09/13 20:04:21 | 000,040,448 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\gen_jumpex.lng MOD - [2012/09/13 20:04:21 | 000,021,504 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\gen_ml.lng MOD - [2012/09/13 20:04:20 | 000,011,264 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\gen_hotkeys.lng MOD - [2012/09/13 20:04:18 | 000,022,016 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\gen_ff.lng MOD - [2012/09/13 20:04:16 | 000,007,168 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\gen_crasher.lng MOD - [2012/09/13 20:04:15 | 000,006,144 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\enc_wma.lng MOD - [2012/09/13 20:04:14 | 000,004,096 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\enc_wav.lng MOD - [2012/09/13 20:04:13 | 000,005,632 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\enc_lame.lng MOD - [2012/09/13 20:04:11 | 000,004,096 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\enc_flac.lng MOD - [2012/09/13 20:04:10 | 000,006,656 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\enc_fhgaac.lng MOD - [2012/09/13 20:04:09 | 000,066,560 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\burnlib.lng MOD - [2012/09/13 20:04:09 | 000,012,800 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\dsp_sps.lng MOD - [2012/09/13 20:04:08 | 000,011,264 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Temp\WLZ1DEF.tmp\auth.lng MOD - [2012/08/30 02:58:45 | 000,442,392 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll MOD - [2012/08/30 02:58:44 | 012,237,336 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll MOD - [2012/08/30 02:58:42 | 003,997,720 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Google\Chrome\Application\21.0.1180.89\pdf.dll MOD - [2012/08/30 02:57:27 | 000,526,872 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Google\Chrome\Application\21.0.1180.89\libglesv2.dll MOD - [2012/08/30 02:57:26 | 000,104,984 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Google\Chrome\Application\21.0.1180.89\libegl.dll MOD - [2012/08/30 02:57:15 | 000,144,424 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Google\Chrome\Application\21.0.1180.89\avutil-51.dll MOD - [2012/08/30 02:57:13 | 000,266,792 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Google\Chrome\Application\21.0.1180.89\avformat-54.dll MOD - [2012/08/30 02:57:12 | 002,480,680 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Google\Chrome\Application\21.0.1180.89\avcodec-54.dll MOD - [2012/07/11 12:54:20 | 000,971,776 | ---- | M] () -- C:\Program Files\WapSter\WapSter AQQ\System\Shared\Plugins\SMS.dll MOD - [2012/06/25 12:00:16 | 001,187,840 | ---- | M] () -- C:\Program Files\WapSter\WapSter AQQ\System\Shared\Plugins\GGNet.dll MOD - [2012/06/22 13:55:48 | 000,627,424 | ---- | M] () -- C:\Program Files\StartNow Toolbar\Toolbar32.dll MOD - [2012/05/04 07:16:48 | 000,310,272 | ---- | M] () -- C:\Program Files\WapSter\WapSter AQQ\System\Shared\Plugins\Contact.dll MOD - [2012/04/25 19:52:28 | 001,270,160 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\qtscript4.dll MOD - [2012/04/25 19:52:26 | 007,422,352 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\qtgui4.dll MOD - [2012/04/25 19:52:24 | 000,795,024 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\qtnetwork4.dll MOD - [2012/04/25 19:52:24 | 000,192,912 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\qtsql4.dll MOD - [2012/04/25 19:52:22 | 002,453,904 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\qtdeclarative4.dll MOD - [2012/04/25 19:52:22 | 002,126,224 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\qtcore4.dll MOD - [2011/09/27 05:16:40 | 000,103,936 | ---- | M] () -- C:\Program Files\Winamp\System\png.w5s MOD - [2011/09/27 05:16:40 | 000,090,112 | ---- | M] () -- C:\Program Files\Winamp\System\xml.w5s MOD - [2011/09/27 05:16:40 | 000,047,616 | ---- | M] () -- C:\Program Files\Winamp\zlib.dll MOD - [2011/09/27 05:16:40 | 000,021,504 | ---- | M] () -- C:\Program Files\Winamp\System\tagz.w5s MOD - [2011/09/27 05:16:39 | 000,623,616 | ---- | M] () -- C:\Program Files\Winamp\System\jnetlib.w5s MOD - [2011/09/27 05:16:39 | 000,410,624 | ---- | M] () -- C:\Program Files\Winamp\nsutil.dll MOD - [2011/09/27 05:16:39 | 000,313,344 | ---- | M] () -- C:\Program Files\Winamp\Plugins\in_wm.dll MOD - [2011/09/27 05:16:39 | 000,285,696 | ---- | M] () -- C:\Program Files\Winamp\Plugins\in_mp3.dll MOD - [2011/09/27 05:16:39 | 000,253,440 | ---- | M] () -- C:\Program Files\Winamp\libsndfile.dll MOD - [2011/09/27 05:16:39 | 000,252,416 | ---- | M] () -- C:\Program Files\Winamp\Plugins\in_vorbis.dll MOD - [2011/09/27 05:16:39 | 000,183,808 | ---- | M] () -- C:\Program Files\Winamp\Plugins\gen_jumpex.dll MOD - [2011/09/27 05:16:39 | 000,165,376 | ---- | M] () -- C:\Program Files\Winamp\Plugins\in_mod.dll MOD - [2011/09/27 05:16:39 | 000,154,624 | ---- | M] () -- C:\Program Files\Winamp\System\jpeg.w5s MOD - [2011/09/27 05:16:39 | 000,109,568 | ---- | M] () -- C:\Program Files\Winamp\Plugins\in_midi.dll MOD - [2011/09/27 05:16:39 | 000,102,400 | ---- | M] () -- C:\Program Files\Winamp\Plugins\in_cdda.dll MOD - [2011/09/27 05:16:39 | 000,084,480 | ---- | M] () -- C:\Program Files\Winamp\System\playlist.w5s MOD - [2011/09/27 05:16:39 | 000,078,848 | ---- | M] () -- C:\Program Files\Winamp\nde.dll MOD - [2011/09/27 05:16:39 | 000,060,928 | ---- | M] () -- C:\Program Files\Winamp\Plugins\in_flac.dll MOD - [2011/09/27 05:16:39 | 000,052,224 | ---- | M] () -- C:\Program Files\Winamp\Plugins\out_ds.dll MOD - [2011/09/27 05:16:39 | 000,050,688 | ---- | M] () -- C:\Program Files\Winamp\Plugins\in_mp4.dll MOD - [2011/09/27 05:16:39 | 000,027,648 | ---- | M] () -- C:\Program Files\Winamp\Plugins\gen_hotkeys.dll MOD - [2011/09/27 05:16:39 | 000,025,600 | ---- | M] () -- C:\Program Files\Winamp\Plugins\gen_tray.dll MOD - [2011/09/27 05:16:39 | 000,023,040 | ---- | M] () -- C:\Program Files\Winamp\System\albumart.w5s MOD - [2011/09/27 05:16:39 | 000,022,528 | ---- | M] () -- C:\Program Files\Winamp\Plugins\out_disk.dll MOD - [2011/09/27 05:16:39 | 000,019,456 | ---- | M] () -- C:\Program Files\Winamp\System\gif.w5s MOD - [2011/09/27 05:16:39 | 000,019,456 | ---- | M] () -- C:\Program Files\Winamp\System\bmp.w5s MOD - [2011/09/27 05:16:39 | 000,018,432 | ---- | M] () -- C:\Program Files\Winamp\Plugins\out_wave.dll MOD - [2011/09/27 05:16:39 | 000,016,896 | ---- | M] () -- C:\Program Files\Winamp\Plugins\in_wave.dll MOD - [2011/09/27 05:16:39 | 000,016,896 | ---- | M] () -- C:\Program Files\Winamp\System\dlmgr.w5s MOD - [2011/09/27 05:16:39 | 000,016,384 | ---- | M] () -- C:\Program Files\Winamp\System\gracenote.w5s MOD - [2007/09/02 11:58:52 | 000,495,616 | ---- | M] () -- D:\Programy Użytkowe\Różne\RocketDock\RocketDock.exe MOD - [2007/09/02 11:57:36 | 000,069,632 | ---- | M] () -- D:\Programy Użytkowe\Różne\RocketDock\RocketDock.dll MOD - [1998/10/31 04:55:56 | 000,005,120 | ---- | M] () -- C:\Program Files\VDOTool\TBMANAGE.DLL [color=#E56717]========== Services (SafeList) ==========[/color] SRV - [2012/07/04 19:48:27 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012/06/22 13:55:48 | 000,265,952 | ---- | M] () [Auto | Running] -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe -- (Updater Service for StartNow Toolbar) SRV - [2012/04/25 19:53:38 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe -- (KSS) SRV - [2012/04/06 19:45:06 | 000,253,600 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012/03/19 11:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7) SRV - [2011/11/28 18:01:23 | 000,127,192 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall) SRV - [2011/11/28 18:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2011/09/27 13:23:37 | 001,343,400 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2011/05/21 13:01:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2010/04/17 00:10:58 | 000,036,864 | ---- | M] (Realtek) [Auto | Running] -- C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtlService.exe -- (Realtek11nCU) SRV - [2009/12/23 21:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) SRV - [2009/07/14 01:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009/07/14 01:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009/07/14 01:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub) DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc) DRV - File not found [Kernel | System | Stopped] -- -- (SCDEmu) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a8luccfc) DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a2qlq2z4) DRV - File not found [Kernel | Auto | Stopped] -- C:\Users\Przemek\AppData\Local\Temp\5689.sys -- (5689) DRV - [2012/07/06 16:10:01 | 000,016,376 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv) DRV - [2012/01/13 22:38:07 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt) DRV - [2012/01/13 22:38:06 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt) DRV - [2011/11/28 17:54:38 | 000,111,320 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswFW.sys -- (aswFW) DRV - [2011/11/28 17:53:53 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2011/11/28 17:53:35 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2011/11/28 17:53:22 | 000,195,416 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswNdis2.sys -- (aswNdis2) DRV - [2011/11/28 17:52:19 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2011/11/28 17:52:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2011/11/28 17:52:07 | 000,055,128 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2011/11/28 17:51:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2011/11/01 05:59:59 | 000,232,512 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV - [2011/11/01 05:56:56 | 000,443,448 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd) DRV - [2011/09/06 20:10:01 | 000,012,112 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswNdis.sys -- (aswNdis) DRV - [2011/05/10 00:54:02 | 000,895,592 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rtwlanu.sys -- (RTL8192cu) DRV - [2010/11/20 12:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus) DRV - [2010/11/20 12:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt) DRV - [2010/11/20 12:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc) DRV - [2010/11/20 10:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010/11/20 10:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV - [2010/11/20 10:06:36 | 000,117,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rmcast.sys -- (RMCAST) DRV - [2010/11/20 09:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010/11/20 09:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2010/11/20 09:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap) DRV - [2010/06/23 18:24:58 | 000,023,040 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\htcnprot.sys -- (htcnprot) DRV - [2010/06/21 18:56:22 | 000,023,144 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rtlss.sys -- (rtlss) DRV - [2010/06/07 23:57:00 | 010,888,168 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2009/10/26 23:54:24 | 000,025,088 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ANDROIDUSB.sys -- (HTCAND32) DRV - [2009/07/24 16:56:16 | 000,009,472 | ---- | M] (Primax Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NMgamingms.sys -- (NMgamingmsFltr) DRV - [2007/03/16 10:11:38 | 000,012,256 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\TBPanel.sys -- (TBPanel) DRV - [2007/03/16 10:11:38 | 000,012,256 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TBPanel.sys -- (Cardex) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\URLSearchHook: {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll (Conduit Ltd.) IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC"]http://www.bing.com/...ms}&FORM=IE8SRC[/url] IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = [url="http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1098640"]http://search.condui...&ctid=CT1098640[/url] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = [url="http://www.google.com/custom?domains=entretieneteds.to.md&q=&sitesearch=&client=pub-3439752189615153"]http://www.google.co...439752189615153[/url] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [url="http://www.google.com/ie"]http://www.google.com/ie[/url] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.entretieneteds.vze.com"]http://www.entretieneteds.vze.com[/url] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = [url="http://search.conduit.com?SearchSource=10&ctid=CT1098640"]http://search.condui...&ctid=CT1098640[/url] IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) IE - HKCU\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b} IE - HKCU\..\SearchScopes\{0388404D-6072-4CEB-B521-8F090FEAEE57}: "URL" = [url="http://klit.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=PL&install_date=20111224&user_guid=DB20AC865BC0467ABB3FE49403CDCAAF&machine_id=cfe81b0789dd4eb1ff8b8a4918f6120f&browser=IE&os=win&os_version=6.1-x86-SP1&iesrc={referrer:source}"]http://klit.startnow...eferrer:source}[/url] IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?FORM=WLETDF&PC=WLEM&q={searchTerms}&src=IE-SearchBox"]http://www.bing.com/...rc=IE-SearchBox[/url] IE - HKCU\..\SearchScopes\{70312062-A4FF-4FAF-A727-11AF09998315}: "URL" = [url="http://websearch.ask.com/redirect?client=ie&tb=HIP&o=102876&src=kw&q={searchTerms}&locale=&apn_ptnrs=6G&apn_dtid=YYYYYYYYPL&apn_uid=a3293717-cc9e-4893-9ef1-275980342616&apn_sauid=4F21E87E-5A97-49C5-84F9-ECE3C9F0B8B8"]http://websearch.ask...F9-ECE3C9F0B8B8[/url] IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = [url="http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1098640"]http://search.condui...&ctid=CT1098640[/url] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=;ftp=;https=; [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Ask.com" FF - prefs.js..browser.search.defaultthis.engineName: " " FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.selectedEngine: "Ask.com" FF - prefs.js..browser.startup.homepage: "http://www.ask.com/?l=dis&o=102876&gct=hp" FF - prefs.js..extensions.enabledAddons: {5911488E-9D1E-40ec-8CBB-06B231CC153F}:2.5.0 FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?client=ff&src=kw&tb=HIP&o=102876&locale=en_US&apn_uid=a3293717-cc9e-4893-9ef1-275980342616&apn_ptnrs=6G&apn_sauid=4F21E87E-5A97-49C5-84F9-ECE3C9F0B8B8&apn_dtid=YYYYYYYYPL&&q=" FF - prefs.js..network.proxy.backup.ftp: "213.180.131.135 " FF - prefs.js..network.proxy.backup.ftp_port: 80 FF - prefs.js..network.proxy.backup.socks: "213.180.131.135 " FF - prefs.js..network.proxy.backup.socks_port: 80 FF - prefs.js..network.proxy.backup.ssl: "213.180.131.135 " FF - prefs.js..network.proxy.backup.ssl_port: 80 FF - prefs.js..network.proxy.ftp: " " FF - prefs.js..network.proxy.ftp_port: 80 FF - prefs.js..network.proxy.http: " " FF - prefs.js..network.proxy.http_port: 80 FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks: " " FF - prefs.js..network.proxy.socks_port: 80 FF - prefs.js..network.proxy.ssl: " " FF - prefs.js..network.proxy.ssl_port: 80 FF - prefs.js..network.proxy.type: 0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_228.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: D:\Programy Użytkowe\Multimedialne\Real Alternative\rmvb\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: D:\Programy Użytkowe\Multimedialne\Real Alternative\rmvb\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\Programy Użytkowe\Różne\adreader\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Przemek\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Przemek\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: D:\Programy Użytkowe\Internetowe\NEWFIERFOX\components [2012/07/04 19:48:29 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: D:\Programy Użytkowe\Internetowe\NEWFIERFOX\plugins [2011/09/26 05:52:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Przemek\AppData\Roaming\mozilla\Extensions [2012/09/13 16:35:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\z90bwu48.default\extensions [2012/08/25 07:19:18 | 000,000,000 | ---D | M] (StartNow Toolbar) -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\z90bwu48.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F} [2012/09/13 16:35:36 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\z90bwu48.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} [2012/01/30 20:32:38 | 000,000,000 | ---D | M] (Default Manager) -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\z90bwu48.default\extensions\DefaultManager@Microsoft [2011/12/24 18:14:16 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\z90bwu48.default\extensions\ffxtlbr@babylon.com [2012/06/03 18:39:46 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\z90bwu48.default\extensions\toolbar@ask.com [2012/08/15 12:35:02 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\Przemek\AppData\Roaming\mozilla\firefox\profiles\z90bwu48.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012/06/03 18:39:46 | 000,002,325 | ---- | M] () -- C:\Users\Przemek\AppData\Roaming\mozilla\firefox\profiles\z90bwu48.default\searchplugins\askcom.xml [2011/09/27 01:47:25 | 000,000,863 | ---- | M] () -- C:\Users\Przemek\AppData\Roaming\mozilla\firefox\profiles\z90bwu48.default\searchplugins\conduit.xml [color=#E56717]========== Chrome ==========[/color] CHR - homepage: [url="http://www.interia.pl/"]http://www.interia.pl/[/url] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}, CHR - homepage: [url="http://www.interia.pl/"]http://www.interia.pl/[/url] CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Przemek\AppData\Local\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Przemek\AppData\Local\Google\Chrome\Application\21.0.1180.89\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Przemek\AppData\Local\Google\Chrome\Application\21.0.1180.89\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_228.dll CHR - plugin: Java Deployment Toolkit 6.0.270.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: Adobe Acrobat (Enabled) = D:\Programy U\u017Cytkowe\R\u00F3\u017Cne\adreader\Reader\Browser\nppdf32.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Google Update (Enabled) = C:\Users\Przemek\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = D:\Programy U\u017Cytkowe\Multimedialne\Real Alternative\rmvb\browser\plugins\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = D:\Programy U\u017Cytkowe\Multimedialne\Real Alternative\rmvb\browser\plugins\nprpjplug.dll CHR - Extension: YouTube = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Szukaj w Google = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Marlies Dekkers = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\fepnljgdbelppefncogilfbjikmnbhjm\2_1\ CHR - Extension: StartNow = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\incfcgceegpikennjoplhfghaaikdgei\2.5.0_0\ CHR - Extension: Gmail = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2012/09/13 01:01:30 | 000,000,761 | RHS- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO) O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll () O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O2 - BHO: (Softonic Helper Object) - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files\Softonic\Softonic\1.5.21.0\bh\Softonic.dll (Softonic.com) O2 - BHO: (free-downloads.net Toolbar) - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Softonic Toolbar) - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files\Softonic\Softonic\1.5.21.0\SoftonicTlbr.dll (Softonic.com) O3 - HKLM\..\Toolbar: (StartNow Toolbar) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll () O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.) O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (free-downloads.net Toolbar) - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll (Conduit Ltd.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [SonyAgent] C:\Windows\sony.exe (6Outb) O4 - HKLM..\Run: [TBPanel] C:\Program Files\VDOTool\TBPanel.exe (Palit Microsystems, Inc.) O4 - HKCU..\Run: [KSS] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe (Kaspersky Lab ZAO) O4 - HKCU..\Run: [RocketDock] D:\Programy Użytkowe\Różne\RocketDock\RocketDock.exe () O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil10x_ActiveX.exe (Adobe Systems, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_31) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [url="http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab"]http://fpdownload2.m...ash/swflash.cab[/url] (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.128.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2D42BCD6-DB7A-436B-B838-E909927887F9}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6F7B9DED-E2C6-49B9-AE23-560BDB54ED1D}: DhcpNameServer = 192.168.42.129 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F9AD45CC-712D-40BF-8E08-B26B7CF07656}: DhcpNameServer = 10.128.1.1 192.168.1.1 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O22 - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\System32\DreamScene.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 21:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{4f10d3d3-f3c2-11e0-ad2f-001d7dadae61}\Shell - "" = AutoRun O33 - MountPoints2\{4f10d3d3-f3c2-11e0-ad2f-001d7dadae61}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{82213c85-044e-11e1-8a4a-001d7dadae61}\Shell - "" = AutoRun O33 - MountPoints2\{82213c85-044e-11e1-8a4a-001d7dadae61}\Shell\AutoRun\command - "" = I:\_AUTORUN\Autorun.exe O33 - MountPoints2\{82213c85-044e-11e1-8a4a-001d7dadae61}\Shell\instDX\command - "" = I:\DirectX\DXSetup.exe O33 - MountPoints2\{82213c85-044e-11e1-8a4a-001d7dadae61}\Shell\readme\command - "" = notepad readme.txt O33 - MountPoints2\{a844d5c2-044a-11e1-90d8-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{a844d5c2-044a-11e1-90d8-806e6f6e6963}\Shell\AutoRun\command - "" = G:\autorun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012/09/13 20:10:54 | 000,600,064 | ---- | C] (OldTimer Tools) -- C:\Users\Przemek\Desktop\OTL.exe [2012/09/13 17:11:44 | 000,000,000 | ---D | C] -- C:\Users\Przemek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan [2012/09/13 17:11:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab [2012/09/13 17:11:22 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab [2012/09/05 20:48:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grupa IMAGE [2012/09/05 20:47:49 | 000,000,000 | ---D | C] -- C:\Program Files\Grupa IMAGE [2012/09/02 08:13:44 | 000,000,000 | ---D | C] -- C:\Users\Przemek\Desktop\chlopy [2012/08/25 19:14:40 | 000,000,000 | ---D | C] -- C:\Users\Przemek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live Security Platinum [2012/08/25 07:19:13 | 000,000,000 | ---D | C] -- C:\Users\Przemek\AppData\Roaming\StartNow Toolbar [2012/08/16 14:24:04 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2012/08/16 14:24:02 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2012/08/16 14:24:01 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2012/08/16 14:24:00 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2012/08/16 14:23:59 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2012/08/16 14:23:58 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2012/08/16 14:23:56 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2012/08/15 21:15:36 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2012/08/15 21:08:40 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browcli.dll [1 C:\Users\Przemek\Documents\*.tmp files -> C:\Users\Przemek\Documents\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012/09/13 20:31:56 | 000,000,558 | ---- | M] () -- C:\Windows\DFC.INI [2012/09/13 20:31:09 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-287313733-2324512822-4218863682-1000UA.job [2012/09/13 20:11:51 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Users\Przemek\Desktop\OTL.exe [2012/09/13 19:46:01 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012/09/13 19:39:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/09/13 16:51:55 | 1609,424,896 | -HS- | M] () -- C:\hiberfil.sys [2012/09/13 06:46:54 | 000,001,014 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-287313733-2324512822-4218863682-1000Core.job [2012/09/13 01:01:30 | 000,000,761 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts [2012/09/12 20:59:13 | 000,048,686 | ---- | M] () -- C:\Users\Przemek\Desktop\marta.jpg [2012/09/11 15:48:45 | 020,919,925 | ---- | M] () -- C:\Users\Przemek\Desktop\Matura Solutions Intermediate Student's Book.pdf [2012/09/10 19:53:48 | 000,697,658 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2012/09/10 19:53:48 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012/09/10 19:53:48 | 000,134,768 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2012/09/10 19:53:48 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012/09/08 17:43:23 | 000,003,396 | ---- | M] () -- C:\Users\Przemek\.recently-used.xbel [2012/09/05 20:48:01 | 000,001,308 | ---- | M] () -- C:\Users\Przemek\Desktop\Prawo Jazdy ABCDT - egzamin wewnętrzny.lnk [2012/08/22 06:10:46 | 000,018,544 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/08/22 06:10:46 | 000,018,544 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/08/16 03:19:13 | 000,420,280 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [1 C:\Users\Przemek\Documents\*.tmp files -> C:\Users\Przemek\Documents\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012/09/12 20:59:13 | 000,048,686 | ---- | C] () -- C:\Users\Przemek\Desktop\marta.jpg [2012/09/11 15:44:39 | 020,919,925 | ---- | C] () -- C:\Users\Przemek\Desktop\Matura Solutions Intermediate Student's Book.pdf [2012/09/08 17:43:23 | 000,003,396 | ---- | C] () -- C:\Users\Przemek\.recently-used.xbel [2012/09/05 20:48:01 | 000,001,308 | ---- | C] () -- C:\Users\Przemek\Desktop\Prawo Jazdy ABCDT - egzamin wewnętrzny.lnk [2012/08/09 23:45:21 | 000,000,310 | ---- | C] () -- C:\Users\Przemek\AppData\Roaming\regdatels.dat [2012/08/02 11:57:11 | 000,000,406 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2012/07/06 15:59:41 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini [2012/07/06 14:27:18 | 000,000,558 | ---- | C] () -- C:\Windows\DFC.INI [2012/03/04 01:34:00 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe [2012/02/11 18:26:02 | 000,000,017 | ---- | C] () -- C:\Users\Przemek\AppData\Local\resmon.resmoncfg [2012/02/11 18:08:26 | 000,000,640 | RHS- | C] () -- C:\Users\Przemek\ntuser.pol [2012/02/04 20:25:44 | 000,000,927 | ---- | C] () -- C:\Windows\posteriza.INI [2012/01/27 20:53:23 | 000,162,355 | ---- | C] () -- C:\Windows\Animated GIF Converter and Booster Pack Uninstaller.exe [2012/01/27 20:51:01 | 000,164,586 | ---- | C] () -- C:\Windows\Video Cleaner Uninstaller.exe [2012/01/27 20:30:14 | 000,162,164 | ---- | C] () -- C:\Windows\Video Cleaner Lite Uninstaller.exe [2012/01/15 00:54:08 | 000,086,016 | ---- | C] () -- C:\Windows\System32\install.dll [2012/01/15 00:54:08 | 000,036,864 | ---- | C] () -- C:\Windows\System32\WRLSetup.exe [2012/01/15 00:54:08 | 000,032,768 | ---- | C] () -- C:\Windows\System32\SmartInstallCfg2.dll [2012/01/15 00:54:08 | 000,028,672 | ---- | C] () -- C:\Windows\System32\CCS24.exe [2012/01/13 22:38:07 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys [2012/01/13 22:38:06 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys [2011/12/29 19:08:03 | 000,189,248 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe [2011/12/29 19:08:02 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe [2011/12/24 18:12:53 | 000,074,752 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2011/12/24 17:57:04 | 000,129,024 | ---- | C] () -- C:\Windows\System32\AVERM.dll [2011/12/24 17:57:04 | 000,028,672 | ---- | C] () -- C:\Windows\System32\AVEQT.dll [2011/12/21 04:38:59 | 000,009,728 | ---- | C] () -- C:\Users\Przemek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/11/23 03:20:11 | 000,006,656 | ---- | C] () -- C:\Windows\System32\bcmwlrc.dll [2011/11/19 17:39:21 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat [2011/11/01 04:57:28 | 000,009,728 | ---- | C] () -- C:\Windows\System32\BASSMOD.dll [2011/10/14 19:26:27 | 000,000,001 | ---- | C] () -- C:\Windows\System32\SI.bin [2011/09/28 01:01:34 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe [2011/09/28 01:00:21 | 000,193,536 | ---- | C] () -- C:\Windows\System32\sppcomapi.dll [2011/09/28 00:59:32 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2011/09/26 05:24:48 | 000,697,658 | ---- | C] () -- C:\Windows\System32\perfh015.dat [2011/09/26 05:24:48 | 000,337,158 | ---- | C] () -- C:\Windows\System32\perfi015.dat [2011/09/26 05:24:48 | 000,134,768 | ---- | C] () -- C:\Windows\System32\perfc015.dat [2011/09/26 05:24:48 | 000,038,710 | ---- | C] () -- C:\Windows\System32\perfd015.dat [2011/06/10 13:34:52 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll [2011/02/22 19:39:04 | 000,240,640 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2011/02/22 19:37:30 | 000,650,752 | ---- | C] () -- C:\Windows\System32\xvidcore.dll[/color] [color=#333333]< End of report >[/color] [color=#333333][/log][/color]Można zamknąć, odnalazłem wirusa, skasowałem Edytowane 13 września 2012 przez bub log
wirusolog komentarz 14 września 2012 komentarz 14 września 2012 (edytowane) [b]1.[/b] Uruchom OTL i w oknie [b]Własne opcje skanowania/Skrypt[/b] wklej następujący tekst: [quote]:OTL O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1 O4 - HKLM..\Run: [SonyAgent] C:\Windows\sony.exe (6Outb) O4 - HKLM..\Run: [] File not found DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) DRV - File not found [Kernel | Auto | Stopped] -- C:\Users\Przemek\AppData\Local\Temp\5689.sys -- (5689) DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub) DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc) :Files C:\Users\Przemek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live Security Platinum C:\Users\Przemek\AppData\Roaming\regdatels.dat :Commands [resethosts] [emptytemp][/quote]Kliknij w [b]Wykonaj skrypt[/b]. Zatwierdź restart komputera. [b]2.[/b] Przez Panel sterowania odinstaluj: [b]free-downloads.net Toolbar / Ask Toolbar / Babylon Toolbar / StartNow Toolbar[/b] [b]3.[/b] Użyj [url="http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner"][color=#1072E0][b]AdwCleaner[/b][/color][/url] z opcji [b]Delete[/b]. Pokaż raport który się wyświetli w notatniku po restarcie albo znajdziesz go: [b]C:\Clean.txt[/b] [b]4.[/b] Uruchamiasz OTL ponownie (zaznacz wszystkie opcje na "Użyj filtrowania"), tym razem wywołujesz opcję [b]Skanuj[/b]. Pokazujesz nowe logi z OTL i pokazujesz raport z czyszczenia AdwCleanerem. Edytowane 14 września 2012 przez wirusolog
slawek123 komentarz 14 września 2012 Autor komentarz 14 września 2012 ADW [log] # AdwCleaner v2.001 - Logfile created 09/14/2012 at 16:45:28 # Updated 09/09/2012 by Xplode # Operating system : Windows 7 Ultimate Service Pack 1 (32 bits) # User : Przemek - PRZEMEK-PC # Boot Mode : Normal # Running from : C:\Users\Przemek\Desktop\adwcleaner.exe # Option [Delete] ***** [Services] ***** Stopped & Deleted : Updater Service for StartNow Toolbar ***** [Files / Folders] ***** File Deleted : C:\user.js File Deleted : C:\Users\Przemek\AppData\Roaming\Mozilla\Firefox\Profiles\z90bwu48.default\searchplugins\Askcom.xml File Deleted : C:\Users\Przemek\AppData\Roaming\Mozilla\Firefox\Profiles\z90bwu48.default\searchplugins\Conduit.xml Folder Deleted : C:\Program Files\Conduit Folder Deleted : C:\Program Files\Softonic Folder Deleted : C:\Users\Adam\AppData\LocalLow\AskToolbar Folder Deleted : C:\Users\Adam\AppData\LocalLow\Conduit Folder Deleted : C:\Users\Przemek\AppData\Local\APN Folder Deleted : C:\Users\Przemek\AppData\Local\Babylon Folder Deleted : C:\Users\Przemek\AppData\Local\Conduit Folder Deleted : C:\Users\Przemek\AppData\Local\OpenCandy Folder Deleted : C:\Users\Przemek\AppData\Local\Temp\AskSearch Folder Deleted : C:\Users\Przemek\AppData\Local\Temp\BabylonToolbar Folder Deleted : C:\Users\Przemek\AppData\LocalLow\Conduit Folder Deleted : C:\Users\Przemek\AppData\Roaming\Babylon Folder Deleted : C:\Users\Przemek\AppData\Roaming\Mozilla\Firefox\Profiles\z90bwu48.default\ConduitCommon Folder Deleted : C:\Users\Przemek\AppData\Roaming\Mozilla\Firefox\Profiles\z90bwu48.default\CT2786678 Folder Deleted : C:\Users\Przemek\AppData\Roaming\Mozilla\Firefox\Profiles\z90bwu48.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F} Folder Deleted : C:\Users\Przemek\AppData\Roaming\Mozilla\Firefox\Profiles\z90bwu48.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} Folder Deleted : C:\Users\Przemek\AppData\Roaming\Mozilla\Firefox\Profiles\z90bwu48.default\extensions\ffxtlbr@babylon.com Folder Deleted : C:\Users\Przemek\AppData\Roaming\OpenCandy ***** [Registry] ***** Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5018CFD2-804D-4C99-9F81-25EAEA2769DE} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5911488E-9D1E-40EC-8CBB-06B231CC153F} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13D095-45C3-4271-9475-F3B48227DD9F} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E87806B5-E908-45FD-AF5E-957D83E58E68} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5911488E-9D1E-40EC-8CBB-06B231CC153F} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13D095-45C3-4271-9475-F3B48227DD9F} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87806B5-E908-45FD-AF5E-957D83E58E68} Key Deleted : HKCU\Software\Softonic Key Deleted : HKCU\Software\Zugo Key Deleted : HKLM\Software\Babylon Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7E8A36EA-2501-4ED3-A3C8-CFA9143FB169} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B15F118E-AF21-45E8-A809-29FDD7362565} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{FAA8C612-F1B6-461B-8B60-B54D74D9642E} Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\Toolbar.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\ToolbarBroker.EXE Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2CBD2A57-2FD5-4F1A-9FC8-90ED48FA4187} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{44B50C01-4993-48E2-ADEE-D812BAE2E9A2} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5018CFD2-804D-4C99-9F81-25EAEA2769DE} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5911488E-9D1E-40EC-8CBB-06B231CC153F} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E13D095-45C3-4271-9475-F3B48227DD9F} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A3E2F089-DDBB-4CBF-B06C-5D44DA316ED3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A5679AB0-C59E-49E7-83C4-5289F844A6E0} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA0167C2-6295-41B8-9BDA-704B2F5E4CD9} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E87806B5-E908-45FD-AF5E-957D83E58E68} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E65F40C8-3CEB-47C2-9E01-BF73323DF4E7} Key Deleted : HKLM\SOFTWARE\Classes\S Key Deleted : HKLM\SOFTWARE\Classes\Softonic.dskBnd Key Deleted : HKLM\SOFTWARE\Classes\Softonic.dskBnd.1 Key Deleted : HKLM\SOFTWARE\Classes\Softonic.SoftonicHlpr Key Deleted : HKLM\SOFTWARE\Classes\Softonic.SoftonicHlpr.1 Key Deleted : HKLM\SOFTWARE\Classes\SoftonicApp.appCore Key Deleted : HKLM\SOFTWARE\Classes\SoftonicApp.appCore.1 Key Deleted : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc Key Deleted : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc.1 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObject Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObject.1 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1098640 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject.1 Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11D9E165-B8C1-4734-A56C-BC4FCACA966B} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{38BF9661-BDA0-4A74-BB3B-576EC7AE16DC} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6857AC4A-95B4-4E2C-B2D2-8A235FCCEF4A} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B15F118E-AF21-45E8-A809-29FDD7362565} Key Deleted : HKLM\SOFTWARE\Classes\ZGClnt.Mngr Key Deleted : HKLM\SOFTWARE\Classes\ZGClnt.Mngr.1 Key Deleted : HKLM\Software\Conduit Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2CBD2A57-2FD5-4F1A-9FC8-90ED48FA4187} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CF034EA-7B46-48D3-8895-8A14B32AE445} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13D095-45C3-4271-9475-F3B48227DD9F} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Softonic Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\StartNow Toolbar Key Deleted : HKLM\Software\Softonic Key Deleted : HKLM\Software\StartNow Toolbar Key Deleted : HKU\S-1-5-21-287313733-2324512822-4218863682-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Value Deleted : HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel [Homepage] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{5018CFD2-804D-4C99-9F81-25EAEA2769DE}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{5911488E-9D1E-40EC-8CBB-06B231CC153F}] ***** [Internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16421 Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope] Restored : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope] Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope] Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope] Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope] Restored : [HKU\S-1-5-21-287313733-2324512822-4218863682-1001\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope] Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page Restore] = hxxp://search.conduit.com?SearchSource=10&ctid=CT1098640 --> hxxp://www.google.com -\\ Mozilla Firefox v13.0.1 (pl) Profile name : default File : C:\Users\Przemek\AppData\Roaming\Mozilla\Firefox\Profiles\z90bwu48.default\prefs.js C:\Users\Przemek\AppData\Roaming\Mozilla\Firefox\Profiles\z90bwu48.default\user.js ... Deleted ! Deleted : user_pref("CT2786678..clientLogIsEnabled", false); Deleted : user_pref("CT2786678..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...] Deleted : user_pref("CT2786678..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...] Deleted : user_pref("CT2786678.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx"); Deleted : user_pref("CT2786678.AppTrackingLastCheckTime", "Mon Sep 26 2011 20:26:44 GMT-0700 (Pacyfik (czas le[...] Deleted : user_pref("CT2786678.BrowserCompStateIsOpen_129579220236217502", true); Deleted : user_pref("CT2786678.CTID", "CT2786678"); Deleted : user_pref("CT2786678.CommunitiesChangesLastCheckTime", "0"); Deleted : user_pref("CT2786678.CurrentServerDate", "26-9-2011"); Deleted : user_pref("CT2786678.DSInstall", true); Deleted : user_pref("CT2786678.DialogsAlignMode", "LTR"); Deleted : user_pref("CT2786678.DialogsGetterLastCheckTime", "Mon Sep 26 2011 19:00:47 GMT-0700 (Pacyfik (czas [...] Deleted : user_pref("CT2786678.DownloadReferralCookieData", ""); Deleted : user_pref("CT2786678.EMailNotifierPollDate", "Mon Sep 26 2011 19:05:44 GMT-0700 (Pacyfik (czas letni[...] Deleted : user_pref("CT2786678.EnableClickToSearchBox", false); Deleted : user_pref("CT2786678.EnableSearchHistory", false); Deleted : user_pref("CT2786678.EnableSearchSuggest", false); Deleted : user_pref("CT2786678.FeedLastCount5690698542593514850", 159); Deleted : user_pref("CT2786678.FeedPollDate2429156812186649977", "Mon Sep 26 2011 19:00:45 GMT-0700 (Pacyfik ([...] Deleted : user_pref("CT2786678.FeedPollDate2429156813040823546", "Mon Sep 26 2011 19:00:45 GMT-0700 (Pacyfik ([...] Deleted : user_pref("CT2786678.FeedPollDate2429156813130095866", "Mon Sep 26 2011 19:00:45 GMT-0700 (Pacyfik ([...] Deleted : user_pref("CT2786678.FeedPollDate2429156813224203613", "Mon Sep 26 2011 19:00:45 GMT-0700 (Pacyfik ([...] Deleted : user_pref("CT2786678.FeedPollDate2429156813230837251", "Mon Sep 26 2011 19:00:45 GMT-0700 (Pacyfik ([...] Deleted : user_pref("CT2786678.FeedPollDate2429156813454291735", "Mon Sep 26 2011 19:00:45 GMT-0700 (Pacyfik ([...] Deleted : user_pref("CT2786678.FeedPollDate2429156813729834876", "Mon Sep 26 2011 19:00:45 GMT-0700 (Pacyfik ([...] Deleted : user_pref("CT2786678.FeedPollDate2429156813860870021", "Mon Sep 26 2011 19:00:45 GMT-0700 (Pacyfik ([...] Deleted : user_pref("CT2786678.FeedPollDate2429156814264681793", "Mon Sep 26 2011 19:00:45 GMT-0700 (Pacyfik ([...] Deleted : user_pref("CT2786678.FeedPollDate2429156814863075366", "Mon Sep 26 2011 19:00:45 GMT-0700 (Pacyfik ([...] Deleted : user_pref("CT2786678.FeedPollDate2429156815257761081", "Mon Sep 26 2011 19:00:45 GMT-0700 (Pacyfik ([...] Deleted : user_pref("CT2786678.FeedTTL2429156813130095866", 10); Deleted : user_pref("CT2786678.FeedTTL2429156813454291735", 5); Deleted : user_pref("CT2786678.FeedTTL2429156814264681793", 5); Deleted : user_pref("CT2786678.FirstServerDate", "26-9-2011"); Deleted : user_pref("CT2786678.FirstTime", true); Deleted : user_pref("CT2786678.FirstTimeFF3", true); Deleted : user_pref("CT2786678.FixPageNotFoundErrors", false); Deleted : user_pref("CT2786678.GroupingInvalidateCache", false); Deleted : user_pref("CT2786678.GroupingLastCheckTime", "0"); Deleted : user_pref("CT2786678.GroupingLastServerUpdateTime", "0"); Deleted : user_pref("CT2786678.GroupingServerCheckInterval", 1440); Deleted : user_pref("CT2786678.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/"); Deleted : user_pref("CT2786678.HPInstall", false); Deleted : user_pref("CT2786678.HasUserGlobalKeys", true); Deleted : user_pref("CT2786678.HomePageProtectorEnabled", true); Deleted : user_pref("CT2786678.HomepageBeforeUnload", "hxxp://search.conduit.com/?ctid=CT2786678&SearchSource=[...] Deleted : user_pref("CT2786678.Initialize", true); Deleted : user_pref("CT2786678.InitializeCommonPrefs", true); Deleted : user_pref("CT2786678.InstallationAndCookieDataSentCount", 2); Deleted : user_pref("CT2786678.InstallationType", "UnknownIntegration"); Deleted : user_pref("CT2786678.InstalledDate", "Mon Sep 26 2011 19:00:42 GMT-0700 (Pacyfik (czas letni))"); Deleted : user_pref("CT2786678.InvalidateCache", false); Deleted : user_pref("CT2786678.IsAlertDBUpdated", true); Deleted : user_pref("CT2786678.IsGrouping", false); Deleted : user_pref("CT2786678.IsInitSetupIni", true); Deleted : user_pref("CT2786678.IsMulticommunity", false); Deleted : user_pref("CT2786678.IsOpenThankYouPage", true); Deleted : user_pref("CT2786678.IsOpenUninstallPage", false); Deleted : user_pref("CT2786678.IsProtectorsInit", true); Deleted : user_pref("CT2786678.LanguagePackLastCheckTime", "Mon Sep 26 2011 19:00:47 GMT-0700 (Pacyfik (czas l[...] Deleted : user_pref("CT2786678.LanguagePackReloadIntervalMM", 1440); Deleted : user_pref("CT2786678.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...] Deleted : user_pref("CT2786678.LastLogin_3.7.0.6", "Mon Sep 26 2011 19:00:45 GMT-0700 (Pacyfik (czas letni))")[...] Deleted : user_pref("CT2786678.LatestVersion", "3.7.0.6"); Deleted : user_pref("CT2786678.Locale", "en"); Deleted : user_pref("CT2786678.MCDetectTooltipHeight", "83"); Deleted : user_pref("CT2786678.MCDetectTooltipShow", false); Deleted : user_pref("CT2786678.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1"); Deleted : user_pref("CT2786678.MCDetectTooltipWidth", "295"); Deleted : user_pref("CT2786678.MyStuffEnabledAtInstallation", true); Deleted : user_pref("CT2786678.OriginalFirstVersion", "3.7.0.6"); Deleted : user_pref("CT2786678.RadioLastCheckTime", "0"); Deleted : user_pref("CT2786678.RadioLastUpdateIPServer", "0"); Deleted : user_pref("CT2786678.RadioLastUpdateServer", "0"); Deleted : user_pref("CT2786678.RadioShrinkedFromSetup", false); Deleted : user_pref("CT2786678.SavedHomepage", "interia.pl"); Deleted : user_pref("CT2786678.SearchBackToDefaultEngine", false); Deleted : user_pref("CT2786678.SearchBoxWidth", 100); Deleted : user_pref("CT2786678.SearchCaption", " "); Deleted : user_pref("CT2786678.SearchEngineBeforeUnload", " "); Deleted : user_pref("CT2786678.SearchFromAddressBarIsInit", true); Deleted : user_pref("CT2786678.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT278[...] Deleted : user_pref("CT2786678.SearchInNewTabEnabled", true); Deleted : user_pref("CT2786678.SearchInNewTabIntervalMM", 1440); Deleted : user_pref("CT2786678.SearchInNewTabLastCheckTime", "Mon Sep 26 2011 19:00:45 GMT-0700 (Pacyfik (czas[...] Deleted : user_pref("CT2786678.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...] Deleted : user_pref("CT2786678.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...] Deleted : user_pref("CT2786678.SearchInNewTabUserEnabled", false); Deleted : user_pref("CT2786678.SearchProtectorEnabled", false); Deleted : user_pref("CT2786678.SearchProtectorToolbarDisabled", true); Deleted : user_pref("CT2786678.SendProtectorDataViaLogin", true); Deleted : user_pref("CT2786678.ServiceMapLastCheckTime", "Mon Sep 26 2011 19:00:42 GMT-0700 (Pacyfik (czas let[...] Deleted : user_pref("CT2786678.SettingsLastCheckTime", "Mon Sep 26 2011 20:26:37 GMT-0700 (Pacyfik (czas letni[...] Deleted : user_pref("CT2786678.SettingsLastUpdate", "1314985690"); Deleted : user_pref("CT2786678.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2786678&SearchSource=13"); Deleted : user_pref("CT2786678.ThirdPartyComponentsInterval", 504); Deleted : user_pref("CT2786678.ThirdPartyComponentsLastCheck", "Mon Sep 26 2011 19:00:42 GMT-0700 (Pacyfik (cz[...] Deleted : user_pref("CT2786678.ThirdPartyComponentsLastUpdate", "1312887586"); Deleted : user_pref("CT2786678.ToolbarDisabled", true); Deleted : user_pref("CT2786678.ToolbarShrinkedFromSetup", false); Deleted : user_pref("CT2786678.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2786678"); Deleted : user_pref("CT2786678.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...] Deleted : user_pref("CT2786678.UserID", "UN26940362220623240"); Deleted : user_pref("CT2786678.ValidationData_Toolbar", 2); Deleted : user_pref("CT2786678.WeatherNetwork", ""); Deleted : user_pref("CT2786678.WeatherPollDate", "Mon Sep 26 2011 19:00:42 GMT-0700 (Pacyfik (czas letni))"); Deleted : user_pref("CT2786678.WeatherUnit", "C"); Deleted : user_pref("CT2786678.alertChannelId", "1178763"); Deleted : user_pref("CT2786678.approveUntrustedApps", false); Deleted : user_pref("CT2786678.components.1000034", false); Deleted : user_pref("CT2786678.components.1000080", false); Deleted : user_pref("CT2786678.components.1000082", false); Deleted : user_pref("CT2786678.components.1000234", false); Deleted : user_pref("CT2786678.components.129295698017012804", false); Deleted : user_pref("CT2786678.components.129309485163350924", false); Deleted : user_pref("CT2786678.components.129309489763975460", false); Deleted : user_pref("CT2786678.components.129315411424256896", false); Deleted : user_pref("CT2786678.components.129526967958500204", false); Deleted : user_pref("CT2786678.components.129579220236217502", false); Deleted : user_pref("CT2786678.components.5690698542593514850", false); Deleted : user_pref("CT2786678.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...] Deleted : user_pref("CT2786678.globalFirstTimeInfoLastCheckTime", "Mon Sep 26 2011 19:00:47 GMT-0700 (Pacyfik [...] Deleted : user_pref("CT2786678.homepageProtectorEnableByLogin", true); Deleted : user_pref("CT2786678.initDone", true); Deleted : user_pref("CT2786678.isAppTrackingManagerOn", true); Deleted : user_pref("CT2786678.isFirstRadioInstallation", false); Deleted : user_pref("CT2786678.isSearchProtectorNotifyChanges", false); Deleted : user_pref("CT2786678.myStuffEnabled", true); Deleted : user_pref("CT2786678.myStuffPublihserMinWidth", 400); Deleted : user_pref("CT2786678.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...] Deleted : user_pref("CT2786678.myStuffServiceIntervalMM", 1440); Deleted : user_pref("CT2786678.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...] Deleted : user_pref("CT2786678.revertSettingsEnabled", true); Deleted : user_pref("CT2786678.searchProtectorDialogDelayInSec", 10); Deleted : user_pref("CT2786678.searchProtectorEnableByLogin", true); Deleted : user_pref("CT2786678.testingCtid", ""); Deleted : user_pref("CT2786678.toolbarAppMetaDataLastCheckTime", "Mon Sep 26 2011 19:00:45 GMT-0700 (Pacyfik ([...] Deleted : user_pref("CT2786678.toolbarContextMenuLastCheckTime", "Mon Sep 26 2011 19:00:45 GMT-0700 (Pacyfik ([...] Deleted : user_pref("CT2786678.usageEnabled", false); Deleted : user_pref("CT2786678.usagesFlag", 2); Deleted : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2786678&Search[...] Deleted : user_pref("CommunityToolbar.ConduitSearchList", " "); Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1178763/1174448/PL", "\"0\"[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/5747/5719/PL", "\"0\""); Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT1098640", [...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2786678", [...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.7.[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT1098640",[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2786678",[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT1098640&octid=[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2786678&octid=[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Poppy/equalizer_de[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Poppy/minimize.gif[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Poppy/play.gif", "[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Poppy/stop.gif", "[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Poppy/vol.gif", "\[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE",[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"[...] Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Przemek\\AppData\\Roaming\\Mozilla\[...] Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.7.0.6"); Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", ""); Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2786678"); Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2786678"); Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT2786678"); Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Wed Nov 02 2011 14:54:56 GMT-0700 (Pac[...] Deleted : user_pref("CommunityToolbar.globalUserId", "4694322f-8876-4b5d-ba4d-eaaf70dd1b18"); Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true); Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true); Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Wed Nov 02 2011 14:54:5[...] Deleted : user_pref("CommunityToolbar.notifications.alertEnabled", true); Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60); Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Wed Nov 02 2011 14:54:59 GMT-070[...] Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com"); Deleted : user_pref("CommunityToolbar.notifications.locale", "en"); Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440); Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Wed Nov 02 2011 14:54:54 GMT-0700 (P[...] Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611"); Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20); Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com"); Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false); Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300); Deleted : user_pref("CommunityToolbar.notifications.userId", "53d40d91-e33b-4143-ad6f-b84abc8cc264"); Deleted : user_pref("CommunityToolbar.originalHomepage", "interia.pl"); Deleted : user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties[...] Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&Sea[...] Deleted : user_pref("browser.search.order.1", "Ask.com"); Deleted : user_pref("browser.search.selectedEngine", "Ask.com"); Deleted : user_pref("browser.startup.homepage", "hxxp://www.ask.com/?l=dis&o=102876&gct=hp"); Deleted : user_pref("extensions.BabylonToolbar.admin", false); Deleted : user_pref("extensions.BabylonToolbar.aflt", "babsst"); Deleted : user_pref("extensions.BabylonToolbar.babExt", ""); Deleted : user_pref("extensions.BabylonToolbar.babTrack", "affID=1101316"); Deleted : user_pref("extensions.BabylonToolbar.bbDpng", 24); Deleted : user_pref("extensions.BabylonToolbar.dfltSrch", false); Deleted : user_pref("extensions.BabylonToolbar.hmpg", false); Deleted : user_pref("extensions.BabylonToolbar.id", "c82210ce000000000000001d7dadae61"); Deleted : user_pref("extensions.BabylonToolbar.instlDay", "15332"); Deleted : user_pref("extensions.BabylonToolbar.instlRef", "sst"); Deleted : user_pref("extensions.BabylonToolbar.lastDP", 24); Deleted : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.5.3.179:28:20"); Deleted : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "8.0"); Deleted : user_pref("extensions.BabylonToolbar.newTab", true); Deleted : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_bb"); Deleted : user_pref("extensions.BabylonToolbar.noFFXTlbr", false); Deleted : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar"); Deleted : user_pref("extensions.BabylonToolbar.propectorlck", 63310613); Deleted : user_pref("extensions.BabylonToolbar.prtnrId", "babylon"); Deleted : user_pref("extensions.BabylonToolbar.ptch_0717", true); Deleted : user_pref("extensions.BabylonToolbar.smplGrp", "none"); Deleted : user_pref("extensions.BabylonToolbar.srcExt", "ss"); Deleted : user_pref("extensions.BabylonToolbar.tlbrId", "tb9"); Deleted : user_pref("extensions.BabylonToolbar.vrsn", "1.5.3.17"); Deleted : user_pref("extensions.BabylonToolbar.vrsnTs", "1.5.3.179:28:20"); Deleted : user_pref("extensions.BabylonToolbar.vrsni", "1.5.3.17"); Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babsst"); Deleted : user_pref("extensions.BabylonToolbar_i.babExt", ""); Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=1101316"); Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "c82210ce000000000000001d7dadae61"); Deleted : user_pref("extensions.BabylonToolbar_i.id", "c82210ce000000000000001d7dadae61"); Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15332"); Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "sst"); Deleted : user_pref("extensions.BabylonToolbar_i.newTab", false); Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar"); Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon"); Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss"); Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9"); Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17"); Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.179:28:20"); Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17"); Deleted : user_pref("extensions.Softonic.admin", false); Deleted : user_pref("extensions.Softonic.aflt", "SD"); Deleted : user_pref("extensions.Softonic.autoRvrt", "false"); Deleted : user_pref("extensions.Softonic.dfltLng", "pl"); Deleted : user_pref("extensions.Softonic.excTlbr", false); Deleted : user_pref("extensions.Softonic.id", "c82210ce000000000000001d7dadae61"); Deleted : user_pref("extensions.Softonic.instlDay", "15467"); Deleted : user_pref("extensions.Softonic.instlRef", "MON00085"); Deleted : user_pref("extensions.Softonic.prdct", "Softonic"); Deleted : user_pref("extensions.Softonic.prtnrId", "softonic"); Deleted : user_pref("extensions.Softonic.rvrtMsg", "Click Yes to keep current home page and default search set[...] Deleted : user_pref("extensions.Softonic.tlbrId", "base"); Deleted : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/MON00085/tb_v1?SearchSource[...] Deleted : user_pref("extensions.Softonic.vrsn", "1.5.21.0"); Deleted : user_pref("extensions.Softonic.vrsni", "1.5.21.0"); Deleted : user_pref("extensions.Softonic_i.newTab", false); Deleted : user_pref("extensions.Softonic_i.smplGrp", "none"); Deleted : user_pref("extensions.Softonic_i.vrsnTs", "1.5.21.020:03:40"); Deleted : user_pref("{5911488E-9D1E-40ec-8CBB-06B231CC153F}.install_folder", "C:\\Program Files\\StartNow Tool[...] Deleted : user_pref("{5911488E-9D1E-40ec-8CBB-06B231CC153F}.name", "StartNow Toolbar"); Deleted : user_pref("{5911488E-9D1E-40ec-8CBB-06B231CC153F}.startpage", "klit.startnow.com"); Deleted : user_pref("browser.search.defaultengine", "Ask.com"); Deleted : user_pref("browser.search.defaultenginename", "Ask.com"); Profile name : default File : C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\5mav2459.default\prefs.js Deleted : user_pref("browser.search.defaultengine", "Ask.com"); Deleted : user_pref("browser.search.defaultenginename", "Ask.com"); Deleted : user_pref("browser.search.order.1", "Ask.com"); Deleted : user_pref("browser.search.selectedEngine", "Ask.com"); Deleted : user_pref("extensions.asktb.ff-original-keyword-url", ""); Deleted : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=HIP&o=102876&locale=[...] -\\ Google Chrome v21.0.1180.89 File : C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[S1].txt - [32427 octets] - [14/09/2012 16:45:28] ########## EOF - C:\AdwCleaner[S1].txt - [32488 octets] ########## [/log] OTL: [log] OTL logfile created on: 9/14/2012 4:53:50 PM - Run 2 OTL by OldTimer - Version 3.2.61.3 Folder = C:\Users\Przemek\Desktop Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: Poland | Language: PLK | Date Format: yyyy-MM-dd 2.00 Gb Total Physical Memory | 1.31 Gb Available Physical Memory | 65.38% Memory free 4.00 Gb Paging File | 3.00 Gb Available in Paging File | 75.08% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 40.04 Gb Total Space | 8.56 Gb Free Space | 21.38% Space Free | Partition Type: NTFS Drive D: | 58.59 Gb Total Space | 46.48 Gb Free Space | 79.33% Space Free | Partition Type: NTFS Drive E: | 134.25 Gb Total Space | 52.21 Gb Free Space | 38.89% Space Free | Partition Type: NTFS Drive H: | 76.33 Gb Total Space | 13.99 Gb Free Space | 18.33% Space Free | Partition Type: NTFS Computer Name: PRZEMEK-PC | User Name: Przemek | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2012/09/13 20:11:51 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Users\Przemek\Desktop\OTL.exe PRC - [2012/08/30 02:58:46 | 001,229,848 | ---- | M] (Google Inc.) -- C:\Users\Przemek\AppData\Local\Google\Chrome\Application\chrome.exe PRC - [2012/04/25 19:53:38 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe PRC - [2012/03/23 05:19:22 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Users\Przemek\AppData\Local\Google\Update\GoogleUpdate.exe PRC - [2012/03/19 11:38:47 | 007,357,824 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\TeamViewer.exe PRC - [2012/03/19 11:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe PRC - [2012/03/19 11:29:38 | 000,106,368 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\tv_w32.exe PRC - [2012/01/18 14:02:04 | 000,508,136 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe PRC - [2012/01/18 14:02:04 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe PRC - [2011/12/29 19:08:02 | 000,075,136 | ---- | M] () -- C:\Windows\System32\PnkBstrA.exe PRC - [2011/11/28 18:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2011/11/28 18:01:23 | 000,127,192 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe PRC - [2011/11/28 18:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2011/11/17 05:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe PRC - [2011/05/21 13:01:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe PRC - [2011/05/04 04:28:31 | 000,427,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe PRC - [2011/05/04 04:28:31 | 000,164,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchProtocolHost.exe PRC - [2011/05/04 04:28:31 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchFilterHost.exe PRC - [2011/04/11 18:38:28 | 001,232,896 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe PRC - [2011/03/29 04:31:16 | 000,193,920 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE PRC - [2011/03/29 04:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE PRC - [2011/02/25 05:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010/11/20 12:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe PRC - [2010/11/20 12:17:55 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe PRC - [2010/11/20 12:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe PRC - [2010/11/20 12:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2010/11/20 12:17:45 | 000,317,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe PRC - [2010/11/20 12:17:16 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe PRC - [2010/06/07 17:47:34 | 000,129,640 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe PRC - [2010/04/17 00:10:58 | 000,036,864 | ---- | M] (Realtek) -- C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtlService.exe PRC - [2009/12/23 21:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe PRC - [2009/07/14 01:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe PRC - [2009/07/14 01:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009/07/14 01:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009/07/14 01:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009/07/14 01:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009/07/14 01:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009/07/14 01:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009/07/14 01:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009/07/14 01:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009/07/14 01:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009/07/14 01:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009/07/14 01:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009/07/14 01:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009/07/14 01:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe PRC - [2009/07/14 01:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe PRC - [2009/07/14 01:14:19 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe PRC - [2009/07/14 01:14:18 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dllhost.exe PRC - [2009/07/14 01:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe PRC - [2008/01/29 11:19:46 | 002,157,096 | ---- | M] (Palit Microsystems, Inc.) -- C:\Program Files\VDOTool\TBPANEL.exe PRC - [2007/09/02 11:58:52 | 000,495,616 | ---- | M] () -- D:\Programy Użytkowe\Różne\RocketDock\RocketDock.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2012/09/13 20:11:51 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Users\Przemek\Desktop\OTL.exe MOD - [2012/09/13 19:41:13 | 001,130,936 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\params.ppl MOD - [2012/09/13 19:40:39 | 002,474,424 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\basegui.ppl MOD - [2012/09/13 19:40:11 | 002,683,320 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\avpgui.ppl MOD - [2012/09/08 02:26:49 | 000,834,000 | ---- | M] (Google Inc.) -- C:\Users\Przemek\AppData\Local\Google\Update\1.3.21.123\goopdate.dll MOD - [2012/08/30 02:58:46 | 001,229,848 | ---- | M] (Google Inc.) -- C:\Users\Przemek\AppData\Local\Google\Chrome\Application\chrome.exe MOD - [2012/08/30 02:58:45 | 000,442,392 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll MOD - [2012/08/30 02:58:42 | 003,997,720 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Google\Chrome\Application\21.0.1180.89\pdf.dll MOD - [2012/08/30 02:57:24 | 009,962,520 | ---- | M] (The ICU Project) -- C:\Users\Przemek\AppData\Local\Google\Chrome\Application\21.0.1180.89\icudt.dll MOD - [2012/08/30 02:57:17 | 037,963,288 | ---- | M] (Google Inc.) -- C:\Users\Przemek\AppData\Local\Google\Chrome\Application\21.0.1180.89\chrome.dll MOD - [2012/08/30 02:57:15 | 000,144,424 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Google\Chrome\Application\21.0.1180.89\avutil-51.dll MOD - [2012/08/30 02:57:13 | 000,266,792 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Google\Chrome\Application\21.0.1180.89\avformat-54.dll MOD - [2012/08/30 02:57:12 | 002,480,680 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Google\Chrome\Application\21.0.1180.89\avcodec-54.dll MOD - [2012/07/04 21:16:56 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netapi32.dll MOD - [2012/07/04 21:14:34 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\browcli.dll MOD - [2012/06/29 00:27:10 | 009,737,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll MOD - [2012/06/29 00:09:32 | 001,103,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll MOD - [2012/06/29 00:09:01 | 001,129,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll MOD - [2012/06/29 00:06:35 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\ieproxy.dll MOD - [2012/06/29 00:01:33 | 001,793,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll MOD - [2012/06/26 03:35:58 | 001,375,288 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\OFFICE11\msxml5.dll MOD - [2012/06/09 04:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll MOD - [2012/06/06 05:05:52 | 001,390,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml6.dll MOD - [2012/06/02 04:40:39 | 000,225,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\schannel.dll MOD - [2012/06/02 04:39:10 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll MOD - [2012/04/25 19:53:38 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe MOD - [2012/04/25 19:53:32 | 000,038,288 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\winreg.ppl MOD - [2012/04/25 19:53:24 | 000,041,872 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\thpimpl.ppl MOD - [2012/04/25 19:53:12 | 000,046,480 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\pxstub.ppl MOD - [2012/04/25 19:53:00 | 000,115,088 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\nfio.ppl MOD - [2012/04/25 19:52:48 | 000,021,392 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\fsdrvplg.ppl MOD - [2012/04/25 19:52:32 | 000,102,800 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\ushata.dll MOD - [2012/04/25 19:52:28 | 001,270,160 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\qtscript4.dll MOD - [2012/04/25 19:52:26 | 007,422,352 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\qtgui4.dll MOD - [2012/04/25 19:52:26 | 000,377,232 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\service.dll MOD - [2012/04/25 19:52:24 | 000,795,024 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\qtnetwork4.dll MOD - [2012/04/25 19:52:24 | 000,192,912 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\qtsql4.dll MOD - [2012/04/25 19:52:22 | 002,453,904 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\qtdeclarative4.dll MOD - [2012/04/25 19:52:22 | 002,126,224 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\qtcore4.dll MOD - [2012/04/25 19:52:22 | 000,262,544 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\prloader.dll MOD - [2012/04/25 19:52:18 | 000,160,144 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\prremote.dll MOD - [2012/04/25 19:52:16 | 000,213,392 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\metainfo.dll MOD - [2012/04/25 19:52:16 | 000,074,128 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\memmon.dll MOD - [2012/04/25 19:52:14 | 000,594,320 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\localization_manager.dll MOD - [2012/04/25 19:52:10 | 000,123,280 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\dumpwriter.dll MOD - [2012/04/25 19:52:02 | 000,098,704 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\fssync.dll MOD - [2012/04/25 19:52:00 | 001,053,072 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\eka_meta.dll MOD - [2012/04/25 19:52:00 | 000,323,984 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\esmgr.dll MOD - [2012/04/25 19:51:52 | 000,422,288 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\avpmain.dll MOD - [2012/04/25 19:51:52 | 000,012,688 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\avpinit.dll MOD - [2012/04/24 04:36:42 | 001,158,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\crypt32.dll MOD - [2012/04/24 04:36:42 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptnet.dll MOD - [2012/04/21 04:21:01 | 001,625,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll MOD - [2012/03/23 05:19:22 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Users\Przemek\AppData\Local\Google\Update\GoogleUpdate.exe MOD - [2012/03/19 11:39:03 | 000,309,120 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\TeamViewer_Resource_pl.dll MOD - [2012/03/19 11:38:48 | 002,509,184 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\TeamViewer_StaticRes.dll MOD - [2012/03/19 11:38:47 | 007,357,824 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\TeamViewer.exe MOD - [2012/03/19 11:29:37 | 000,065,920 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\tv_w32.dll MOD - [2012/03/13 19:56:37 | 000,045,256 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\defs\12031400\uiext.dll MOD - [2012/03/01 05:37:41 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wintrust.dll MOD - [2012/03/01 05:33:23 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imagehlp.dll MOD - [2012/02/17 20:36:21 | 000,233,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DreamScene.dll MOD - [2012/01/27 11:06:06 | 000,053,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL MOD - [2012/01/27 11:06:02 | 003,781,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll MOD - [2012/01/27 11:01:09 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll MOD - [2012/01/27 11:01:09 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll MOD - [2012/01/18 14:02:04 | 000,508,136 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe MOD - [2012/01/18 14:02:04 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe MOD - [2011/12/16 07:52:58 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll MOD - [2011/12/07 23:57:33 | 000,108,616 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswJsFlt.dll MOD - [2011/11/28 18:01:33 | 000,199,280 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\1045\uiLangRes.dll MOD - [2011/11/28 18:01:33 | 000,091,624 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\1045\Base.dll MOD - [2011/11/28 18:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe MOD - [2011/11/28 18:01:22 | 001,821,000 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\CommonRes.dll MOD - [2011/11/28 18:01:22 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll MOD - [2011/11/28 18:01:20 | 000,398,576 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswSqLt.dll MOD - [2011/11/28 18:01:20 | 000,220,880 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswProperty.dll MOD - [2011/11/28 18:01:20 | 000,205,448 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswLog.dll MOD - [2011/11/28 18:01:20 | 000,025,728 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswUtil.dll MOD - [2011/11/28 18:01:19 | 000,048,888 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswEngLdr.dll MOD - [2011/11/28 18:01:18 | 000,682,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswAux.dll MOD - [2011/11/28 18:01:18 | 000,317,200 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnBS.dll MOD - [2011/11/28 18:01:18 | 000,167,832 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswData.dll MOD - [2011/11/28 18:01:18 | 000,163,736 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnIS.dll MOD - [2011/11/28 18:01:18 | 000,097,840 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnOS.dll MOD - [2011/11/28 18:01:17 | 000,204,448 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashBase.dll MOD - [2011/11/28 18:01:17 | 000,150,352 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashTask.dll MOD - [2011/11/28 18:01:17 | 000,122,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashShell.dll MOD - [2011/11/28 18:01:17 | 000,061,760 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashTaskEx.dll MOD - [2011/11/28 18:01:14 | 000,319,784 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\Aavm4h.dll MOD - [2011/11/28 18:01:14 | 000,159,616 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwCoreClient.dll MOD - [2011/11/28 18:01:14 | 000,034,480 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwGeoIP.dll MOD - [2011/11/28 18:01:14 | 000,034,456 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwRpc.dll MOD - [2011/11/28 18:01:14 | 000,031,896 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwCore.dll MOD - [2011/11/28 18:01:13 | 000,072,584 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AavmRpch.dll MOD - [2011/11/17 05:38:39 | 001,288,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll MOD - [2011/11/17 05:35:02 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\webio.dll MOD - [2011/11/17 05:34:55 | 000,100,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll MOD - [2011/11/17 05:34:52 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll MOD - [2011/10/28 03:36:44 | 000,811,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll MOD - [2011/10/28 03:36:00 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll MOD - [2011/10/22 18:44:43 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll MOD - [2011/10/22 18:44:43 | 000,569,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll MOD - [2011/09/28 01:11:00 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll MOD - [2011/08/27 04:26:27 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll MOD - [2011/08/27 04:26:27 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleacc.dll MOD - [2011/07/16 04:27:30 | 000,868,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll MOD - [2011/07/16 04:27:30 | 000,290,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll MOD - [2011/06/16 04:33:18 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll MOD - [2011/05/04 04:34:43 | 001,549,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll MOD - [2011/05/04 04:28:31 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchFilterHost.exe MOD - [2011/03/29 04:31:14 | 000,145,280 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL MOD - [2011/03/03 05:38:01 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dnsapi.dll MOD - [2011/02/25 05:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe MOD - [2011/01/17 05:47:13 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll MOD - [2010/11/20 12:21:39 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll MOD - [2010/11/20 12:21:39 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wtsapi32.dll MOD - [2010/11/20 12:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ws2_32.dll MOD - [2010/11/20 12:21:38 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WPDShServiceObj.dll MOD - [2010/11/20 12:21:36 | 001,010,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll MOD - [2010/11/20 12:21:36 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winhttp.dll MOD - [2010/11/20 12:21:36 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll MOD - [2010/11/20 12:21:36 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winmm.dll MOD - [2010/11/20 12:21:36 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winsta.dll MOD - [2010/11/20 12:21:36 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wkscli.dll MOD - [2010/11/20 12:21:35 | 001,063,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\werconcpl.dll MOD - [2010/11/20 12:21:35 | 000,381,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wer.dll MOD - [2010/11/20 12:21:34 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll MOD - [2010/11/20 12:21:33 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll MOD - [2010/11/20 12:21:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll MOD - [2010/11/20 12:21:28 | 000,505,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll MOD - [2010/11/20 12:21:27 | 002,146,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll MOD - [2010/11/20 12:21:27 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sxs.dll MOD - [2010/11/20 12:21:26 | 000,228,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\stobject.dll MOD - [2010/11/20 12:21:26 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srvcli.dll MOD - [2010/11/20 12:21:25 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll MOD - [2010/11/20 12:21:24 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll MOD - [2010/11/20 12:21:23 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SndVolSSO.dll MOD - [2010/11/20 12:21:19 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll MOD - [2010/11/20 12:21:15 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll MOD - [2010/11/20 12:21:15 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shacct.dll MOD - [2010/11/20 12:21:14 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll MOD - [2010/11/20 12:21:04 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll MOD - [2010/11/20 12:21:03 | 000,653,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll MOD - [2010/11/20 12:21:03 | 000,473,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\riched20.dll MOD - [2010/11/20 12:21:03 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RpcRtRemote.dll MOD - [2010/11/20 12:21:03 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll MOD - [2010/11/20 12:21:00 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\QUTIL.DLL MOD - [2010/11/20 12:20:57 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll MOD - [2010/11/20 12:20:57 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL MOD - [2010/11/20 12:20:57 | 000,165,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\provsvc.dll MOD - [2010/11/20 12:20:56 | 000,395,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\prnfldr.dll MOD - [2010/11/20 12:20:56 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sppc.dll MOD - [2010/11/20 12:20:55 | 001,750,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll MOD - [2010/11/20 12:20:55 | 000,547,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll MOD - [2010/11/20 12:20:49 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll MOD - [2010/11/20 12:20:49 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll MOD - [2010/11/20 12:20:46 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntshrui.dll MOD - [2010/11/20 12:20:30 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nlaapi.dll MOD - [2010/11/20 12:20:29 | 002,494,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netshell.dll MOD - [2010/11/20 12:20:29 | 001,661,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\networkexplorer.dll MOD - [2010/11/20 12:20:29 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll MOD - [2010/11/20 12:19:56 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mswsock.dll MOD - [2010/11/20 12:19:55 | 000,120,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll MOD - [2010/11/20 12:19:54 | 000,167,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msutb.dll MOD - [2010/11/20 12:19:53 | 000,209,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mstask.dll MOD - [2010/11/20 12:19:48 | 002,341,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msi.dll MOD - [2010/11/20 12:19:47 | 000,592,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll MOD - [2010/11/20 12:19:46 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdmo.dll MOD - [2010/11/20 12:19:45 | 000,481,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll MOD - [2010/11/20 12:19:45 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msasn1.dll MOD - [2010/11/20 12:19:39 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll MOD - [2010/11/20 12:19:32 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mapi32.dll MOD - [2010/11/20 12:19:23 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IPHLPAPI.DLL MOD - [2010/11/20 12:19:22 | 000,118,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll MOD - [2010/11/20 12:19:21 | 000,392,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll MOD - [2010/11/20 12:19:10 | 000,312,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hgcpl.dll MOD - [2010/11/20 12:19:10 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\HotStartUserAgent.dll MOD - [2010/11/20 12:19:05 | 002,576,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll MOD - [2010/11/20 12:19:05 | 000,304,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll MOD - [2010/11/20 12:19:03 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL MOD - [2010/11/20 12:19:03 | 000,206,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\framedynos.dll MOD - [2010/11/20 12:19:01 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll MOD - [2010/11/20 12:18:36 | 000,508,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll MOD - [2010/11/20 12:18:36 | 000,399,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DXP.dll MOD - [2010/11/20 12:18:35 | 001,371,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmcore.dll MOD - [2010/11/20 12:18:35 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll MOD - [2010/11/20 12:18:27 | 000,854,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dbghelp.dll MOD - [2010/11/20 12:18:25 | 001,828,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll MOD - [2010/11/20 12:18:25 | 001,003,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptui.dll MOD - [2010/11/20 12:18:25 | 000,418,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscui.dll MOD - [2010/11/20 12:18:25 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll MOD - [2010/11/20 12:18:25 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscapi.dll MOD - [2010/11/20 12:18:25 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscdll.dll MOD - [2010/11/20 12:18:24 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\credssp.dll MOD - [2010/11/20 12:18:23 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll MOD - [2010/11/20 12:18:23 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll MOD - [2010/11/20 12:18:12 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll MOD - [2010/11/20 12:18:06 | 000,740,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\batmeter.dll MOD - [2010/11/20 12:18:05 | 001,792,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authui.dll MOD - [2010/11/20 12:18:05 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll MOD - [2010/11/20 12:18:03 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll MOD - [2010/11/20 12:18:02 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll MOD - [2010/11/20 12:18:01 | 000,744,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ActionCenter.dll MOD - [2010/11/20 12:18:01 | 000,309,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\actxprxy.dll MOD - [2010/11/20 12:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe MOD - [2010/11/20 12:16:50 | 000,692,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl MOD - [2010/11/20 12:16:50 | 000,478,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl MOD - [2010/11/20 12:16:50 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv MOD - [2010/11/20 12:16:50 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wdmaud.drv MOD - [2010/11/20 11:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll MOD - [2010/11/05 01:58:19 | 000,297,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mscoree.dll MOD - [2010/06/07 23:57:00 | 004,967,528 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll MOD - [2010/06/07 23:57:00 | 001,592,424 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll MOD - [2010/06/07 17:47:34 | 013,917,800 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.dll MOD - [2010/03/18 13:16:28 | 000,413,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll MOD - [2009/07/14 01:17:54 | 000,249,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bcryptprimitives.dll MOD - [2009/07/14 01:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rsaenh.dll MOD - [2009/07/14 01:16:21 | 000,284,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WWanAPI.dll MOD - [2009/07/14 01:16:21 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wwapi.dll MOD - [2009/07/14 01:16:20 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscinterop.dll MOD - [2009/07/14 01:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wsock32.dll MOD - [2009/07/14 01:16:20 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wshqos.dll MOD - [2009/07/14 01:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wship6.dll MOD - [2009/07/14 01:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WSHTCPIP.DLL MOD - [2009/07/14 01:16:19 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll MOD - [2009/07/14 01:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winnsi.dll MOD - [2009/07/14 01:16:19 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanutil.dll MOD - [2009/07/14 01:16:18 | 000,262,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll MOD - [2009/07/14 01:16:18 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wercplsupport.dll MOD - [2009/07/14 01:16:17 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll MOD - [2009/07/14 01:16:17 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll MOD - [2009/07/14 01:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll MOD - [2009/07/14 01:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll MOD - [2009/07/14 01:16:16 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll MOD - [2009/07/14 01:16:16 | 000,239,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uDWM.dll MOD - [2009/07/14 01:16:15 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Syncreg.dll MOD - [2009/07/14 01:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll MOD - [2009/07/14 01:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\slc.dll MOD - [2009/07/14 01:16:14 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shfolder.dll MOD - [2009/07/14 01:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll MOD - [2009/07/14 01:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll MOD - [2009/07/14 01:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SensApi.dll MOD - [2009/07/14 01:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasapi32.dll MOD - [2009/07/14 01:16:12 | 000,159,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll MOD - [2009/07/14 01:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\powrprof.dll MOD - [2009/07/14 01:16:12 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PlaySndSrv.dll MOD - [2009/07/14 01:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasman.dll MOD - [2009/07/14 01:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll MOD - [2009/07/14 01:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasadhlp.dll MOD - [2009/07/14 01:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll MOD - [2009/07/14 01:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll MOD - [2009/07/14 01:16:11 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\npmproxy.dll MOD - [2009/07/14 01:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll MOD - [2009/07/14 01:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netprofm.dll MOD - [2009/07/14 01:15:48 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll MOD - [2009/07/14 01:15:47 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll MOD - [2009/07/14 01:15:44 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msiltcfg.dll MOD - [2009/07/14 01:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msimg32.dll MOD - [2009/07/14 01:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll MOD - [2009/07/14 01:15:43 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll MOD - [2009/07/14 01:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msacm32.dll MOD - [2009/07/14 01:15:41 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll MOD - [2009/07/14 01:15:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\midimap.dll MOD - [2009/07/14 01:15:37 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Magnification.dll MOD - [2009/07/14 01:15:36 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll MOD - [2009/07/14 01:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\linkinfo.dll MOD - [2009/07/14 01:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ksuser.dll MOD - [2009/07/14 01:15:27 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IconCodecService.dll MOD - [2009/07/14 01:15:24 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hcproviders.dll MOD - [2009/07/14 01:15:24 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hid.dll MOD - [2009/07/14 01:15:22 | 000,848,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FXSST.dll MOD - [2009/07/14 01:15:22 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gpapi.dll MOD - [2009/07/14 01:15:21 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FXSAPI.dll MOD - [2009/07/14 01:15:21 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fundisc.dll MOD - [2009/07/14 01:15:21 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fltLib.dll MOD - [2009/07/14 01:15:20 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fdProxy.dll MOD - [2009/07/14 01:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\es.dll MOD - [2009/07/14 01:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\EhStorShell.dll MOD - [2009/07/14 01:15:14 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehSSO.dll MOD - [2009/07/14 01:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dui70.dll MOD - [2009/07/14 01:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\duser.dll MOD - [2009/07/14 01:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll MOD - [2009/07/14 01:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll MOD - [2009/07/14 01:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc.dll MOD - [2009/07/14 01:15:11 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devrtl.dll MOD - [2009/07/14 01:15:11 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll MOD - [2009/07/14 01:15:11 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dimsjob.dll MOD - [2009/07/14 01:15:10 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devenum.dll MOD - [2009/07/14 01:15:08 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d8thk.dll MOD - [2009/07/14 01:15:07 | 000,149,019 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\crtdll.dll MOD - [2009/07/14 01:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptsp.dll MOD - [2009/07/14 01:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll MOD - [2009/07/14 01:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll MOD - [2009/07/14 01:14:59 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll MOD - [2009/07/14 01:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\avrt.dll MOD - [2009/07/14 01:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll MOD - [2009/07/14 01:14:57 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\avicap32.dll MOD - [2009/07/14 01:14:53 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AltTab.dll MOD - [2009/07/14 01:14:19 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe MOD - [2009/07/14 01:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx MOD - [2009/07/14 01:14:09 | 001,140,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscui.cpl MOD - [2009/07/14 01:14:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msacm32.drv MOD - [2009/07/14 01:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\normaliz.dll MOD - [2009/07/14 01:07:19 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt40.dll MOD - [2009/07/14 01:05:46 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\icmp.dll MOD - [2009/07/14 01:05:30 | 000,925,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FXSRESM.dll MOD - [2009/02/27 01:07:12 | 000,060,784 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\MSOHEVI.DLL MOD - [2009/02/27 00:45:38 | 000,043,392 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL MOD - [2008/01/29 11:19:46 | 002,157,096 | ---- | M] (Palit Microsystems, Inc.) -- C:\Program Files\VDOTool\TBPANEL.exe MOD - [2007/09/02 11:58:52 | 000,495,616 | ---- | M] () -- D:\Programy Użytkowe\Różne\RocketDock\RocketDock.exe MOD - [2007/09/02 11:57:36 | 000,069,632 | ---- | M] () -- D:\Programy Użytkowe\Różne\RocketDock\RocketDock.dll MOD - [2004/07/17 17:48:14 | 000,036,864 | ---- | M] (Gainward) -- C:\Program Files\VDOTool\GWLIB.DLL MOD - [1998/10/31 04:55:56 | 000,005,120 | ---- | M] () -- C:\Program Files\VDOTool\TBMANAGE.DLL [color=#E56717]========== Services (All) ==========[/color] SRV - [2012/07/04 21:14:34 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\browser.dll -- (Browser) SRV - [2012/07/04 19:48:27 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012/06/02 22:19:17 | 001,933,848 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\wuaueng.dll -- (wuauserv) SRV - [2012/04/25 19:53:38 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe -- (KSS) SRV - [2012/04/24 04:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\cryptsvc.dll -- (CryptSvc) SRV - [2012/04/06 19:45:06 | 000,253,600 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012/03/19 11:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7) SRV - [2011/12/29 19:08:02 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\System32\PnkBstrA.exe -- (PnkBstrA) SRV - [2011/11/28 18:01:23 | 000,127,192 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall) SRV - [2011/11/28 18:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2011/11/17 05:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lsass.exe -- (VaultSvc) SRV - [2011/11/17 05:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lsass.exe -- (SamSs) SRV - [2011/11/17 05:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lsass.exe -- (ProtectedStorage) SRV - [2011/11/17 05:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\lsass.exe -- (Netlogon) SRV - [2011/11/17 05:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\lsass.exe -- (KeyIso) SRV - [2011/11/17 05:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lsass.exe -- (EFS) SRV - [2011/09/27 13:23:37 | 001,343,400 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2011/07/20 13:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2011/05/24 10:44:59 | 000,293,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpnpmgr.dll -- (PlugPlay) SRV - [2011/05/21 13:01:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2011/05/04 04:28:31 | 000,427,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\SearchIndexer.exe -- (WSearch) SRV - [2011/03/29 04:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2011/03/03 05:38:01 | 000,132,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dnsrslvr.dll -- (Dnscache) SRV - [2011/02/19 06:30:54 | 000,805,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2010/11/20 12:21:40 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\WUDFSvc.dll -- (wudfsvc) SRV - [2010/11/20 12:21:39 | 001,175,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\WsmSvc.dll -- (WinRM) SRV - [2010/11/20 12:21:37 | 000,085,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wpdbusenum.dll -- (WPDBusEnum) SRV - [2010/11/20 12:21:36 | 000,351,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\winhttp.dll -- (WinHttpAutoProxySvc) SRV - [2010/11/20 12:21:36 | 000,084,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wkssvc.dll -- (LanmanWorkstation) SRV - [2010/11/20 12:21:35 | 001,086,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wevtsvc.dll -- (eventlog) SRV - [2010/11/20 12:21:35 | 000,463,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wiaservc.dll -- (StiSvc) SRV - [2010/11/20 12:21:35 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wcncsvc.dll -- (wcncsvc) SRV - [2010/11/20 12:21:35 | 000,204,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\WebClnt.dll -- (WebClient) SRV - [2010/11/20 12:21:33 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\umrdp.dll -- (UmRdpService) SRV - [2010/11/20 12:21:33 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power) SRV - [2010/11/20 12:21:28 | 000,521,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\termsrv.dll -- (TermService) SRV - [2010/11/20 12:21:28 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\tapisrv.dll -- (TapiSrv) SRV - [2010/11/20 12:21:28 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\TabSvc.dll -- (TabletInputService) SRV - [2010/11/20 12:21:27 | 001,159,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\sysmain.dll -- (SysMain) SRV - [2010/11/20 12:21:26 | 000,168,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\srvsvc.dll -- (LanmanServer) SRV - [2010/11/20 12:21:24 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify) SRV - [2010/11/20 12:21:19 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\shsvcs.dll -- (ShellHWDetection) SRV - [2010/11/20 12:21:08 | 000,113,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\SessEnv.dll -- (SessionEnv) SRV - [2010/11/20 12:21:06 | 000,125,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sdrsvc.dll -- (SDRSVC) SRV - [2010/11/20 12:21:05 | 000,750,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\schedsvc.dll -- (Schedule) SRV - [2010/11/20 12:21:03 | 000,376,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (RpcSs) SRV - [2010/11/20 12:21:03 | 000,376,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (DcomLaunch) SRV - [2010/11/20 12:21:00 | 000,286,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\rasmans.dll -- (RasMan) SRV - [2010/11/20 12:20:58 | 000,585,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\qmgr.dll -- (BITS) SRV - [2010/11/20 12:20:57 | 000,330,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\QAGENTRT.DLL -- (napagent) SRV - [2010/11/20 12:20:57 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider) SRV - [2010/11/20 12:20:57 | 000,164,352 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\profsvc.dll -- (ProfSvc) SRV - [2010/11/20 12:20:54 | 001,508,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pla.dll -- (pla) SRV - [2010/11/20 12:20:30 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nlasvc.dll -- (NlaSvc) SRV - [2010/11/20 12:19:40 | 000,566,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\MPSSVC.dll -- (MpsSvc) SRV - [2010/11/20 12:19:33 | 000,068,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\Mcx2Svc.dll -- (Mcx2Svc) SRV - [2010/11/20 12:19:28 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener) SRV - [2010/11/20 12:19:26 | 000,071,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\KMSVC.DLL -- (hkmsvc) SRV - [2010/11/20 12:19:23 | 000,499,712 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\iphlpsvc.dll -- (iphlpsvc) SRV - [2010/11/20 12:19:23 | 000,350,208 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\IPSECSVC.DLL -- (PolicyAgent) SRV - [2010/11/20 12:19:21 | 000,674,304 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\IKEEXT.DLL -- (IKEEXT) SRV - [2010/11/20 12:19:09 | 000,593,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\gpsvc.dll -- (gpsvc) SRV - [2010/11/20 12:18:34 | 000,214,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dot3svc.dll -- (dot3svc) SRV - [2010/11/20 12:18:34 | 000,144,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dps.dll -- (DPS) SRV - [2010/11/20 12:18:30 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp) SRV - [2010/11/20 12:18:25 | 000,546,304 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\cscsvc.dll -- (CscService) SRV - [2010/11/20 12:18:12 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\certprop.dll -- (SCPolicySvc) SRV - [2010/11/20 12:18:12 | 000,067,584 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\certprop.dll -- (CertPropSvc) SRV - [2010/11/20 12:18:06 | 000,494,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\BFE.DLL -- (BFE) SRV - [2010/11/20 12:18:06 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) SRV - [2010/11/20 12:18:05 | 000,473,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (Audiosrv) SRV - [2010/11/20 12:18:05 | 000,473,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (AudioEndpointBuilder) SRV - [2010/11/20 12:18:03 | 000,047,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appinfo.dll -- (Appinfo) SRV - [2010/11/20 12:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc) SRV - [2010/11/20 12:17:52 | 001,203,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbengine.exe -- (wbengine) SRV - [2010/11/20 12:17:51 | 001,025,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\VSSVC.exe -- (VSS) SRV - [2010/11/20 12:17:49 | 000,453,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\vds.exe -- (vds) SRV - [2010/11/20 12:17:48 | 000,204,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\servicing\TrustedInstaller.exe -- (TrustedInstaller) SRV - [2010/11/20 12:17:45 | 000,317,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\spoolsv.exe -- (Spooler) SRV - [2010/11/20 12:17:30 | 003,179,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc) SRV - [2010/11/20 12:17:22 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\msiexec.exe -- (msiserver) SRV - [2010/11/20 12:17:11 | 000,523,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FXSSVC.exe -- (Fax) SRV - [2010/11/20 12:17:07 | 000,556,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\ehome\ehrecvr.exe -- (ehRecvr) SRV - [2010/11/05 01:52:39 | 000,128,848 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing) SRV - [2010/11/05 01:52:36 | 000,878,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc) SRV - [2010/06/07 17:47:34 | 000,129,640 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Windows\System32\nvvsvc.exe -- (nvsvc) SRV - [2010/04/17 00:10:58 | 000,036,864 | ---- | M] (Realtek) [Auto | Running] -- C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtlService.exe -- (Realtek11nCU) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/12/23 21:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) SRV - [2009/07/14 01:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc) SRV - [2009/07/14 01:16:20 | 000,073,728 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\wscsvc.dll -- (wscsvc) SRV - [2009/07/14 01:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wpcsvc.dll -- (WPCSvc) SRV - [2009/07/14 01:16:19 | 000,829,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wlansvc.dll -- (Wlansvc) SRV - [2009/07/14 01:16:19 | 000,168,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wbem\WMIsvc.dll -- (Winmgmt) SRV - [2009/07/14 01:16:18 | 000,147,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wecsvc.dll -- (Wecsvc) SRV - [2009/07/14 01:16:18 | 000,076,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\wdi.dll -- (WdiSystemHost) SRV - [2009/07/14 01:16:18 | 000,076,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\wdi.dll -- (WdiServiceHost) SRV - [2009/07/14 01:16:18 | 000,065,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wersvc.dll -- (WerSvc) SRV - [2009/07/14 01:16:18 | 000,061,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wercplsupport.dll -- (wercplsupport) SRV - [2009/07/14 01:16:18 | 000,032,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\WcsPlugInService.dll -- (WcsPlugInService) SRV - [2009/07/14 01:16:17 | 000,288,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\w32time.dll -- (W32Time) SRV - [2009/07/14 01:16:17 | 000,266,752 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\upnphost.dll -- (upnphost) SRV - [2009/07/14 01:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc) SRV - [2009/07/14 01:16:17 | 000,029,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\uxsms.dll -- (UxSms) SRV - [2009/07/14 01:16:16 | 000,077,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\trkwks.dll -- (TrkWks) SRV - [2009/07/14 01:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes) SRV - [2009/07/14 01:16:15 | 000,313,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\swprv.dll -- (swprv) SRV - [2009/07/14 01:16:15 | 000,162,816 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ssdpsrv.dll -- (SSDPSRV) SRV - [2009/07/14 01:16:15 | 000,090,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sstpsvc.dll -- (SstpSvc) SRV - [2009/07/14 01:16:15 | 000,055,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\tbssvc.dll -- (TBS) SRV - [2009/07/14 01:16:13 | 000,132,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\SCardSvr.dll -- (SCardSvr) SRV - [2009/07/14 01:16:13 | 000,112,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\regsvc.dll -- (RemoteRegistry) SRV - [2009/07/14 01:16:13 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\Sens.dll -- (SENS) SRV - [2009/07/14 01:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper) SRV - [2009/07/14 01:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009/07/14 01:16:13 | 000,021,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\seclogon.dll -- (seclogon) SRV - [2009/07/14 01:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009/07/14 01:16:12 | 000,327,680 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\p2psvc.dll -- (p2psvc) SRV - [2009/07/14 01:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc) SRV - [2009/07/14 01:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc) SRV - [2009/07/14 01:16:12 | 000,210,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\qwave.dll -- (QWAVE) SRV - [2009/07/14 01:16:12 | 000,154,624 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pcasvc.dll -- (PcaSvc) SRV - [2009/07/14 01:16:12 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\rasauto.dll -- (RasAuto) SRV - [2009/07/14 01:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg) SRV - [2009/07/14 01:16:11 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nsisvc.dll -- (nsi) SRV - [2009/07/14 01:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netprofm.dll -- (netprofm) SRV - [2009/07/14 01:16:03 | 000,280,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\netman.dll -- (Netman) SRV - [2009/07/14 01:15:43 | 000,308,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\msdtckrm.dll -- (KtmRm) SRV - [2009/07/14 01:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2009/07/14 01:15:41 | 000,075,264 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\mprdim.dll -- (RemoteAccess) SRV - [2009/07/14 01:15:41 | 000,049,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\mmcss.dll -- (THREADORDER) SRV - [2009/07/14 01:15:41 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\mmcss.dll -- (MMCSS) SRV - [2009/07/14 01:15:36 | 000,189,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lltdsvc.dll -- (lltdsvc) SRV - [2009/07/14 01:15:36 | 000,018,432 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lmhsvc.dll -- (lmhosts) SRV - [2009/07/14 01:15:34 | 000,114,688 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\iscsiexe.dll -- (MSiSCSI) SRV - [2009/07/14 01:15:33 | 000,300,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ipnathlp.dll -- (SharedAccess) SRV - [2009/07/14 01:15:33 | 000,078,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IPBusEnum.dll -- (IPBusEnum) SRV - [2009/07/14 01:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\hidserv.dll -- (hidserv) SRV - [2009/07/14 01:15:20 | 000,028,160 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\FDResPub.dll -- (FDResPub) SRV - [2009/07/14 01:15:20 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\fdPHost.dll -- (fdPHost) SRV - [2009/07/14 01:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\es.dll -- (EventSystem) SRV - [2009/07/14 01:15:13 | 000,098,304 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\eapsvc.dll -- (EapHost) SRV - [2009/07/14 01:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc) SRV - [2009/07/14 01:15:00 | 000,064,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\bthserv.dll -- (bthserv) SRV - [2009/07/14 01:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC) SRV - [2009/07/14 01:14:53 | 000,149,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appmgmts.dll -- (AppMgmt) SRV - [2009/07/14 01:14:53 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\aelupsvc.dll -- (AeLookupSvc) SRV - [2009/07/14 01:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc) SRV - [2009/07/14 01:14:46 | 000,136,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbem\WmiApSrv.exe -- (wmiApSrv) SRV - [2009/07/14 01:14:43 | 000,035,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\UI0Detect.exe -- (UI0Detect) SRV - [2009/07/14 01:14:39 | 000,012,800 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\snmptrap.exe -- (SNMPTRAP) SRV - [2009/07/14 01:14:25 | 000,134,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\msdtc.exe -- (MSDTC) SRV - [2009/07/14 01:14:22 | 000,009,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Locator.exe -- (RpcLocator) SRV - [2009/07/14 01:14:19 | 000,094,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\ehome\ehsched.exe -- (ehSched) SRV - [2009/07/14 01:14:18 | 000,007,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dllhost.exe -- (COMSysApp) SRV - [2009/07/14 01:14:11 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\alg.exe -- (ALG) SRV - [2009/06/10 21:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009/06/10 21:14:51 | 000,042,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0) SRV - [2006/10/26 20:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose) [color=#E56717]========== Driver Services (All) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc) DRV - File not found [Kernel | System | Stopped] -- -- (SCDEmu) DRV - File not found [Kernel | On_Demand | Unknown] -- -- (ag67iakx) DRV - File not found [Kernel | On_Demand | Unknown] -- -- (afz5lsth) DRV - [2012/07/06 16:10:01 | 000,016,376 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv) DRV - [2012/06/02 04:45:04 | 000,067,440 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ksecdd.sys -- (KSecDD) DRV - [2012/06/02 04:45:03 | 000,134,000 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ksecpkg.sys -- (KSecPkg) DRV - [2012/06/02 04:40:59 | 000,369,336 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\cng.sys -- (CNG) DRV - [2012/04/28 03:17:07 | 000,183,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpwd.sys -- (RDPWD) DRV - [2012/03/30 10:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tcpip.sys -- (TCPIP6) DRV - [2012/03/30 10:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\tcpip.sys -- (Tcpip) DRV - [2012/03/17 07:27:18 | 000,056,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\partmgr.sys -- (partmgr) DRV - [2012/03/01 05:46:57 | 000,019,824 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\System32\drivers\fs_rec.sys -- (Fs_Rec) DRV - [2012/02/17 04:13:22 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tdtcp.sys -- (TDTCP) DRV - [2012/01/13 22:38:07 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt) DRV - [2012/01/13 22:38:06 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt) DRV - [2011/11/28 17:54:38 | 000,111,320 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswFW.sys -- (aswFW) DRV - [2011/11/28 17:53:53 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2011/11/28 17:53:35 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2011/11/28 17:53:22 | 000,195,416 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswNdis2.sys -- (aswNdis2) DRV - [2011/11/28 17:52:19 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2011/11/28 17:52:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2011/11/28 17:52:07 | 000,055,128 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2011/11/28 17:51:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2011/11/01 05:59:59 | 000,232,512 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV - [2011/11/01 05:56:56 | 000,443,448 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd) DRV - [2011/09/06 20:10:01 | 000,012,112 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswNdis.sys -- (aswNdis) DRV - [2011/07/09 02:30:00 | 000,223,744 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mrxsmb10.sys -- (mrxsmb10) DRV - [2011/06/10 13:34:52 | 000,394,856 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rt86win7.sys -- (RTL8167) DRV - [2011/05/10 00:54:02 | 000,895,592 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rtwlanu.sys -- (RTL8192cu) DRV - [2011/04/29 02:46:33 | 000,311,808 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\srv.sys -- (srv) DRV - [2011/04/29 02:46:15 | 000,310,272 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\srv2.sys -- (srv2) DRV - [2011/04/29 02:46:10 | 000,114,688 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\srvnet.sys -- (srvnet) DRV - [2011/04/27 02:17:28 | 000,096,768 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mrxsmb20.sys -- (mrxsmb20) DRV - [2011/04/27 02:17:22 | 000,123,904 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mrxsmb.sys -- (mrxsmb) DRV - [2011/04/25 02:18:03 | 000,338,944 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\afd.sys -- (AFD) DRV - [2011/03/25 02:58:37 | 000,258,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbhub.sys -- (usbhub) DRV - [2011/03/25 02:58:06 | 000,075,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbccgp.sys -- (usbccgp) DRV - [2011/03/25 02:57:58 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbehci.sys -- (usbehci) DRV - [2011/03/25 02:57:58 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbohci.sys -- (usbohci) DRV - [2011/03/25 02:57:56 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbuhci.sys -- (usbuhci) DRV - [2011/03/11 05:39:00 | 001,211,264 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\ntfs.sys -- (Ntfs) DRV - [2011/03/11 05:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvstor.sys -- (nvstor) DRV - [2011/03/11 05:39:00 | 000,117,120 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvraid.sys -- (nvraid) DRV - [2011/03/11 05:38:51 | 000,332,160 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\iaStorV.sys -- (iaStorV) DRV - [2011/03/11 05:38:37 | 000,080,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\amdsata.sys -- (amdsata) DRV - [2011/03/11 05:38:37 | 000,022,400 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amdxata.sys -- (amdxata) DRV - [2011/03/11 04:01:12 | 000,076,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBSTOR.SYS -- (USBSTOR) DRV - [2011/03/04 19:44:14 | 000,045,648 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\PxHelp20.sys -- (PxHelp20) DRV - [2011/02/23 04:47:33 | 000,069,632 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\bowser.sys -- (bowser) DRV - [2010/11/20 12:30:16 | 000,245,632 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\volsnap.sys -- (volsnap) DRV - [2010/11/20 12:30:16 | 000,053,120 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\volmgr.sys -- (volmgr) DRV - [2010/11/20 12:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus) DRV - [2010/11/20 12:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt) DRV - [2010/11/20 12:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc) DRV - [2010/11/20 12:30:14 | 000,160,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vhdmp.sys -- (vhdmp) DRV - [2010/11/20 12:30:12 | 000,053,120 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\termdd.sys -- (TermDD) DRV - [2010/11/20 12:30:10 | 000,173,440 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost) DRV - [2010/11/20 12:30:10 | 000,085,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sbp2port.sys -- (sbp2port) DRV - [2010/11/20 12:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ndis.sys -- (NDIS) DRV - [2010/11/20 12:30:06 | 000,153,984 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pci.sys -- (pci) DRV - [2010/11/20 12:30:05 | 000,233,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\msiscsi.sys -- (iScsiPrt) DRV - [2010/11/20 12:30:04 | 000,116,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\msdsm.sys -- (msdsm) DRV - [2010/11/20 12:30:01 | 000,130,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mpio.sys -- (mpio) DRV - [2010/11/20 12:30:01 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\msahci.sys -- (msahci) DRV - [2010/11/20 12:30:00 | 000,078,208 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mountmgr.sys -- (mountmgr) DRV - [2010/11/20 12:29:53 | 000,014,208 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy) DRV - [2010/11/20 12:29:47 | 000,728,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dxgkrnl.sys -- (DXGKrnl) DRV - [2010/11/20 12:29:15 | 000,274,304 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\acpi.sys -- (ACPI) DRV - [2010/11/20 12:24:30 | 000,194,800 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\fvevol.sys -- (fvevol) DRV - [2010/11/20 10:24:46 | 000,133,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpdr.sys -- (RDPDR) DRV - [2010/11/20 10:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010/11/20 10:22:20 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tssecsrv.sys -- (tssecsrv) DRV - [2010/11/20 10:22:19 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPCDD.sys -- (RDPCDD) DRV - [2010/11/20 10:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV - [2010/11/20 10:21:10 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tdpipe.sys -- (TDPIPE) DRV - [2010/11/20 10:07:50 | 000,118,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ndiswan.sys -- (NdisWan) DRV - [2010/11/20 10:07:45 | 000,063,488 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wanarp.sys -- (Wanarpv6) DRV - [2010/11/20 10:07:45 | 000,063,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wanarp.sys -- (WANARP) DRV - [2010/11/20 10:07:39 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ndproxy.sys -- (NDProxy) DRV - [2010/11/20 10:07:13 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\tcpipreg.sys -- (tcpipreg) DRV - [2010/11/20 10:06:41 | 000,108,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tunnel.sys -- (tunnel) DRV - [2010/11/20 10:06:36 | 000,117,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rmcast.sys -- (RMCAST) DRV - [2010/11/20 10:06:36 | 000,046,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ndisuio.sys -- (Ndisuio) DRV - [2010/11/20 10:01:12 | 000,164,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\1394ohci.sys -- (1394ohci) DRV - [2010/11/20 10:00:24 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\umbus.sys -- (umbus) DRV - [2010/11/20 10:00:21 | 000,304,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HdAudio.sys -- (HdAudAddService) DRV - [2010/11/20 09:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010/11/20 09:59:38 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hidusb.sys -- (HidUsb) DRV - [2010/11/20 09:59:29 | 000,108,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2010/11/20 09:59:20 | 000,132,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WUDFRd.sys -- (WUDFRd) DRV - [2010/11/20 09:58:59 | 000,092,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WUDFPf.sys -- (WudfPf) DRV - [2010/11/20 09:50:49 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sffp_sd.sys -- (sffp_sd) DRV - [2010/11/20 09:50:21 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus) DRV - [2010/11/20 09:50:10 | 000,028,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\kbdhid.sys -- (kbdhid) DRV - [2010/11/20 09:29:49 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\appid.sys -- (AppID) DRV - [2010/11/20 09:24:56 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter) DRV - [2010/11/20 09:19:15 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\IPMIDrv.sys -- (IPMIDRV) DRV - [2010/11/20 09:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2010/11/20 09:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap) DRV - [2010/11/20 08:47:55 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\acpipmi.sys -- (AcpiPmi) DRV - [2010/11/20 08:44:36 | 000,388,096 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\csc.sys -- (CSC) DRV - [2010/11/20 08:44:05 | 000,242,688 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\rdbss.sys -- (rdbss) DRV - [2010/11/20 08:42:43 | 000,115,712 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mrxdav.sys -- (MRxDAV) DRV - [2010/11/20 08:42:32 | 000,078,336 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\dfsc.sys -- (DfsC) DRV - [2010/11/20 08:42:28 | 000,246,784 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\udfs.sys -- (udfs) DRV - [2010/11/20 08:40:21 | 000,513,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\http.sys -- (HTTP) DRV - [2010/11/20 08:39:44 | 000,187,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\netbt.sys -- (NetBT) DRV - [2010/11/20 08:39:17 | 000,074,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\tdx.sys -- (tdx) DRV - [2010/11/20 08:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\cdrom.sys -- (cdrom) DRV - [2010/06/23 18:24:58 | 000,023,040 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\htcnprot.sys -- (htcnprot) DRV - [2010/06/21 18:56:22 | 000,023,144 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rtlss.sys -- (rtlss) DRV - [2010/06/07 23:57:00 | 010,888,168 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2009/10/26 23:54:24 | 000,025,088 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ANDROIDUSB.sys -- (HTCAND32) DRV - [2009/07/24 16:56:16 | 000,009,472 | ---- | M] (Primax Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NMgamingms.sys -- (NMgamingmsFltr) DRV - [2009/07/14 01:26:21 | 000,249,408 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\clfs.sys -- (CLFS) DRV - [2009/07/14 01:26:21 | 000,019,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\compbatt.sys -- (Compbatt) DRV - [2009/07/14 01:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\cmdide.sys -- (cmdide) DRV - [2009/07/14 01:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\adpahci.sys -- (adpahci) DRV - [2009/07/14 01:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\adp94xx.sys -- (adp94xx) DRV - [2009/07/14 01:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\amdsbs.sys -- (amdsbs) DRV - [2009/07/14 01:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\adpu320.sys -- (adpu320) DRV - [2009/07/14 01:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\arcsas.sys -- (arcsas) DRV - [2009/07/14 01:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\arc.sys -- (arc) DRV - [2009/07/14 01:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AMDAGP.SYS -- (amdagp) DRV - [2009/07/14 01:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGP440.sys -- (agp440) DRV - [2009/07/14 01:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\atapi.sys -- (atapi) DRV - [2009/07/14 01:26:15 | 000,014,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\amdide.sys -- (amdide) DRV - [2009/07/14 01:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\aliide.sys -- (aliide) DRV - [2009/07/14 01:20:45 | 000,012,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pciide.sys -- (pciide) DRV - [2009/07/14 01:20:44 | 000,162,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\msrpc.sys -- (MsRPC) DRV - [2009/07/14 01:20:44 | 000,105,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NV_AGP.SYS -- (nv_agp) DRV - [2009/07/14 01:20:44 | 000,049,728 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\mup.sys -- (Mup) DRV - [2009/07/14 01:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nfrd960.sys -- (nfrd960) DRV - [2009/07/14 01:20:44 | 000,041,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mouclass.sys -- (mouclass) DRV - [2009/07/14 01:20:44 | 000,028,240 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\mssmbios.sys -- (mssmbios) DRV - [2009/07/14 01:20:43 | 000,013,888 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\msisadrv.sys -- (msisadrv) DRV - [2009/07/14 01:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2009/07/14 01:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MegaSR.sys -- (MegaSR) DRV - [2009/07/14 01:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2009/07/14 01:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2009/07/14 01:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV - [2009/07/14 01:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\isapnp.sys -- (isapnp) DRV - [2009/07/14 01:20:36 | 000,042,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbdclass.sys -- (kbdclass) DRV - [2009/07/14 01:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\iirsp.sys -- (iirsp) DRV - [2009/07/14 01:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\megasas.sys -- (megasas) DRV - [2009/07/14 01:20:36 | 000,015,424 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\intelide.sys -- (intelide) DRV - [2009/07/14 01:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\elxstor.sys -- (elxstor) DRV - [2009/07/14 01:20:28 | 000,198,208 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\fltMgr.sys -- (FltMgr) DRV - [2009/07/14 01:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\djsvs.sys -- (aic78xx) DRV - [2009/07/14 01:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HpSAMD.sys -- (HpSAMD) DRV - [2009/07/14 01:20:28 | 000,058,448 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\fileinfo.sys -- (FileInfo) DRV - [2009/07/14 01:20:28 | 000,057,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\GAGP30KX.SYS -- (gagp30kx) DRV - [2009/07/14 01:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends) DRV - [2009/07/14 01:20:28 | 000,022,096 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\crcdisk.sys -- (crcdisk) DRV - [2009/07/14 01:20:27 | 000,057,424 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\disk.sys -- (Disk) DRV - [2009/07/14 01:19:11 | 000,297,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\volmgrx.sys -- (volmgrx) DRV - [2009/07/14 01:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vsmraid.sys -- (vsmraid) DRV - [2009/07/14 01:19:11 | 000,057,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ULIAGPKX.SYS -- (uliagpkx) DRV - [2009/07/14 01:19:11 | 000,019,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wd.sys -- (Wd) DRV - [2009/07/14 01:19:10 | 000,445,008 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\Wdf01000.sys -- (Wdf01000) DRV - [2009/07/14 01:19:10 | 000,055,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\UAGP35.SYS -- (uagp35) DRV - [2009/07/14 01:19:10 | 000,053,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VIAAGP.SYS -- (viaagp) DRV - [2009/07/14 01:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vdrvroot.sys -- (vdrvroot) DRV - [2009/07/14 01:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount) DRV - [2009/07/14 01:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\viaide.sys -- (viaide) DRV - [2009/07/14 01:19:10 | 000,012,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\swenum.sys -- (swenum) DRV - [2009/07/14 01:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ql2300.sys -- (ql2300) DRV - [2009/07/14 01:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ql40xx.sys -- (ql40xx) DRV - [2009/07/14 01:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2009/07/14 01:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw) DRV - [2009/07/14 01:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sisraid2.sys -- (SiSRaid2) DRV - [2009/07/14 01:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\stexstor.sys -- (stexstor) DRV - [2009/07/14 01:19:03 | 000,180,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pcmcia.sys -- (pcmcia) DRV - [2009/07/14 01:19:03 | 000,052,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SISAGP.SYS -- (sisagp) DRV - [2009/07/14 01:19:03 | 000,017,472 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\spldr.sys -- (spldr) DRV - [2009/07/14 00:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrSerId.sys -- (Brserid) DRV - [2009/07/14 00:41:15 | 000,586,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PEAuth.sys -- (PEAUTH) DRV - [2009/07/14 00:17:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbprint.sys -- (usbprint) DRV - [2009/07/14 00:14:44 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbscan.sys -- (usbscan) DRV - [2009/07/14 00:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rdpbus.sys -- (rdpbus) DRV - [2009/07/14 00:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP) DRV - [2009/07/14 00:01:39 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPENCDD.sys -- (RDPENCDD) DRV - [2009/07/13 23:55:24 | 000,031,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\modem.sys -- (Modem) DRV - [2009/07/13 23:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ws2ifsl.sys -- (ws2ifsl) DRV - [2009/07/13 23:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) DRV - [2009/07/13 23:54:58 | 000,075,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rassstp.sys -- (RasSstp) DRV - [2009/07/13 23:54:53 | 000,077,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\raspppoe.sys -- (RasPppoe) DRV - [2009/07/13 23:54:48 | 000,073,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\raspptp.sys -- (PptpMiniport) DRV - [2009/07/13 23:54:46 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\asyncmac.sys -- (AsyncMac) DRV - [2009/07/13 23:54:40 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rasacd.sys -- (RasAcd) DRV - [2009/07/13 23:54:34 | 000,078,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rasl2tp.sys -- (Rasl2tp) DRV - [2009/07/13 23:54:29 | 000,101,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ipnat.sys -- (IPNAT) DRV - [2009/07/13 23:54:29 | 000,058,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ipfltdrv.sys -- (IpFilterDriver) DRV - [2009/07/13 23:54:24 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ndistapi.sys -- (NdisTapi) DRV - [2009/07/13 23:54:15 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usb8023x.sys -- (usb_rndisx) DRV - [2009/07/13 23:54:13 | 000,031,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\qwavedrv.sys -- (QWAVEdrv) DRV - [2009/07/13 23:53:58 | 000,104,448 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\pacer.sys -- (Psched) DRV - [2009/07/13 23:53:54 | 000,036,352 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\netbios.sys -- (NetBIOS) DRV - [2009/07/13 23:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf) DRV - [2009/07/13 23:53:41 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smb.sys -- (Smb) DRV - [2009/07/13 23:53:27 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\irenum.sys -- (IRENUM) DRV - [2009/07/13 23:53:20 | 000,060,928 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rspndr.sys -- (rspndr) DRV - [2009/07/13 23:53:19 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lltdio.sys -- (lltdio) DRV - [2009/07/13 23:52:53 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mpsdrv.sys -- (mpsdrv) DRV - [2009/07/13 23:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap) DRV - [2009/07/13 23:52:04 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vwififlt.sys -- (vwififlt) DRV - [2009/07/13 23:52:03 | 000,267,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nwifi.sys -- (NativeWifiP) DRV - [2009/07/13 23:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus) DRV - [2009/07/13 23:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\umpass.sys -- (UmPass) DRV - [2009/07/13 23:51:34 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bthmodem.sys -- (BTHMODEM) DRV - [2009/07/13 23:51:33 | 000,091,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hidbth.sys -- (HidBth) DRV - [2009/07/13 23:51:29 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ohci1394.sys -- (ohci1394) DRV - [2009/07/13 23:51:18 | 000,086,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbcir.sys -- (usbcir) DRV - [2009/07/13 23:51:17 | 000,037,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\circlass.sys -- (circlass) DRV - [2009/07/13 23:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf) DRV - [2009/07/13 23:51:05 | 000,037,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hidir.sys -- (HidIr) DRV - [2009/07/13 23:50:57 | 000,005,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\drmkaud.sys -- (drmkaud) DRV - [2009/07/13 23:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MTConfig.sys -- (MTConfig) DRV - [2009/07/13 23:46:53 | 000,021,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wacompen.sys -- (WacomPen) DRV - [2009/07/13 23:45:52 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sfloppy.sys -- (sfloppy) DRV - [2009/07/13 23:45:52 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sffp_mmc.sys -- (sffp_mmc) DRV - [2009/07/13 23:45:52 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sffdisk.sys -- (sffdisk) DRV - [2009/07/13 23:45:45 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\fdc.sys -- (fdc) DRV - [2009/07/13 23:45:45 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\flpydisk.sys -- (flpydisk) DRV - [2009/07/13 23:45:35 | 000,079,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\parport.sys -- (Parport) DRV - [2009/07/13 23:45:33 | 000,083,456 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial) DRV - [2009/07/13 23:45:29 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\parvdm.sys -- (Parvdm) DRV - [2009/07/13 23:45:28 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\serenum.sys -- (Serenum) DRV - [2009/07/13 23:45:08 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mouhid.sys -- (mouhid) DRV - [2009/07/13 23:45:08 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sermouse.sys -- (sermouse) DRV - [2009/07/13 23:45:08 | 000,008,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mskssrv.sys -- (MSKSSRV) DRV - [2009/07/13 23:45:08 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mstee.sys -- (MSTEE) DRV - [2009/07/13 23:45:08 | 000,005,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mspclock.sys -- (MSPCLOCK) DRV - [2009/07/13 23:45:07 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mspqm.sys -- (MSPQM) DRV - [2009/07/13 23:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\beep.sys -- (Beep) DRV - [2009/07/13 23:25:59 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\monitor.sys -- (monitor) DRV - [2009/07/13 23:25:51 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vga.sys -- (VgaSave) DRV - [2009/07/13 23:25:49 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vgapnp.sys -- (vga) DRV - [2009/07/13 23:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache) DRV - [2009/07/13 23:23:04 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive) DRV - [2009/07/13 23:19:21 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hidbatt.sys -- (HidBatt) DRV - [2009/07/13 23:19:19 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\errdev.sys -- (ErrDev) DRV - [2009/07/13 23:19:18 | 000,014,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CmBatt.sys -- (CmBatt) DRV - [2009/07/13 23:19:17 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wmiacpi.sys -- (WmiAcpi) DRV - [2009/07/13 23:15:45 | 000,086,528 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\luafv.sys -- (luafv) DRV - [2009/07/13 23:15:29 | 000,028,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\filetrace.sys -- (Filetrace) DRV - [2009/07/13 23:14:03 | 000,142,336 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\exfat.sys -- (exfat) DRV - [2009/07/13 23:14:02 | 000,148,480 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fastfat.sys -- (fastfat) DRV - [2009/07/13 23:12:08 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\nsiproxy.sys -- (nsiproxy) DRV - [2009/07/13 23:11:32 | 000,035,328 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\npfs.sys -- (Npfs) DRV - [2009/07/13 23:11:26 | 000,022,528 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\msfs.sys -- (Msfs) DRV - [2009/07/13 23:11:24 | 000,080,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\i8042prt.sys -- (i8042prt) DRV - [2009/07/13 23:11:15 | 000,070,656 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\cdfs.sys -- (cdfs) DRV - [2009/07/13 23:11:12 | 000,004,608 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\null.sys -- (Null) DRV - [2009/07/13 23:11:04 | 000,055,296 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\amdk8.sys -- (AmdK8) DRV - [2009/07/13 23:11:04 | 000,053,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\intelppm.sys -- (intelppm) DRV - [2009/07/13 23:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\viac7.sys -- (ViaC7) DRV - [2009/07/13 23:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\amdppm.sys -- (AmdPPM) DRV - [2009/07/13 23:11:04 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\processr.sys -- (Processor) DRV - [2009/07/13 22:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2009/07/13 22:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrUsbMdm.sys -- (BrUsbMdm) DRV - [2009/07/13 22:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrUsbSer.sys -- (BrUsbSer) DRV - [2009/07/13 22:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrSerWdm.sys -- (BrSerWdm) DRV - [2009/07/13 22:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrFiltLo.sys -- (BrFiltLo) DRV - [2009/07/13 22:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrFiltUp.sys -- (BrFiltUp) DRV - [2009/07/13 22:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x) DRV - [2009/07/13 22:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\evbdx.sys -- (ebdrv) DRV - [2009/07/13 22:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bxvbdx.sys -- (b06bdrv) DRV - [2009/07/13 21:41:34 | 000,002,864 | ---- | M] (Microsoft Corporation) [Adapter | On_Demand | Unknown] -- C:\Windows\System32\WINSOCK.DLL -- (Winsock) DRV - [2009/07/13 20:50:20 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv) DRV - [2007/03/16 10:11:38 | 000,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\TBPanel.sys -- (TBPanel) DRV - [2007/03/16 10:11:38 | 000,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TBPanel.sys -- (Cardex) [color=#E56717]========== Standard Registry (All) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/custom?domains=entretieneteds.to.md&q=&sitesearch=&client=pub-3439752189615153 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.entretieneteds.vze.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation) IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0388404D-6072-4CEB-B521-8F090FEAEE57}: "URL" = http://klit.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=PL&install_date=20111224&user_guid=DB20AC865BC0467ABB3FE49403CDCAAF&machine_id=cfe81b0789dd4eb1ff8b8a4918f6120f&browser=IE&os=win&os_version=6.1-x86-SP1&iesrc={referrer:source} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?FORM=WLETDF&PC=WLEM&q={searchTerms}&src=IE-SearchBox IE - HKCU\..\SearchScopes\{70312062-A4FF-4FAF-A727-11AF09998315}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=HIP&o=102876&src=kw&q={searchTerms}&locale=&apn_ptnrs=6G&apn_dtid=YYYYYYYYPL&apn_uid=a3293717-cc9e-4893-9ef1-275980342616&apn_sauid=4F21E87E-5A97-49C5-84F9-ECE3C9F0B8B8 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=;ftp=;https=; [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultthis.engineName: " " FF - prefs.js..extensions.enabledAddons: {5911488E-9D1E-40ec-8CBB-06B231CC153F}:2.5.0 FF - prefs.js..extensions.enabledAddons: {972ce4c6-7e08-4474-a285-3208198ce6fd}:13.0.1 FF - prefs.js..network.proxy.backup.ftp: "213.180.131.135 " FF - prefs.js..network.proxy.backup.ftp_port: 80 FF - prefs.js..network.proxy.backup.socks: "213.180.131.135 " FF - prefs.js..network.proxy.backup.socks_port: 80 FF - prefs.js..network.proxy.backup.ssl: "213.180.131.135 " FF - prefs.js..network.proxy.backup.ssl_port: 80 FF - prefs.js..network.proxy.ftp: " " FF - prefs.js..network.proxy.ftp_port: 80 FF - prefs.js..network.proxy.http: " " FF - prefs.js..network.proxy.http_port: 80 FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks: " " FF - prefs.js..network.proxy.socks_port: 80 FF - prefs.js..network.proxy.ssl: " " FF - prefs.js..network.proxy.ssl_port: 80 FF - prefs.js..network.proxy.type: 0 FF - prefs.js..keyword.URL: "http://www.arccosine.com/search.php?q=" FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_228.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: D:\Programy Użytkowe\Multimedialne\Real Alternative\rmvb\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: D:\Programy Użytkowe\Multimedialne\Real Alternative\rmvb\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\Programy Użytkowe\Różne\adreader\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Przemek\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Przemek\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: D:\Programy Użytkowe\Internetowe\NEWFIERFOX\components [2012/07/04 19:48:29 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: D:\Programy Użytkowe\Internetowe\NEWFIERFOX\plugins [2011/09/26 05:52:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Przemek\AppData\Roaming\mozilla\Extensions [2012/09/14 16:45:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\z90bwu48.default\extensions [2012/01/30 20:32:38 | 000,000,000 | ---D | M] (Default Manager) -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\z90bwu48.default\extensions\DefaultManager@Microsoft [2012/08/15 12:35:02 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\Przemek\AppData\Roaming\mozilla\firefox\profiles\z90bwu48.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [color=#E56717]========== Chrome ==========[/color] CHR - homepage: http://www.interia.pl/ CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}, CHR - homepage: http://www.interia.pl/ CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Przemek\AppData\Local\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Przemek\AppData\Local\Google\Chrome\Application\21.0.1180.89\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Przemek\AppData\Local\Google\Chrome\Application\21.0.1180.89\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_228.dll CHR - plugin: Java Deployment Toolkit 6.0.270.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: Adobe Acrobat (Enabled) = D:\Programy U\u017Cytkowe\R\u00F3\u017Cne\adreader\Reader\Browser\nppdf32.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Google Update (Enabled) = C:\Users\Przemek\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = D:\Programy U\u017Cytkowe\Multimedialne\Real Alternative\rmvb\browser\plugins\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = D:\Programy U\u017Cytkowe\Multimedialne\Real Alternative\rmvb\browser\plugins\nprpjplug.dll CHR - Extension: YouTube = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Szukaj w Google = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Marlies Dekkers = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\fepnljgdbelppefncogilfbjikmnbhjm\2_1\ CHR - Extension: StartNow = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\incfcgceegpikennjoplhfghaaikdgei\2.5.0_0\ CHR - Extension: Gmail = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2012/09/14 16:36:06 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [SonyAgent] C:\Windows\sony.exe File not found O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [TBPanel] C:\Program Files\VDOTool\TBPanel.exe (Palit Microsystems, Inc.) O4 - HKCU..\Run: [Google Update] C:\Users\Przemek\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.) O4 - HKCU..\Run: [KSS] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe (Kaspersky Lab ZAO) O4 - HKCU..\Run: [RocketDock] D:\Programy Użytkowe\Różne\RocketDock\RocketDock.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.128.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2D42BCD6-DB7A-436B-B838-E909927887F9}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6F7B9DED-E2C6-49B9-AE23-560BDB54ED1D}: DhcpNameServer = 192.168.42.129 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F9AD45CC-712D-40BF-8E08-B26B7CF07656}: DhcpNameServer = 10.128.1.1 192.168.1.1 O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation) O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation) O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O22 - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\System32\DreamScene.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation) O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation) O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation) O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation) O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation) O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation) O30 - LSA: Security Packages - (livessp) - C:\Windows\System32\livessp.dll (Microsoft Corp.) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 21:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{4f10d3d3-f3c2-11e0-ad2f-001d7dadae61}\Shell - "" = AutoRun O33 - MountPoints2\{4f10d3d3-f3c2-11e0-ad2f-001d7dadae61}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{82213c85-044e-11e1-8a4a-001d7dadae61}\Shell - "" = AutoRun O33 - MountPoints2\{82213c85-044e-11e1-8a4a-001d7dadae61}\Shell\AutoRun\command - "" = I:\_AUTORUN\Autorun.exe O33 - MountPoints2\{82213c85-044e-11e1-8a4a-001d7dadae61}\Shell\instDX\command - "" = I:\DirectX\DXSetup.exe O33 - MountPoints2\{82213c85-044e-11e1-8a4a-001d7dadae61}\Shell\readme\command - "" = notepad readme.txt O33 - MountPoints2\{a844d5c2-044a-11e1-90d8-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{a844d5c2-044a-11e1-90d8-806e6f6e6963}\Shell\AutoRun\command - "" = G:\autorun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012/09/14 16:35:59 | 000,000,000 | ---D | C] -- C:\_OTL [2012/09/13 20:10:54 | 000,600,064 | ---- | C] (OldTimer Tools) -- C:\Users\Przemek\Desktop\OTL.exe [2012/09/13 17:11:44 | 000,000,000 | ---D | C] -- C:\Users\Przemek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan [2012/09/13 17:11:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab [2012/09/13 17:11:22 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab [2012/09/05 20:48:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grupa IMAGE [2012/09/05 20:47:49 | 000,000,000 | ---D | C] -- C:\Program Files\Grupa IMAGE [2012/09/02 08:13:44 | 000,000,000 | ---D | C] -- C:\Users\Przemek\Desktop\chlopy [2012/08/25 07:19:13 | 000,000,000 | ---D | C] -- C:\Users\Przemek\AppData\Roaming\StartNow Toolbar [2012/08/16 14:24:04 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2012/08/16 14:24:02 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2012/08/16 14:24:01 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2012/08/16 14:24:00 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2012/08/16 14:23:59 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2012/08/16 14:23:58 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2012/08/16 14:23:56 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2012/08/15 21:15:36 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2012/08/15 21:08:40 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browcli.dll [1 C:\Users\Przemek\Documents\*.tmp files -> C:\Users\Przemek\Documents\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012/09/14 16:56:44 | 000,000,558 | ---- | M] () -- C:\Windows\DFC.INI [2012/09/14 16:46:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/09/14 16:46:36 | 1609,424,896 | -HS- | M] () -- C:\hiberfil.sys [2012/09/14 16:44:54 | 000,512,399 | ---- | M] () -- C:\Users\Przemek\Desktop\adwcleaner.exe [2012/09/14 16:36:06 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts [2012/09/14 16:32:31 | 000,001,014 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-287313733-2324512822-4218863682-1000Core.job [2012/09/14 06:46:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012/09/14 06:45:49 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-287313733-2324512822-4218863682-1000UA.job [2012/09/13 20:11:51 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Users\Przemek\Desktop\OTL.exe [2012/09/11 15:48:45 | 020,919,925 | ---- | M] () -- C:\Users\Przemek\Desktop\Matura Solutions Intermediate Student's Book.pdf [2012/09/10 19:53:48 | 000,697,658 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2012/09/10 19:53:48 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012/09/10 19:53:48 | 000,134,768 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2012/09/10 19:53:48 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012/09/08 17:43:23 | 000,003,396 | ---- | M] () -- C:\Users\Przemek\.recently-used.xbel [2012/09/05 20:48:01 | 000,001,308 | ---- | M] () -- C:\Users\Przemek\Desktop\Prawo Jazdy ABCDT - egzamin wewnętrzny.lnk [2012/08/22 06:10:46 | 000,018,544 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/08/22 06:10:46 | 000,018,544 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/08/16 03:19:13 | 000,420,280 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [1 C:\Users\Przemek\Documents\*.tmp files -> C:\Users\Przemek\Documents\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012/09/14 16:44:53 | 000,512,399 | ---- | C] () -- C:\Users\Przemek\Desktop\adwcleaner.exe [2012/09/11 15:44:39 | 020,919,925 | ---- | C] () -- C:\Users\Przemek\Desktop\Matura Solutions Intermediate Student's Book.pdf [2012/09/08 17:43:23 | 000,003,396 | ---- | C] () -- C:\Users\Przemek\.recently-used.xbel [2012/09/05 20:48:01 | 000,001,308 | ---- | C] () -- C:\Users\Przemek\Desktop\Prawo Jazdy ABCDT - egzamin wewnętrzny.lnk [2012/08/02 11:57:11 | 000,000,406 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2012/07/06 15:59:41 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini [2012/07/06 14:27:18 | 000,000,558 | ---- | C] () -- C:\Windows\DFC.INI [2012/03/04 01:34:00 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe [2012/02/11 18:26:02 | 000,000,017 | ---- | C] () -- C:\Users\Przemek\AppData\Local\resmon.resmoncfg [2012/02/11 18:08:26 | 000,000,640 | RHS- | C] () -- C:\Users\Przemek\ntuser.pol [2012/02/04 20:25:44 | 000,000,927 | ---- | C] () -- C:\Windows\posteriza.INI [2012/01/27 20:53:23 | 000,162,355 | ---- | C] () -- C:\Windows\Animated GIF Converter and Booster Pack Uninstaller.exe [2012/01/27 20:51:01 | 000,164,586 | ---- | C] () -- C:\Windows\Video Cleaner Uninstaller.exe [2012/01/27 20:30:14 | 000,162,164 | ---- | C] () -- C:\Windows\Video Cleaner Lite Uninstaller.exe [2012/01/15 00:54:08 | 000,086,016 | ---- | C] () -- C:\Windows\System32\install.dll [2012/01/15 00:54:08 | 000,036,864 | ---- | C] () -- C:\Windows\System32\WRLSetup.exe [2012/01/15 00:54:08 | 000,032,768 | ---- | C] () -- C:\Windows\System32\SmartInstallCfg2.dll [2012/01/15 00:54:08 | 000,028,672 | ---- | C] () -- C:\Windows\System32\CCS24.exe [2012/01/13 22:38:07 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys [2012/01/13 22:38:06 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys [2011/12/29 19:08:03 | 000,189,248 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe [2011/12/29 19:08:02 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe [2011/12/24 18:12:53 | 000,074,752 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2011/12/24 17:57:04 | 000,129,024 | ---- | C] () -- C:\Windows\System32\AVERM.dll [2011/12/24 17:57:04 | 000,028,672 | ---- | C] () -- C:\Windows\System32\AVEQT.dll [2011/12/21 04:38:59 | 000,009,728 | ---- | C] () -- C:\Users\Przemek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/11/23 03:20:11 | 000,006,656 | ---- | C] () -- C:\Windows\System32\bcmwlrc.dll [2011/11/19 17:39:21 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat [2011/11/01 04:57:28 | 000,009,728 | ---- | C] () -- C:\Windows\System32\BASSMOD.dll [2011/10/14 19:26:27 | 000,000,001 | ---- | C] () -- C:\Windows\System32\SI.bin [2011/09/28 01:01:34 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe [2011/09/28 01:00:21 | 000,193,536 | ---- | C] () -- C:\Windows\System32\sppcomapi.dll [2011/09/28 00:59:32 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2011/09/26 05:24:48 | 000,697,658 | ---- | C] () -- C:\Windows\System32\perfh015.dat [2011/09/26 05:24:48 | 000,337,158 | ---- | C] () -- C:\Windows\System32\perfi015.dat [2011/09/26 05:24:48 | 000,134,768 | ---- | C] () -- C:\Windows\System32\perfc015.dat [2011/09/26 05:24:48 | 000,038,710 | ---- | C] () -- C:\Windows\System32\perfd015.dat [2011/06/10 13:34:52 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll [2011/02/22 19:39:04 | 000,240,640 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2011/02/22 19:37:30 | 000,650,752 | ---- | C] () -- C:\Windows\System32\xvidcore.dll < End of report > [/log] Zresetowałem kompa po wczorajszym i problem powrócił.
wirusolog komentarz 14 września 2012 komentarz 14 września 2012 Wykonaj logi z ComboFixa: http://www.bleepingcomputer.com/combofix/pl/instrukcja-uzycia-combofix
slawek123 komentarz 14 września 2012 Autor komentarz 14 września 2012 [log] ComboFix 12-09-14.03 - Przemek 2012-09-14 17:52:11.1.4 - x86 Microsoft Windows 7 Ultimate 6.1.7601.1.1250.48.1033.18.2046.1247 [GMT 0:00] Uruchomiony z: c:\users\Przemek\Desktop\ComboFix.exe AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Utworzono nowy punkt przywracania . . ((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\data c:\program files\StartNow Toolbar c:\program files\StartNow Toolbar\Reactivate.exe c:\program files\StartNow Toolbar\ReactivateFF.exe c:\program files\StartNow Toolbar\Resources\images\engine_images.png c:\program files\StartNow Toolbar\Resources\images\engine_maps.png c:\program files\StartNow Toolbar\Resources\images\engine_news.png c:\program files\StartNow Toolbar\Resources\images\engine_videos.png c:\program files\StartNow Toolbar\Resources\images\engine_web.png c:\program files\StartNow Toolbar\Resources\images\icon_amazon.png c:\program files\StartNow Toolbar\Resources\images\icon_ebay.png c:\program files\StartNow Toolbar\Resources\images\icon_facebook.png c:\program files\StartNow Toolbar\Resources\images\icon_games.png c:\program files\StartNow Toolbar\Resources\images\icon_msn.png c:\program files\StartNow Toolbar\Resources\images\icon_shopping.png c:\program files\StartNow Toolbar\Resources\images\icon_travel.png c:\program files\StartNow Toolbar\Resources\images\icon_twitter.png c:\program files\StartNow Toolbar\Resources\images\startnow_logo.png c:\program files\StartNow Toolbar\Resources\installer.xml c:\program files\StartNow Toolbar\Resources\skin\chevron_button.png c:\program files\StartNow Toolbar\Resources\skin\searchbox_button_hover.png c:\program files\StartNow Toolbar\Resources\skin\searchbox_button_normal.png c:\program files\StartNow Toolbar\Resources\skin\searchbox_dropdown_button_normal.png c:\program files\StartNow Toolbar\Resources\skin\searchbox_input_background.png c:\program files\StartNow Toolbar\Resources\skin\searchbox_input_left.png c:\program files\StartNow Toolbar\Resources\skin\searchbox_input_middle.png c:\program files\StartNow Toolbar\Resources\skin\separator.png c:\program files\StartNow Toolbar\Resources\skin\splitter.png c:\program files\StartNow Toolbar\Resources\skin\toolbarbutton_ff_hover_c.png c:\program files\StartNow Toolbar\Resources\skin\toolbarbutton_ie_hover_c.png c:\program files\StartNow Toolbar\Resources\skin\toolbarbutton_ie_hover_l.png c:\program files\StartNow Toolbar\Resources\skin\toolbarbutton_ie_hover_r.png c:\program files\StartNow Toolbar\Resources\skin\toolbarbutton_ie_normal_c.png c:\program files\StartNow Toolbar\Resources\skin\toolbarbutton_ie_normal_l.png c:\program files\StartNow Toolbar\Resources\skin\toolbarbutton_ie_normal_r.png c:\program files\StartNow Toolbar\Resources\toolbar.xml c:\program files\StartNow Toolbar\Resources\update.xml c:\program files\StartNow Toolbar\StartNowToolbarUninstall.exe c:\program files\StartNow Toolbar\Toolbar32.dll c:\program files\StartNow Toolbar\ToolbarBroker.exe c:\program files\StartNow Toolbar\ToolbarUpdaterService.exe c:\program files\StartNow Toolbar\uninstall.dat c:\program files\StartNow Toolbar\XBrowser.dll c:\program files\sXe Injected c:\program files\sXe Injected\sXe Injected.txt c:\users\Przemek\Documents\~WRL2620.tmp c:\windows\IsUn0415.exe c:\windows\PFRO.log . . ((((((((((((((((((((((((( Pliki utworzone od 2012-08-14 do 2012-09-14 ))))))))))))))))))))))))))))))) . . 2012-09-14 18:19 . 2012-09-14 18:19 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2012-09-14 18:19 . 2012-09-14 18:19 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-09-14 16:35 . 2012-09-14 16:35 -------- d-----w- C:\_OTL 2012-09-13 17:11 . 2012-09-13 17:11 -------- d-----w- c:\programdata\Kaspersky Lab 2012-09-13 17:11 . 2012-09-13 17:11 -------- d-----w- c:\program files\Kaspersky Lab 2012-09-05 20:47 . 2012-09-05 20:47 -------- d-----w- c:\program files\Grupa IMAGE 2012-08-25 07:19 . 2012-08-25 07:19 -------- d-----w- c:\users\Przemek\AppData\Roaming\StartNow Toolbar 2012-08-16 14:24 . 2012-06-29 00:00 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2012-08-16 14:24 . 2012-06-29 01:00 140920 ----a-w- c:\program files\Internet Explorer\sqmapi.dll 2012-08-16 14:24 . 2012-06-29 00:06 194560 ----a-w- c:\program files\Internet Explorer\ieproxy.dll 2012-08-16 14:24 . 2012-06-29 00:06 194048 ----a-w- c:\program files\Internet Explorer\IEShims.dll 2012-08-16 14:24 . 2012-06-29 00:04 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2012-08-16 14:24 . 2012-06-29 00:09 1129472 ----a-w- c:\windows\system32\wininet.dll 2012-08-16 14:23 . 2012-06-29 00:16 1800704 ----a-w- c:\windows\system32\jscript9.dll 2012-08-16 14:23 . 2012-06-29 01:00 748664 ----a-w- c:\program files\Internet Explorer\iexplore.exe 2012-08-16 14:23 . 2012-06-29 00:10 678912 ----a-w- c:\program files\Internet Explorer\iedvtool.dll 2012-08-16 14:23 . 2012-06-29 00:10 387584 ----a-w- c:\program files\Internet Explorer\jsdbgui.dll 2012-08-16 14:23 . 2012-06-29 00:08 1427968 ----a-w- c:\windows\system32\inetcpl.cpl 2012-08-16 05:43 . 2012-05-14 04:33 769024 ----a-w- c:\windows\system32\localspl.dll 2012-08-15 21:15 . 2012-07-18 17:47 2345984 ----a-w- c:\windows\system32\win32k.sys 2012-08-15 21:08 . 2012-07-04 21:14 41984 ----a-w- c:\windows\system32\browcli.dll 2012-08-15 21:08 . 2012-07-04 21:14 102912 ----a-w- c:\windows\system32\browser.dll . . . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-08-02 12:13 . 2012-08-02 12:13 249856 ------w- c:\windows\Setup1.exe 2012-08-02 12:13 . 2012-08-02 12:13 73216 ----a-w- c:\windows\ST6UNST.EXE 2012-07-16 02:41 . 2012-08-10 13:21 6891424 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{29038046-129D-4154-B39C-CD8B175EDE01}\mpengine.dll 2012-07-06 17:15 . 2012-07-06 16:04 319456 ----a-w- c:\windows\DIFxAPI.dll 2012-07-06 16:10 . 2012-07-06 15:59 16376 ----a-w- c:\windows\gdrv.sys 2012-06-25 16:04 . 2012-06-25 16:04 1394248 ----a-w- c:\windows\system32\msxml4.dll . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [-] 2011-10-28 . 7BD7F45FF37FA0669CD32CA0EF46E22C . 811520 . . [6.1.7601.17514] . . c:\windows\System32\user32.dll [7] 2010-11-20 . F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 . 811520 . . [6.1.7601.17514] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll [7] 2009-07-14 . 34B7E222E81FAFA885F0C5F2CFA56861 . 811520 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RocketDock"="d:\programy użytkowe\Różne\RocketDock\RocketDock.exe" [2007-09-02 495616] "KSS"="c:\program files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe" [2012-04-25 202296] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] "TBPanel"="c:\program files\VDOTool\TBPanel.exe" [2008-01-29 2157096] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2012-01-02 18:07 843712 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2012-03-27 12:41 37296 ----a-w- d:\programy użytkowe\Różne\adreader\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount] 2010-08-20 11:03 33120 ----a-w- c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSpeedUp] 2011-09-27 04:14 2395 ----a-w- c:\program files\Przyspiesz Komputer\PCSpeedUp.lnk . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent] 2012-06-09 13:25 880528 ----a-w- c:\program files\uTorrent\uTorrent.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 . R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x] R3 HTCAND32;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [x] R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [x] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x] R3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\rtwlanu.sys [x] R3 rtlss;Service for enabling selective suspend to RTL device;c:\windows\system32\Drivers\rtlss.sys [x] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 WatAdminSvc;WatAdminSvc; [x] S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys [x] S0 aswNdis2;avast! Firewall Core Firewall Service; [x] S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x] S1 aswFW;avast! TDI Firewall driver; [x] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x] S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [x] S2 KSS;Kaspersky Security Scan Service;c:\program files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [x] S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [x] S2 Realtek11nCU;Realtek11nCU;c:\program files\REALTEK\11n USB Wireless LAN Utility\RtlService.exe [x] S2 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [x] S3 NMgamingmsFltr;USB Optical Mouse;c:\windows\system32\drivers\NMgamingms.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x] . . --- Inne Usługi/Sterowniki w Pamięci --- . *NewlyCreated* - WS2IFSL . Zawartość folderu 'Zaplanowane zadania' . 2012-09-14 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-06 19:45] . 2012-09-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-287313733-2324512822-4218863682-1000Core.job - c:\users\Przemek\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-23 05:19] . 2012-09-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-287313733-2324512822-4218863682-1000UA.job - c:\users\Przemek\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-23 05:19] . . ------- Skan uzupełniający ------- . uStart Page = hxxp://www.entretieneteds.vze.com uInternet Settings,ProxyServer = http=;ftp=;https=; IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 10.128.1.1 192.168.1.1 . - - - - USUNIĘTO PUSTE WPISY - - - - . HKLM-Run-SonyAgent - c:\windows\sony.exe AddRemove-Gothic - c:\windows\IsUn0415.exe . . . --------------------- ZABLOKOWANE KLUCZE REJESTRU --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- Pliki DLL ładowane pod uruchomionymi procesami --------------------- . - - - - - - - > 'Explorer.exe'(6128) d:\programy użytkowe\Różne\RocketDock\RocketDock.dll . ------------------------ Pozostałe uruchomione procesy ------------------------ . c:\windows\system32\nvvsvc.exe c:\windows\system32\nvvsvc.exe c:\program files\AVAST Software\Avast\AvastSvc.exe c:\windows\system32\PnkBstrA.exe c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\windows\system32\taskhost.exe c:\windows\system32\DFDWiz.exe c:\windows\system32\conhost.exe c:\program files\REALTEK\11n USB Wireless LAN Utility\RtWlan.exe c:\program files\TeamViewer\Version7\TeamViewer.exe c:\program files\TeamViewer\Version7\tv_w32.exe d:\programy uc:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\windows\system32\DllHost.exe c:\windows\servicing\TrustedInstaller.exe c:\windows\system32\sppsvc.exe . ************************************************************************** . Czas ukończenia: 2012-09-14 18:30:53 - komputer został uruchomiony ponownie ComboFix-quarantined-files.txt 2012-09-14 18:30 . Przed: 8 760 270 848 bajtów wolnych Po: 10 109 759 488 bajtów wolnych . - - End Of File - - 769E2988503586EE514B97FD013D1D6E [/log] Zblokowało mi całe chrome, poza tym chyba wszytsko okSystem windows wykrywa ami problem z dyskiem twardym po tym Combofx ;(
wirusolog komentarz 15 września 2012 komentarz 15 września 2012 [quote] Zblokowało mi całe chrome, poza tym chyba wszytsko ok[/quote] Do reinstalacji. [quote] System windows wykrywa ami problem z dyskiem twardym po tym Combofx ;([/quote] No to może jakiś screen błędu?
slawek123 komentarz 15 września 2012 Autor komentarz 15 września 2012 Reinstal i działa:) Uzyłem opcji Napraw we właściwościach dysku, przskanowało go i problem po uruchomieniu zniknął. Dzięki za pomoc:)
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.