x-kom hosting

Problem z przerywającym łączem internetowym

Mr.Hankey
utworzono
utworzono (edytowane)

Witam,

W zasadzie nie wiem jak nazwać mój problem. Mianowicie podczas chodzenia po stronach WWW co jakiś czas występuje problem chwilowego odcięcia od sieci. Po 15-30 sekundach wraca wszystko do normy na kilka minut (czasami i godzinę), aby znowu paść.

Tak samo dzieje się w czasie ściągania zarówno poprzez strony internetowe jak i FTP. Podczas ściągania przez FTP zaobserwowałem:
-ściąganie normalne (ok. 2MB/s)
-spadek łącza (ok. 500KB/s)
-zatrzymanie łącza (z prędkością ok. 100KB/s - ściąganie stoi)
-zerwanie połączenia z serwerem
-odnowienie połączenia z serwerem po 15-20 sekundach
-ściąganie normalne (ok. 2MB/s)
Normalnie ściąga się przez około 1-3 minuty i po tym znowu następuje przerwanie łącza.

Przy sprawdzaniu wydajności łącza czasami ping wychodzi w okolicach 5-15 (czyli tak jak powinno być w moim przypadku dla serwera w Londynie), a czasami po 500-1000 (mimo, że sieć nadal działa). Tak samo jest z prędkością pobierania i wysyłania - czasami jest to 17-19Mb/1Mb, a czasami 2Mb/100Kb (prędkość łącza powinna dochodzić do 20Mb/1Mb).

Zaczęło się to dziać jakieś 4 dni temu (6 dni temu był format wszystkich partycji oraz instalacja WIN XP SP3). Od 4 dni staram się jakoś sam sobie z tym poradzić poprzez skanowania komputera, ale żaden antywirus nic nie znalazł (Dr. Web oraz Avast).

Proszę więc o pomoc, bo już nie mam pomysłu, a nie jestem na tyle zaawansowanym technicznie człowiekiem aby grzebać samemu po rejestrach itp. sprawach bez uprzedniego skonsultowania się z kimś kto się na tym zna, a formatowanie dysku już dawno mi się znudziło i wolałbym tego uniknąć.

Wykonam każde Wasze polecenie tylko proszę piszcie w miarę zrozumiale dla zwykłego śmiertelnika - jak chcecie jakiś skan to proszę o podanie mi jakim programem i jak go zrobić, a wykonam go bezzwłocznie.

Parametry Komputera znajdują się [url="http://ce.computers.toshiba-europe.com/innovation/jsp/SUPPORTSECTION/discontinuedProductPage.do?LNG=20&service=CE&DISC_MODEL=0&ACTION=PRINT_WITH_BACK&com.broadvision.session.new=Yes&PRODUCT_ID=132078"]TUTAJ[/url] - nie chciałem niepotrzebnie kopiować.
Obecnie nie używam karty sieciowej, która była w laptopie, ponieważ uległa zniszczeniu, kupiłem bezprzewodowy adaptor WI-FI Realtek USB. Używam go już ponad 6 miesięcy i dopiero teraz zaczęło się to dziać.

Procesy uruchomione w czasie występowania awarii:
[URL=http://imageshack.us/photo/my-images/849/procesyy.jpg/][IMG]http://img849.imageshack.us/img849/3198/procesyy.th.jpg[/IMG][/URL]

Z góry dzięki za pomoc!
Pozdrawiam, Kuba.


EDIT:
Dodam jeszcze, że podczas oglądania filmów na YT ten problem też występuje, ale tylko zacina się buforowanie filmu na jakiś czas i później leci dalej, a nie jak w przypadku zwykłego odcięcia od sieci kiedy to pokazuje, że wideo załadowało się do końca.

MC Jay
komentarz
komentarz (edytowane)

Widzę że masz duuuużoooo syfu który odpala się naraz (niewiem czy to coś da) i daj logi z HiJackThis (trochę ubyło u nas tych speców od zaawansowanego sprzętu)

[color=red]//Twoja wiedza na temat ogranicza się do wiadomości sprzed co najmniej paru lat
//Otrzymujesz warna oraz akceptację postów na 30 dni za: spam, chwalenie się niewiedzą oraz wprowadzanie użytkowników błąd, [url="http://www.forumpc.pl/index.php?showtopic=213315"]1.[/url] [url="http://www.forumpc.pl/index.php?showtopic=213238&st=0&p=1285171&#entry1285171"]2.[/url]
//Mateusz J.[/color]

Mr.Hankey
komentarz
komentarz (edytowane)

Zrobiłem Skan tak jak mówiłeś, mam nadzieje, że to to:

[log]Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:37:06, on 2011-06-24
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\lxeacoms.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\WINDOWS\system32\TDispVol.exe
C:\WINDOWS\system32\TCtrlIOHook.exe
C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe
C:\Program Files\Lexmark S300-S400 Series\ezprint.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
C:\Program Files\Kadu\kadu.exe
C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [TDispVol] TDispVol.exe
O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe
O4 - HKLM\..\Run: [lxeamon.exe] "C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark S300-S400 Series\ezprint.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Komunikator] C:\Program Files\Tlen.pl\tlen.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: REALTEK 11n USB Wireless LAN Utility.lnk = C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: lxeaCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxeaserv.exe
O23 - Service: lxea_device - - C:\WINDOWS\system32\lxeacoms.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 5981 bytes
[/log]

Ktokolwiek jest w stanie pomóc?

[color=green]//Logi wstawiamy w tagi log
//Mateusz J.
[/color]

wirusolog
komentarz
komentarz

Daj komplet logów: [url=http://www.forumpc.pl/index.php?showtopic=104338][b][color=blue][u]OTL i RSIT[/url][/b][/color][/u] + [url=http://www.forumpc.pl/index.php?showtopic=116175][b][color=blue][u]GMER[/url][/b][/color][/u].

  • Dobra wypowiedź 1
Mr.Hankey
komentarz
komentarz

OTL.TXT:
[log]OTL logfile created on: 2011-06-27 19:31:39 - Run 1
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Documents and Settings\Kuba\Moje dokumenty\Downloads
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,06 Gb Available Physical Memory | 53,02% Memory free
3,85 Gb Paging File | 3,02 Gb Available in Paging File | 78,49% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 43,42 Gb Total Space | 32,52 Gb Free Space | 74,90% Space Free | Partition Type: NTFS
Drive D: | 68,36 Gb Total Space | 51,71 Gb Free Space | 75,64% Space Free | Partition Type: NTFS
Drive G: | 3,74 Gb Total Space | 3,61 Gb Free Space | 96,60% Space Free | Partition Type: FAT32

Computer Name: COMPANY | User Name: Kuba | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2011-06-27 19:27:58 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kuba\Moje dokumenty\Downloads\OTL.exe
PRC - [2011-06-24 22:14:08 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2011-06-14 00:52:23 | 001,011,768 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
PRC - [2011-06-07 17:51:12 | 000,421,160 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2011-06-07 17:51:02 | 000,820,520 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2011-05-25 14:06:20 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2011-05-22 18:21:36 | 008,179,200 | ---- | M] (FileZilla Project) -- C:\Program Files\FileZilla FTP Client\filezilla.exe
PRC - [2011-05-10 20:00:04 | 000,328,206 | ---- | M] (Kadu Team) -- C:\Program Files\Kadu\kadu.exe
PRC - [2011-05-10 13:10:58 | 003,459,712 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011-05-10 13:10:57 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011-04-08 12:59:52 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2011-04-06 16:20:16 | 000,349,472 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2010-05-13 10:01:52 | 000,966,656 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe
PRC - [2010-05-05 14:18:46 | 000,148,280 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\ezprint.exe
PRC - [2010-05-05 14:18:43 | 000,770,728 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe
PRC - [2010-04-14 21:45:21 | 000,598,696 | ---- | M] ( ) -- C:\WINDOWS\system32\lxeacoms.exe
PRC - [2009-02-09 13:18:00 | 000,163,908 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2008-07-24 16:02:06 | 000,490,952 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\daemon.exe
PRC - [2008-04-14 21:51:52 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe
PRC - [2008-04-14 21:51:52 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2008-04-14 21:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-14 21:51:50 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe
PRC - [2008-04-14 21:51:44 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2008-04-14 21:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HTTPFILTER]
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-14 21:51:40 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2008-04-14 21:51:40 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
PRC - [2008-04-14 21:51:32 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
PRC - [2008-04-14 21:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-14 21:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-14 21:51:12 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2008-04-14 21:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008-04-14 21:51:04 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2007-08-10 14:21:56 | 016,384,000 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe
PRC - [2007-07-25 17:19:54 | 000,888,832 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2007-07-25 17:19:54 | 000,200,704 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynToshiba.exe
PRC - [2007-06-30 07:18:06 | 000,028,672 | ---- | M] (TOSHIBA) -- C:\WINDOWS\system32\TCtrlIOHook.exe
PRC - [2006-10-27 00:47:42 | 000,031,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
PRC - [2006-02-09 12:47:08 | 000,184,320 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
PRC - [2005-12-27 12:06:32 | 000,073,728 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TDispVol.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2011-06-27 19:27:58 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kuba\Moje dokumenty\Downloads\OTL.exe
MOD - [2011-05-10 13:10:55 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2008-04-14 21:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-14 21:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-14 21:50:58 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-14 21:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-14 21:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-14 21:50:48 | 008,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2008-04-14 21:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-14 21:50:48 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2008-04-14 21:50:46 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2008-04-14 21:50:46 | 000,584,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2008-04-14 21:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-14 21:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-14 21:50:46 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2008-04-14 21:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-14 21:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-14 21:50:38 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll
MOD - [2008-04-14 21:50:36 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2008-04-14 21:50:32 | 000,285,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-04-14 21:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-14 21:50:16 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2008-04-14 21:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-14 21:50:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2008-04-14 21:50:00 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2008-04-14 21:49:16 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2008-04-14 21:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008-04-14 21:29:10 | 001,054,208 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
MOD - [2002-03-02 11:40:00 | 000,045,056 | ---- | M] () -- C:\WINDOWS\system32\TDispVol.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011-05-10 13:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010-04-14 21:45:21 | 000,598,696 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\lxeacoms.exe -- (lxea_device)
SRV - [2010-04-14 21:45:14 | 000,193,192 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxeaserv.exe -- (lxeaCATSCustConnectService)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2011-06-20 07:35:45 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2011-05-10 13:03:54 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011-05-10 13:03:44 | 000,307,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011-05-10 13:02:37 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011-05-10 13:02:25 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011-05-10 12:59:56 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011-05-10 12:59:37 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011-05-10 12:59:35 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010-01-25 08:29:50 | 000,605,856 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8192su.sys -- (RTL8192su)
DRV - [2007-08-10 12:52:44 | 004,603,904 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007-07-25 17:07:06 | 000,290,304 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2006-06-22 15:27:12 | 000,011,264 | ---- | M] (TOSHIBA ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TPwSav.sys -- (TPwSav)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1844237615-1326574676-1177238915-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1844237615-1326574676-1177238915-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local



O1 HOSTS File: ([2011-06-25 22:01:06 | 000,000,770 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 74.208.10.249 gs.apple.com
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-1844237615-1326574676-1177238915-1003\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark S300-S400 Series\ezprint.exe ()
O4 - HKLM..\Run: [lxeamon.exe] C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [TCtryIOHook] C:\WINDOWS\System32\TCtrlIOHook.exe (TOSHIBA)
O4 - HKLM..\Run: [TDispVol] C:\WINDOWS\System32\TDispVol.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TFncKy] File not found
O4 - HKU\S-1-5-21-1844237615-1326574676-1177238915-1003..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1844237615-1326574676-1177238915-1003..\Run: [Komunikator] File not found
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\REALTEK 11n USB Wireless LAN Utility.lnk = C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe (Realtek Semiconductor Corp.)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1844237615-1326574676-1177238915-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: 使用快车3下载 - C:\Documents and Settings\Kuba\Dane aplikacji\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: 使用快车3下载全部链接 - C:\Documents and Settings\Kuba\Dane aplikacji\FlashGetBHO\GetAllUrl.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011-06-18 19:00:40 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{3eece206-9dca-11e0-b931-009dda02214c}\Shell\AutoRun\command - "" = J:\Windows\bin\ReaderLibrarySetup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found


SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2011-06-27 02:20:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Dane aplikacji\ObviousIdea
[2011-06-27 02:19:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\ObviousIdea
[2011-06-27 02:19:50 | 000,000,000 | ---D | C] -- C:\Program Files\ObviousIdea
[2011-06-25 22:24:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2011-06-25 22:17:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\iTunes
[2011-06-25 22:16:34 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011-06-25 22:16:29 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011-06-25 22:11:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\QuickTime
[2011-06-25 22:11:39 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2011-06-25 22:09:02 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011-06-25 22:07:30 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011-06-25 21:56:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Temp
[2011-06-25 20:37:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\Apple Computer
[2011-06-25 20:30:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Dane aplikacji\Apple Computer
[2011-06-25 20:29:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011-06-25 20:28:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Apple Computer
[2011-06-25 20:28:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Apple
[2011-06-25 20:28:11 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2011-06-25 20:27:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2011-06-25 20:27:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Apple
[2011-06-25 20:26:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Apple Computer
[2011-06-24 22:14:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sun
[2011-06-24 22:14:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011-06-24 22:14:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2011-06-24 22:14:03 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2011-06-24 22:13:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Dane aplikacji\Sun
[2011-06-24 19:36:12 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011-06-24 19:36:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Menu Start\Programy\HiJackThis
[2011-06-23 18:55:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Office
[2011-06-23 18:54:06 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2011-06-23 18:53:51 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2011-06-23 18:53:19 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2011-06-23 18:53:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2011-06-23 18:52:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2011-06-23 18:50:22 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2011-06-23 18:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2011-06-23 18:49:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Microsoft Help
[2011-06-23 18:48:48 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2011-06-23 18:48:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help
[2011-06-23 18:48:19 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2011-06-23 01:01:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\NapiProjekt
[2011-06-23 01:01:01 | 000,000,000 | ---D | C] -- C:\Program Files\NAPI-PROJEKT
[2011-06-22 22:37:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\DoctorWeb
[2011-06-22 18:30:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\.ssh
[2011-06-22 18:29:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\.nx
[2011-06-22 18:28:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\NX Client for Windows
[2011-06-22 18:28:26 | 000,000,000 | ---D | C] -- C:\Program Files\NX Client for Windows
[2011-06-22 16:46:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Dane aplikacji\FileZilla
[2011-06-22 16:45:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\FileZilla FTP Client
[2011-06-22 16:45:44 | 000,000,000 | ---D | C] -- C:\Program Files\FileZilla FTP Client
[2011-06-22 16:32:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Dane aplikacji\BITS
[2011-06-22 16:32:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Dane aplikacji\FlashGet
[2011-06-22 16:31:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Dane aplikacji\FlashGetBHO
[2011-06-22 16:31:53 | 000,000,000 | ---D | C] -- C:\Program Files\FlashGet Network
[2011-06-22 03:05:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Menu Start\Programy\Google Chrome
[2011-06-21 20:41:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Dane aplikacji\Kadu
[2011-06-21 20:40:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Menu Start\Programy\Kadu
[2011-06-21 20:40:20 | 000,000,000 | ---D | C] -- C:\Program Files\Kadu
[2011-06-21 00:32:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Dane aplikacji\Tlen.pl
[2011-06-21 00:32:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Tlen.pl
[2011-06-21 00:31:13 | 000,000,000 | ---D | C] -- C:\Program Files\Tlen.pl
[2011-06-20 14:56:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\SimAquarium
[2011-06-20 14:53:27 | 000,000,000 | ---D | C] -- C:\Program Files\OldOpera
[2011-06-20 14:40:55 | 003,463,656 | ---- | C] (Digital Illusions Software) -- C:\WINDOWS\SimAQUARIUM2 Tank-1.scr
[2011-06-20 14:40:54 | 000,000,000 | ---D | C] -- C:\Program Files\SimAQUARIUM2
[2011-06-20 14:40:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\SimAQUARIUM 2 Screensaver
[2011-06-20 14:37:12 | 000,000,000 | ---D | C] -- C:\Program Files\OldOpera 9
[2011-06-20 08:39:26 | 001,123,840 | ---- | C] (Karol Winnicki) -- C:\Documents and Settings\Kuba\Pulpit\BESTplayer.exe
[2011-06-20 08:39:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Dane aplikacji\BESTplayer
[2011-06-20 08:38:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\K-Lite Codec Pack
[2011-06-20 08:38:49 | 000,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\WINDOWS\System32\lameACM.acm
[2011-06-20 08:38:48 | 000,237,568 | ---- | C] (www.helixcommunity.org) -- C:\WINDOWS\System32\yv12vfw.dll
[2011-06-20 08:38:48 | 000,151,552 | ---- | C] (fccHandler) -- C:\WINDOWS\System32\ac3acm.acm
[2011-06-20 08:38:44 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack
[2011-06-20 08:08:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Spirograph
[2011-06-20 07:59:02 | 000,000,000 | ---D | C] -- C:\Program Files\ReflexiveArcade
[2011-06-20 07:42:08 | 000,000,000 | ---D | C] -- C:\Program Files\Formosoft
[2011-06-20 07:39:25 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Toolbar
[2011-06-20 07:38:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\DAEMON Tools Lite
[2011-06-20 07:38:19 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2011-06-20 07:35:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Dane aplikacji\DAEMON Tools
[2011-06-20 01:28:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data
[2011-06-20 00:28:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Pulpit\Programy
[2011-06-20 00:22:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Opera
[2011-06-20 00:22:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Dane aplikacji\Opera
[2011-06-20 00:22:16 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2011-06-19 16:16:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Dane aplikacji\Gadu-Gadu 10
[2011-06-19 16:16:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2011-06-19 16:14:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2011-06-19 07:08:27 | 000,000,000 | ---D | C] -- C:\Program Files\ARAX Disk Doctor Data Recovery
[2011-06-19 06:22:47 | 000,000,000 | ---D | C] -- C:\Program Files\Ontrack
[2011-06-19 05:52:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Dane aplikacji\uTorrent
[2011-06-18 22:50:11 | 000,000,000 | ---D | C] -- C:\Program Files\Convar
[2011-06-18 22:27:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Lx_cats
[2011-06-18 22:24:07 | 000,442,368 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeacoin.dll
[2011-06-18 22:23:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\ABBYY FineReader 6.0 Sprint
[2011-06-18 22:22:51 | 000,000,000 | ---D | C] -- C:\Program Files\Abbyy FineReader 6.0 Sprint
[2011-06-18 22:21:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\avast! Free Antivirus
[2011-06-18 22:21:56 | 000,307,928 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011-06-18 22:21:56 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011-06-18 22:21:54 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011-06-18 22:21:53 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011-06-18 22:21:53 | 000,049,240 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011-06-18 22:21:51 | 000,102,616 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011-06-18 22:21:51 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011-06-18 22:21:50 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011-06-18 22:21:49 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark
[2011-06-18 22:21:31 | 000,040,112 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011-06-18 22:21:31 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark Toolbar
[2011-06-18 22:21:30 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011-06-18 22:21:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Lexmark
[2011-06-18 22:21:14 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011-06-18 22:21:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software
[2011-06-18 22:20:55 | 000,847,872 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeausb1.dll
[2011-06-18 22:20:55 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeainpa.dll
[2011-06-18 22:20:55 | 000,356,352 | ---- | C] ( ) -- C:\WINDOWS\System32\LXEAhcp.dll
[2011-06-18 22:20:55 | 000,344,064 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeaiesc.dll
[2011-06-18 22:20:54 | 001,048,576 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeaserv.dll
[2011-06-18 22:20:54 | 000,643,072 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeapmui.dll
[2011-06-18 22:20:54 | 000,577,536 | ---- | C] ( ) -- C:\WINDOWS\System32\lxealmpm.dll
[2011-06-18 22:20:53 | 000,688,128 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeahbn3.dll
[2011-06-18 22:20:53 | 000,324,264 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeaih.exe
[2011-06-18 22:20:52 | 000,802,816 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeacomc.dll
[2011-06-18 22:20:52 | 000,598,696 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeacoms.exe
[2011-06-18 22:20:52 | 000,373,416 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeacfg.exe
[2011-06-18 22:20:52 | 000,372,736 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeacomm.dll
[2011-06-18 22:20:17 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark S300-S400 Series
[2011-06-18 22:15:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\XP
[2011-06-18 22:15:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Vista64
[2011-06-18 22:14:41 | 000,000,000 | ---D | C] -- C:\Temp
[2011-06-18 22:14:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\TOSHIBA
[2011-06-18 22:14:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SDA
[2011-06-18 22:14:06 | 000,290,304 | ---- | C] (Texas Instruments) -- C:\WINDOWS\System32\drivers\tifm21.sys
[2011-06-18 22:14:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2011-06-18 22:14:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\tiinst
[2011-06-18 22:13:32 | 000,000,000 | ---D | C] -- C:\Program Files\TOSHIBA
[2011-06-18 22:09:00 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2011-06-18 22:07:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Lang
[2011-06-18 22:05:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\RTCOM
[2011-06-18 22:04:55 | 002,808,832 | ---- | C] (RealTek Semicoductor Corp.) -- C:\WINDOWS\alcwzrd.exe
[2011-06-18 22:01:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\nView_Profiles
[2011-06-18 22:00:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\nview
[2011-06-18 22:00:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\XTreme-G Drivers
[2011-06-18 21:59:59 | 000,000,000 | ---D | C] -- C:\nVidia Forceware
[2011-06-18 21:55:28 | 000,000,000 | ---D | C] -- C:\Drivers
[2011-06-18 21:18:37 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2011-06-18 20:56:48 | 000,000,000 | ---D | C] -- C:\Intel
[2011-06-18 20:54:07 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2011-06-18 20:53:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2011-06-18 20:48:08 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011-06-18 20:37:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2011-06-18 20:29:04 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2011-06-18 20:29:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2011-06-18 20:28:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2011-06-18 20:28:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2011-06-18 20:28:55 | 000,000,000 | R--D | C] -- C:\Program Files
[2011-06-18 20:28:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2011-06-18 20:28:22 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start
[2011-06-18 20:28:22 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty
[2011-06-18 20:28:22 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart
[2011-06-18 20:28:22 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Szablony
[2011-06-18 20:28:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Ulubione
[2011-06-18 20:28:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Pulpit
[2011-06-18 20:28:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2011-06-18 20:28:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2011-06-18 20:27:57 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft
[2011-06-18 20:27:57 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji
[2011-06-18 20:27:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2011-06-18 20:27:30 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2011-06-18 20:20:51 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2011-06-18 20:20:51 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2011-06-18 20:20:51 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2011-06-18 20:20:51 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl-pl
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\Network Diagnostic
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\L2Schemas
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1045
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2011-06-18 19:30:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2011-06-18 19:30:53 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2011-06-18 19:27:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Menu Start\Programy\WinRAR
[2011-06-18 19:27:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Dane aplikacji\WinRAR
[2011-06-18 19:27:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\WinRAR
[2011-06-18 19:27:47 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2011-06-18 19:27:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Moje dokumenty\Downloads
[2011-06-18 19:25:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Dane aplikacji\Macromedia
[2011-06-18 19:25:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Dane aplikacji\Adobe
[2011-06-18 19:24:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google
[2011-06-18 19:24:33 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Kuba\UserData
[2011-06-18 19:22:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\REALTEK 11n USB Wireless LAN Utility
[2011-06-18 19:21:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\OPTIONS
[2011-06-18 19:21:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\RtlGina
[2011-06-18 19:21:05 | 000,000,000 | ---D | C] -- C:\Program Files\REALTEK
[2011-06-18 19:21:01 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2011-06-18 19:11:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Dane aplikacji\Identities
[2011-06-18 19:11:45 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2011-06-18 19:11:42 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Kuba\Moje dokumenty\Moja muzyka
[2011-06-18 19:11:41 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Kuba\Moje dokumenty\Moje obrazy
[2011-06-18 19:11:36 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Kuba\Dane aplikacji\Microsoft
[2011-06-18 19:11:36 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Kuba\Cookies
[2011-06-18 19:11:36 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Kuba\SendTo
[2011-06-18 19:11:36 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Kuba\Recent
[2011-06-18 19:11:36 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Kuba\Dane aplikacji
[2011-06-18 19:11:36 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Kuba\Ulubione
[2011-06-18 19:11:36 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Kuba\Moje dokumenty
[2011-06-18 19:11:36 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Kuba\Menu Start
[2011-06-18 19:11:36 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Kuba\Menu Start\Programy\Autostart
[2011-06-18 19:11:36 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Kuba\Menu Start\Programy\Akcesoria
[2011-06-18 19:11:36 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Kuba\Szablony
[2011-06-18 19:11:36 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Kuba\PrintHood
[2011-06-18 19:11:36 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Kuba\NetHood
[2011-06-18 19:11:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Pulpit
[2011-06-18 19:11:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Microsoft
[2011-06-18 19:11:35 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Kuba\Ustawienia lokalne
[2011-06-18 19:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2011-06-18 19:10:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2011-06-18 19:10:49 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2011-06-18 19:10:48 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft
[2011-06-18 19:10:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2011-06-18 19:04:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2011-06-18 19:04:40 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[2011-06-18 19:03:01 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2011-06-18 19:03:01 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2011-06-18 19:03:00 | 000,029,184 | ---- | C] (RICOH Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2011-06-18 19:01:41 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2011-06-18 19:01:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2011-06-18 19:01:00 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2011-06-18 19:01:00 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2011-06-18 18:59:43 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2011-06-18 18:59:33 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2011-06-18 18:59:33 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2011-06-18 18:59:23 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2011-06-18 18:59:18 | 000,000,000 | ---D | C] -- C:\Program Files\Usługi online
[2011-06-18 18:59:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2011-06-18 18:58:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2011-06-18 18:58:40 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2011-06-18 18:58:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2011-06-18 18:58:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2011-06-18 18:58:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2011-06-18 18:58:24 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2011-06-18 18:58:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2011-06-18 18:57:58 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2011-06-18 18:57:54 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2011-06-18 18:57:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2011-06-18 18:57:42 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2011-06-18 18:57:41 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje obrazy
[2011-06-18 18:57:13 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Gry
[2011-06-18 18:56:56 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2011-06-18 18:56:47 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Narzędzia administracyjne
[2011-06-18 18:56:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2011-06-18 18:56:37 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moja muzyka
[2011-06-18 18:56:36 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2011-06-18 18:56:28 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2011-06-18 18:56:24 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2011-06-18 18:56:00 | 000,283,136 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2011-06-18 18:55:58 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2011-06-18 18:55:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2011-06-18 18:55:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2011-06-18 18:55:35 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje wideo
[2011-06-18 18:54:54 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Akcesoria
[2006-12-12 10:13:20 | 000,032,768 | ---- | C] (COMPAL ELECTRONIC INC.) -- C:\Documents and Settings\All Users\Dane aplikacji\EBLib.dll
[2006-07-28 15:25:26 | 000,019,456 | ---- | C] (COMPAL ELECTRONIC INC.) -- C:\Documents and Settings\All Users\Dane aplikacji\LPCFilter.sys
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2011-06-27 19:09:00 | 000,001,128 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-1326574676-1177238915-1003UA.job
[2011-06-27 17:21:53 | 000,000,984 | ---- | M] () -- C:\WINDOWS\ssconf2.bin
[2011-06-27 17:16:11 | 000,044,239 | ---- | M] () -- C:\sound32.dll
[2011-06-27 14:26:47 | 000,000,101 | ---- | M] () -- C:\Documents and Settings\Kuba\.Xauthority
[2011-06-27 03:41:53 | 000,007,680 | ---- | M] () -- C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-06-27 03:09:01 | 000,001,076 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-1326574676-1177238915-1003Core.job
[2011-06-27 02:19:55 | 000,000,849 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\Light Image Resizer 4.lnk
[2011-06-26 14:59:46 | 000,210,919 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011-06-26 14:59:22 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011-06-26 14:00:46 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011-06-26 01:00:21 | 000,001,492 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk
[2011-06-25 22:19:09 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011-06-25 22:17:20 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\iTunes.lnk
[2011-06-25 22:11:59 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\QuickTime Player.lnk
[2011-06-25 22:01:06 | 000,000,770 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011-06-24 19:36:55 | 000,002,441 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\HiJackThis.lnk
[2011-06-24 14:13:16 | 000,266,208 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011-06-23 01:01:03 | 000,000,662 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\NapiProjekt.lnk
[2011-06-22 18:29:44 | 000,001,773 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\Shell.lnk
[2011-06-22 18:28:28 | 000,000,695 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\NX Client for Windows.lnk
[2011-06-22 16:45:48 | 000,000,783 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\FileZilla.lnk
[2011-06-22 16:34:27 | 000,000,204 | ---- | M] () -- C:\WINDOWS\System32\secustat.dat
[2011-06-22 16:33:40 | 000,000,025 | ---- | M] () -- C:\WINDOWS\libem.INI
[2011-06-22 03:05:37 | 000,002,295 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\Google Chrome.lnk
[2011-06-22 00:53:12 | 000,001,243 | ---- | M] () -- C:\Documents and Settings\Kuba\Moje dokumenty\Ptasie Mleczko.rtf
[2011-06-22 00:51:06 | 000,001,136 | ---- | M] () -- C:\Documents and Settings\Kuba\Moje dokumenty\Krem czekoladowy.rtf
[2011-06-22 00:50:48 | 000,000,992 | ---- | M] () -- C:\Documents and Settings\Kuba\Moje dokumenty\Ciasto Marchewkowe.rtf
[2011-06-22 00:32:10 | 000,001,178 | ---- | M] () -- C:\Documents and Settings\Kuba\Moje dokumenty\Serniczek.rtf
[2011-06-22 00:04:31 | 000,001,410 | ---- | M] () -- C:\Documents and Settings\Kuba\Moje dokumenty\Chleb Dukana.rtf
[2011-06-21 20:40:57 | 000,000,640 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\Kadu.lnk
[2011-06-20 14:55:13 | 000,000,603 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\OldOpera.lnk
[2011-06-20 14:40:54 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\SimAQUARIUM v2.06 Tank-1.lnk
[2011-06-20 08:38:14 | 001,123,840 | ---- | M] (Karol Winnicki) -- C:\Documents and Settings\Kuba\Pulpit\BESTplayer.exe
[2011-06-20 07:38:25 | 000,000,733 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\DAEMON Tools Lite.lnk
[2011-06-19 18:21:51 | 000,000,313 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\Kuba - Utrata Wagi.html
[2011-06-19 16:09:36 | 000,448,586 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2011-06-19 16:09:36 | 000,392,630 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011-06-19 16:09:36 | 000,074,648 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2011-06-19 16:09:36 | 000,058,930 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011-06-18 22:27:00 | 000,198,605 | ---- | M] () -- C:\WINDOWS\System32\LexFiles.ulf
[2011-06-18 22:21:52 | 000,002,644 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011-06-18 22:07:39 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\Mój komputer.lnk
[2011-06-18 22:07:37 | 000,000,344 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\Moje dokumenty.lnk
[2011-06-18 22:07:01 | 000,940,794 | ---- | M] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2011-06-18 22:07:01 | 000,146,650 | ---- | M] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2011-06-18 20:53:23 | 000,004,444 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF
[2011-06-18 19:22:06 | 000,001,828 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\REALTEK 11n USB Wireless LAN Utility.lnk
[2011-06-18 19:22:00 | 000,376,832 | ---- | M] () -- C:\WINDOWS\System32\AegisI5Installer.exe
[2011-06-18 19:04:44 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2011-06-18 19:03:35 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2011-06-18 19:00:40 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2011-06-18 19:00:40 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2011-06-18 19:00:40 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2011-06-18 19:00:40 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2011-06-18 19:00:37 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2011-06-18 19:00:36 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2011-06-18 19:00:36 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2011-06-18 19:00:25 | 000,004,293 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2011-06-18 18:57:11 | 000,021,856 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011-06-18 18:54:18 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2011-06-16 09:00:00 | 000,073,216 | ---- | M] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011-06-16 09:00:00 | 000,000,038 | ---- | M] () -- C:\WINDOWS\avisplitter.ini
[2011-06-02 01:15:52 | 000,243,200 | ---- | M] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011-06-02 01:10:30 | 000,644,608 | ---- | M] () -- C:\WINDOWS\System32\xvidcore.dll
[2011-05-10 13:10:59 | 000,040,112 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011-05-10 13:10:55 | 000,199,304 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011-05-10 13:03:54 | 000,441,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011-05-10 13:03:44 | 000,307,928 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011-05-10 13:02:37 | 000,049,240 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011-05-10 13:02:25 | 000,102,616 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011-05-10 13:02:22 | 000,096,344 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011-05-10 12:59:56 | 000,025,432 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011-05-10 12:59:37 | 000,030,808 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011-05-10 12:59:35 | 000,019,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011-06-27 02:19:55 | 000,000,849 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\Light Image Resizer 4.lnk
[2011-06-26 01:00:22 | 000,001,498 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Opera.lnk
[2011-06-26 01:00:21 | 000,001,492 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk
[2011-06-25 22:19:08 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011-06-25 22:17:20 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\iTunes.lnk
[2011-06-25 22:11:59 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\QuickTime Player.lnk
[2011-06-25 20:28:13 | 000,001,830 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Apple Software Update.lnk
[2011-06-24 19:36:12 | 000,002,441 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\HiJackThis.lnk
[2011-06-23 01:01:03 | 000,000,662 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\NapiProjekt.lnk
[2011-06-22 18:30:14 | 000,000,101 | ---- | C] () -- C:\Documents and Settings\Kuba\.Xauthority
[2011-06-22 18:29:44 | 000,001,773 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\Shell.lnk
[2011-06-22 18:28:28 | 000,000,695 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\NX Client for Windows.lnk
[2011-06-22 16:45:48 | 000,000,783 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\FileZilla.lnk
[2011-06-22 16:34:27 | 000,000,204 | ---- | C] () -- C:\WINDOWS\System32\secustat.dat
[2011-06-22 16:33:40 | 000,000,025 | ---- | C] () -- C:\WINDOWS\libem.INI
[2011-06-22 03:05:37 | 000,002,295 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\Google Chrome.lnk
[2011-06-22 03:04:49 | 000,001,128 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-1326574676-1177238915-1003UA.job
[2011-06-22 03:04:48 | 000,001,076 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-1326574676-1177238915-1003Core.job
[2011-06-22 00:53:12 | 000,001,243 | ---- | C] () -- C:\Documents and Settings\Kuba\Moje dokumenty\Ptasie Mleczko.rtf
[2011-06-22 00:51:06 | 000,001,136 | ---- | C] () -- C:\Documents and Settings\Kuba\Moje dokumenty\Krem czekoladowy.rtf
[2011-06-22 00:50:48 | 000,000,992 | ---- | C] () -- C:\Documents and Settings\Kuba\Moje dokumenty\Ciasto Marchewkowe.rtf
[2011-06-22 00:32:10 | 000,001,178 | ---- | C] () -- C:\Documents and Settings\Kuba\Moje dokumenty\Serniczek.rtf
[2011-06-22 00:04:31 | 000,001,410 | ---- | C] () -- C:\Documents and Settings\Kuba\Moje dokumenty\Chleb Dukana.rtf
[2011-06-21 20:40:57 | 000,000,640 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\Kadu.lnk
[2011-06-20 14:56:25 | 000,002,070 | ---- | C] () -- C:\Documents and Settings\Kuba\Menu Start\Programy\SimAquarium.lnk
[2011-06-20 14:55:19 | 000,000,603 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\OldOpera.lnk
[2011-06-20 14:40:54 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\SimAQUARIUM v2.06 Tank-1.lnk
[2011-06-20 14:31:29 | 000,044,239 | ---- | C] () -- C:\sound32.dll
[2011-06-20 14:29:25 | 000,000,984 | ---- | C] () -- C:\WINDOWS\ssconf2.bin
[2011-06-20 08:40:52 | 000,007,680 | ---- | C] () -- C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-06-20 08:38:54 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2011-06-20 08:38:54 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2011-06-20 08:38:49 | 000,000,414 | ---- | C] () -- C:\WINDOWS\System32\lame_acm.xml
[2011-06-20 08:38:48 | 000,644,608 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011-06-20 08:38:48 | 000,243,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011-06-20 08:38:47 | 000,073,216 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011-06-20 08:08:50 | 000,002,092 | ---- | C] () -- C:\Documents and Settings\Kuba\Menu Start\Programy\Spirograph.lnk
[2011-06-20 07:38:25 | 000,000,733 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\DAEMON Tools Lite.lnk
[2011-06-19 18:21:50 | 000,000,313 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\Kuba - Utrata Wagi.html
[2011-06-19 06:23:17 | 000,000,634 | ---- | C] () -- C:\WINDOWS\System32\MAPISVC.INF
[2011-06-18 22:35:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\vusetup.dll
[2011-06-18 22:24:14 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxeavs.dll
[2011-06-18 22:23:59 | 000,070,133 | ---- | C] () -- C:\WINDOWS\System32\lxeaprpr.chm
[2011-06-18 22:23:58 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\lxeagcfg.dll
[2011-06-18 22:23:57 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\lxeacui.dll
[2011-06-18 22:23:57 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\lxeacuir.dll
[2011-06-18 22:23:57 | 000,008,694 | ---- | C] () -- C:\WINDOWS\System32\lxeacommuilogo_rtl.bmp
[2011-06-18 22:23:57 | 000,008,694 | ---- | C] () -- C:\WINDOWS\System32\lxeacommuilogo.bmp
[2011-06-18 22:21:12 | 000,000,044 | -H-- | C] () -- C:\WINDOWS\System32\lxearwrd.ini
[2011-06-18 22:20:56 | 000,198,605 | ---- | C] () -- C:\WINDOWS\System32\LexFiles.ulf
[2011-06-18 22:20:55 | 000,331,776 | ---- | C] () -- C:\WINDOWS\System32\LXEAinst.dll
[2011-06-18 22:20:53 | 000,323,584 | ---- | C] () -- C:\WINDOWS\System32\lxeains.dll
[2011-06-18 22:20:53 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\lxeainsb.dll
[2011-06-18 22:20:53 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lxeagrd.dll
[2011-06-18 22:20:53 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\lxeainsr.dll
[2011-06-18 22:20:53 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\lxeajswr.dll
[2011-06-18 22:20:52 | 000,253,952 | ---- | C] () -- C:\WINDOWS\System32\lxeacu.dll
[2011-06-18 22:20:52 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\lxeacub.dll
[2011-06-18 22:20:52 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\lxeacur.dll
[2011-06-18 22:20:51 | 000,002,106 | ---- | C] () -- C:\WINDOWS\System32\lxea.loc
[2011-06-18 22:20:17 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\LXEAsmr.dll
[2011-06-18 22:20:16 | 000,299,008 | ---- | C] () -- C:\WINDOWS\System32\LXEAsm.dll
[2011-06-18 22:15:21 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\EBLib.DLL
[2011-06-18 22:13:32 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\TDispVol.dll
[2011-06-18 22:07:39 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\Mój komputer.lnk
[2011-06-18 22:07:37 | 000,000,344 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\Moje dokumenty.lnk
[2011-06-18 22:07:01 | 000,940,794 | ---- | C] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2011-06-18 22:07:01 | 000,146,650 | ---- | C] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2011-06-18 22:05:38 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2011-06-18 22:05:07 | 000,000,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTHDAEQ3.dat
[2011-06-18 22:05:07 | 000,000,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTHDAEQ2.dat
[2011-06-18 22:05:07 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\RtkHDAud.dat
[2011-06-18 22:00:26 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2011-06-18 22:00:26 | 001,657,376 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2011-06-18 22:00:26 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2011-06-18 22:00:26 | 001,346,080 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2011-06-18 22:00:26 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2011-06-18 22:00:26 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2011-06-18 22:00:26 | 000,449,056 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2011-06-18 22:00:26 | 000,436,768 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2011-06-18 22:00:26 | 000,210,919 | ---- | C] () -- C:\WINDOWS\System32\nvapps.xml
[2011-06-18 22:00:26 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\nvtuicpl.cpl
[2011-06-18 22:00:26 | 000,018,795 | ---- | C] () -- C:\WINDOWS\System32\nvdisp.nvu
[2011-06-18 20:53:23 | 000,004,444 | ---- | C] () -- C:\WINDOWS\System32\pid.PNF
[2011-06-18 20:29:03 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011-06-18 20:29:01 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2011-06-18 20:29:00 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2011-06-18 20:29:00 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2011-06-18 20:28:59 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2011-06-18 20:28:38 | 000,001,734 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2011-06-18 20:28:20 | 000,399,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2011-06-18 20:28:20 | 000,144,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2011-06-18 20:28:20 | 000,105,628 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2011-06-18 20:28:20 | 000,037,509 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2011-06-18 20:28:20 | 000,034,747 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2011-06-18 20:28:20 | 000,033,765 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2011-06-18 20:28:20 | 000,016,825 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2011-06-18 20:28:20 | 000,013,497 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2011-06-18 20:28:20 | 000,012,363 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2011-06-18 20:28:20 | 000,010,027 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2011-06-18 20:28:20 | 000,008,599 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2011-06-18 20:28:20 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2011-06-18 20:28:20 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2011-06-18 20:28:19 | 002,033,887 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2011-06-18 20:28:19 | 001,246,357 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP3.CAT
[2011-06-18 20:28:19 | 000,808,524 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2011-06-18 20:28:19 | 000,634,012 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2011-06-18 20:27:30 | 000,266,208 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011-06-18 20:26:27 | 000,000,211 | -HS- | C] () -- C:\boot.ini
[2011-06-18 20:26:22 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2011-06-18 19:22:06 | 000,001,828 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\REALTEK 11n USB Wireless LAN Utility.lnk
[2011-06-18 19:21:56 | 000,376,832 | ---- | C] () -- C:\WINDOWS\System32\AegisI5Installer.exe
[2011-06-18 19:21:05 | 000,451,072 | ---- | C] () -- C:\WINDOWS\System32\ISSRemoveSP.exe
[2011-06-18 19:11:48 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Kuba\Menu Start\Programy\Outlook Express.lnk
[2011-06-18 19:11:46 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\Kuba\Menu Start\Programy\Internet Explorer.lnk
[2011-06-18 19:11:37 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\Kuba\Menu Start\Programy\Pomoc zdalna.lnk
[2011-06-18 19:11:37 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Kuba\Menu Start\Programy\Windows Media Player.lnk
[2011-06-18 19:04:44 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2011-06-18 19:03:35 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011-06-18 19:02:54 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2011-06-18 19:02:31 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2011-06-18 19:02:25 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2011-06-18 19:02:23 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2011-06-18 19:02:21 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2011-06-18 19:02:08 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2011-06-18 19:02:02 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2011-06-18 19:01:58 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2011-06-18 19:01:44 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2011-06-18 19:00:40 | 000,002,644 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2011-06-18 19:00:40 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2011-06-18 19:00:40 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2011-06-18 19:00:40 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2011-06-18 19:00:40 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2011-06-18 19:00:36 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2011-06-18 19:00:36 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2011-06-18 19:00:35 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2011-06-18 18:59:22 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Windows Movie Maker.lnk
[2011-06-18 18:59:07 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2011-06-18 18:58:51 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2011-06-18 18:58:51 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2011-06-18 18:58:45 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2011-06-18 18:58:04 | 000,380,416 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2011-06-18 18:57:13 | 000,000,643 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Windows Messenger.lnk
[2011-06-18 18:57:11 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011-06-18 18:56:11 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Pod mikroskopem.bmp
[2011-06-18 18:56:11 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Stiuk z Santa Fe.bmp
[2011-06-18 18:56:11 | 000,026,680 | ---- | C] () -- C:\WINDOWS\Wachlarze.bmp
[2011-06-18 18:56:11 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Nefryt.bmp
[2011-06-18 18:56:11 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rododendron.bmp
[2011-06-18 18:56:11 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Na rybkach.bmp
[2011-06-18 18:56:11 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Indiański pled.bmp
[2011-06-18 18:56:10 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Bąbelki.bmp
[2011-06-18 18:56:10 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Kawa.bmp
[2011-06-18 18:56:10 | 000,016,730 | ---- | C] () -- C:\WINDOWS\Puch.bmp
[2011-06-18 18:56:10 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Niebieska koronka 16.bmp
[2011-06-18 18:56:07 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2011-06-18 18:56:07 | 000,001,225 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2011-06-18 18:56:06 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2011-06-18 18:56:01 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2008-04-14 22:16:20 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2006-12-31 06:57:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006-01-04 09:59:52 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\TCtrlIO.dll
[2003-01-28 00:09:20 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\libexpat.dll
[2001-10-26 19:15:16 | 000,448,586 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat
[2001-10-26 19:15:16 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat
[2001-10-26 19:15:16 | 000,074,648 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat
[2001-10-26 19:15:16 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat
[2001-08-23 16:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001-08-23 16:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001-08-18 00:30:24 | 000,392,630 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001-08-18 00:30:24 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001-08-18 00:30:24 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001-08-18 00:30:22 | 000,058,930 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001-08-18 00:15:38 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001-07-22 01:36:48 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001-07-22 01:36:04 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001-07-22 01:24:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

[color=#E56717]========== LOP Check ==========[/color]

[2011-06-18 22:21:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software
[2011-06-19 16:16:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2011-06-21 00:32:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Tlen.pl
[2011-06-18 22:15:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Vista64
[2011-06-18 22:16:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\XP
[2011-06-25 20:30:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011-06-20 08:39:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\BESTplayer
[2011-06-22 16:34:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\BITS
[2011-06-20 07:35:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\DAEMON Tools
[2011-06-27 17:54:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\FileZilla
[2011-06-22 16:32:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\FlashGet
[2011-06-22 16:31:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\FlashGetBHO
[2011-06-19 19:34:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\Gadu-Gadu 10
[2011-06-27 14:07:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\Kadu
[2011-06-27 02:22:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\ObviousIdea
[2011-06-26 01:00:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\Opera
[2011-06-21 00:33:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\Tlen.pl
[2011-06-22 16:56:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\uTorrent

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2011-06-18 19:00:40 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2011-06-18 18:54:18 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2001-07-22 01:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2011-06-18 19:00:40 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2011-06-18 19:00:40 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2011-06-18 19:00:40 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008-04-13 21:13:04 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008-04-13 23:02:00 | 000,251,152 | RHS- | M] () -- C:\ntldr
[2011-06-26 14:59:15 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[2011-06-27 17:16:11 | 000,044,239 | ---- | M] () -- C:\sound32.dll


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2008-04-14 22:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2008-04-14 22:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008-04-13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008-04-13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008-04-13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2001-08-18 00:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2001-08-18 00:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2008-04-14 22:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008-04-13 23:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2008-04-14 21:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008-04-14 21:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-04-13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008-04-13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2008-04-14 21:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008-04-14 21:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe

< End of report >
[/log]

Extras.TXT (OTL):

[log]OTL Extras logfile created on: 2011-06-27 19:31:39 - Run 1
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Documents and Settings\Kuba\Moje dokumenty\Downloads
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,06 Gb Available Physical Memory | 53,02% Memory free
3,85 Gb Paging File | 3,02 Gb Available in Paging File | 78,49% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 43,42 Gb Total Space | 32,52 Gb Free Space | 74,90% Space Free | Partition Type: NTFS
Drive D: | 68,36 Gb Total Space | 51,71 Gb Free Space | 75,64% Space Free | Partition Type: NTFS
Drive G: | 3,74 Gb Total Space | 3,61 Gb Free Space | 96,60% Space Free | Partition Type: FAT32

Computer Name: COMPANY | User Name: Kuba | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-1844237615-1326574676-1177238915-1003\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1542:TCP" = 1542:TCP:*:Enabled:Realtek WPS TCP Prot
"1542:UDP" = 1542:UDP:*:Enabled:Realtek WPS UDP Prot
"53:UDP" = 53:UDP:*:Enabled:Realtek AP UDP Prot

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe" = C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe:*:Enabled:RtWlan -- (Realtek Semiconductor Corp.)
"C:\WINDOWS\system32\lxeacoms.exe" = C:\WINDOWS\system32\lxeacoms.exe:*:Enabled:S300-S400 Series Server -- ( )
"C:\Program Files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe" = C:\Program Files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe:*:Enabled:ABBYY FineReader -- (ABBYY (BIT Software))
"C:\Program Files\Gadu-Gadu 10\gg.exe" = C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Program Files\OldOpera\opera.exe" = C:\Program Files\OldOpera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Program Files\Tlen.pl\tlen.exe" = C:\Program Files\Tlen.pl\tlen.exe:*:Enabled:Komunikator Tlen.pl
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3
"C:\Program Files\NX Client for Windows\nxclient.exe" = C:\Program Files\NX Client for Windows\nxclient.exe:*:Enabled:nxclient -- ()
"C:\Program Files\NX Client for Windows\bin\nxssh.exe" = C:\Program Files\NX Client for Windows\bin\nxssh.exe:*:Enabled:nxssh -- ()


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5BCA8D15-BCB6-421E-9654-238B43456A4F}" = TOSHIBA Controls Driver
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}" = MobileMe Control Panel
"{7E6066E6-8B5B-4100-B0FA-1D9E9B663CBA}" = iTunes
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{90120000-0010-0415-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Polish) 12
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007
"{9C049499-055C-4a0c-A916-1D8CA1FF45EB}" = REALTEK Wireless LAN Driver and Utility
"{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}" = TOSHIBA Controls
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support
"{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour
"{C441297F-C9F2-4177-9D5F-1B10F0358E32}" = Opera 10.54
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{DB780B85-B4B5-4864-A49C-9B706B169C93}" = TIPCI
"{EBE030DD-D404-4D92-85E9-8C3624820808}_is1" = Light Image Resizer 4.0.6.8
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"avast" = avast! Free Antivirus
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FileZilla Client" = FileZilla Client 3.5.0
"InstallShield_{DB780B85-B4B5-4864-A49C-9B706B169C93}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"Kadu" = Kadu 0.9.2
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.2.0 (Full)
"Lexmark S300-S400 Series" = Lexmark S300-S400 Series
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"NapiProjekt_is1" = NapiProjekt 1.0.6.9
"NVIDIA Drivers" = NVIDIA Drivers
"nxclient_is1" = NX Client for Windows 3.5.0-5
"Opera 11.11.2109" = Opera 11.11
"SimAQUARIUM2 Tank-1 Screensaver_is1" = SimAQUARIUM2 Tank-1 Screensaver
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR 4.01 (32-bitowy)
"XTreme-G Drivers_is1" = XTreme-G 182.06m XP 32bit

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-1844237615-1326574676-1177238915-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"SimAquarium" = SimAquarium
"Spirograph" = Spirograph

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2011-06-22 17:19:44 | Computer Name = COMPANY | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd nxclient.exe, wersja 0.0.0.0, moduł powodujący
błąd unknown, wersja 0.0.0.0, adres błędu 0x00d81e2c.

Error - 2011-06-25 17:21:54 | Computer Name = COMPANY | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd kadu.exe, wersja 0.6.6.0, moduł powodujący
błąd qtwebkit4.dll, wersja 4.7.3.0, adres błędu 0x006cfce6.

[ System Events ]
Error - 2011-06-24 09:13:39 | Computer Name = COMPANY | Source = Service Control Manager | ID = 7009
Description = Limit czasu (30000 milisekund) podczas oczekiwania na połączenie się
z usługą lxeaCATSCustConnectService.

Error - 2011-06-24 09:13:39 | Computer Name = COMPANY | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi lxeaCATSCustConnectService z powodu następującego
błędu: %%1053

Error - 2011-06-25 01:04:08 | Computer Name = COMPANY | Source = Service Control Manager | ID = 7009
Description = Limit czasu (30000 milisekund) podczas oczekiwania na połączenie się
z usługą lxeaCATSCustConnectService.

Error - 2011-06-25 01:04:08 | Computer Name = COMPANY | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi lxeaCATSCustConnectService z powodu następującego
błędu: %%1053

Error - 2011-06-26 09:00:57 | Computer Name = COMPANY | Source = Service Control Manager | ID = 7009
Description = Limit czasu (30000 milisekund) podczas oczekiwania na połączenie się
z usługą lxeaCATSCustConnectService.

Error - 2011-06-26 09:00:57 | Computer Name = COMPANY | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi lxeaCATSCustConnectService z powodu następującego
błędu: %%1053

Error - 2011-06-26 09:47:46 | Computer Name = COMPANY | Source = Service Control Manager | ID = 7011
Description = Limit czasu (30000 milisekund) podczas oczekiwania na odpowiedź transakcji
z usługi stisvc.

Error - 2011-06-26 09:48:16 | Computer Name = COMPANY | Source = Service Control Manager | ID = 7011
Description = Limit czasu (30000 milisekund) podczas oczekiwania na odpowiedź transakcji
z usługi stisvc.

Error - 2011-06-26 09:59:54 | Computer Name = COMPANY | Source = Service Control Manager | ID = 7009
Description = Limit czasu (30000 milisekund) podczas oczekiwania na połączenie się
z usługą lxeaCATSCustConnectService.

Error - 2011-06-26 09:59:54 | Computer Name = COMPANY | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi lxeaCATSCustConnectService z powodu następującego
błędu: %%1053


< End of report >
[/log]

RSIT info.TXT:

[log]info.txt logfile of random's system information tool 1.08 2011-06-27 19:41:06

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
ABBYY FineReader 6.0 Sprint-->MsiExec.exe /X{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Apple Application Support-->MsiExec.exe /I{B3575D00-27EF-49C2-B9E0-14B3D954E992}
Apple Mobile Device Support-->MsiExec.exe /I{C23CD6DA-1958-43A5-ADD0-59396572E02E}
Apple Software Update-->MsiExec.exe /I{C6579A65-9CAE-4B31-8B6B-3306E0630A66}
avast! Free Antivirus-->C:\Program Files\AVAST Software\Avast\aswRunDll.exe "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
Bonjour-->MsiExec.exe /X{C2E4B5BD-32DB-4817-A060-341AB17C3F90}
DAEMON Tools Toolbar-->C:\Program Files\DAEMON Tools Toolbar\uninst.exe
FileZilla Client 3.5.0-->C:\Program Files\FileZilla FTP Client\uninstall.exe
HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7}
iTunes-->MsiExec.exe /I{7E6066E6-8B5B-4100-B0FA-1D9E9B663CBA}
Java(TM) 6 Update 26-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216026FF}
Kadu 0.9.2-->C:\Program Files\Kadu\uninst.exe
K-Lite Codec Pack 7.2.0 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
Lexmark S300-S400 Series-->C:\Program Files\Lexmark S300-S400 Series\Install\x86\instgui.exe /u
Light Image Resizer 4.0.6.8-->"C:\Program Files\ObviousIdea\Image Resizer 4\unins000.exe"
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Office Access MUI (Polish) 2007-->MsiExec.exe /X{90120000-0015-0415-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Polish) 2007-->MsiExec.exe /X{90120000-0016-0415-0000-0000000FF1CE}
Microsoft Office Groove MUI (Polish) 2007-->MsiExec.exe /X{90120000-00BA-0415-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Polish) 2007-->MsiExec.exe /X{90120000-0044-0415-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Polish) 2007-->MsiExec.exe /X{90120000-00A1-0415-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Polish) 2007-->MsiExec.exe /X{90120000-001A-0415-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Polish) 2007-->MsiExec.exe /X{90120000-0018-0415-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Polish) 2007-->MsiExec.exe /X{90120000-001F-0415-0000-0000000FF1CE}
Microsoft Office Proofing (Polish) 2007-->MsiExec.exe /X{90120000-002C-0415-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Polish) 2007-->MsiExec.exe /X{90120000-0019-0415-0000-0000000FF1CE}
Microsoft Office Shared MUI (Polish) 2007-->MsiExec.exe /X{90120000-006E-0415-0000-0000000FF1CE}
Microsoft Office Word MUI (Polish) 2007-->MsiExec.exe /X{90120000-001B-0415-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
NapiProjekt 1.0.6.9-->"C:\Program Files\NAPI-PROJEKT\unins000.exe"
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
NX Client for Windows 3.5.0-5-->"C:\Program Files\NX Client for Windows\unins000.exe"
Opera 10.54-->MsiExec.exe /X{C441297F-C9F2-4177-9D5F-1B10F0358E32}
Opera 11.11-->"C:\Program Files\Opera\Opera.exe" /uninstall
QuickTime-->MsiExec.exe /I{57752979-A1C9-4C02-856B-FBB27AC4E02C}
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x15 -removeonly
REALTEK Wireless LAN Driver and Utility-->C:\Program Files\InstallShield Installation Information\{9C049499-055C-4a0c-A916-1D8CA1FF45EB}\Install.exe -uninst -l0x15
SimAQUARIUM2 Tank-1 Screensaver-->"C:\Program Files\SimAQUARIUM2\unins000.exe"
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Texas Instruments PCIxx21/x515/xx12 drivers.-->C:\Program Files\InstallShield Installation Information\{DB780B85-B4B5-4864-A49C-9B706B169C93}\setup.exe -runfromtemp -l0x0409
TOSHIBA Controls-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}\Setup.exe" -l0x9 UNINSTALL
TOSHIBA SD Memory Utilities-->MsiExec.exe /X{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}
WinRAR 4.01 (32-bitowy)-->C:\Program Files\WinRAR\uninstall.exe
XTreme-G 182.06m XP 32bit-->"C:\nVidia Forceware\XTreme-G 182.06m XP 32bit\unins000.exe"

======Hosts File======

74.208.10.249 gs.apple.com

======System event log======

Computer Name: COMPANY
Event Code: 15007
Message: Pomyślnie dodano rezerwację przestrzeni nazw, identyfikowaną przez prefiks adresu URL http://*:2869/.

Record Number: 5
Source Name: HTTP
Time Written: 20110618185922.000000+060
Event Type: informacje
User:

Computer Name: COMPANY
Event Code: 3260
Message: Ten komputer został pomyślnie przyłączony do workgroup „GRUPA_ROBOCZA”.

Record Number: 4
Source Name: Workstation
Time Written: 20110618185535.000000+060
Event Type: informacje
User:

Computer Name: COMPANY
Event Code: 6011
Message: Nazwa NetBIOS i nazwa hosta DNS tego komputera uległy zmianie z MACHINENAME na COMPANY.

Record Number: 3
Source Name: EventLog
Time Written: 20110618185421.000000+060
Event Type: informacje
User:

Computer Name: MACHINENAME
Event Code: 6005
Message: Uruchomiono usługę Dziennik zdarzeń.

Record Number: 2
Source Name: EventLog
Time Written: 20110618202741.000000+060
Event Type: informacje
User:

Computer Name: MACHINENAME
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Dodatek Service Pack 3 Multiprocessor Free.

Record Number: 1
Source Name: EventLog
Time Written: 20110618202741.000000+060
Event Type: informacje
User:

=====Application event log=====

Computer Name: COMPANY
Event Code: 1000
Message: Liczniki wydajności dla usługi MSDTC (MSDTC) zostały pomyślnie załadowane.
Dane rekordu zawierają nowe wartości indeksu przypisane
do tej usługi.

Record Number: 5
Source Name: LoadPerf
Time Written: 20110618185640.000000+060
Event Type: informacje
User:

Computer Name: COMPANY
Event Code: 1000
Message: Liczniki wydajności dla usługi TermService (Usługi terminalowe) zostały pomyślnie załadowane.
Dane rekordu zawierają nowe wartości indeksu przypisane
do tej usługi.

Record Number: 4
Source Name: LoadPerf
Time Written: 20110618185636.000000+060
Event Type: informacje
User:

Computer Name: COMPANY
Event Code: 1000
Message: Liczniki wydajności dla usługi RemoteAccess (Routing i dostęp zdalny) zostały pomyślnie załadowane.
Dane rekordu zawierają nowe wartości indeksu przypisane
do tej usługi.

Record Number: 3
Source Name: LoadPerf
Time Written: 20110618185518.000000+060
Event Type: informacje
User:

Computer Name: COMPANY
Event Code: 1000
Message: Liczniki wydajności dla usługi PSched (PSched) zostały pomyślnie załadowane.
Dane rekordu zawierają nowe wartości indeksu przypisane
do tej usługi.

Record Number: 2
Source Name: LoadPerf
Time Written: 20110618185438.000000+060
Event Type: informacje
User:

Computer Name: COMPANY
Event Code: 1000
Message: Liczniki wydajności dla usługi RSVP (QoS RSVP) zostały pomyślnie załadowane.
Dane rekordu zawierają nowe wartości indeksu przypisane
do tej usługi.

Record Number: 1
Source Name: LoadPerf
Time Written: 20110618185436.000000+060
Event Type: informacje
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Smart Projects\IsoBuster;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 14 Stepping 12, GenuineIntel
"PROCESSOR_REVISION"=0e0c
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"asl.log"=Destination=file
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------
[/log]

RSIT log.TXT:
[log]Logfile of random's system information tool 1.08 (written by random/random)
Run by Kuba at 2011-06-27 19:40:58
Microsoft Windows XP Professional Dodatek Service Pack 3
System drive C: has 33 GB (75%) free of 44 GB
Total RAM: 2046 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:41:03, on 2011-06-27
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\lxeacoms.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\WINDOWS\system32\TDispVol.exe
C:\WINDOWS\system32\TCtrlIOHook.exe
C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe
C:\Program Files\Lexmark S300-S400 Series\ezprint.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Kadu\kadu.exe
C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
C:\Program Files\FileZilla FTP Client\filezilla.exe
C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
C:\WINDOWS\notepad.exe
C:\WINDOWS\notepad.exe
C:\Documents and Settings\Kuba\Moje dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\Kuba.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O1 - Hosts: 74.208.10.249 gs.apple.com
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [TDispVol] TDispVol.exe
O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe
O4 - HKLM\..\Run: [lxeamon.exe] "C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark S300-S400 Series\ezprint.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Komunikator] C:\Program Files\Tlen.pl\tlen.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: REALTEK 11n USB Wireless LAN Utility.lnk = C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Usługa Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Usługa iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: lxeaCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxeaserv.exe
O23 - Service: lxea_device - - C:\WINDOWS\system32\lxeacoms.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 8100 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-1326574676-1177238915-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-1326574676-1177238915-1003UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-06-24 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-06-24 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2011-04-21 1000768]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-02-09 13680640]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-02-09 86016]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-08-10 16384000]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-07-25 888832]
"TFncKy"=TFncKy.exe []
"TDispVol"=C:\WINDOWS\system32\TDispVol.exe [2005-12-27 73728]
"TCtryIOHook"=C:\WINDOWS\system32\TCtrlIOHook.exe [2007-06-30 28672]
"lxeamon.exe"=C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe [2010-05-05 770728]
"EzPrint"=C:\Program Files\Lexmark S300-S400 Series\ezprint.exe [2010-05-05 148280]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-05-10 3459712]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2011-04-20 58656]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-11-29 421888]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2011-06-07 421160]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-07-24 490952]
"Komunikator"=C:\Program Files\Tlen.pl\tlen.exe []
"Google Update"=C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [2011-06-22 136176]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart
REALTEK 11n USB Wireless LAN Utility.lnk - C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe"="C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe:*:Enabled:RtWlan"
"C:\WINDOWS\system32\lxeacoms.exe"="C:\WINDOWS\system32\lxeacoms.exe:*:Enabled:S300-S400 Series Server"
"C:\Program Files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe"="C:\Program Files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe:*:Enabled:ABBYY FineReader"
"C:\Program Files\Gadu-Gadu 10\gg.exe"="C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\OldOpera\opera.exe"="C:\Program Files\OldOpera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Tlen.pl\tlen.exe"="C:\Program Files\Tlen.pl\tlen.exe:*:Enabled:Komunikator Tlen.pl"
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"
"C:\Program Files\NX Client for Windows\nxclient.exe"="C:\Program Files\NX Client for Windows\nxclient.exe:*:Enabled:nxclient"
"C:\Program Files\NX Client for Windows\bin\nxssh.exe"="C:\Program Files\NX Client for Windows\bin\nxssh.exe:*:Enabled:nxssh"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Usługa Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2011-06-27 19:40:58 ----D---- C:\rsit
2011-06-27 02:20:17 ----D---- C:\Documents and Settings\Kuba\Dane aplikacji\ObviousIdea
2011-06-27 02:19:50 ----D---- C:\Program Files\ObviousIdea
2011-06-25 22:24:51 ----D---- C:\WINDOWS\system32\LogFiles
2011-06-25 22:16:34 ----D---- C:\Program Files\iPod
2011-06-25 22:16:29 ----D---- C:\Program Files\iTunes
2011-06-25 22:11:39 ----D---- C:\Program Files\QuickTime
2011-06-25 22:09:02 ----D---- C:\Program Files\Bonjour
2011-06-25 22:07:30 ----SHD---- C:\Config.Msi
2011-06-25 20:30:43 ----D---- C:\Documents and Settings\Kuba\Dane aplikacji\Apple Computer
2011-06-25 20:30:19 ----A---- C:\WINDOWS\system32\GEARAspi.dll
2011-06-25 20:30:19 ----A---- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
2011-06-25 20:29:22 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2011-06-25 20:28:26 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Apple Computer
2011-06-25 20:28:11 ----D---- C:\Program Files\Apple Software Update
2011-06-25 20:28:00 ----A---- C:\WINDOWS\system32\usbaaplrc.dll
2011-06-25 20:28:00 ----A---- C:\WINDOWS\system32\drivers\usbaapl.sys
2011-06-25 20:27:13 ----D---- C:\Program Files\Common Files\Apple
2011-06-25 20:27:13 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Apple
2011-06-24 22:14:45 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Sun
2011-06-24 22:14:43 ----D---- C:\Program Files\Common Files\Java
2011-06-24 22:14:37 ----D---- C:\WINDOWS\Sun
2011-06-24 22:14:20 ----A---- C:\WINDOWS\system32\javaws.exe
2011-06-24 22:14:20 ----A---- C:\WINDOWS\system32\javaw.exe
2011-06-24 22:14:20 ----A---- C:\WINDOWS\system32\java.exe
2011-06-24 22:14:20 ----A---- C:\WINDOWS\system32\deployJava1.dll
2011-06-24 22:14:03 ----D---- C:\Program Files\Java
2011-06-24 22:13:26 ----D---- C:\Documents and Settings\Kuba\Dane aplikacji\Sun
2011-06-24 19:36:12 ----D---- C:\Program Files\Trend Micro
2011-06-23 18:55:05 ----A---- C:\WINDOWS\system32\msonpmon.dll
2011-06-23 18:54:06 ----D---- C:\Program Files\Microsoft Works
2011-06-23 18:53:51 ----D---- C:\Program Files\MSBuild
2011-06-23 18:53:19 ----D---- C:\Program Files\Microsoft Visual Studio
2011-06-23 18:53:19 ----D---- C:\Program Files\Common Files\DESIGNER
2011-06-23 18:52:18 ----D---- C:\Program Files\Microsoft.NET
2011-06-23 18:50:22 ----D---- C:\Program Files\Microsoft Visual Studio 8
2011-06-23 18:49:17 ----D---- C:\WINDOWS\SHELLNEW
2011-06-23 18:48:48 ----D---- C:\Program Files\Microsoft Office
2011-06-23 18:48:47 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help
2011-06-23 18:48:19 ----RHD---- C:\MSOCache
2011-06-23 01:01:01 ----D---- C:\Program Files\NAPI-PROJEKT
2011-06-22 23:46:57 ----A---- C:\WINDOWS\system32\ptpusb.dll
2011-06-22 23:46:55 ----A---- C:\WINDOWS\system32\ptpusd.dll
2011-06-22 18:28:26 ----D---- C:\Program Files\NX Client for Windows
2011-06-22 16:46:02 ----D---- C:\Documents and Settings\Kuba\Dane aplikacji\FileZilla
2011-06-22 16:45:44 ----D---- C:\Program Files\FileZilla FTP Client
2011-06-22 16:33:40 ----A---- C:\WINDOWS\libem.INI
2011-06-22 16:32:05 ----D---- C:\Documents and Settings\Kuba\Dane aplikacji\BITS
2011-06-22 16:32:04 ----D---- C:\Documents and Settings\Kuba\Dane aplikacji\FlashGet
2011-06-22 16:31:56 ----D---- C:\Documents and Settings\Kuba\Dane aplikacji\FlashGetBHO
2011-06-22 16:31:53 ----D---- C:\Program Files\FlashGet Network
2011-06-21 20:41:08 ----D---- C:\Documents and Settings\Kuba\Dane aplikacji\Kadu
2011-06-21 20:40:20 ----D---- C:\Program Files\Kadu
2011-06-21 00:32:32 ----D---- C:\Documents and Settings\Kuba\Dane aplikacji\Tlen.pl
2011-06-21 00:32:32 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Tlen.pl
2011-06-21 00:31:13 ----D---- C:\Program Files\Tlen.pl
2011-06-20 14:53:27 ----D---- C:\Program Files\OldOpera
2011-06-20 14:40:54 ----D---- C:\Program Files\SimAQUARIUM2
2011-06-20 14:37:12 ----D---- C:\Program Files\OldOpera 9
2011-06-20 14:31:29 ----A---- C:\sound32.dll
2011-06-20 08:39:15 ----D---- C:\Documents and Settings\Kuba\Dane aplikacji\BESTplayer
2011-06-20 08:38:54 ----A---- C:\WINDOWS\system32\unrar.dll
2011-06-20 08:38:54 ----A---- C:\WINDOWS\avisplitter.ini
2011-06-20 08:38:48 ----A---- C:\WINDOWS\system32\yv12vfw.dll
2011-06-20 08:38:48 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2011-06-20 08:38:48 ----A---- C:\WINDOWS\system32\xvidcore.dll
2011-06-20 08:38:47 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest
2011-06-20 08:38:47 ----A---- C:\WINDOWS\system32\ff_vfw.dll
2011-06-20 08:38:44 ----D---- C:\Program Files\K-Lite Codec Pack
2011-06-20 07:59:02 ----D---- C:\Program Files\ReflexiveArcade
2011-06-20 07:42:08 ----D---- C:\Program Files\Formosoft
2011-06-20 07:39:25 ----D---- C:\Program Files\DAEMON Tools Toolbar
2011-06-20 07:38:19 ----D---- C:\Program Files\DAEMON Tools Lite
2011-06-20 07:35:44 ----A---- C:\WINDOWS\system32\drivers\sptd.sys
2011-06-20 07:35:39 ----D---- C:\Documents and Settings\Kuba\Dane aplikacji\DAEMON Tools
2011-06-20 00:22:33 ----D---- C:\Documents and Settings\Kuba\Dane aplikacji\Opera
2011-06-20 00:22:16 ----D---- C:\Program Files\Opera
2011-06-19 16:16:36 ----D---- C:\Documents and Settings\Kuba\Dane aplikacji\Gadu-Gadu 10
2011-06-19 16:16:25 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
2011-06-19 16:14:54 ----D---- C:\WINDOWS\SxsCaPendDel
2011-06-19 07:08:27 ----D---- C:\Program Files\ARAX Disk Doctor Data Recovery
2011-06-19 06:22:47 ----D---- C:\Program Files\Ontrack
2011-06-19 05:52:50 ----D---- C:\Documents and Settings\Kuba\Dane aplikacji\uTorrent
2011-06-18 22:50:11 ----D---- C:\Program Files\Convar
2011-06-18 22:35:00 ----A---- C:\WINDOWS\system32\vusetup.dll
2011-06-18 22:35:00 ----A---- C:\WINDOWS\system32\drivers\vulfntr.sys
2011-06-18 22:35:00 ----A---- C:\WINDOWS\system32\drivers\vulfnth.sys
2011-06-18 22:34:49 ----A---- C:\WINDOWS\IsUn0415.exe
2011-06-18 22:24:14 ----A---- C:\WINDOWS\system32\lxeavs.dll
2011-06-18 22:24:07 ----A---- C:\WINDOWS\system32\lxeacoin.dll
2011-06-18 22:23:59 ----A---- C:\WINDOWS\system32\lxk_gf.dll
2011-06-18 22:23:58 ----A---- C:\WINDOWS\system32\lxeagcfg.dll
2011-06-18 22:23:57 ----A---- C:\WINDOWS\system32\lxeacuir.dll
2011-06-18 22:23:57 ----A---- C:\WINDOWS\system32\lxeacui.dll
2011-06-18 22:23:47 ----A---- C:\WINDOWS\system32\wiafbdrv.dll
2011-06-18 22:23:45 ----A---- C:\WINDOWS\system32\drivers\usbscan.sys
2011-06-18 22:22:51 ----D---- C:\Program Files\Abbyy FineReader 6.0 Sprint
2011-06-18 22:22:31 ----A---- C:\WINDOWS\system32\LXEAwupd.exe
2011-06-18 22:22:31 ----A---- C:\WINDOWS\system32\LXEAwupd.dll
2011-06-18 22:21:56 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2011-06-18 22:21:56 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011-06-18 22:21:54 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2011-06-18 22:21:53 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2011-06-18 22:21:53 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2011-06-18 22:21:51 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2011-06-18 22:21:51 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2011-06-18 22:21:50 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2011-06-18 22:21:49 ----D---- C:\Program Files\Lexmark
2011-06-18 22:21:31 ----D---- C:\Program Files\Lexmark Toolbar
2011-06-18 22:21:30 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-06-18 22:21:14 ----D---- C:\Program Files\AVAST Software
2011-06-18 22:21:14 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software
2011-06-18 22:21:12 ----AH---- C:\WINDOWS\system32\lxearwrd.ini
2011-06-18 22:20:55 ----A---- C:\WINDOWS\system32\lxeausb1.dll
2011-06-18 22:20:55 ----A---- C:\WINDOWS\system32\LXEAinst.dll
2011-06-18 22:20:55 ----A---- C:\WINDOWS\system32\lxeainpa.dll
2011-06-18 22:20:55 ----A---- C:\WINDOWS\system32\lxeaiesc.dll
2011-06-18 22:20:55 ----A---- C:\WINDOWS\system32\LXEAhcp.dll
2011-06-18 22:20:54 ----A---- C:\WINDOWS\system32\lxeaserv.dll
2011-06-18 22:20:54 ----A---- C:\WINDOWS\system32\lxeapmui.dll
2011-06-18 22:20:54 ----A---- C:\WINDOWS\system32\lxealmpm.dll
2011-06-18 22:20:53 ----A---- C:\WINDOWS\system32\lxeajswr.dll
2011-06-18 22:20:53 ----A---- C:\WINDOWS\system32\lxeainsr.dll
2011-06-18 22:20:53 ----A---- C:\WINDOWS\system32\lxeainsb.dll
2011-06-18 22:20:53 ----A---- C:\WINDOWS\system32\lxeains.dll
2011-06-18 22:20:53 ----A---- C:\WINDOWS\system32\lxeaih.exe
2011-06-18 22:20:53 ----A---- C:\WINDOWS\system32\lxeahbn3.dll
2011-06-18 22:20:53 ----A---- C:\WINDOWS\system32\lxeagrd.dll
2011-06-18 22:20:52 ----A---- C:\WINDOWS\system32\lxeacur.dll
2011-06-18 22:20:52 ----A---- C:\WINDOWS\system32\lxeacub.dll
2011-06-18 22:20:52 ----A---- C:\WINDOWS\system32\lxeacu.dll
2011-06-18 22:20:52 ----A---- C:\WINDOWS\system32\lxeacoms.exe
2011-06-18 22:20:52 ----A---- C:\WINDOWS\system32\lxeacomm.dll
2011-06-18 22:20:52 ----A---- C:\WINDOWS\system32\lxeacomc.dll
2011-06-18 22:20:52 ----A---- C:\WINDOWS\system32\lxeacfg.exe
2011-06-18 22:20:51 ----A---- C:\WINDOWS\system32\LXEAcfg.dll
2011-06-18 22:20:17 ----D---- C:\Program Files\Lexmark S300-S400 Series
2011-06-18 22:20:17 ----A---- C:\WINDOWS\system32\LXEAsmr.dll
2011-06-18 22:20:16 ----A---- C:\WINDOWS\system32\LXEAsm.dll
2011-06-18 22:15:21 ----A---- C:\WINDOWS\system32\EBLib.DLL
2011-06-18 22:15:21 ----A---- C:\WINDOWS\system32\drivers\TPwSav.sys
2011-06-18 22:15:20 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\XP
2011-06-18 22:15:20 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Vista64
2011-06-18 22:14:41 ----D---- C:\Temp
2011-06-18 22:14:34 ----D---- C:\WINDOWS\system32\SDA
2011-06-18 22:14:06 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-06-18 22:14:06 ----A---- C:\WINDOWS\system32\drivers\tifm21.sys
2011-06-18 22:14:00 ----D---- C:\WINDOWS\tiinst
2011-06-18 22:13:32 ----D---- C:\Program Files\TOSHIBA
2011-06-18 22:13:32 ----A---- C:\WINDOWS\system32\TDispVol.exe
2011-06-18 22:13:32 ----A---- C:\WINDOWS\system32\TDispVol.dll
2011-06-18 22:13:32 ----A---- C:\WINDOWS\system32\TCtrlCommon.dll
2011-06-18 22:09:00 ----D---- C:\Program Files\Synaptics
2011-06-18 22:09:00 ----A---- C:\WINDOWS\system32\SynTPCo4.dll
2011-06-18 22:09:00 ----A---- C:\WINDOWS\system32\SynTPAPI.dll
2011-06-18 22:09:00 ----A---- C:\WINDOWS\system32\SynCtrl.dll
2011-06-18 22:09:00 ----A---- C:\WINDOWS\system32\SynCOM.dll
2011-06-18 22:09:00 ----A---- C:\WINDOWS\system32\drivers\SynTP.sys
2011-06-18 22:07:00 ----D---- C:\WINDOWS\system32\Lang
2011-06-18 22:05:44 ----A---- C:\WINDOWS\system32\drivers\splitter.sys
2011-06-18 22:05:42 ----A---- C:\WINDOWS\system32\drivers\wdmaud.sys
2011-06-18 22:05:38 ----A---- C:\WINDOWS\system32\ChCfg.exe
2011-06-18 22:05:37 ----A---- C:\WINDOWS\system32\drivers\DMusic.sys
2011-06-18 22:05:35 ----A---- C:\WINDOWS\system32\drivers\swmidi.sys
2011-06-18 22:05:33 ----A---- C:\WINDOWS\system32\drivers\aec.sys
2011-06-18 22:05:32 ----A---- C:\WINDOWS\system32\drivers\kmixer.sys
2011-06-18 22:05:30 ----A---- C:\WINDOWS\system32\drivers\drmkaud.sys
2011-06-18 22:05:29 ----A---- C:\WINDOWS\system32\drivers\sysaudio.sys
2011-06-18 22:05:26 ----A---- C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011-06-18 22:05:25 ----A---- C:\WINDOWS\system32\drivers\MSPQM.sys
2011-06-18 22:05:22 ----A---- C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011-06-18 22:05:14 ----D---- C:\WINDOWS\system32\RTCOM
2011-06-18 22:05:12 ----A---- C:\WINDOWS\system32\ksuser.dll
2011-06-18 22:05:12 ----A---- C:\WINDOWS\system32\drivers\portcls.sys
2011-06-18 22:05:12 ----A---- C:\WINDOWS\system32\drivers\drmk.sys
2011-06-18 22:04:59 ----A---- C:\WINDOWS\system32\drivers\RtkHDAud.sys
2011-06-18 22:04:59 ----A---- C:\WINDOWS\SoundMan.exe
2011-06-18 22:04:59 ----A---- C:\WINDOWS\SkyTel.exe
2011-06-18 22:04:59 ----A---- C:\WINDOWS\RtlUpd.exe
2011-06-18 22:04:59 ----A---- C:\WINDOWS\RTLCPL.exe
2011-06-18 22:04:56 ----A---- C:\WINDOWS\RTHDCPL.exe
2011-06-18 22:04:56 ----A---- C:\WINDOWS\MicCal.exe
2011-06-18 22:04:55 ----A---- C:\WINDOWS\alcwzrd.exe
2011-06-18 22:04:55 ----A---- C:\WINDOWS\Alcmtr.exe
2011-06-18 22:04:51 ----A---- C:\WINDOWS\RtlExUpd.dll
2011-06-18 22:04:51 ----A---- C:\WINDOWS\HideWin.exe
2011-06-18 22:01:47 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\nView_Profiles
2011-06-18 22:00:26 ----D---- C:\WINDOWS\nview
2011-06-18 22:00:26 ----A---- C:\WINDOWS\system32\nwiz.exe
2011-06-18 22:00:26 ----A---- C:\WINDOWS\system32\nvwimg.dll
2011-06-18 22:00:26 ----A---- C:\WINDOWS\system32\nvwdmcpl.dll
2011-06-18 22:00:26 ----A---- C:\WINDOWS\system32\nvudisp.exe
2011-06-18 22:00:26 ----A---- C:\WINDOWS\system32\nvshell.dll
2011-06-18 22:00:26 ----A---- C:\WINDOWS\system32\nview.dll
2011-06-18 22:00:26 ----A---- C:\WINDOWS\system32\nvdspsch.exe
2011-06-18 22:00:26 ----A---- C:\WINDOWS\system32\nvcplui.exe
2011-06-18 22:00:26 ----A---- C:\WINDOWS\system32\nvcolor.exe
2011-06-18 22:00:26 ----A---- C:\WINDOWS\system32\nvappbar.exe
2011-06-18 22:00:26 ----A---- C:\WINDOWS\system32\keystone.exe
2011-06-18 22:00:05 ----A---- C:\WINDOWS\system32\nvwss.dll
2011-06-18 22:00:05 ----A---- C:\WINDOWS\system32\nvwddi.dll
2011-06-18 22:00:04 ----A---- C:\WINDOWS\system32\nvvitvs.dll
2011-06-18 22:00:04 ----A---- C:\WINDOWS\system32\nvsvc32.exe
2011-06-18 22:00:03 ----A---- C:\WINDOWS\system32\nvoglnt.dll
2011-06-18 22:00:03 ----A---- C:\WINDOWS\system32\nvmobls.dll
2011-06-18 22:00:03 ----A---- C:\WINDOWS\system32\nvmctray.dll
2011-06-18 22:00:03 ----A---- C:\WINDOWS\system32\nvmccss.dll
2011-06-18 22:00:03 ----A---- C:\WINDOWS\system32\nvmccsrs.dll
2011-06-18 22:00:03 ----A---- C:\WINDOWS\system32\nvmccs.dll
2011-06-18 22:00:03 ----A---- C:\WINDOWS\system32\nvgames.dll
2011-06-18 22:00:02 ----A---- C:\WINDOWS\system32\nvdisps.dll
2011-06-18 22:00:02 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2011-06-18 22:00:02 ----A---- C:\WINDOWS\system32\nvcuda.dll
2011-06-18 22:00:01 ----A---- C:\WINDOWS\system32\nvcpl.dll
2011-06-18 22:00:01 ----A---- C:\WINDOWS\system32\nvcodins.dll
2011-06-18 22:00:01 ----A---- C:\WINDOWS\system32\nvcod.dll
2011-06-18 22:00:00 ----A---- C:\WINDOWS\system32\nvapi.dll
2011-06-18 22:00:00 ----A---- C:\WINDOWS\system32\drivers\nv4_mini.sys
2011-06-18 21:59:59 ----D---- C:\nVidia Forceware
2011-06-18 21:59:59 ----A---- C:\WINDOWS\system32\nv4_disp.dll
2011-06-18 21:55:28 ----D---- C:\Drivers
2011-06-18 21:18:37 ----D---- C:\NVIDIA
2011-06-18 20:56:48 ----D---- C:\Intel
2011-06-18 20:54:14 ----A---- C:\WINDOWS\system32\h323log.txt
2011-06-18 20:54:07 ----RSD---- C:\WINDOWS\assembly
2011-06-18 20:53:44 ----D---- C:\WINDOWS\Microsoft.NET
2011-06-18 20:48:08 ----SHD---- C:\RECYCLER
2011-06-18 20:37:57 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2011-06-18 20:37:48 ----D---- C:\Program Files\Common Files\InstallShield
2011-06-18 20:32:17 ----A---- C:\WINDOWS\system32\drivers\audstub.sys
2011-06-18 20:31:44 ----A---- C:\WINDOWS\system32\drivers\redbook.sys
2011-06-18 20:31:19 ----A---- C:\WINDOWS\system32\drivers\compbatt.sys
2011-06-18 20:31:18 ----A---- C:\WINDOWS\system32\drivers\CmBatt.sys
2011-06-18 20:31:18 ----A---- C:\WINDOWS\system32\drivers\battc.sys
2011-06-18 20:30:56 ----A---- C:\WINDOWS\system32\drivers\enum1394.sys
2011-06-18 20:30:33 ----A---- C:\WINDOWS\system32\usbui.dll
2011-06-18 20:29:05 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-06-18 20:29:04 ----SHD---- C:\WINDOWS\Installer
2011-06-18 20:29:03 ----D---- C:\Program Files\Common Files\ODBC
2011-06-18 20:29:03 ----A---- C:\WINDOWS\ODBCINST.INI
2011-06-18 20:28:59 ----D---- C:\Program Files\Common Files\SpeechEngines
2011-06-18 20:28:56 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-06-18 20:28:55 ----RD---- C:\Program Files
2011-06-18 20:28:55 ----D---- C:\Program Files\Common Files
2011-06-18 20:28:51 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2011-06-18 20:28:51 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2011-06-18 20:28:51 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2011-06-18 20:28:49 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2011-06-18 20:28:49 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2011-06-18 20:28:49 ----RA---- C:\WINDOWS\system32\kbdur.dll
2011-06-18 20:28:49 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2011-06-18 20:28:49 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2011-06-18 20:28:49 ----RA---- C:\WINDOWS\system32\kbdru.dll
2011-06-18 20:28:49 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2011-06-18 20:28:49 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2011-06-18 20:28:49 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2011-06-18 20:28:49 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2011-06-18 20:28:49 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2011-06-18 20:28:49 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2011-06-18 20:28:47 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2011-06-18 20:28:47 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2011-06-18 20:28:47 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2011-06-18 20:28:47 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2011-06-18 20:28:47 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2011-06-18 20:28:47 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2011-06-18 20:28:47 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2011-06-18 20:28:46 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2011-06-18 20:28:46 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2011-06-18 20:28:46 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2011-06-18 20:28:46 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2011-06-18 20:28:46 ----RA---- C:\WINDOWS\system32\kbdest.dll
2011-06-18 20:28:42 ----A---- C:\WINDOWS\system32\kbdycl.dll
2011-06-18 20:28:42 ----A---- C:\WINDOWS\system32\kbdsl1.dll
2011-06-18 20:28:42 ----A---- C:\WINDOWS\system32\kbdsl.dll
2011-06-18 20:28:42 ----A---- C:\WINDOWS\system32\kbdro.dll
2011-06-18 20:28:42 ----A---- C:\WINDOWS\system32\kbdhu1.dll
2011-06-18 20:28:42 ----A---- C:\WINDOWS\system32\kbdhu.dll
2011-06-18 20:28:42 ----A---- C:\WINDOWS\system32\kbdcz2.dll
2011-06-18 20:28:42 ----A---- C:\WINDOWS\system32\kbdcz1.dll
2011-06-18 20:28:42 ----A---- C:\WINDOWS\system32\kbdcz.dll
2011-06-18 20:28:42 ----A---- C:\WINDOWS\system32\kbdcr.dll
2011-06-18 20:28:42 ----A---- C:\WINDOWS\system32\KBDAL.DLL
2011-06-18 20:28:41 ----A---- C:\WINDOWS\system32\irclass.dll
2011-06-18 20:28:41 ----A---- C:\WINDOWS\system32\dgsetup.dll
2011-06-18 20:28:41 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2011-06-18 20:28:40 ----A---- C:\WINDOWS\system32\spxcoins.dll
2011-06-18 20:28:40 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2011-06-18 20:28:38 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2011-06-18 20:28:38 ----A---- C:\WINDOWS\TASKMAN.EXE
2011-06-18 20:28:38 ----A---- C:\WINDOWS\system32\drivers\irenum.sys
2011-06-18 20:28:37 ----A---- C:\WINDOWS\system32\batt.dll
2011-06-18 20:28:37 ----A---- C:\WINDOWS\NOTEPAD.EXE
2011-06-18 20:28:33 ----A---- C:\WINDOWS\system32\storprop.dll
2011-06-18 20:28:22 ----ASH---- C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini
2011-06-18 20:28:17 ----RA---- C:\WINDOWS\SET8.tmp
2011-06-18 20:28:13 ----RA---- C:\WINDOWS\SET4.tmp
2011-06-18 20:28:11 ----RA---- C:\WINDOWS\SET3.tmp
2011-06-18 20:28:03 ----D---- C:\WINDOWS\system32\CatRoot2
2011-06-18 20:28:03 ----D---- C:\WINDOWS\system32\CatRoot
2011-06-18 20:27:57 ----SD---- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft
2011-06-18 20:27:34 ----A---- C:\WINDOWS\setuplog.txt
2011-06-18 20:27:31 ----D---- C:\Documents and Settings
2011-06-18 20:27:30 ----SHD---- C:\System Volume Information
2011-06-18 20:26:27 ----SH---- C:\boot.ini
2011-06-18 20:20:51 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-06-18 20:20:51 ----RSD---- C:\WINDOWS\Fonts
2011-06-18 20:20:51 ----RD---- C:\WINDOWS\Web
2011-06-18 20:20:51 ----HD---- C:\WINDOWS\inf
2011-06-18 20:20:51 ----D---- C:\WINDOWS\WinSxS
2011-06-18 20:20:51 ----D---- C:\WINDOWS\twain_32
2011-06-18 20:20:51 ----D---- C:\WINDOWS\Temp
2011-06-18 20:20:51 ----D---- C:\WINDOWS\system32\wins
2011-06-18 20:20:51 ----D---- C:\WINDOWS\system32\wbem
2011-06-18 20:20:51 ----D---- C:\WINDOWS\system32\usmt
2011-06-18 20:20:51 ----D---- C:\WINDOWS\system32\spool
2011-06-18 20:20:51 ----D---- C:\WINDOWS\system32\ShellExt
2011-06-18 20:20:51 ----D---- C:\WINDOWS\system32\Setup
2011-06-18 20:20:51 ----D---- C:\WINDOWS\system32\ras
2011-06-18 20:20:51 ----D---- C:\WINDOWS\system32\pl-pl
2011-06-18 20:20:51 ----D---- C:\WINDOWS\system32\pl
2011-06-18 20:20:51 ----D---- C:\WINDOWS\system32\oobe
2011-06-18 20:20:51 ----D---- C:\WINDOWS\system32\npp
2011-06-18 20:20:51 ----D---- C:\WINDOWS\system32\mui
2011-06-18 20:20:51 ----D---- C:\WINDOWS\system32\inetsrv
2011-06-18 20:20:51 ----D---- C:\WINDOWS\system32\IME
2011-06-18 20:20:51 ----D---- C:\WINDOWS\system32\icsxml
2011-06-18 20:20:51 ----D---- C:\WINDOWS\system32\ias
2011-06-18 20:20:51 ----D---- C:\WINDOWS\system32\export
2011-06-18 20:20:51 ----D---- C:\WINDOWS\system32\drivers\etc
2011-06-18 20:20:51 ----D---- C:\WINDOWS\system32\drivers\disdn
2011-06-18 20:20:51 ----D---- C:\WINDOWS\system32\drivers
2011-06-18 20:20:51 ----D---- C:\WINDOWS\system32\dhcp
2011-06-18 20:20:51 ----D---- C:\WINDOWS\system32\config
2011-06-18 20:20:51 ----D---- C:\WINDOWS\system32\3com_dmi
2011-06-18 20:20:51 ----D---- C:\WINDOWS\system32\3076
2011-06-18 20:20:51 ----D---- C:\WINDOWS\system32\2052
2011-06-18 20:20:51 ----D---- C:\WINDOWS\system32\1054
2011-06-18 20:20:51 ----D---- C:\WINDOWS\system32\1045
2011-06-18 20:20:51 ----D---- C:\WINDOWS\system32\1042
2011-06-18 20:20:51 ----D---- C:\WINDOWS\system32\1041
2011-06-18 20:20:51 ----D---- C:\WINDOWS\system32\1037
2011-06-18 20:20:51 ----D---- C:\WINDOWS\system32\1033
2011-06-18 20:20:51 ----D---- C:\WINDOWS\system32\1031
2011-06-18 20:20:51 ----D---- C:\WINDOWS\system32\1028
2011-06-18 20:20:51 ----D---- C:\WINDOWS\system32\1025
2011-06-18 20:20:51 ----D---- C:\WINDOWS\system32
2011-06-18 20:20:51 ----D---- C:\WINDOWS\system
2011-06-18 20:20:51 ----D---- C:\WINDOWS\security
2011-06-18 20:20:51 ----D---- C:\WINDOWS\Resources
2011-06-18 20:20:51 ----D---- C:\WINDOWS\repair
2011-06-18 20:20:51 ----D---- C:\WINDOWS\Provisioning
2011-06-18 20:20:51 ----D---- C:\WINDOWS\PeerNet
2011-06-18 20:20:51 ----D---- C:\WINDOWS\pchealth
2011-06-18 20:20:51 ----D---- C:\WINDOWS\Network Diagnostic
2011-06-18 20:20:51 ----D---- C:\WINDOWS\mui
2011-06-18 20:20:51 ----D---- C:\WINDOWS\msapps
2011-06-18 20:20:51 ----D---- C:\WINDOWS\msagent
2011-06-18 20:20:51 ----D---- C:\WINDOWS\Media
2011-06-18 20:20:51 ----D---- C:\WINDOWS\L2Schemas
2011-06-18 20:20:51 ----D---- C:\WINDOWS\java
2011-06-18 20:20:51 ----D---- C:\WINDOWS\ime
2011-06-18 20:20:51 ----D---- C:\WINDOWS\Help
2011-06-18 20:20:51 ----D---- C:\WINDOWS\ehome
2011-06-18 20:20:51 ----D---- C:\WINDOWS\Driver Cache
2011-06-18 20:20:51 ----D---- C:\WINDOWS\Debug
2011-06-18 20:20:51 ----D---- C:\WINDOWS\Cursors
2011-06-18 20:20:51 ----D---- C:\WINDOWS\Connection Wizard
2011-06-18 20:20:51 ----D---- C:\WINDOWS\Config
2011-06-18 20:20:51 ----D---- C:\WINDOWS\AppPatch
2011-06-18 20:20:51 ----D---- C:\WINDOWS\addins
2011-06-18 20:20:51 ----D---- C:\WINDOWS
2011-06-18 20:20:50 ----ASH---- C:\pagefile.sys
2011-06-18 19:30:55 ----D---- C:\WINDOWS\system32\ReinstallBackups
2011-06-18 19:30:53 ----D---- C:\Program Files\Intel
2011-06-18 19:27:50 ----D---- C:\Documents and Settings\Kuba\Dane aplikacji\WinRAR
2011-06-18 19:27:47 ----D---- C:\Program Files\WinRAR
2011-06-18 19:25:38 ----D---- C:\Documents and Settings\Kuba\Dane aplikacji\Macromedia
2011-06-18 19:25:38 ----D---- C:\Documents and Settings\Kuba\Dane aplikacji\Adobe
2011-06-18 19:23:30 ----A---- C:\WINDOWS\RTacDbg.txt
2011-06-18 19:22:00 ----A---- C:\WINDOWS\system32\drivers\AegisP.sys
2011-06-18 19:21:56 ----A---- C:\WINDOWS\system32\AegisI5Installer.exe
2011-06-18 19:21:16 ----RA---- C:\WINDOWS\system32\drivers\RTL8192su.sys
2011-06-18 19:21:16 ----D---- C:\WINDOWS\OPTIONS
2011-06-18 19:21:06 ----D---- C:\WINDOWS\system32\RtlGina
2011-06-18 19:21:05 ----D---- C:\Program Files\REALTEK
2011-06-18 19:21:05 ----A---- C:\WINDOWS\system32\ISSRemoveSP.exe
2011-06-18 19:21:01 ----HD---- C:\Program Files\InstallShield Installation Information
2011-06-18 19:13:01 ----A---- C:\WINDOWS\system32\drivers\USBSTOR.SYS
2011-06-18 19:11:47 ----D---- C:\Documents and Settings\Kuba\Dane aplikacji\Identities
2011-06-18 19:11:45 ----HD---- C:\Program Files\Uninstall Information
2011-06-18 19:11:37 ----ASH---- C:\Documents and Settings\Kuba\Dane aplikacji\desktop.ini
2011-06-18 19:11:36 ----SD---- C:\Documents and Settings\Kuba\Dane aplikacji\Microsoft
2011-06-18 19:10:52 ----D---- C:\WINDOWS\SoftwareDistribution
2011-06-18 19:10:50 ----D---- C:\WINDOWS\Prefetch
2011-06-18 19:10:49 ----SD---- C:\WINDOWS\system32\Microsoft
2011-06-18 19:10:49 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-06-18 19:01:00 ----D---- C:\WINDOWS\system32\xircom
2011-06-18 19:01:00 ----D---- C:\Program Files\xerox
2011-06-18 19:01:00 ----D---- C:\Program Files\microsoft frontpage
2011-06-18 19:00:40 ----RASH---- C:\MSDOS.SYS
2011-06-18 19:00:40 ----RASH---- C:\IO.SYS
2011-06-18 19:00:40 ----A---- C:\WINDOWS\control.ini
2011-06-18 19:00:40 ----A---- C:\CONFIG.SYS
2011-06-18 19:00:40 ----A---- C:\AUTOEXEC.BAT
2011-06-18 19:00:29 ----A---- C:\WINDOWS\OEWABLog.txt
2011-06-18 19:00:25 ----A---- C:\WINDOWS\system32\mapi32.dll
2011-06-18 18:59:33 ----SD---- C:\WINDOWS\Downloaded Program Files
2011-06-18 18:59:33 ----RD---- C:\WINDOWS\Offline Web Pages
2011-06-18 18:59:33 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2011-06-18 18:59:28 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2011-06-18 18:59:23 ----HD---- C:\Program Files\WindowsUpdate
2011-06-18 18:59:18 ----D---- C:\Program Files\Usługi online
2011-06-18 18:59:01 ----D---- C:\WINDOWS\system32\DirectX
2011-06-18 18:58:54 ----A---- C:\WINDOWS\system32\atrace.dll
2011-06-18 18:58:51 ----A---- C:\WINDOWS\system32\desktop.ini
2011-06-18 18:58:51 ----A---- C:\WINDOWS\desktop.ini
2011-06-18 18:58:44 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2011-06-18 18:58:43 ----A---- C:\WINDOWS\system32\acctres.dll
2011-06-18 18:58:42 ----D---- C:\Program Files\Common Files\Services
2011-06-18 18:58:40 ----SD---- C:\WINDOWS\Tasks
2011-06-18 18:58:40 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2011-06-18 18:58:39 ----D---- C:\Program Files\Common Files\MSSoap
2011-06-18 18:58:34 ----D---- C:\WINDOWS\srchasst
2011-06-18 18:58:33 ----D---- C:\WINDOWS\system32\Macromed
2011-06-18 18:58:30 ----A---- C:\WINDOWS\system32\wuweb.dll
2011-06-18 18:58:30 ----A---- C:\WINDOWS\system32\wups.dll
2011-06-18 18:58:30 ----A---- C:\WINDOWS\system32\wucltui.dll
2011-06-18 18:58:30 ----A---- C:\WINDOWS\system32\wuauserv.dll
2011-06-18 18:58:30 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2011-06-18 18:58:30 ----A---- C:\WINDOWS\system32\wuaueng.dll
2011-06-18 18:58:30 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2011-06-18 18:58:29 ----A---- C:\WINDOWS\system32\wuauclt.exe
2011-06-18 18:58:29 ----A---- C:\WINDOWS\system32\wuapi.dll
2011-06-18 18:58:29 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2011-06-18 18:58:29 ----A---- C:\WINDOWS\system32\qmgr.dll
2011-06-18 18:58:29 ----A---- C:\WINDOWS\system32\bitsprx4.dll
2011-06-18 18:58:29 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2011-06-18 18:58:29 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2011-06-18 18:58:24 ----D---- C:\Program Files\Movie Maker
2011-06-18 18:58:07 ----A---- C:\WINDOWS\system32\safrslv.dll
2011-06-18 18:58:07 ----A---- C:\WINDOWS\system32\safrdm.dll
2011-06-18 18:58:07 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2011-06-18 18:58:07 ----A---- C:\WINDOWS\system32\racpldlg.dll
2011-06-18 18:58:03 ----A---- C:\WINDOWS\system32\fltMc.exe
2011-06-18 18:58:03 ----A---- C:\WINDOWS\system32\fltlib.dll
2011-06-18 18:58:03 ----A---- C:\WINDOWS\system32\drivers\fltMgr.sys
2011-06-18 18:58:02 ----D---- C:\WINDOWS\system32\Restore
2011-06-18 18:58:02 ----A---- C:\WINDOWS\system32\srsvc.dll
2011-06-18 18:58:02 ----A---- C:\WINDOWS\system32\srrstr.dll
2011-06-18 18:58:02 ----A---- C:\WINDOWS\system32\srclient.dll
2011-06-18 18:58:02 ----A---- C:\WINDOWS\system32\drivers\sr.sys
2011-06-18 18:58:01 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2011-06-18 18:58:01 ----A---- C:\WINDOWS\system32\msconf.dll
2011-06-18 18:58:01 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2011-06-18 18:58:01 ----A---- C:\WINDOWS\system32\mnmdd.dll
2011-06-18 18:58:01 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2011-06-18 18:58:01 ----A---- C:\WINDOWS\system32\ils.dll
2011-06-18 18:57:58 ----D---- C:\Program Files\NetMeeting
2011-06-18 18:57:58 ----A---- C:\WINDOWS\system32\msoert2.dll
2011-06-18 18:57:58 ----A---- C:\WINDOWS\system32\msoeacct.dll
2011-06-18 18:57:57 ----A---- C:\WINDOWS\system32\inetres.dll
2011-06-18 18:57:56 ----A---- C:\WINDOWS\system32\inetcomm.dll
2011-06-18 18:57:54 ----D---- C:\Program Files\Outlook Express
2011-06-18 18:57:54 ----A---- C:\WINDOWS\system32\schedsvc.dll
2011-06-18 18:57:54 ----A---- C:\WINDOWS\system32\mstinit.exe
2011-06-18 18:57:54 ----A---- C:\WINDOWS\system32\mstask.dll
2011-06-18 18:57:53 ----A---- C:\WINDOWS\system32\isign32.dll
2011-06-18 18:57:53 ----A---- C:\WINDOWS\system32\inetcfg.dll
2011-06-18 18:57:53 ----A---- C:\WINDOWS\system32\icwphbk.dll
2011-06-18 18:57:53 ----A---- C:\WINDOWS\system32\icwdial.dll
2011-06-18 18:57:48 ----D---- C:\Program Files\Common Files\System
2011-06-18 18:57:42 ----D---- C:\Program Files\Internet Explorer
2011-06-18 18:56:56 ----D---- C:\Program Files\ComPlus Applications
2011-06-18 18:56:53 ----A---- C:\WINDOWS\vbaddin.ini
2011-06-18 18:56:53 ----A---- C:\WINDOWS\vb.ini
2011-06-18 18:56:47 ----D---- C:\WINDOWS\Registration
2011-06-18 18:56:36 ----D---- C:\Program Files\Windows Media Player
2011-06-18 18:56:28 ----D---- C:\Program Files\Messenger
2011-06-18 18:56:24 ----D---- C:\Program Files\MSN Gaming Zone
2011-06-18 18:56:24 ----A---- C:\WINDOWS\system32\write.exe
2011-06-18 18:56:16 ----A---- C:\WINDOWS\system32\sndvol32.exe
2011-06-18 18:56:16 ----A---- C:\WINDOWS\system32\hticons.dll
2011-06-18 18:56:16 ----A---- C:\WINDOWS\system32\avwav.dll
2011-06-18 18:56:16 ----A---- C:\WINDOWS\system32\avtapi.dll
2011-06-18 18:56:16 ----A---- C:\WINDOWS\system32\avmeter.dll
2011-06-18 18:56:15 ----A---- C:\WINDOWS\system32\winchat.exe
2011-06-18 18:56:09 ----A---- C:\WINDOWS\system32\getuname.dll
2011-06-18 18:56:09 ----A---- C:\WINDOWS\system32\charmap.exe
2011-06-18 18:56:09 ----A---- C:\WINDOWS\system32\calc.exe
2011-06-18 18:56:08 ----A---- C:\WINDOWS\system32\winmine.exe
2011-06-18 18:56:08 ----A---- C:\WINDOWS\system32\sol.exe
2011-06-18 18:56:08 ----A---- C:\WINDOWS\system32\reset.exe
2011-06-18 18:56:08 ----A---- C:\WINDOWS\system32\mshearts.exe
2011-06-18 18:56:08 ----A---- C:\WINDOWS\system32\freecell.exe
2011-06-18 18:56:07 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2011-06-18 18:56:07 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2011-06-18 18:56:07 ----A---- C:\WINDOWS\system32\tslabels.ini
2011-06-18 18:56:07 ----A---- C:\WINDOWS\system32\tskill.exe
2011-06-18 18:56:07 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2011-06-18 18:56:07 ----A---- C:\WINDOWS\system32\tscon.exe
2011-06-18 18:56:07 ----A---- C:\WINDOWS\system32\shadow.exe
2011-06-18 18:56:07 ----A---- C:\WINDOWS\system32\rwinsta.exe
2011-06-18 18:56:07 ----A---- C:\WINDOWS\system32\regini.exe
2011-06-18 18:56:07 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2011-06-18 18:56:07 ----A---- C:\WINDOWS\system32\qwinsta.exe
2011-06-18 18:56:07 ----A---- C:\WINDOWS\system32\qappsrv.exe
2011-06-18 18:56:07 ----A---- C:\WINDOWS\system32\msg.exe
2011-06-18 18:56:07 ----A---- C:\WINDOWS\system32\logoff.exe
2011-06-18 18:56:06 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2011-06-18 18:56:06 ----A---- C:\WINDOWS\system32\cdmodem.dll
2011-06-18 18:56:01 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2011-06-18 18:56:00 ----A---- C:\WINDOWS\system32\accwiz.exe
2011-06-18 18:55:59 ----A---- C:\WINDOWS\system32\sndrec32.exe
2011-06-18 18:55:59 ----A---- C:\WINDOWS\system32\mplay32.exe
2011-06-18 18:55:59 ----A---- C:\WINDOWS\system32\hypertrm.dll
2011-06-18 18:55:58 ----D---- C:\Program Files\Windows NT
2011-06-18 18:55:58 ----A---- C:\WINDOWS\system32\mspaint.exe
2011-06-18 18:55:58 ----A---- C:\WINDOWS\system32\clipbrd.exe
2011-06-18 18:55:57 ----A---- C:\WINDOWS\system32\spider.exe
2011-06-18 18:55:57 ----A---- C:\WINDOWS\system32\drivers\tdtcp.sys
2011-06-18 18:55:57 ----A---- C:\WINDOWS\system32\drivers\tdpipe.sys
2011-06-18 18:55:57 ----A---- C:\WINDOWS\system32\drivers\rdpwd.sys
2011-06-18 18:55:56 ----A---- C:\WINDOWS\system32\tsgqec.dll
2011-06-18 18:55:56 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2011-06-18 18:55:56 ----A---- C:\WINDOWS\system32\rhttpaa.dll
2011-06-18 18:55:56 ----A---- C:\WINDOWS\system32\aaclient.dll
2011-06-18 18:55:55 ----A---- C:\WINDOWS\system32\remotepg.dll
2011-06-18 18:55:55 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2011-06-18 18:55:55 ----A---- C:\WINDOWS\system32\mstscax.dll
2011-06-18 18:55:55 ----A---- C:\WINDOWS\system32\mstsc.exe
2011-06-18 18:55:54 ----A---- C:\WINDOWS\system32\termsrv.dll
2011-06-18 18:55:54 ----A---- C:\WINDOWS\system32\sessmgr.exe
2011-06-18 18:55:54 ----A---- C:\WINDOWS\system32\rdshost.exe
2011-06-18 18:55:54 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2011-06-18 18:55:54 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2011-06-18 18:55:54 ----A---- C:\WINDOWS\system32\rdpclip.exe
2011-06-18 18:55:54 ----A---- C:\WINDOWS\system32\rdchost.dll
2011-06-18 18:55:54 ----A---- C:\WINDOWS\system32\qprocess.exe
2011-06-18 18:55:53 ----D---- C:\WINDOWS\system32\MsDtc
2011-06-18 18:55:53 ----A---- C:\WINDOWS\system32\mtxoci.dll
2011-06-18 18:55:53 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2011-06-18 18:55:53 ----A---- C:\WINDOWS\system32\msdtctm.dll
2011-06-18 18:55:53 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2011-06-18 18:55:53 ----A---- C:\WINDOWS\system32\icaapi.dll
2011-06-18 18:55:53 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2011-06-18 18:55:52 ----A---- C:\WINDOWS\system32\xolehlp.dll
2011-06-18 18:55:52 ----A---- C:\WINDOWS\system32\msdtclog.dll
2011-06-18 18:55:52 ----A---- C:\WINDOWS\system32\msdtc.exe
2011-06-18 18:55:51 ----D---- C:\WINDOWS\system32\Com
2011-06-18 18:55:51 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2011-06-18 18:55:51 ----A---- C:\WINDOWS\system32\mtxex.dll
2011-06-18 18:55:51 ----A---- C:\WINDOWS\system32\mtxdm.dll
2011-06-18 18:55:51 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2011-06-18 18:55:51 ----A---- C:\WINDOWS\system32\comrepl.dll
2011-06-18 18:55:51 ----A---- C:\WINDOWS\system32\comaddin.dll
2011-06-18 18:55:51 ----A---- C:\WINDOWS\system32\colbact.dll
2011-06-18 18:55:50 ----A---- C:\WINDOWS\system32\stclient.dll
2011-06-18 18:55:50 ----A---- C:\WINDOWS\system32\clbcatex.dll
2011-06-18 18:55:50 ----A---- C:\WINDOWS\system32\catsrvut.dll
2011-06-18 18:55:50 ----A---- C:\WINDOWS\system32\catsrvps.dll
2011-06-18 18:55:50 ----A---- C:\WINDOWS\system32\catsrv.dll
2011-06-18 18:55:49 ----A---- C:\WINDOWS\system32\comuid.dll
2011-06-18 18:55:49 ----A---- C:\WINDOWS\system32\comsvcs.dll
2011-06-18 18:55:49 ----A---- C:\WINDOWS\system32\comsnap.dll
2011-06-18 18:55:48 ----A---- C:\WINDOWS\system32\clbcatq.dll
2011-06-18 18:55:42 ----A---- C:\WINDOWS\system32\servdeps.dll
2011-06-18 18:55:42 ----A---- C:\WINDOWS\system32\mmfutil.dll
2011-06-18 18:55:42 ----A---- C:\WINDOWS\system32\licwmi.dll
2011-06-18 18:55:42 ----A---- C:\WINDOWS\system32\cmprops.dll
2011-06-18 18:55:36 ----A---- C:\WINDOWS\system32\drivers\termdd.sys
2011-06-18 18:55:36 ----A---- C:\WINDOWS\system32\drivers\rdpdr.sys

======List of files/folders modified in the last 1 months======

2011-06-23 18:49:46 ----A---- C:\WINDOWS\win.ini
2011-06-18 20:28:53 ----A---- C:\WINDOWS\system.ini
2011-06-18 19:00:12 ----ASH---- C:\WINDOWS\fonts\desktop.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ohci1394;Kontroler hosta Texas Instruments IEEE 1394 zgodny z OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2011-06-20 717296]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-05-10 30808]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-05-10 25432]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-05-10 441176]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-05-10 307928]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-05-10 49240]
R1 intelppm;Sterownik procesora Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448]
R1 TPwSav;TPwSav; \??\C:\WINDOWS\system32\drivers\TPwSav.sys []
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.7.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2011-06-18 21361]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-05-10 19544]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-05-10 102616]
R3 Arp1394;Protokół klienta 1394 ARP; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Sterownik magistrali Microsoft UAA dla High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-08-10 4603904]
R3 NIC1394;Sterownik sieci 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-02-09 6307328]
R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\WINDOWS\system32\DRIVERS\RTL8192su.sys [2010-01-25 605856]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 sffdisk;Sterownik SFF Storage Class Driver; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-13 11904]
R3 sffp_sd;Sterownik SFF Storage Protocol Driver dla SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-13 11008]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2007-07-25 209312]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2007-07-25 290304]
R3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2011-05-10 42496]
R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 a4mapn2l;a4mapn2l; C:\WINDOWS\system32\drivers\a4mapn2l.sys []
S3 usbscan;Sterownik skanera USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 vulfnths;VIA USB Host Controller Lower Filter; C:\WINDOWS\System32\Drivers\vulfnth.sys [2005-01-05 6912]
S3 vulfntrs;VIA USB Roothub Lower Filter; C:\WINDOWS\System32\Drivers\vulfntr.sys [2005-06-06 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-05-25 37664]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-05-10 42184]
R2 Bonjour Service;Usługa Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2011-04-06 349472]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-06-24 153376]
R2 lxea_device;lxea_device; C:\WINDOWS\system32\lxeacoms.exe [2010-04-14 598696]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-02-09 163908]
R3 iPod Service;Usługa iPod; C:\Program Files\iPod\bin\iPodService.exe [2011-06-07 820520]
S2 lxeaCATSCustConnectService;lxeaCATSCustConnectService; C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxeaserv.exe [2010-04-14 193192]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------
[/log]

GMER:
[log]GMER 1.0.15.15640 - http://www.gmer.net
Rootkit scan 2011-06-27 19:58:13
Windows 5.1.2600 Dodatek Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdePort0 Hitachi_HTS541612J9SA00 rev.SBDOC7DP
Running: 2eelon1n.exe; Driver: C:\DOCUME~1\Kuba\USTAWI~1\Temp\uxldqpoc.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwAddBootEntry [0xB7068202]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwAllocateVirtualMemory [0xB70F6CB2]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwClose [0xB708C6C1]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateEvent [0xB706A81C]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateEventPair [0xB706A874]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateIoCompletion [0xB706A98A]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateKey [0xB708C075]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateMutant [0xB706A772]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateSection [0xB706A8C4]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateSemaphore [0xB706A7C6]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateTimer [0xB706A938]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDeleteBootEntry [0xB7068226]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDeleteKey [0xB708CD87]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDeleteValueKey [0xB708D03D]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDuplicateObject [0xB706AC0E]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwEnumerateKey [0xB708CBF2]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwEnumerateValueKey [0xB708CA5D]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwFreeVirtualMemory [0xB70F6D62]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwLoadDriver [0xB7067FF0]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwModifyBootEntry [0xB706824A]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwNotifyChangeKey [0xB706AD82]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwNotifyChangeMultipleKeys [0xB7068CDA]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenEvent [0xB706A84C]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenEventPair [0xB706A89C]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenIoCompletion [0xB706A9B4]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenKey [0xB708C3D1]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenMutant [0xB706A79E]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenProcess [0xB706AA46]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenSection [0xB706A904]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenSemaphore [0xB706A7F4]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenThread [0xB706AB2A]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenTimer [0xB706A962]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwProtectVirtualMemory [0xB70F6DFA]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwQueryKey [0xB708C8D8]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwQueryObject [0xB7068BA0]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwQueryValueKey [0xB708C72A]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwRenameKey [0xB70FFE48]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwRestoreKey [0xB708B6E8]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetBootEntryOrder [0xB706826E]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetBootOptions [0xB7068292]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetSystemInformation [0xB706804A]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetSystemPowerState [0xB7068186]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetValueKey [0xB708CE8E]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwShutdownSystem [0xB7068162]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSystemDebugControl [0xB70681AA]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwVdmControl [0xB70682B6]

INT 0x62 ? 89BA1BF8
INT 0x63 ? 899A9BF8
INT 0x82 ? 89BA1BF8
INT 0x83 ? 899A9BF8
INT 0x94 ? 899A9BF8
INT 0xA4 ? 899A9BF8

Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0xB710C902]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject

---- Kernel code sections - GMER 1.0.15 ----

.text ntoskrnl.exe!ZwYieldExecution + 3A6 804E4BD0 4 Bytes CALL AB05548B
PAGE ntoskrnl.exe!ObInsertObject 8056DA64 5 Bytes JMP B7109D5C \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntoskrnl.exe!ZwReplyWaitReceivePortEx + 3CC 80575B10 4 Bytes CALL B7069335 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
PAGE ntoskrnl.exe!ZwCreateProcessEx 8058B7CD 7 Bytes JMP B710C906 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntoskrnl.exe!ObMakeTemporaryObject 805E6A62 5 Bytes JMP B71082BE \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
? spxb.sys Nie można odnaleźć określonego pliku. !
.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB9BD6360, 0x35483F, 0xE8000020]
.text USBPORT.SYS!DllUnload B9B8E8AC 5 Bytes JMP 899A91D8
.text a4mapn2l.SYS B9A88386 35 Bytes [00, 00, 00, 00, 00, 00, 20, ...]
.text a4mapn2l.SYS B9A883AA 24 Bytes [00, 00, 00, 00, 00, 00, 00, ...]
.text a4mapn2l.SYS B9A883C4 3 Bytes [00, 70, 02] {ADD [EAX+0x2], DH}
.text a4mapn2l.SYS B9A883C9 1 Byte [2E]
.text a4mapn2l.SYS B9A883C9 11 Bytes [2E, 00, 00, 00, 5A, 02, 00, ...]
.text ...
.text win32k.sys!EngFreeUserMem + 674 BF809FDF 5 Bytes JMP B706BCCE \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngDeleteSurface + 45 BF8138FE 5 Bytes JMP B706BBDA \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!BRUSHOBJ_pvAllocRbrush + 320C BF81E743 5 Bytes JMP B706AE9C \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngSetLastError + 7657 BF82868B 5 Bytes JMP B706AF60 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngCreateBitmap + 698 BF838560 5 Bytes JMP B706BE38 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngCreateBitmap + BB6 BF838A7E 5 Bytes JMP B706BB4A \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngCreateBitmap + 3605 BF83B4CD 5 Bytes JMP B706C040 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngCreateBitmap + D9AB BF845873 5 Bytes JMP B706AFD0 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngMultiByteToWideChar + 2F20 BF8527E0 5 Bytes JMP B706AE84 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngMultiByteToWideChar + 84B4 BF857D74 5 Bytes JMP B706BF9E \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!XLATEOBJ_iXlate + 23AD BF873983 5 Bytes JMP B706BD80 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngStretchBlt + 37BB BF87882D 5 Bytes JMP B706BC04 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngGetCurrentCodePage + 413A BF890AD9 5 Bytes JMP B706B32A \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngGradientFill + 4B52 BF8B3770 5 Bytes JMP B706B1AC \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngGradientFill + 4BDD BF8B37FB 5 Bytes JMP B706B352 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngAlphaBlend + 9286 BF8C31E7 5 Bytes JMP B706B06A \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!PATHOBJ_bCloseFigure + 19CE BF8ED991 5 Bytes JMP B706ADB8 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!PATHOBJ_bCloseFigure + D4C6 BF8F9489 5 Bytes JMP B706B0DA \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!PATHOBJ_bCloseFigure + D746 BF8F9709 5 Bytes JMP B706B114 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngCreateClip + 1994 BF912612 5 Bytes JMP B706AF1C \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngCreateClip + 2568 BF9131E6 5 Bytes JMP B706B034 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngCreateClip + 4F29 BF915BA7 5 Bytes JMP B706B46C \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngPlgBlt + 1931 BF9438F8 5 Bytes JMP B706BEF6 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)

---- User code sections - GMER 1.0.15 ----

.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[132] ntdll.dll!NtCreateFile + 6 7C90D096 4 Bytes [28, 00, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[132] ntdll.dll!NtCreateFile + B 7C90D09B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[132] ntdll.dll!NtMapViewOfSection + 6 7C90D506 1 Byte [28]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[132] ntdll.dll!NtMapViewOfSection + 6 7C90D506 4 Bytes [28, 03, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[132] ntdll.dll!NtMapViewOfSection + B 7C90D50B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[132] ntdll.dll!NtOpenFile + 6 7C90D586 4 Bytes [68, 00, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[132] ntdll.dll!NtOpenFile + B 7C90D58B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[132] ntdll.dll!NtOpenProcess + 6 7C90D5E6 4 Bytes [A8, 01, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[132] ntdll.dll!NtOpenProcess + B 7C90D5EB 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[132] ntdll.dll!NtOpenProcessToken + 6 7C90D5F6 4 Bytes CALL 7B90EBFC
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[132] ntdll.dll!NtOpenProcessToken + B 7C90D5FB 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[132] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D606 4 Bytes [A8, 02, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[132] ntdll.dll!NtOpenProcessTokenEx + B 7C90D60B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[132] ntdll.dll!NtOpenThread + 6 7C90D646 4 Bytes [68, 01, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[132] ntdll.dll!NtOpenThread + B 7C90D64B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[132] ntdll.dll!NtOpenThreadToken + 6 7C90D656 4 Bytes [68, 02, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[132] ntdll.dll!NtOpenThreadToken + B 7C90D65B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[132] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D666 4 Bytes CALL 7B90EC6D
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[132] ntdll.dll!NtOpenThreadTokenEx + B 7C90D66B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[132] ntdll.dll!NtQueryAttributesFile + 6 7C90D6F6 4 Bytes [A8, 00, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[132] ntdll.dll!NtQueryAttributesFile + B 7C90D6FB 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[132] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D796 4 Bytes CALL 7B90ED9B
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[132] ntdll.dll!NtQueryFullAttributesFile + B 7C90D79B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[132] ntdll.dll!NtSetInformationFile + 6 7C90DC46 4 Bytes [28, 01, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[132] ntdll.dll!NtSetInformationFile + B 7C90DC4B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[132] ntdll.dll!NtSetInformationThread + 6 7C90DC96 4 Bytes [28, 02, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[132] ntdll.dll!NtSetInformationThread + B 7C90DC9B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[132] ntdll.dll!NtUnmapViewOfSection + 6 7C90DEF6 1 Byte [68]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[132] ntdll.dll!NtUnmapViewOfSection + 6 7C90DEF6 4 Bytes [68, 03, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[132] ntdll.dll!NtUnmapViewOfSection + B 7C90DEFB 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[132] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 001701F8
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[132] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[132] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 001703FC
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[132] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[132] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00550804
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[132] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00550A08
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[132] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00550600
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[132] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 005501F8
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[132] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 005503FC
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[132] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 00561014
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[132] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 00560804
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[132] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 00560A08
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[132] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 00560C0C
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[132] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 00560E10
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[132] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 005601F8
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[132] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 005603FC
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[132] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 00560600
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[220] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 001501F8
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[220] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[220] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 001503FC
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[220] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[220] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 003E1014
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[220] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 003E0804
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[220] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 003E0A08
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[220] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 003E0C0C
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[220] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 003E0E10
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[220] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 003E01F8
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[220] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 003E03FC
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[220] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 003E0600
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[220] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 003F0804
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[220] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 003F0A08
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[220] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 003F0600
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[220] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003F01F8
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[220] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003F03FC
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[484] ntdll.dll!NtCreateFile + 6 7C90D096 4 Bytes [28, 00, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[484] ntdll.dll!NtCreateFile + B 7C90D09B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[484] ntdll.dll!NtMapViewOfSection + 6 7C90D506 1 Byte [28]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[484] ntdll.dll!NtMapViewOfSection + 6 7C90D506 4 Bytes [28, 03, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[484] ntdll.dll!NtMapViewOfSection + B 7C90D50B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[484] ntdll.dll!NtOpenFile + 6 7C90D586 4 Bytes [68, 00, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[484] ntdll.dll!NtOpenFile + B 7C90D58B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[484] ntdll.dll!NtOpenProcess + 6 7C90D5E6 4 Bytes [A8, 01, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[484] ntdll.dll!NtOpenProcess + B 7C90D5EB 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[484] ntdll.dll!NtOpenProcessToken + 6 7C90D5F6 4 Bytes CALL 7B90EBFC
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[484] ntdll.dll!NtOpenProcessToken + B 7C90D5FB 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[484] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D606 4 Bytes [A8, 02, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[484] ntdll.dll!NtOpenProcessTokenEx + B 7C90D60B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[484] ntdll.dll!NtOpenThread + 6 7C90D646 4 Bytes [68, 01, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[484] ntdll.dll!NtOpenThread + B 7C90D64B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[484] ntdll.dll!NtOpenThreadToken + 6 7C90D656 4 Bytes [68, 02, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[484] ntdll.dll!NtOpenThreadToken + B 7C90D65B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[484] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D666 4 Bytes CALL 7B90EC6D
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[484] ntdll.dll!NtOpenThreadTokenEx + B 7C90D66B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[484] ntdll.dll!NtQueryAttributesFile + 6 7C90D6F6 4 Bytes [A8, 00, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[484] ntdll.dll!NtQueryAttributesFile + B 7C90D6FB 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[484] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D796 4 Bytes CALL 7B90ED9B
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[484] ntdll.dll!NtQueryFullAttributesFile + B 7C90D79B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[484] ntdll.dll!NtSetInformationFile + 6 7C90DC46 4 Bytes [28, 01, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[484] ntdll.dll!NtSetInformationFile + B 7C90DC4B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[484] ntdll.dll!NtSetInformationThread + 6 7C90DC96 4 Bytes [28, 02, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[484] ntdll.dll!NtSetInformationThread + B 7C90DC9B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[484] ntdll.dll!NtUnmapViewOfSection + 6 7C90DEF6 1 Byte [68]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[484] ntdll.dll!NtUnmapViewOfSection + 6 7C90DEF6 4 Bytes [68, 03, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[484] ntdll.dll!NtUnmapViewOfSection + B 7C90DEFB 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[484] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 001701F8
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[484] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[484] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 001703FC
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[484] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[484] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00550804
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[484] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00550A08
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[484] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00550600
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[484] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 005501F8
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[484] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 005503FC
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[484] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 00561014
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[484] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 00560804
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[484] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 00560A08
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[484] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 00560C0C
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[484] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 00560E10
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[484] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 005601F8
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[484] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 005603FC
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[484] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 00560600
.text C:\Program Files\Bonjour\mDNSResponder.exe[500] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 001501F8
.text C:\Program Files\Bonjour\mDNSResponder.exe[500] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\Program Files\Bonjour\mDNSResponder.exe[500] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 001503FC
.text C:\Program Files\Bonjour\mDNSResponder.exe[500] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\Program Files\Bonjour\mDNSResponder.exe[500] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 003E1014
.text C:\Program Files\Bonjour\mDNSResponder.exe[500] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 003E0804
.text C:\Program Files\Bonjour\mDNSResponder.exe[500] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 003E0A08
.text C:\Program Files\Bonjour\mDNSResponder.exe[500] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 003E0C0C
.text C:\Program Files\Bonjour\mDNSResponder.exe[500] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 003E0E10
.text C:\Program Files\Bonjour\mDNSResponder.exe[500] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 003E01F8
.text C:\Program Files\Bonjour\mDNSResponder.exe[500] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 003E03FC
.text C:\Program Files\Bonjour\mDNSResponder.exe[500] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 003E0600
.text C:\Program Files\Bonjour\mDNSResponder.exe[500] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 003F0804
.text C:\Program Files\Bonjour\mDNSResponder.exe[500] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 003F0A08
.text C:\Program Files\Bonjour\mDNSResponder.exe[500] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 003F0600
.text C:\Program Files\Bonjour\mDNSResponder.exe[500] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003F01F8
.text C:\Program Files\Bonjour\mDNSResponder.exe[500] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003F03FC
.text C:\WINDOWS\System32\smss.exe[572] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\Program Files\Java\jre6\bin\jqs.exe[620] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 001501F8
.text C:\Program Files\Java\jre6\bin\jqs.exe[620] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\Program Files\Java\jre6\bin\jqs.exe[620] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 001503FC
.text C:\Program Files\Java\jre6\bin\jqs.exe[620] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\Program Files\Java\jre6\bin\jqs.exe[620] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 003E1014
.text C:\Program Files\Java\jre6\bin\jqs.exe[620] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 003E0804
.text C:\Program Files\Java\jre6\bin\jqs.exe[620] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 003E0A08
.text C:\Program Files\Java\jre6\bin\jqs.exe[620] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 003E0C0C
.text C:\Program Files\Java\jre6\bin\jqs.exe[620] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 003E0E10
.text C:\Program Files\Java\jre6\bin\jqs.exe[620] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 003E01F8
.text C:\Program Files\Java\jre6\bin\jqs.exe[620] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 003E03FC
.text C:\Program Files\Java\jre6\bin\jqs.exe[620] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 003E0600
.text C:\Program Files\Java\jre6\bin\jqs.exe[620] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 003F0804
.text C:\Program Files\Java\jre6\bin\jqs.exe[620] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 003F0A08
.text C:\Program Files\Java\jre6\bin\jqs.exe[620] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 003F0600
.text C:\Program Files\Java\jre6\bin\jqs.exe[620] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003F01F8
.text C:\Program Files\Java\jre6\bin\jqs.exe[620] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003F03FC
.text C:\WINDOWS\system32\lxeacoms.exe[696] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 001501F8
.text C:\WINDOWS\system32\lxeacoms.exe[696] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\WINDOWS\system32\lxeacoms.exe[696] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 001503FC
.text C:\WINDOWS\system32\lxeacoms.exe[696] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\WINDOWS\system32\lxeacoms.exe[696] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 003E0804
.text C:\WINDOWS\system32\lxeacoms.exe[696] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 003E0A08
.text C:\WINDOWS\system32\lxeacoms.exe[696] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 003E0600
.text C:\WINDOWS\system32\lxeacoms.exe[696] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003E01F8
.text C:\WINDOWS\system32\lxeacoms.exe[696] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003E03FC
.text C:\WINDOWS\system32\lxeacoms.exe[696] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 003F1014
.text C:\WINDOWS\system32\lxeacoms.exe[696] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 003F0804
.text C:\WINDOWS\system32\lxeacoms.exe[696] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 003F0A08
.text C:\WINDOWS\system32\lxeacoms.exe[696] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 003F0C0C
.text C:\WINDOWS\system32\lxeacoms.exe[696] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 003F0E10
.text C:\WINDOWS\system32\lxeacoms.exe[696] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 003F01F8
.text C:\WINDOWS\system32\lxeacoms.exe[696] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 003F03FC
.text C:\WINDOWS\system32\lxeacoms.exe[696] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 003F0600
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[712] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 001501F8
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[712] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[712] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 001503FC
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[712] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[712] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 003E0804
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[712] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 003E0A08
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[712] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 003E0600
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[712] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003E01F8
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[712] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003E03FC
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[712] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 003F1014
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[712] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 003F0804
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[712] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 003F0A08
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[712] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 003F0C0C
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[712] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 003F0E10
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[712] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 003F01F8
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[712] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 003F03FC
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[712] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 003F0600
.text C:\WINDOWS\system32\nvsvc32.exe[752] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 001401F8
.text C:\WINDOWS\system32\nvsvc32.exe[752] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\WINDOWS\system32\nvsvc32.exe[752] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 001403FC
.text C:\WINDOWS\system32\nvsvc32.exe[752] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\WINDOWS\system32\nvsvc32.exe[752] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 003D0804
.text C:\WINDOWS\system32\nvsvc32.exe[752] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 003D0A08
.text C:\WINDOWS\system32\nvsvc32.exe[752] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 003D0600
.text C:\WINDOWS\system32\nvsvc32.exe[752] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003D01F8
.text C:\WINDOWS\system32\nvsvc32.exe[752] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003D03FC
.text C:\WINDOWS\system32\nvsvc32.exe[752] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 003E1014
.text C:\WINDOWS\system32\nvsvc32.exe[752] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 003E0804
.text C:\WINDOWS\system32\nvsvc32.exe[752] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 003E0A08
.text C:\WINDOWS\system32\nvsvc32.exe[752] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 003E0C0C
.text C:\WINDOWS\system32\nvsvc32.exe[752] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 003E0E10
.text C:\WINDOWS\system32\nvsvc32.exe[752] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 003E01F8
.text C:\WINDOWS\system32\nvsvc32.exe[752] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 003E03FC
.text C:\WINDOWS\system32\nvsvc32.exe[752] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 003E0600
.text C:\WINDOWS\system32\csrss.exe[792] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\WINDOWS\system32\csrss.exe[792] KERNEL32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\WINDOWS\system32\winlogon.exe[824] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 000701F8
.text C:\WINDOWS\system32\winlogon.exe[824] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\WINDOWS\system32\winlogon.exe[824] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 000703FC
.text C:\WINDOWS\system32\winlogon.exe[824] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\WINDOWS\system32\winlogon.exe[824] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 00301014
.text C:\WINDOWS\system32\winlogon.exe[824] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 00300804
.text C:\WINDOWS\system32\winlogon.exe[824] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 00300A08
.text C:\WINDOWS\system32\winlogon.exe[824] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 00300C0C
.text C:\WINDOWS\system32\winlogon.exe[824] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 00300E10
.text C:\WINDOWS\system32\winlogon.exe[824] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 003001F8
.text C:\WINDOWS\system32\winlogon.exe[824] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 003003FC
.text C:\WINDOWS\system32\winlogon.exe[824] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 00300600
.text C:\WINDOWS\system32\winlogon.exe[824] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00310804
.text C:\WINDOWS\system32\winlogon.exe[824] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00310A08
.text C:\WINDOWS\system32\winlogon.exe[824] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00310600
.text C:\WINDOWS\system32\winlogon.exe[824] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003101F8
.text C:\WINDOWS\system32\winlogon.exe[824] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003103FC
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[852] ntdll.dll!NtCreateFile + 6 7C90D096 4 Bytes [28, 00, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[852] ntdll.dll!NtCreateFile + B 7C90D09B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[852] ntdll.dll!NtMapViewOfSection + 6 7C90D506 1 Byte [28]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[852] ntdll.dll!NtMapViewOfSection + 6 7C90D506 4 Bytes [28, 03, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[852] ntdll.dll!NtMapViewOfSection + B 7C90D50B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[852] ntdll.dll!NtOpenFile + 6 7C90D586 4 Bytes [68, 00, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[852] ntdll.dll!NtOpenFile + B 7C90D58B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[852] ntdll.dll!NtOpenProcess + 6 7C90D5E6 4 Bytes [A8, 01, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[852] ntdll.dll!NtOpenProcess + B 7C90D5EB 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[852] ntdll.dll!NtOpenProcessToken + 6 7C90D5F6 4 Bytes CALL 7B90EBFC
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[852] ntdll.dll!NtOpenProcessToken + B 7C90D5FB 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[852] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D606 4 Bytes [A8, 02, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[852] ntdll.dll!NtOpenProcessTokenEx + B 7C90D60B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[852] ntdll.dll!NtOpenThread + 6 7C90D646 4 Bytes [68, 01, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[852] ntdll.dll!NtOpenThread + B 7C90D64B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[852] ntdll.dll!NtOpenThreadToken + 6 7C90D656 4 Bytes [68, 02, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[852] ntdll.dll!NtOpenThreadToken + B 7C90D65B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[852] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D666 4 Bytes CALL 7B90EC6D
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[852] ntdll.dll!NtOpenThreadTokenEx + B 7C90D66B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[852] ntdll.dll!NtQueryAttributesFile + 6 7C90D6F6 4 Bytes [A8, 00, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[852] ntdll.dll!NtQueryAttributesFile + B 7C90D6FB 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[852] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D796 4 Bytes CALL 7B90ED9B
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[852] ntdll.dll!NtQueryFullAttributesFile + B 7C90D79B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[852] ntdll.dll!NtSetInformationFile + 6 7C90DC46 4 Bytes [28, 01, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[852] ntdll.dll!NtSetInformationFile + B 7C90DC4B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[852] ntdll.dll!NtSetInformationThread + 6 7C90DC96 4 Bytes [28, 02, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[852] ntdll.dll!NtSetInformationThread + B 7C90DC9B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[852] ntdll.dll!NtUnmapViewOfSection + 6 7C90DEF6 1 Byte [68]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[852] ntdll.dll!NtUnmapViewOfSection + 6 7C90DEF6 4 Bytes [68, 03, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[852] ntdll.dll!NtUnmapViewOfSection + B 7C90DEFB 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[852] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 001701F8
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[852] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[852] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 001703FC
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[852] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[852] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00550804
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[852] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00550A08
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[852] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00550600
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[852] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 005501F8
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[852] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 005503FC
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[852] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 00561014
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[852] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 00560804
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[852] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 00560A08
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[852] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 00560C0C
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[852] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 00560E10
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[852] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 005601F8
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[852] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 005603FC
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[852] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 00560600
.text C:\WINDOWS\system32\services.exe[868] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 000901F8
.text C:\WINDOWS\system32\services.exe[868] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\WINDOWS\system32\services.exe[868] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 000903FC
.text C:\WINDOWS\system32\services.exe[868] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\WINDOWS\system32\services.exe[868] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 00301014
.text C:\WINDOWS\system32\services.exe[868] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 00300804
.text C:\WINDOWS\system32\services.exe[868] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 00300A08
.text C:\WINDOWS\system32\services.exe[868] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 00300C0C
.text C:\WINDOWS\system32\services.exe[868] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 00300E10
.text C:\WINDOWS\system32\services.exe[868] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 003001F8
.text C:\WINDOWS\system32\services.exe[868] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 003003FC
.text C:\WINDOWS\system32\services.exe[868] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 00300600
.text C:\WINDOWS\system32\services.exe[868] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00310804
.text C:\WINDOWS\system32\services.exe[868] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00310A08
.text C:\WINDOWS\system32\services.exe[868] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00310600
.text C:\WINDOWS\system32\services.exe[868] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003101F8
.text C:\WINDOWS\system32\services.exe[868] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003103FC
.text C:\WINDOWS\system32\lsass.exe[880] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 000901F8
.text C:\WINDOWS\system32\lsass.exe[880] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\WINDOWS\system32\lsass.exe[880] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 000903FC
.text C:\WINDOWS\system32\lsass.exe[880] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\WINDOWS\system32\lsass.exe[880] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 00301014
.text C:\WINDOWS\system32\lsass.exe[880] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 00300804
.text C:\WINDOWS\system32\lsass.exe[880] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 00300A08
.text C:\WINDOWS\system32\lsass.exe[880] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 00300C0C
.text C:\WINDOWS\system32\lsass.exe[880] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 00300E10
.text C:\WINDOWS\system32\lsass.exe[880] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 003001F8
.text C:\WINDOWS\system32\lsass.exe[880] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 003003FC
.text C:\WINDOWS\system32\lsass.exe[880] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 00300600
.text C:\WINDOWS\system32\lsass.exe[880] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00310804
.text C:\WINDOWS\system32\lsass.exe[880] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00310A08
.text C:\WINDOWS\system32\lsass.exe[880] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00310600
.text C:\WINDOWS\system32\lsass.exe[880] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003101F8
.text C:\WINDOWS\system32\lsass.exe[880] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003103FC
.text C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe[1004] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 001401F8
.text C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe[1004] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe[1004] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 001403FC
.text C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe[1004] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe[1004] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 003E1014
.text C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe[1004] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 003E0804
.text C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe[1004] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 003E0A08
.text C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe[1004] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 003E0C0C
.text C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe[1004] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 003E0E10
.text C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe[1004] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 003E01F8
.text C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe[1004] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 003E03FC
.text C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe[1004] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 003E0600
.text C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe[1004] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 003F0804
.text C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe[1004] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 003F0A08
.text C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe[1004] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 003F0600
.text C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe[1004] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003F01F8
.text C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe[1004] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003F03FC
.text C:\WINDOWS\system32\svchost.exe[1048] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 000901F8
.text C:\WINDOWS\system32\svchost.exe[1048] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1048] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 000903FC
.text C:\WINDOWS\system32\svchost.exe[1048] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1048] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 00301014
.text C:\WINDOWS\system32\svchost.exe[1048] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 00300804
.text C:\WINDOWS\system32\svchost.exe[1048] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 00300A08
.text C:\WINDOWS\system32\svchost.exe[1048] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 00300C0C
.text C:\WINDOWS\system32\svchost.exe[1048] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 00300E10
.text C:\WINDOWS\system32\svchost.exe[1048] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 003001F8
.text C:\WINDOWS\system32\svchost.exe[1048] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 003003FC
.text C:\WINDOWS\system32\svchost.exe[1048] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 00300600
.text C:\WINDOWS\system32\svchost.exe[1048] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00310804
.text C:\WINDOWS\system32\svchost.exe[1048] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00310A08
.text C:\WINDOWS\system32\svchost.exe[1048] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00310600
.text C:\WINDOWS\system32\svchost.exe[1048] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003101F8
.text C:\WINDOWS\system32\svchost.exe[1048] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003103FC
.text C:\WINDOWS\system32\svchost.exe[1096] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 000901F8
.text C:\WINDOWS\system32\svchost.exe[1096] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1096] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 000903FC
.text C:\WINDOWS\system32\svchost.exe[1096] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1096] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 00301014
.text C:\WINDOWS\system32\svchost.exe[1096] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 00300804
.text C:\WINDOWS\system32\svchost.exe[1096] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 00300A08
.text C:\WINDOWS\system32\svchost.exe[1096] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 00300C0C
.text C:\WINDOWS\system32\svchost.exe[1096] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 00300E10
.text C:\WINDOWS\system32\svchost.exe[1096] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 003001F8
.text C:\WINDOWS\system32\svchost.exe[1096] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 003003FC
.text C:\WINDOWS\system32\svchost.exe[1096] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 00300600
.text C:\WINDOWS\system32\svchost.exe[1096] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00310804
.text C:\WINDOWS\system32\svchost.exe[1096] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00310A08
.text C:\WINDOWS\system32\svchost.exe[1096] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00310600
.text C:\WINDOWS\system32\svchost.exe[1096] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003101F8
.text C:\WINDOWS\system32\svchost.exe[1096] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003103FC
.text C:\WINDOWS\System32\svchost.exe[1136] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 000901F8
.text C:\WINDOWS\System32\svchost.exe[1136] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\WINDOWS\System32\svchost.exe[1136] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 000903FC
.text C:\WINDOWS\System32\svchost.exe[1136] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\WINDOWS\System32\svchost.exe[1136] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 00301014
.text C:\WINDOWS\System32\svchost.exe[1136] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 00300804
.text C:\WINDOWS\System32\svchost.exe[1136] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 00300A08
.text C:\WINDOWS\System32\svchost.exe[1136] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 00300C0C
.text C:\WINDOWS\System32\svchost.exe[1136] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 00300E10
.text C:\WINDOWS\System32\svchost.exe[1136] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 003001F8
.text C:\WINDOWS\System32\svchost.exe[1136] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 003003FC
.text C:\WINDOWS\System32\svchost.exe[1136] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 00300600
.text C:\WINDOWS\System32\svchost.exe[1136] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00310804
.text C:\WINDOWS\System32\svchost.exe[1136] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00310A08
.text C:\WINDOWS\System32\svchost.exe[1136] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00310600
.text C:\WINDOWS\System32\svchost.exe[1136] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003101F8
.text C:\WINDOWS\System32\svchost.exe[1136] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003103FC
.text C:\WINDOWS\system32\svchost.exe[1200] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 000901F8
.text C:\WINDOWS\system32\svchost.exe[1200] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1200] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 000903FC
.text C:\WINDOWS\system32\svchost.exe[1200] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1200] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 00301014
.text C:\WINDOWS\system32\svchost.exe[1200] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 00300804
.text C:\WINDOWS\system32\svchost.exe[1200] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 00300A08
.text C:\WINDOWS\system32\svchost.exe[1200] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 00300C0C
.text C:\WINDOWS\system32\svchost.exe[1200] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 00300E10
.text C:\WINDOWS\system32\svchost.exe[1200] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 003001F8
.text C:\WINDOWS\system32\svchost.exe[1200] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 003003FC
.text C:\WINDOWS\system32\svchost.exe[1200] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 00300600
.text C:\WINDOWS\system32\svchost.exe[1200] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00310804
.text C:\WINDOWS\system32\svchost.exe[1200] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00310A08
.text C:\WINDOWS\system32\svchost.exe[1200] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00310600
.text C:\WINDOWS\system32\svchost.exe[1200] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003101F8
.text C:\WINDOWS\system32\svchost.exe[1200] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003103FC
.text C:\WINDOWS\system32\svchost.exe[1256] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 000901F8
.text C:\WINDOWS\system32\svchost.exe[1256] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1256] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 000903FC
.text C:\WINDOWS\system32\svchost.exe[1256] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1256] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 00301014
.text C:\WINDOWS\system32\svchost.exe[1256] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 00300804
.text C:\WINDOWS\system32\svchost.exe[1256] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 00300A08
.text C:\WINDOWS\system32\svchost.exe[1256] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 00300C0C
.text C:\WINDOWS\system32\svchost.exe[1256] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 00300E10
.text C:\WINDOWS\system32\svchost.exe[1256] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 003001F8
.text C:\WINDOWS\system32\svchost.exe[1256] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 003003FC
.text C:\WINDOWS\system32\svchost.exe[1256] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 00300600
.text C:\WINDOWS\system32\svchost.exe[1256] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00310804
.text C:\WINDOWS\system32\svchost.exe[1256] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00310A08
.text C:\WINDOWS\system32\svchost.exe[1256] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00310600
.text C:\WINDOWS\system32\svchost.exe[1256] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003101F8
.text C:\WINDOWS\system32\svchost.exe[1256] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003103FC
.text C:\WINDOWS\system32\svchost.exe[1324] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 000901F8
.text C:\WINDOWS\system32\svchost.exe[1324] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1324] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 000903FC
.text C:\WINDOWS\system32\svchost.exe[1324] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1324] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 00301014
.text C:\WINDOWS\system32\svchost.exe[1324] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 00300804
.text C:\WINDOWS\system32\svchost.exe[1324] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 00300A08
.text C:\WINDOWS\system32\svchost.exe[1324] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 00300C0C
.text C:\WINDOWS\system32\svchost.exe[1324] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 00300E10
.text C:\WINDOWS\system32\svchost.exe[1324] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 003001F8
.text C:\WINDOWS\system32\svchost.exe[1324] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 003003FC
.text C:\WINDOWS\system32\svchost.exe[1324] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 00300600
.text C:\WINDOWS\system32\svchost.exe[1324] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00310804
.text C:\WINDOWS\system32\svchost.exe[1324] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00310A08
.text C:\WINDOWS\system32\svchost.exe[1324] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00310600
.text C:\WINDOWS\system32\svchost.exe[1324] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003101F8
.text C:\WINDOWS\system32\svchost.exe[1324] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003103FC
.text C:\Program Files\AVAST Software\Avast\AvastSvc.exe[1552] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\Program Files\AVAST Software\Avast\AvastSvc.exe[1552] kernel32.dll!SetUnhandledExceptionFilter 7C8449FD 4 Bytes [C2, 04, 00, 90] {RET 0x4; NOP }
.text C:\Program Files\AVAST Software\Avast\AvastSvc.exe[1552] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\WINDOWS\system32\RUNDLL32.EXE[1560] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 000901F8
.text C:\WINDOWS\system32\RUNDLL32.EXE[1560] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\WINDOWS\system32\RUNDLL32.EXE[1560] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 000903FC
.text C:\WINDOWS\system32\RUNDLL32.EXE[1560] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\WINDOWS\system32\RUNDLL32.EXE[1560] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00300804
.text C:\WINDOWS\system32\RUNDLL32.EXE[1560] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00300A08
.text C:\WINDOWS\system32\RUNDLL32.EXE[1560] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00300600
.text C:\WINDOWS\system32\RUNDLL32.EXE[1560] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003001F8
.text C:\WINDOWS\system32\RUNDLL32.EXE[1560] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003003FC
.text C:\WINDOWS\system32\RUNDLL32.EXE[1560] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 00311014
.text C:\WINDOWS\system32\RUNDLL32.EXE[1560] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 00310804
.text C:\WINDOWS\system32\RUNDLL32.EXE[1560] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 00310A08
.text C:\WINDOWS\system32\RUNDLL32.EXE[1560] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 00310C0C
.text C:\WINDOWS\system32\RUNDLL32.EXE[1560] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 00310E10
.text C:\WINDOWS\system32\RUNDLL32.EXE[1560] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 003101F8
.text C:\WINDOWS\system32\RUNDLL32.EXE[1560] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 003103FC
.text C:\WINDOWS\system32\RUNDLL32.EXE[1560] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 00310600
.text C:\WINDOWS\RTHDCPL.EXE[1632] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 001401F8
.text C:\WINDOWS\RTHDCPL.EXE[1632] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\WINDOWS\RTHDCPL.EXE[1632] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 001403FC
.text C:\WINDOWS\RTHDCPL.EXE[1632] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\WINDOWS\RTHDCPL.EXE[1632] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 003D1014
.text C:\WINDOWS\RTHDCPL.EXE[1632] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 003D0804
.text C:\WINDOWS\RTHDCPL.EXE[1632] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 003D0A08
.text C:\WINDOWS\RTHDCPL.EXE[1632] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 003D0C0C
.text C:\WINDOWS\RTHDCPL.EXE[1632] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 003D0E10
.text C:\WINDOWS\RTHDCPL.EXE[1632] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 003D01F8
.text C:\WINDOWS\RTHDCPL.EXE[1632] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 003D03FC
.text C:\WINDOWS\RTHDCPL.EXE[1632] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 003D0600
.text C:\WINDOWS\RTHDCPL.EXE[1632] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 003E0804
.text C:\WINDOWS\RTHDCPL.EXE[1632] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 003E0A08
.text C:\WINDOWS\RTHDCPL.EXE[1632] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 003E0600
.text C:\WINDOWS\RTHDCPL.EXE[1632] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003E01F8
.text C:\WINDOWS\RTHDCPL.EXE[1632] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003E03FC
.text C:\WINDOWS\Explorer.EXE[1636] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 000901F8
.text C:\WINDOWS\Explorer.EXE[1636] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\WINDOWS\Explorer.EXE[1636] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 000903FC
.text C:\WINDOWS\Explorer.EXE[1636] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\WINDOWS\Explorer.EXE[1636] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 00311014
.text C:\WINDOWS\Explorer.EXE[1636] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 00310804
.text C:\WINDOWS\Explorer.EXE[1636] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 00310A08
.text C:\WINDOWS\Explorer.EXE[1636] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 00310C0C
.text C:\WINDOWS\Explorer.EXE[1636] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 00310E10
.text C:\WINDOWS\Explorer.EXE[1636] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 003101F8
.text C:\WINDOWS\Explorer.EXE[1636] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 003103FC
.text C:\WINDOWS\Explorer.EXE[1636] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 00310600
.text C:\WINDOWS\Explorer.EXE[1636] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00320804
.text C:\WINDOWS\Explorer.EXE[1636] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00320A08
.text C:\WINDOWS\Explorer.EXE[1636] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00320600
.text C:\WINDOWS\Explorer.EXE[1636] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003201F8
.text C:\WINDOWS\Explorer.EXE[1636] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003203FC
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1672] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 001401F8
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1672] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1672] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 001403FC
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1672] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1672] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 003D1014
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1672] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 003D0804
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1672] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 003D0A08
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1672] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 003D0C0C
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1672] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 003D0E10
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1672] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 003D01F8
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1672] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 003D03FC
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1672] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 003D0600
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1672] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 003E0804
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1672] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 003E0A08
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1672] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 003E0600
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1672] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003E01F8
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1672] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003E03FC
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1684] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 001501F8
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1684] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1684] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 001503FC
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1684] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1684] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 003E0804
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1684] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 003E0A08
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1684] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 003E0600
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1684] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003E01F8
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1684] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003E03FC
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1684] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 003F1014
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1684] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 003F0804
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1684] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 003F0A08
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1684] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 003F0C0C
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1684] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 003F0E10
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1684] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 003F01F8
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1684] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 003F03FC
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1684] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 003F0600
.text C:\WINDOWS\system32\TDispVol.exe[1728] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 001401F8
.text C:\WINDOWS\system32\TDispVol.exe[1728] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\WINDOWS\system32\TDispVol.exe[1728] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 001403FC
.text C:\WINDOWS\system32\TDispVol.exe[1728] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\WINDOWS\system32\TDispVol.exe[1728] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 003D1014
.text C:\WINDOWS\system32\TDispVol.exe[1728] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 003D0804
.text C:\WINDOWS\system32\TDispVol.exe[1728] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 003D0A08
.text C:\WINDOWS\system32\TDispVol.exe[1728] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 003D0C0C
.text C:\WINDOWS\system32\TDispVol.exe[1728] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 003D0E10
.text C:\WINDOWS\system32\TDispVol.exe[1728] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 003D01F8
.text C:\WINDOWS\system32\TDispVol.exe[1728] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 003D03FC
.text C:\WINDOWS\system32\TDispVol.exe[1728] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 003D0600
.text C:\WINDOWS\system32\TDispVol.exe[1728] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 003E0804
.text C:\WINDOWS\system32\TDispVol.exe[1728] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 003E0A08
.text C:\WINDOWS\system32\TDispVol.exe[1728] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 003E0600
.text C:\WINDOWS\system32\TDispVol.exe[1728] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003E01F8
.text C:\WINDOWS\system32\TDispVol.exe[1728] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003E03FC
.text C:\WINDOWS\system32\TCtrlIOHook.exe[1756] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 001401F8
.text C:\WINDOWS\system32\TCtrlIOHook.exe[1756] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\WINDOWS\system32\TCtrlIOHook.exe[1756] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 001403FC
.text C:\WINDOWS\system32\TCtrlIOHook.exe[1756] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\WINDOWS\system32\TCtrlIOHook.exe[1756] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 003D1014
.text C:\WINDOWS\system32\TCtrlIOHook.exe[1756] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 003D0804
.text C:\WINDOWS\system32\TCtrlIOHook.exe[1756] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 003D0A08
.text C:\WINDOWS\system32\TCtrlIOHook.exe[1756] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 003D0C0C
.text C:\WINDOWS\system32\TCtrlIOHook.exe[1756] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 003D0E10
.text C:\WINDOWS\system32\TCtrlIOHook.exe[1756] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 003D01F8
.text C:\WINDOWS\system32\TCtrlIOHook.exe[1756] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 003D03FC
.text C:\WINDOWS\system32\TCtrlIOHook.exe[1756] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 003D0600
.text C:\WINDOWS\system32\TCtrlIOHook.exe[1756] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 003E0804
.text C:\WINDOWS\system32\TCtrlIOHook.exe[1756] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 003E0A08
.text C:\WINDOWS\system32\TCtrlIOHook.exe[1756] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 003E0600
.text C:\WINDOWS\system32\TCtrlIOHook.exe[1756] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003E01F8
.text C:\WINDOWS\system32\TCtrlIOHook.exe[1756] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003E03FC
.text C:\WINDOWS\system32\spoolsv.exe[2024] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 000901F8
.text C:\WINDOWS\system32\spoolsv.exe[2024] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\WINDOWS\system32\spoolsv.exe[2024] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 000903FC
.text C:\WINDOWS\system32\spoolsv.exe[2024] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\WINDOWS\system32\spoolsv.exe[2024] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 00301014
.text C:\WINDOWS\system32\spoolsv.exe[2024] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 00300804
.text C:\WINDOWS\system32\spoolsv.exe[2024] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 00300A08
.text C:\WINDOWS\system32\spoolsv.exe[2024] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 00300C0C
.text C:\WINDOWS\system32\spoolsv.exe[2024] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 00300E10
.text C:\WINDOWS\system32\spoolsv.exe[2024] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 003001F8
.text C:\WINDOWS\system32\spoolsv.exe[2024] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 003003FC
.text C:\WINDOWS\system32\spoolsv.exe[2024] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 00300600
.text C:\WINDOWS\system32\spoolsv.exe[2024] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00310804
.text C:\WINDOWS\system32\spoolsv.exe[2024] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00310A08
.text C:\WINDOWS\system32\spoolsv.exe[2024] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00310600
.text C:\WINDOWS\system32\spoolsv.exe[2024] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003101F8
.text C:\WINDOWS\system32\spoolsv.exe[2024] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003103FC
.text C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe[2052] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 001501F8
.text C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe[2052] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe[2052] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 001503FC
.text C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe[2052] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe[2052] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 003E1014
.text C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe[2052] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 003E0804
.text C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe[2052] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 003E0A08
.text C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe[2052] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 003E0C0C
.text C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe[2052] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 003E0E10
.text C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe[2052] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 003E01F8
.text C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe[2052] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 003E03FC
.text C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe[2052] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 003E0600
.text C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe[2052] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 003F0804
.text C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe[2052] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 003F0A08
.text C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe[2052] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 003F0600
.text C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe[2052] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003F01F8
.text C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe[2052] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003F03FC
.text C:\Program Files\Lexmark S300-S400 Series\ezprint.exe[2060] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 001501F8
.text C:\Program Files\Lexmark S300-S400 Series\ezprint.exe[2060] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\Program Files\Lexmark S300-S400 Series\ezprint.exe[2060] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 001503FC
.text C:\Program Files\Lexmark S300-S400 Series\ezprint.exe[2060] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\Program Files\Lexmark S300-S400 Series\ezprint.exe[2060] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 00881014
.text C:\Program Files\Lexmark S300-S400 Series\ezprint.exe[2060] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 00880804
.text C:\Program Files\Lexmark S300-S400 Series\ezprint.exe[2060] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 00880A08
.text C:\Program Files\Lexmark S300-S400 Series\ezprint.exe[2060] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 00880C0C
.text C:\Program Files\Lexmark S300-S400 Series\ezprint.exe[2060] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 00880E10
.text C:\Program Files\Lexmark S300-S400 Series\ezprint.exe[2060] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 008801F8
.text C:\Program Files\Lexmark S300-S400 Series\ezprint.exe[2060] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 008803FC
.text C:\Program Files\Lexmark S300-S400 Series\ezprint.exe[2060] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 00880600
.text C:\Program Files\Lexmark S300-S400 Series\ezprint.exe[2060] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00890804
.text C:\Program Files\Lexmark S300-S400 Series\ezprint.exe[2060] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00890A08
.text C:\Program Files\Lexmark S300-S400 Series\ezprint.exe[2060] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00890600
.text C:\Program Files\Lexmark S300-S400 Series\ezprint.exe[2060] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 008901F8
.text C:\Program Files\Lexmark S300-S400 Series\ezprint.exe[2060] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 008903FC
.text C:\Program Files\AVAST Software\Avast\avastUI.exe[2068] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\Program Files\AVAST Software\Avast\avastUI.exe[2068] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\Program Files\Synaptics\SynTP\SynToshiba.exe[2076] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 001501F8
.text C:\Program Files\Synaptics\SynTP\SynToshiba.exe[2076] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\Program Files\Synaptics\SynTP\SynToshiba.exe[2076] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 001503FC
.text C:\Program Files\Synaptics\SynTP\SynToshiba.exe[2076] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\Program Files\Synaptics\SynTP\SynToshiba.exe[2076] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 003E0804
.text C:\Program Files\Synaptics\SynTP\SynToshiba.exe[2076] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 003E0A08
.text C:\Program Files\Synaptics\SynTP\SynToshiba.exe[2076] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 003E0600
.text C:\Program Files\Synaptics\SynTP\SynToshiba.exe[2076] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003E01F8
.text C:\Program Files\Synaptics\SynTP\SynToshiba.exe[2076] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003E03FC
.text C:\Program Files\Synaptics\SynTP\SynToshiba.exe[2076] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 003F1014
.text C:\Program Files\Synaptics\SynTP\SynToshiba.exe[2076] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 003F0804
.text C:\Program Files\Synaptics\SynTP\SynToshiba.exe[2076] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 003F0A08
.text C:\Program Files\Synaptics\SynTP\SynToshiba.exe[2076] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 003F0C0C
.text C:\Program Files\Synaptics\SynTP\SynToshiba.exe[2076] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 003F0E10
.text C:\Program Files\Synaptics\SynTP\SynToshiba.exe[2076] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 003F01F8
.text C:\Program Files\Synaptics\SynTP\SynToshiba.exe[2076] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 003F03FC
.text C:\Program Files\Synaptics\SynTP\SynToshiba.exe[2076] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 003F0600
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[2084] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 001501F8
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[2084] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[2084] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 001503FC
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[2084] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[2084] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00410804
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[2084] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00410A08
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[2084] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00410600
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[2084] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 004101F8
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[2084] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 004103FC
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[2084] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 00421014
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[2084] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 00420804
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[2084] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 00420A08
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[2084] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 00420C0C
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[2084] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 00420E10
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[2084] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 004201F8
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[2084] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 004203FC
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[2084] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 00420600
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2092] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 001501F8
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2092] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2092] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 001503FC
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2092] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2092] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 003E1014
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2092] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 003E0804
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2092] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 003E0A08
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2092] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 003E0C0C
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2092] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 003E0E10
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2092] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 003E01F8
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2092] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 003E03FC
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2092] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 003E0600
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2092] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 003F0804
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2092] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 003F0A08
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2092] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 003F0600
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2092] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003F01F8
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2092] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003F03FC
.text C:\Program Files\iTunes\iTunesHelper.exe[2172] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 001501F8
.text C:\Program Files\iTunes\iTunesHelper.exe[2172] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\Program Files\iTunes\iTunesHelper.exe[2172] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 001503FC
.text C:\Program Files\iTunes\iTunesHelper.exe[2172] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\Program Files\iTunes\iTunesHelper.exe[2172] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 003E1014
.text C:\Program Files\iTunes\iTunesHelper.exe[2172] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 003E0804
.text C:\Program Files\iTunes\iTunesHelper.exe[2172] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 003E0A08
.text C:\Program Files\iTunes\iTunesHelper.exe[2172] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 003E0C0C
.text C:\Program Files\iTunes\iTunesHelper.exe[2172] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 003E0E10
.text C:\Program Files\iTunes\iTunesHelper.exe[2172] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 003E01F8
.text C:\Program Files\iTunes\iTunesHelper.exe[2172] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 003E03FC
.text C:\Program Files\iTunes\iTunesHelper.exe[2172] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 003E0600
.text C:\Program Files\iTunes\iTunesHelper.exe[2172] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 003F0804
.text C:\Program Files\iTunes\iTunesHelper.exe[2172] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 003F0A08
.text C:\Program Files\iTunes\iTunesHelper.exe[2172] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 003F0600
.text C:\Program Files\iTunes\iTunesHelper.exe[2172] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003F01F8
.text C:\Program Files\iTunes\iTunesHelper.exe[2172] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003F03FC
.text C:\WINDOWS\system32\ctfmon.exe[2192] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 000A01F8
.text C:\WINDOWS\system32\ctfmon.exe[2192] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\WINDOWS\system32\ctfmon.exe[2192] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 000A03FC
.text C:\WINDOWS\system32\ctfmon.exe[2192] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\WINDOWS\system32\ctfmon.exe[2192] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 00381014
.text C:\WINDOWS\system32\ctfmon.exe[2192] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 00380804
.text C:\WINDOWS\system32\ctfmon.exe[2192] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 00380A08
.text C:\WINDOWS\system32\ctfmon.exe[2192] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 00380C0C
.text C:\WINDOWS\system32\ctfmon.exe[2192] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 00380E10
.text C:\WINDOWS\system32\ctfmon.exe[2192] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 003801F8
.text C:\WINDOWS\system32\ctfmon.exe[2192] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 003803FC
.text C:\WINDOWS\system32\ctfmon.exe[2192] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 00380600
.text C:\WINDOWS\system32\ctfmon.exe[2192] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00390804
.text C:\WINDOWS\system32\ctfmon.exe[2192] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00390A08
.text C:\WINDOWS\system32\ctfmon.exe[2192] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00390600
.text C:\WINDOWS\system32\ctfmon.exe[2192] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003901F8
.text C:\WINDOWS\system32\ctfmon.exe[2192] USER32.dll!UnhookWinEvent 7E3818AC 3 Bytes JMP 003903FC
.text C:\WINDOWS\system32\ctfmon.exe[2192] USER32.dll!UnhookWinEvent + 4 7E3818B0 1 Byte [82]
.text C:\Program Files\DAEMON Tools Lite\daemon.exe[2200] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 001501F8
.text C:\Program Files\DAEMON Tools Lite\daemon.exe[2200] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\Program Files\DAEMON Tools Lite\daemon.exe[2200] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 001503FC
.text C:\Program Files\DAEMON Tools Lite\daemon.exe[2200] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\Program Files\DAEMON Tools Lite\daemon.exe[2200] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 003E0804
.text C:\Program Files\DAEMON Tools Lite\daemon.exe[2200] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 003E0A08
.text C:\Program Files\DAEMON Tools Lite\daemon.exe[2200] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 003E0600
.text C:\Program Files\DAEMON Tools Lite\daemon.exe[2200] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003E01F8
.text C:\Program Files\DAEMON Tools Lite\daemon.exe[2200] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003E03FC
.text C:\Program Files\DAEMON Tools Lite\daemon.exe[2200] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 003F1014
.text C:\Program Files\DAEMON Tools Lite\daemon.exe[2200] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 003F0804
.text C:\Program Files\DAEMON Tools Lite\daemon.exe[2200] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 003F0A08
.text C:\Program Files\DAEMON Tools Lite\daemon.exe[2200] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 003F0C0C
.text C:\Program Files\DAEMON Tools Lite\daemon.exe[2200] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 003F0E10
.text C:\Program Files\DAEMON Tools Lite\daemon.exe[2200] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 003F01F8
.text C:\Program Files\DAEMON Tools Lite\daemon.exe[2200] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 003F03FC
.text C:\Program Files\DAEMON Tools Lite\daemon.exe[2200] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 003F0600
.text C:\Program Files\Messenger\msmsgs.exe[2224] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 000901F8
.text C:\Program Files\Messenger\msmsgs.exe[2224] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\Program Files\Messenger\msmsgs.exe[2224] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 000903FC
.text C:\Program Files\Messenger\msmsgs.exe[2224] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\Program Files\Messenger\msmsgs.exe[2224] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 00321014
.text C:\Program Files\Messenger\msmsgs.exe[2224] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 00320804
.text C:\Program Files\Messenger\msmsgs.exe[2224] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 00320A08
.text C:\Program Files\Messenger\msmsgs.exe[2224] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 00320C0C
.text C:\Program Files\Messenger\msmsgs.exe[2224] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 00320E10
.text C:\Program Files\Messenger\msmsgs.exe[2224] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 003201F8
.text C:\Program Files\Messenger\msmsgs.exe[2224] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 003203FC
.text C:\Program Files\Messenger\msmsgs.exe[2224] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 00320600
.text C:\Program Files\Messenger\msmsgs.exe[2224] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00330804
.text C:\Program Files\Messenger\msmsgs.exe[2224] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00330A08
.text C:\Program Files\Messenger\msmsgs.exe[2224] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00330600
.text C:\Program Files\Messenger\msmsgs.exe[2224] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003301F8
.text C:\Program Files\Messenger\msmsgs.exe[2224] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003303FC
.text C:\WINDOWS\system32\wuauclt.exe[2592] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 000A01F8
.text C:\WINDOWS\system32\wuauclt.exe[2592] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\WINDOWS\system32\wuauclt.exe[2592] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 000A03FC
.text C:\WINDOWS\system32\wuauclt.exe[2592] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\WINDOWS\system32\wuauclt.exe[2592] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00390804
.text C:\WINDOWS\system32\wuauclt.exe[2592] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00390A08
.text C:\WINDOWS\system32\wuauclt.exe[2592] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00390600
.text C:\WINDOWS\system32\wuauclt.exe[2592] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003901F8
.text C:\WINDOWS\system32\wuauclt.exe[2592] USER32.dll!UnhookWinEvent 7E3818AC 3 Bytes JMP 003903FC
.text C:\WINDOWS\system32\wuauclt.exe[2592] USER32.dll!UnhookWinEvent + 4 7E3818B0 1 Byte [82]
.text C:\WINDOWS\system32\wuauclt.exe[2592] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 003A1014
.text C:\WINDOWS\system32\wuauclt.exe[2592] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 003A0804
.text C:\WINDOWS\system32\wuauclt.exe[2592] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 003A0A08
.text C:\WINDOWS\system32\wuauclt.exe[2592] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 003A0C0C
.text C:\WINDOWS\system32\wuauclt.exe[2592] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 003A0E10
.text C:\WINDOWS\system32\wuauclt.exe[2592] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 003A01F8
.text C:\WINDOWS\system32\wuauclt.exe[2592] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 003A03FC
.text C:\WINDOWS\system32\wuauclt.exe[2592] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 003A0600
.text C:\WINDOWS\system32\wscntfy.exe[2624] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 000901F8
.text C:\WINDOWS\system32\wscntfy.exe[2624] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\WINDOWS\system32\wscntfy.exe[2624] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 000903FC
.text C:\WINDOWS\system32\wscntfy.exe[2624] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\WINDOWS\system32\wscntfy.exe[2624] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00320804
.text C:\WINDOWS\system32\wscntfy.exe[2624] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00320A08
.text C:\WINDOWS\system32\wscntfy.exe[2624] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00320600
.text C:\WINDOWS\system32\wscntfy.exe[2624] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003201F8
.text C:\WINDOWS\system32\wscntfy.exe[2624] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003203FC
.text C:\WINDOWS\system32\wscntfy.exe[2624] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 00331014
.text C:\WINDOWS\system32\wscntfy.exe[2624] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 00330804
.text C:\WINDOWS\system32\wscntfy.exe[2624] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 00330A08
.text C:\WINDOWS\system32\wscntfy.exe[2624] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 3 Bytes JMP 00330C0C
.text C:\WINDOWS\system32\wscntfy.exe[2624] ADVAPI32.dll!ChangeServiceConfig2A + 4 77E270DD 1 Byte [88]
.text C:\WINDOWS\system32\wscntfy.exe[2624] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 00330E10
.text C:\WINDOWS\system32\wscntfy.exe[2624] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 003301F8
.text C:\WINDOWS\system32\wscntfy.exe[2624] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 003303FC
.text C:\WINDOWS\system32\wscntfy.exe[2624] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 00330600
.text C:\WINDOWS\System32\alg.exe[2804] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 000901F8
.text C:\WINDOWS\System32\alg.exe[2804] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\WINDOWS\System32\alg.exe[2804] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 000903FC
.text C:\WINDOWS\System32\alg.exe[2804] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\WINDOWS\System32\alg.exe[2804] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00300804
.text C:\WINDOWS\System32\alg.exe[2804] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00300A08
.text C:\WINDOWS\System32\alg.exe[2804] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00300600
.text C:\WINDOWS\System32\alg.exe[2804] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003001F8
.text C:\WINDOWS\System32\alg.exe[2804] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003003FC
.text C:\WINDOWS\System32\alg.exe[2804] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 00311014
.text C:\WINDOWS\System32\alg.exe[2804] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 00310804
.text C:\WINDOWS\System32\alg.exe[2804] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 00310A08
.text C:\WINDOWS\System32\alg.exe[2804] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 00310C0C
.text C:\WINDOWS\System32\alg.exe[2804] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 00310E10
.text C:\WINDOWS\System32\alg.exe[2804] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 003101F8
.text C:\WINDOWS\System32\alg.exe[2804] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 003103FC
.text C:\WINDOWS\System32\alg.exe[2804] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 00310600
.text C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe[2888] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 001501F8
.text C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe[2888] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe[2888] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 001503FC
.text C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe[2888] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe[2888] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00850804
.text C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe[2888] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00850A08
.text C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe[2888] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00850600
.text C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe[2888] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 008501F8
.text C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe[2888] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 008503FC
.text C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe[2888] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 00861014
.text C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe[2888] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 00860804
.text C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe[2888] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 00860A08
.text C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe[2888] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 00860C0C
.text C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe[2888] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 00860E10
.text C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe[2888] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 008601F8
.text C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe[2888] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 008603FC
.text C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe[2888] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 00860600
.text C:\Program Files\iPod\bin\iPodService.exe[2944] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 001501F8
.text C:\Program Files\iPod\bin\iPodService.exe[2944] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\Program Files\iPod\bin\iPodService.exe[2944] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 001503FC
.text C:\Program Files\iPod\bin\iPodService.exe[2944] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\Program Files\iPod\bin\iPodService.exe[2944] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 003E1014
.text C:\Program Files\iPod\bin\iPodService.exe[2944] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 003E0804
.text C:\Program Files\iPod\bin\iPodService.exe[2944] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 003E0A08
.text C:\Program Files\iPod\bin\iPodService.exe[2944] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 003E0C0C
.text C:\Program Files\iPod\bin\iPodService.exe[2944] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 003E0E10
.text C:\Program Files\iPod\bin\iPodService.exe[2944] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 003E01F8
.text C:\Program Files\iPod\bin\iPodService.exe[2944] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 003E03FC
.text C:\Program Files\iPod\bin\iPodService.exe[2944] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 003E0600
.text C:\Program Files\iPod\bin\iPodService.exe[2944] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 003F0804
.text C:\Program Files\iPod\bin\iPodService.exe[2944] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 003F0A08
.text C:\Program Files\iPod\bin\iPodService.exe[2944] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 003F0600
.text C:\Program Files\iPod\bin\iPodService.exe[2944] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003F01F8
.text C:\Program Files\iPod\bin\iPodService.exe[2944] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003F03FC
.text C:\Documents and Settings\Kuba\Moje dokumenty\Downloads\2eelon1n.exe[3212] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 001501F8
.text C:\Documents and Settings\Kuba\Moje dokumenty\Downloads\2eelon1n.exe[3212] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\Documents and Settings\Kuba\Moje dokumenty\Downloads\2eelon1n.exe[3212] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 001503FC
.text C:\Documents and Settings\Kuba\Moje dokumenty\Downloads\2eelon1n.exe[3212] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\Documents and Settings\Kuba\Moje dokumenty\Downloads\2eelon1n.exe[3212] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 009C1014
.text C:\Documents and Settings\Kuba\Moje dokumenty\Downloads\2eelon1n.exe[3212] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 009C0804
.text C:\Documents and Settings\Kuba\Moje dokumenty\Downloads\2eelon1n.exe[3212] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 009C0A08
.text C:\Documents and Settings\Kuba\Moje dokumenty\Downloads\2eelon1n.exe[3212] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 009C0C0C
.text C:\Documents and Settings\Kuba\Moje dokumenty\Downloads\2eelon1n.exe[3212] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 009C0E10
.text C:\Documents and Settings\Kuba\Moje dokumenty\Downloads\2eelon1n.exe[3212] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 009C01F8
.text C:\Documents and Settings\Kuba\Moje dokumenty\Downloads\2eelon1n.exe[3212] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 009C03FC
.text C:\Documents and Settings\Kuba\Moje dokumenty\Downloads\2eelon1n.exe[3212] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 009C0600
.text C:\Documents and Settings\Kuba\Moje dokumenty\Downloads\2eelon1n.exe[3212] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 009D0804
.text C:\Documents and Settings\Kuba\Moje dokumenty\Downloads\2eelon1n.exe[3212] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 009D0A08
.text C:\Documents and Settings\Kuba\Moje dokumenty\Downloads\2eelon1n.exe[3212] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 009D0600
.text C:\Documents and Settings\Kuba\Moje dokumenty\Downloads\2eelon1n.exe[3212] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 009D01F8
.text C:\Documents and Settings\Kuba\Moje dokumenty\Downloads\2eelon1n.exe[3212] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 009D03FC
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtCreateFile + 6 7C90D096 4 Bytes [28, 00, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtCreateFile + B 7C90D09B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtMapViewOfSection + 6 7C90D506 1 Byte [28]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtMapViewOfSection + 6 7C90D506 4 Bytes [28, 03, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtMapViewOfSection + B 7C90D50B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtOpenFile + 6 7C90D586 4 Bytes [68, 00, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtOpenFile + B 7C90D58B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtOpenProcess + 6 7C90D5E6 4 Bytes [A8, 01, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtOpenProcess + B 7C90D5EB 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtOpenProcessToken + 6 7C90D5F6 4 Bytes CALL 7B90EBFC
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtOpenProcessToken + B 7C90D5FB 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D606 4 Bytes [A8, 02, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtOpenProcessTokenEx + B 7C90D60B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtOpenThread + 6 7C90D646 4 Bytes [68, 01, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtOpenThread + B 7C90D64B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtOpenThreadToken + 6 7C90D656 4 Bytes [68, 02, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtOpenThreadToken + B 7C90D65B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D666 4 Bytes CALL 7B90EC6D
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtOpenThreadTokenEx + B 7C90D66B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtQueryAttributesFile + 6 7C90D6F6 4 Bytes [A8, 00, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtQueryAttributesFile + B 7C90D6FB 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D796 4 Bytes CALL 7B90ED9B
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtQueryFullAttributesFile + B 7C90D79B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtSetInformationFile + 6 7C90DC46 4 Bytes [28, 01, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtSetInformationFile + B 7C90DC4B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtSetInformationThread + 6 7C90DC96 4 Bytes [28, 02, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtSetInformationThread + B 7C90DC9B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtUnmapViewOfSection + 6 7C90DEF6 1 Byte [68]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtUnmapViewOfSection + 6 7C90DEF6 4 Bytes [68, 03, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtUnmapViewOfSection + B 7C90DEFB 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 001701F8
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 001703FC
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00550804
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00550A08
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00550600
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 005501F8
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 005503FC
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 00561014
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 00560804
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 00560A08
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 00560C0C
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 00560E10
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 005601F8
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 005603FC
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 00560600
.text C:\Program Files\FileZilla FTP Client\filezilla.exe[3588] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 002501F8
.text C:\Program Files\FileZilla FTP Client\filezilla.exe[3588] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\Program Files\FileZilla FTP Client\filezilla.exe[3588] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 002503FC
.text C:\Program Files\FileZilla FTP Client\filezilla.exe[3588] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\Program Files\FileZilla FTP Client\filezilla.exe[3588] ADVAPI32.DLL!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 00CF1014
.text C:\Program Files\FileZilla FTP Client\filezilla.exe[3588] ADVAPI32.DLL!ChangeServiceConfigA 77E26E41 5 Bytes JMP 00CF0804
.text C:\Program Files\FileZilla FTP Client\filezilla.exe[3588] ADVAPI32.DLL!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 00CF0A08
.text C:\Program Files\FileZilla FTP Client\filezilla.exe[3588] ADVAPI32.DLL!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 00CF0C0C
.text C:\Program Files\FileZilla FTP Client\filezilla.exe[3588] ADVAPI32.DLL!ChangeServiceConfig2W 77E27161 5 Bytes JMP 00CF0E10
.text C:\Program Files\FileZilla FTP Client\filezilla.exe[3588] ADVAPI32.DLL!CreateServiceA 77E271E9 5 Bytes JMP 00CF01F8
.text C:\Program Files\FileZilla FTP Client\filezilla.exe[3588] ADVAPI32.DLL!CreateServiceW 77E27381 5 Bytes JMP 00CF03FC
.text C:\Program Files\FileZilla FTP Client\filezilla.exe[3588] ADVAPI32.DLL!DeleteService 77E27489 5 Bytes JMP 00CF0600
.text C:\Program Files\FileZilla FTP Client\filezilla.exe[3588] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00D00804
.text C:\Program Files\FileZilla FTP Client\filezilla.exe[3588] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00D00A08
.text C:\Program Files\FileZilla FTP Client\filezilla.exe[3588] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00D00600
.text C:\Program Files\FileZilla FTP Client\filezilla.exe[3588] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 00D001F8
.text C:\Program Files\FileZilla FTP Client\filezilla.exe[3588] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 00D003FC
.text C:\Program Files\Kadu\kadu.exe[3608] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 002401F8
.text C:\Program Files\Kadu\kadu.exe[3608] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\Program Files\Kadu\kadu.exe[3608] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 002403FC
.text C:\Program Files\Kadu\kadu.exe[3608] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\Program Files\Kadu\kadu.exe[3608] ADVAPI32.DLL!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 015B1014
.text C:\Program Files\Kadu\kadu.exe[3608] ADVAPI32.DLL!ChangeServiceConfigA 77E26E41 5 Bytes JMP 015B0804
.text C:\Program Files\Kadu\kadu.exe[3608] ADVAPI32.DLL!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 015B0A08
.text C:\Program Files\Kadu\kadu.exe[3608] ADVAPI32.DLL!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 015B0C0C
.text C:\Program Files\Kadu\kadu.exe[3608] ADVAPI32.DLL!ChangeServiceConfig2W 77E27161 5 Bytes JMP 015B0E10
.text C:\Program Files\Kadu\kadu.exe[3608] ADVAPI32.DLL!CreateServiceA 77E271E9 5 Bytes JMP 015B01F8
.text C:\Program Files\Kadu\kadu.exe[3608] ADVAPI32.DLL!CreateServiceW 77E27381 3 Bytes JMP 015B03FC
.text C:\Program Files\Kadu\kadu.exe[3608] ADVAPI32.DLL!CreateServiceW + 4 77E27385 1 Byte [89]
.text C:\Program Files\Kadu\kadu.exe[3608] ADVAPI32.DLL!DeleteService 77E27489 5 Bytes JMP 015B0600
.text C:\Program Files\Kadu\kadu.exe[3608] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 015C0804
.text C:\Program Files\Kadu\kadu.exe[3608] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 015C0A08
.text C:\Program Files\Kadu\kadu.exe[3608] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 015C0600
.text C:\Program Files\Kadu\kadu.exe[3608] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 015C01F8
.text C:\Program Files\Kadu\kadu.exe[3608] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 015C03FC
.text C:\WINDOWS\System32\svchost.exe[3680] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 000901F8
.text C:\WINDOWS\System32\svchost.exe[3680] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\WINDOWS\System32\svchost.exe[3680] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 000903FC
.text C:\WINDOWS\System32\svchost.exe[3680] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\WINDOWS\System32\svchost.exe[3680] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 00301014
.text C:\WINDOWS\System32\svchost.exe[3680] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 00300804
.text C:\WINDOWS\System32\svchost.exe[3680] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 00300A08
.text C:\WINDOWS\System32\svchost.exe[3680] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 00300C0C
.text C:\WINDOWS\System32\svchost.exe[3680] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 00300E10
.text C:\WINDOWS\System32\svchost.exe[3680] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 003001F8
.text C:\WINDOWS\System32\svchost.exe[3680] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 003003FC
.text C:\WINDOWS\System32\svchost.exe[3680] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 00300600
.text C:\WINDOWS\System32\svchost.exe[3680] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00310804
.text C:\WINDOWS\System32\svchost.exe[3680] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00310A08
.text C:\WINDOWS\System32\svchost.exe[3680] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00310600
.text C:\WINDOWS\System32\svchost.exe[3680] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003101F8
.text C:\WINDOWS\System32\svchost.exe[3680] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003103FC
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3692] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 000901F8
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3692] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3692] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 000903FC
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3692] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3692] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 00301014
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3692] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 00300804
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3692] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 00300A08
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3692] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 00300C0C
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3692] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 00300E10
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3692] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 003001F8
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3692] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 003003FC
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3692] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 00300600
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3692] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00310804
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3692] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00310A08
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3692] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00310600
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3692] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003101F8
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3692] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003103FC
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3792] ntdll.dll!NtCreateFile + 6 7C90D096 4 Bytes [28, 00, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3792] ntdll.dll!NtCreateFile + B 7C90D09B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3792] ntdll.dll!NtMapViewOfSection + 6 7C90D506 1 Byte [28]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3792] ntdll.dll!NtMapViewOfSection + 6 7C90D506 4 Bytes [28, 03, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3792] ntdll.dll!NtMapViewOfSection + B 7C90D50B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3792] ntdll.dll!NtOpenFile + 6 7C90D586 4 Bytes [68, 00, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3792] ntdll.dll!NtOpenFile + B 7C90D58B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3792] ntdll.dll!NtOpenProcess + 6 7C90D5E6 4 Bytes [A8, 01, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3792] ntdll.dll!NtOpenProcess + B 7C90D5EB 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3792] ntdll.dll!NtOpenProcessToken + 6 7C90D5F6 4 Bytes CALL 7B90EBFC
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3792] ntdll.dll!NtOpenProcessToken + B 7C90D5FB 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3792] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D606 4 Bytes [A8, 02, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3792] ntdll.dll!NtOpenProcessTokenEx + B 7C90D60B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3792] ntdll.dll!NtOpenThread + 6 7C90D646 4 Bytes [68, 01, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3792] ntdll.dll!NtOpenThread + B 7C90D64B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3792] ntdll.dll!NtOpenThreadToken + 6 7C90D656 4 Bytes [68, 02, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3792] ntdll.dll!NtOpenThreadToken + B 7C90D65B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3792] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D666 4 Bytes CALL 7B90EC6D
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3792] ntdll.dll!NtOpenThreadTokenEx + B 7C90D66B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3792] ntdll.dll!NtQueryAttributesFile + 6 7C90D6F6 4 Bytes [A8, 00, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3792] ntdll.dll!NtQueryAttributesFile + B 7C90D6FB 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3792] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D796 4 Bytes CALL 7B90ED9B
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3792] ntdll.dll!NtQueryFullAttributesFile + B 7C90D79B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3792] ntdll.dll!NtSetInformationFile + 6 7C90DC46 4 Bytes [28, 01, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3792] ntdll.dll!NtSetInformationFile + B 7C90DC4B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3792] ntdll.dll!NtSetInformationThread + 6 7C90DC96 4 Bytes [28, 02, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3792] ntdll.dll!NtSetInformationThread + B 7C90DC9B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3792] ntdll.dll!NtUnmapViewOfSection + 6 7C90DEF6 1 Byte [68]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3792] ntdll.dll!NtUnmapViewOfSection + 6 7C90DEF6 4 Bytes [68, 03, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3792] ntdll.dll!NtUnmapViewOfSection + B 7C90DEFB 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3792] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 001701F8
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3792] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3792] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 001703FC
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3792] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3792] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00550804
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3792] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00550A08
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3792] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00550600
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3792] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 005501F8
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3792] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 005503FC
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3792] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 00561014
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3792] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 00560804
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3792] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 00560A08
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3792] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 00560C0C
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3792] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 00560E10
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3792] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 005601F8
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3792] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 005603FC
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3792] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 00560600
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3844] ntdll.dll!NtCreateFile + 6 7C90D096 4 Bytes [28, 00, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3844] ntdll.dll!NtCreateFile + B 7C90D09B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3844] ntdll.dll!NtMapViewOfSection + 6 7C90D506 1 Byte [28]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3844] ntdll.dll!NtMapViewOfSection + 6 7C90D506 4 Bytes [28, 03, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3844] ntdll.dll!NtMapViewOfSection + B 7C90D50B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3844] ntdll.dll!NtOpenFile + 6 7C90D586 4 Bytes [68, 00, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3844] ntdll.dll!NtOpenFile + B 7C90D58B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3844] ntdll.dll!NtOpenProcess + 6 7C90D5E6 4 Bytes [A8, 01, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3844] ntdll.dll!NtOpenProcess + B 7C90D5EB 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3844] ntdll.dll!NtOpenProcessToken + 6 7C90D5F6 4 Bytes CALL 7B90EBFC
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3844] ntdll.dll!NtOpenProcessToken + B 7C90D5FB 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3844] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D606 4 Bytes [A8, 02, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3844] ntdll.dll!NtOpenProcessTokenEx + B 7C90D60B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3844] ntdll.dll!NtOpenThread + 6 7C90D646 4 Bytes [68, 01, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3844] ntdll.dll!NtOpenThread + B 7C90D64B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3844] ntdll.dll!NtOpenThreadToken + 6 7C90D656 4 Bytes [68, 02, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3844] ntdll.dll!NtOpenThreadToken + B 7C90D65B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3844] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D666 4 Bytes CALL 7B90EC6D
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3844] ntdll.dll!NtOpenThreadTokenEx + B 7C90D66B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3844] ntdll.dll!NtQueryAttributesFile + 6 7C90D6F6 4 Bytes [A8, 00, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3844] ntdll.dll!NtQueryAttributesFile + B 7C90D6FB 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3844] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D796 4 Bytes CALL 7B90ED9B
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3844] ntdll.dll!NtQueryFullAttributesFile + B 7C90D79B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3844] ntdll.dll!NtSetInformationFile + 6 7C90DC46 4 Bytes [28, 01, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3844] ntdll.dll!NtSetInformationFile + B 7C90DC4B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3844] ntdll.dll!NtSetInformationThread + 6 7C90DC96 4 Bytes [28, 02, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3844] ntdll.dll!NtSetInformationThread + B 7C90DC9B 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3844] ntdll.dll!NtUnmapViewOfSection + 6 7C90DEF6 1 Byte [68]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3844] ntdll.dll!NtUnmapViewOfSection + 6 7C90DEF6 4 Bytes [68, 03, 16, 00]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3844] ntdll.dll!NtUnmapViewOfSection + B 7C90DEFB 1 Byte [E2]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3844] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 001701F8
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3844] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3844] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 001703FC
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3844] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3844] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00550804
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3844] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00550A08
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3844] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00550600
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3844] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 005501F8
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3844] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 005503FC
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3844] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 00561014
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3844] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 00560804
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3844] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 00560A08
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3844] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 00560C0C
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3844] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 00560E10
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3844] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 005601F8
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3844] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 005603FC
.text C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3844] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 00560600

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT \WINDOWS\System32\Drivers\SCSIPORT.SYS[ntoskrnl.exe!DbgBreakPoint] 89BA45E0
IAT pci.sys[ntoskrnl.exe!IoDetachDevice] [F7508C4C] spxb.sys
IAT pci.sys[ntoskrnl.exe!IoAttachDeviceToDeviceStack] [F7508CA0] spxb.sys
IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F74D8040] spxb.sys
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F74D813C] spxb.sys
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F74D80BE] spxb.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F74D87FC] spxb.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F74D86D2] spxb.sys
IAT \SystemRoot\system32\DRIVERS\USBPORT.SYS[ntoskrnl.exe!DbgBreakPoint] 899A92D8
IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [F74E8048] spxb.sys
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!RtlInitUnicodeString] F44D8B48
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!swprintf] C1815753
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!KeSetEvent] 00002590
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!IoCreateSymbolicLink] 467C8D51
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!IoGetConfigurationInformation] 76F6E84A
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!IoDeleteSymbolicLink] D88BFFFF
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!MmFreeMappingAddress] 8504C483
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!IoFreeErrorLogEntry] 5F0A75DB
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!IoDisconnectInterrupt] 5B08438D
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!MmUnmapIoSpace] 5DE58B5E
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!ObReferenceObjectByPointer] 259068C3
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!IofCompleteRequest] 006A0000
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!RtlCompareUnicodeString] 88F0E853
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!IofCallDriver] 558DFFFF
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!MmAllocateMappingAddress] 90838DF8
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!IoAllocateErrorLogEntry] 52000025
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!IoConnectInterrupt] 03895750
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!IoDetachDevice] FFF363E8
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!KeWaitForSingleObject] 0C458AFF
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!KeInitializeEvent] 8B104D8B
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!KeCancelTimer] 43881855
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!RtlAnsiStringToUnicodeString] 1C458B08
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!RtlInitAnsiString] 0F544389
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!IoBuildDeviceIoControlRequest] 89FF45B6
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!IoQueueWorkItem] 4D8B0C4B
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!MmMapIoSpace] 50538920
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!IoInvalidateDeviceRelations] 8924558B
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!IoReportDetectedDevice] 5389584B
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!IoReportResourceForDetection] 0A43885C
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!RtlxAnsiStringToUnicodeSize] 0646B60F
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!NlsMbCodePageTag] A818C483
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!PoRequestPowerIrp] 8D7F743F
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!KeInsertByKeyDeviceQueue] 001A8C8B
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!PoRegisterDeviceForIdleDetection] E0835100
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!sprintf] 7E8D503F
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!MmMapLockedPagesSpecifyCache] [B9E85728] \SystemRoot\system32\DRIVERS\nv4_mini.sys (NVIDIA Compatible Windows 2000 Miniport Driver, Version 182.06 /NVIDIA Corporation)
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!ObfDereferenceObject] 0F0000D1
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!IoGetAttachedDeviceReference] 8D0646B6
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!IoInvalidateDeviceState] 001B8093
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!ZwClose] E0835200
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!ObReferenceObjectByHandle] E857503F
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!ZwCreateDirectoryObject] 0000EBB4
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!IoBuildSynchronousFsdRequest] 026B938D
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!PoStartNextPowerIrp] C6830000
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!IoCreateDevice] 0008B908
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!RtlCopyUnicodeString] FA8B0000
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!IoAllocateDriverObjectExtension] 758BA5F3
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!RtlQueryRegistryValues] 064E8A08
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!ZwOpenKey] 883FE180
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!RtlFreeUnicodeString] 0002688B
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!IoStartTimer] 06468A00
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!KeInitializeTimer] 8306E8C0
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!IoInitializeTimer] 023C18C4
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!KeInitializeDpc] 02698388
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!KeInitializeSpinLock] 19750000
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!IoInitializeIrp] 028C838D
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!ZwCreateKey] 52500000
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!RtlAppendUnicodeStringToString] 00C143E8
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!RtlIntegerToUnicodeString] 08C48300
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!ZwSetValueKey] 0575C085
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!KeInsertQueueDpc] EB08708D
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!KefAcquireSpinLockAtDpcLevel] 074E8A54
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!IoStartPacket] 026A8B88
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!KefReleaseSpinLockFromDpcLevel] 83660000
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!IoBuildAsynchronousFsdRequest] 7601487E
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!IoFreeMdl] 4AC68305
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!MmUnlockPages] F63302EB
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!IoWriteErrorLogEntry] 5614558B
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!KeRemoveByKeyDeviceQueue] 75E85352
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!MmMapLockedPagesWithReservedMapping] 8BFFFFF4
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!MmUnmapReservedMapping] 0CC483F0
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!KeSynchronizeExecution] 2075F685
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!IoStartNextPacket] 050C7D80
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!KeBugCheckEx] 0092850F
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!KeRemoveDeviceQueue] 458B0000
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!KeSetTimer] E85350F8
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!_allmul] FFFFF848
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!MmProbeAndLockPages] 8408C483
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!_except_handler3] BE7875C0
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!PoSetPowerState] 00000008
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!IoOpenDeviceRegistryKey] F346E853
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!RtlWriteRegistryValue] C483FFFF
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!RtlDeleteRegistryValue] 00F46804
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!_aulldiv] 838D0000
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!strstr] 00001A8C
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!_strupr] E850006A
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!KeQuerySystemTime] FFFF87CA
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!IoWMIRegistrationControl] 0000F468
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!KeTickCount] 808B8D00
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!IoAttachDeviceToDeviceStack] 6A00001B
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!IoDeleteDevice] B7E85100
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!ExAllocatePoolWithTag] 33FFFF87
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!IoAllocateWorkItem] 6B8389C0
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!IoAllocateIrp] 89000002
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!IoAllocateMdl] 00026F83
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!MmBuildMdlForNonPagedPool] 73838900
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!MmLockPagableDataSection] 89000002
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!IoGetDriverObjectExtension] 00027783
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!MmUnlockPagableImageSection] 7B838900
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!ExFreePoolWithTag] 89000002
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!IoFreeIrp] 00027F83
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!IoFreeWorkItem] 83838900
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!InitSafeBootMode] 53000002
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!RtlCompareMemory] 02878389
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!PoCallDriver] 7FE80000
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!memmove] 83FFFF68
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[ntoskrnl.exe!MmHighestUserAddress] 8B5F1CC4
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[HAL.dll!KfAcquireSpinLock] C0840CEC
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[HAL.dll!READ_PORT_UCHAR] 053C0D74
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[HAL.dll!KeGetCurrentIrql] 57B80974
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[HAL.dll!KfRaiseIrql] 8B000000
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[HAL.dll!KfLowerIrql] 56C35DE5
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[HAL.dll!HalGetInterruptVector] 8D08758B
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[HAL.dll!HalTranslateBusAddress] 8D51FC4D
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[HAL.dll!KeStallExecutionProcessor] 8D52FD55
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[HAL.dll!KfReleaseSpinLock] 8D51FE4D
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[HAL.dll!READ_PORT_BUFFER_USHORT] 8D52FF55
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[HAL.dll!READ_PORT_USHORT] 8D51F84D
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[HAL.dll!WRITE_PORT_BUFFER_USHORT] 5052F455
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[HAL.dll!WRITE_PORT_UCHAR] EACAE856
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[WMILIB.SYS!WmiSystemControl] 0FC08520
IAT \SystemRoot\System32\Drivers\a4mapn2l.SYS[WMILIB.SYS!WmiCompleteRequest] 0001B185

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\WINDOWS\system32\services.exe[868] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 00630002
IAT C:\WINDOWS\system32\services.exe[868] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] 00630000

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software)
Device \FileSystem\Ntfs \Ntfs 89BA01F8

AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)

Device \FileSystem\Fastfat \FatCdrom 878491F8

AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)

Device \Driver\PCI_PNP8224 \Device\00000043 spxb.sys
Device \Driver\PCI_PNP8224 \Device\00000043 spxb.sys
Device \Driver\usbuhci \Device\USBPDO-0 899A81F8
Device \Driver\usbuhci \Device\USBPDO-1 899A81F8
Device \Driver\dmio \Device\DmControl\DmIoDaemon 89C121F8
Device \Driver\dmio \Device\DmControl\DmConfig 89C121F8
Device \Driver\dmio \Device\DmControl\DmPnP 89C121F8
Device \Driver\dmio \Device\DmControl\DmInfo 89C121F8
Device \Driver\usbuhci \Device\USBPDO-2 899A81F8
Device \Driver\usbuhci \Device\USBPDO-3 899A81F8
Device \Driver\usbehci \Device\USBPDO-4 899FC500

AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

Device \Driver\Ftdisk \Device\HarddiskVolume1 89BA21F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{AD511722-3332-43A8-83D6-532F70A21B7A} 894F91F8
Device \Driver\Ftdisk \Device\HarddiskVolume2 89BA21F8
Device \Driver\Cdrom \Device\CdRom0 898E3368
Device \Driver\atapi \Device\Ide\IdePort0 [F7A40B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 [F7A40B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort1 [F7A40B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e [F7A40B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\Cdrom \Device\CdRom1 898E3368
Device \Driver\NetBT \Device\NetBt_Wins_Export 894F91F8
Device \Driver\NetBT \Device\NetbiosSmb 894F91F8

AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

Device \Driver\usbuhci \Device\USBFDO-0 899A81F8
Device \Driver\usbuhci \Device\USBFDO-1 899A81F8
Device \Driver\sptd \Device\792029474 spxb.sys
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 8947F1F8
Device \Driver\usbuhci \Device\USBFDO-2 899A81F8
Device \FileSystem\MRxSmb \Device\LanmanRedirector 8947F1F8
Device \Driver\usbuhci \Device\USBFDO-3 899A81F8
Device \Driver\usbehci \Device\USBFDO-4 899FC500
Device \Driver\Ftdisk \Device\FtControl 89BA21F8
Device \Driver\a4mapn2l \Device\Scsi\a4mapn2l1 8999F1F8
Device \Driver\a4mapn2l \Device\Scsi\a4mapn2l1Port2Path0Target0Lun0 8999F1F8
Device \FileSystem\Fastfat \Fat 878491F8

AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)

Device \FileSystem\Cdfs \Cdfs 8991A500

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x76 0x43 0xB7 0x22 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x0E 0x52 0x74 0x66 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xD0 0x30 0xF3 0xDF ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x76 0x43 0xB7 0x22 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x0E 0x52 0x74 0x66 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xD0 0x30 0xF3 0xDF ...

---- Disk sectors - GMER 1.0.15 ----

Disk \Device\Harddisk0\DR0 MBR read error
Disk \Device\Harddisk0\DR0 MBR BIOS signature not found 0

---- EOF - GMER 1.0.15 ----
[/log]

GMER scan 2:
[log]GMER 1.0.15.15640 - http://www.gmer.net
Rootkit scan 2011-06-27 19:59:19
Windows 5.1.2600 Dodatek Service Pack 3
Running: 2eelon1n.exe; Driver: C:\DOCUME~1\Kuba\USTAWI~1\Temp\uxldqpoc.sys


---- Services - GMER 1.0.15 ----

Service .NET CLR Data
Service .NET CLR Networking
Service .NET Data Provider for Oracle
Service .NET Data Provider for SqlServer
Service .NETFramework
Service (avast! Base Kernel-Mode Device Driver for Windows NT/2000/XP/AVAST Software) [SYSTEM] Aavmker4
Service [DISABLED] Abiosdsk
Service [DISABLED] abp480n5
Service C:\WINDOWS\system32\DRIVERS\ACPI.sys (Sterownik ACPI dla systemu NT/Microsoft Corporation) [BOOT] ACPI
Service C:\WINDOWS\system32\DRIVERS\ACPIEC.sys (Sterownik kontrolera osadzonego interfejsu ACPI/Microsoft Corporation) [BOOT] ACPIEC
Service [DISABLED] adpu160m
Service C:\WINDOWS\system32\drivers\aec.sys (Microsoft Acoustic Echo Canceller/Microsoft Corporation) [MANUAL] aec
Service C:\WINDOWS\system32\DRIVERS\AegisP.sys (IEEE 802.1X Protocol Driver/Cisco Systems, Inc.) [AUTO] AegisP
Service C:\WINDOWS\System32\drivers\afd.sys (Ancillary Function Driver for WinSock/Microsoft Corporation) [SYSTEM] AFD
Service [DISABLED] Aha154x
Service [DISABLED] aic78u2
Service [DISABLED] aic78xx
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] Alerter
Service C:\WINDOWS\System32\alg.exe (Application Layer Gateway Service/Microsoft Corporation) [MANUAL] ALG
Service [DISABLED] AliIde
Service [DISABLED] amsint
Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (MobileDeviceService/Apple Inc.) [AUTO] Apple Mobile Device
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] AppMgmt
Service C:\WINDOWS\system32\DRIVERS\arp1394.sys (IP/1394 Arp Client/Microsoft Corporation) [MANUAL] Arp1394
Service [DISABLED] asc
Service [DISABLED] asc3350p
Service [DISABLED] asc3550
Service ASP.NET
Service ASP.NET_2.0.50727
Service C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft ASP.NET State Server/Microsoft Corporation) [MANUAL] aspnet_state
Service (avast! File System Access Blocking Driver/AVAST Software) [AUTO] aswFsBlk
Service (avast! File System Filter Driver for Windows XP/AVAST Software) [AUTO] aswMon2
Service (avast! TDI RDR Driver/AVAST Software) [SYSTEM] aswRdr
Service (avast! Virtualization Driver/AVAST Software) [SYSTEM] aswSnx
Service (avast! self protection module/AVAST Software) [SYSTEM] aswSP
Service (avast! TDI Filter Driver/AVAST Software) [SYSTEM] aswTdi
Service C:\WINDOWS\system32\DRIVERS\asyncmac.sys (MS Remote Access serial network driver/Microsoft Corporation) [MANUAL] AsyncMac
Service C:\WINDOWS\system32\DRIVERS\atapi.sys (IDE/ATAPI Port Driver/Microsoft Corporation) [BOOT] atapi
Service [DISABLED] Atdisk
Service C:\WINDOWS\system32\DRIVERS\atmarpc.sys (IP/ATM Arp Client/Microsoft Corporation) [MANUAL] Atmarpc
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] AudioSrv
Service C:\WINDOWS\system32\DRIVERS\audstub.sys (AudStub Driver/Microsoft Corporation) [MANUAL] audstub
Service C:\Program Files\AVAST Software\Avast\AvastSvc.exe (avast! Service/AVAST Software) [AUTO] avast! Antivirus
Service (Battery Class Driver/Microsoft Corporation) BattC
Service (BEEP Driver/Microsoft Corporation) [SYSTEM] Beep
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] BITS
Service C:\Program Files\Bonjour\mDNSResponder.exe (Bonjour Service/Apple Inc.) [AUTO] Bonjour Service
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] Browser
Service (CardBus/PCMCIA IDE Miniport Driver/Microsoft Corporation) [DISABLED] cbidf2k
Service [DISABLED] cd20xrnt
Service (CD-ROM Audio Filter Driver/Microsoft Corporation) [SYSTEM] Cdaudio
Service (CD-ROM File System Driver/Microsoft Corporation) [DISABLED] Cdfs
Service C:\WINDOWS\system32\DRIVERS\cdrom.sys (SCSI CD-ROM Driver/Microsoft Corporation) [SYSTEM] Cdrom
Service [SYSTEM] Changer
Service C:\WINDOWS\system32\cisvc.exe (Content Index service/Microsoft Corporation) [MANUAL] CiSvc
Service C:\WINDOWS\system32\clipsrv.exe (Windows NT DDE Server/Microsoft Corporation) [DISABLED] ClipSrv
Service C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (.NET Runtime Optimization Service/Microsoft Corporation) [MANUAL] clr_optimization_v2.0.50727_32
Service C:\WINDOWS\system32\DRIVERS\CmBatt.sys (Control Method Battery Driver/Microsoft Corporation) [MANUAL] CmBatt
Service [DISABLED] CmdIde
Service C:\WINDOWS\system32\DRIVERS\compbatt.sys (Composite Battery Driver/Microsoft Corporation) [BOOT] Compbatt
Service C:\WINDOWS\system32\dllhost.exe (COM Surrogate/Microsoft Corporation) [MANUAL] COMSysApp
Service ContentFilter
Service ContentIndex
Service [DISABLED] Cpqarray
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] CryptSvc
Service [DISABLED] dac2w2k
Service [DISABLED] dac960nt
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] DcomLaunch
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] Dhcp
Service C:\WINDOWS\system32\DRIVERS\disk.sys (PnP Disk Driver/Microsoft Corporation) [BOOT] Disk
Service C:\WINDOWS\System32\dmadmin.exe (Proces usługi Menedżera dysków logicznych/Microsoft Corp., Veritas Software) [MANUAL] dmadmin
Service C:\WINDOWS\System32\drivers\dmboot.sys (Sterownik uruchamiania Menedżera dysków NT/Microsoft Corp., Veritas Software) [DISABLED] dmboot
Service C:\WINDOWS\System32\drivers\dmio.sys (Sterownik We/Wy menedżera dysków NT/Microsoft Corp., Veritas Software) [BOOT] dmio
Service C:\WINDOWS\System32\drivers\dmload.sys (NT Disk Manager Startup Driver/Microsoft Corp., Veritas Software.) [BOOT] dmload
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] dmserver
Service C:\WINDOWS\system32\drivers\DMusic.sys (Microsoft Kernel DLS Synthesizer/Microsoft Corporation) [MANUAL] DMusic
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] Dnscache
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] Dot3svc
Service [DISABLED] dpti2o
Service C:\WINDOWS\system32\drivers\drmkaud.sys (Microsoft Kernel DRM Audio Descrambler Filter/Microsoft Corporation) [MANUAL] drmkaud
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] EapHost
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] ERSvc
Service C:\WINDOWS\system32\services.exe (Usługi i aplikacja Kontroler/Microsoft Corporation) [AUTO] Eventlog
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] EventSystem
Service (Fast FAT File System Driver/Microsoft Corporation) [DISABLED] Fastfat
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] FastUserSwitchingCompatibility
Service (Floppy Disk Controller Driver/Microsoft Corporation) [SYSTEM] Fdc
Service (Sterownik kryptografii FIPS/Microsoft Corporation) [SYSTEM] Fips
Service (Floppy Driver/Microsoft Corporation) [SYSTEM] Flpydisk
Service C:\WINDOWS\system32\DRIVERS\fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation) [BOOT] FltMgr
Service (File System Recognizer Driver/Microsoft Corporation) [SYSTEM] Fs_Rec
Service C:\WINDOWS\system32\DRIVERS\ftdisk.sys (Sterownik dysku FT/Microsoft Corporation) [BOOT] Ftdisk
Service C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys (CD DVD Filter/GEAR Software Inc.) [MANUAL] GEARAspiWDM
Service C:\WINDOWS\system32\DRIVERS\msgpc.sys (MS General Packet Classifier/Microsoft Corporation) [MANUAL] Gpc
Service C:\WINDOWS\system32\DRIVERS\HDAudBus.sys (High Definition Audio Bus Driver v1.0a/Windows (R) Server 2003 DDK provider) [MANUAL] HDAudBus
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] helpsvc
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] HidServ
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] hkmsvc
Service [DISABLED] hpn
Service C:\WINDOWS\System32\Drivers\HTTP.sys (HTTP Protocol Stack/Microsoft Corporation) [MANUAL] HTTP
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] HTTPFilter
Service [SYSTEM] i2omgmt
Service [DISABLED] i2omp
Service C:\WINDOWS\system32\DRIVERS\i8042prt.sys (Sterownik portu i8042/Microsoft Corporation) [SYSTEM] i8042prt
Service C:\WINDOWS\system32\DRIVERS\imapi.sys (IMAPI Kernel Driver/Microsoft Corporation) [SYSTEM] Imapi
Service C:\WINDOWS\system32\imapi.exe (Image Mastering API/Microsoft Corporation) [MANUAL] ImapiService
Service inetaccs
Service [DISABLED] ini910u
Service Inport
Service C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek(r) High Definition Audio Function Driver/Realtek Semiconductor Corp.) [MANUAL] IntcAzAudAddService
Service [DISABLED] IntelIde
Service C:\WINDOWS\system32\DRIVERS\intelppm.sys (Sterownik urządzenia procesora/Microsoft Corporation) [SYSTEM] intelppm
Service C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys (IPv6 Windows Firewall Driver/Microsoft Corporation) [MANUAL] Ip6Fw
Service C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys (IP FILTER DRIVER/Microsoft Corporation) [MANUAL] IpFilterDriver
Service C:\WINDOWS\system32\DRIVERS\ipinip.sys (IP in IP Encapsulation Driver/Microsoft Corporation) [MANUAL] IpInIp
Service C:\WINDOWS\system32\DRIVERS\ipnat.sys (IP Network Address Translator/Microsoft Corporation) [MANUAL] IpNat
Service C:\Program Files\iPod\bin\iPodService.exe (iPodService Module (32-bit)/Apple Inc.) [MANUAL] iPod Service
Service C:\WINDOWS\system32\DRIVERS\ipsec.sys (IPSec Driver/Microsoft Corporation) [SYSTEM] IPSec
Service C:\WINDOWS\system32\DRIVERS\irenum.sys (Infra-Red Bus Enumerator/Microsoft Corporation) [MANUAL] IRENUM
Service ISAPISearch
Service C:\WINDOWS\system32\DRIVERS\isapnp.sys (Sterownik magistrali ISA PNP/Microsoft Corporation) [BOOT] isapnp
Service C:\Program Files\Java\jre6\bin\jqs.exe (Java(TM) Quick Starter Service/Sun Microsystems, Inc.) [AUTO] JavaQuickStarterService
Service C:\WINDOWS\system32\DRIVERS\kbdclass.sys (Sterownik klasy klawiatury/Microsoft Corporation) [SYSTEM] Kbdclass
Service C:\WINDOWS\system32\drivers\kmixer.sys (Kernel Mode Audio Mixer/Microsoft Corporation) [MANUAL] kmixer
Service (Kernel Security Support Provider Interface/Microsoft Corporation) [BOOT] KSecDD
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] LanmanServer
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] lanmanworkstation
Service [SYSTEM] lbrtfdc
Service ldap
Service LicenseService
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] LmHosts
Service C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxeaserv.exe (Lexmark Connect Service Executable/Lexmark International, Inc.) [AUTO] lxeaCATSCustConnectService
Service C:\WINDOWS\system32\lxeacoms.exe (Printer Communication System/ ) [AUTO] lxea_device
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] Messenger
Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe (Groove Audit Service/Microsoft Corporation) [MANUAL] Microsoft Office Groove Audit Service
Service (Frame buffer simulator/Microsoft Corporation) [SYSTEM] mnmdd
Service C:\WINDOWS\system32\mnmsrvc.exe (Zdalne udostępnianie pulpitu NetMeeting/Microsoft Corporation) [MANUAL] mnmsrvc
Service (Sterownik modemu/Microsoft Corporation) [MANUAL] Modem
Service C:\WINDOWS\system32\DRIVERS\mouclass.sys (Sterownik klasy myszy/Microsoft Corporation) [SYSTEM] Mouclass
Service (Mount Manager/Microsoft Corporation) [BOOT] MountMgr
Service [DISABLED] mraid35x
Service C:\WINDOWS\system32\DRIVERS\mrxdav.sys (Windows NT WebDav Minirdr/Microsoft Corporation) [MANUAL] MRxDAV
Service C:\WINDOWS\system32\DRIVERS\mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation) [SYSTEM] MRxSmb
Service C:\WINDOWS\system32\msdtc.exe (MS DTC console program/Microsoft Corporation) [MANUAL] MSDTC
Service (Mailslot driver/Microsoft Corporation) [SYSTEM] Msfs
Service C:\WINDOWS\system32\msiexec.exe (Windows® installer/Microsoft Corporation) [MANUAL] MSIServer
Service C:\WINDOWS\system32\drivers\MSKSSRV.sys (MS KS Server/Microsoft Corporation) [MANUAL] MSKSSRV
Service C:\WINDOWS\system32\drivers\MSPCLOCK.sys (MS Proxy Clock/Microsoft Corporation) [MANUAL] MSPCLOCK
Service C:\WINDOWS\system32\drivers\MSPQM.sys (MS Proxy Quality Manager/Microsoft Corporation) [MANUAL] MSPQM
Service C:\WINDOWS\system32\DRIVERS\mssmbios.sys (System Management BIOS Driver/Microsoft Corporation) [MANUAL] mssmbios
Service (Multiple UNC Provider driver/Microsoft Corporation) [BOOT] Mup
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] napagent
Service (NDIS 5.1 wrapper driver/Microsoft Corporation) [BOOT] NDIS
Service C:\WINDOWS\system32\DRIVERS\ndistapi.sys (NDIS 3.0 connection wrapper driver/Microsoft Corporation) [MANUAL] NdisTapi
Service C:\WINDOWS\system32\DRIVERS\ndisuio.sys (NDIS User mode I/O Driver/Microsoft Corporation) [MANUAL] Ndisuio
Service C:\WINDOWS\system32\DRIVERS\ndiswan.sys (MS PPP Framing Driver (Strong Encryption)/Microsoft Corporation) [MANUAL] NdisWan
Service (NDIS Proxy/Microsoft Corporation) [MANUAL] NDProxy
Service C:\WINDOWS\system32\DRIVERS\netbios.sys (NetBIOS interface driver/Microsoft Corporation) [SYSTEM] NetBIOS
Service C:\WINDOWS\system32\DRIVERS\netbt.sys (MBT Transport driver/Microsoft Corporation) [SYSTEM] NetBT
Service C:\WINDOWS\system32\netdde.exe (DDE sieci - komunikacja DDE/Microsoft Corporation) [DISABLED] NetDDE
Service C:\WINDOWS\system32\netdde.exe (DDE sieci - komunikacja DDE/Microsoft Corporation) [DISABLED] NetDDEdsdm
Service C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) [MANUAL] Netlogon
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] Netman
Service C:\WINDOWS\system32\DRIVERS\nic1394.sys (IEEE1394 Ndis Miniport and Call Manager/Microsoft Corporation) [MANUAL] NIC1394
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] Nla
Service (NPFS Driver/Microsoft Corporation) [SYSTEM] Npfs
Service (NT File System Driver/Microsoft Corporation) [DISABLED] Ntfs
Service C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) [MANUAL] NtLmSsp
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] NtmsSvc
Service (NULL Driver/Microsoft Corporation) [SYSTEM] Null
Service C:\WINDOWS\system32\DRIVERS\nv4_mini.sys (NVIDIA Compatible Windows 2000 Miniport Driver, Version 182.06 /NVIDIA Corporation) [MANUAL] nv
Service C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Driver Helper Service, Version 182.06/NVIDIA Corporation) [AUTO] NVSvc
Service C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys (NWLINK2 Traffic Filter Driver/Microsoft Corporation) [MANUAL] NwlnkFlt
Service C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys (NWLINK2 Forwarder Driver/Microsoft Corporation) [MANUAL] NwlnkFwd
Service C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Office Diagnostics/Microsoft Corporation) [MANUAL] odserv
Service C:\WINDOWS\system32\DRIVERS\ohci1394.sys (1394 OpenHCI Port Driver/Microsoft Corporation) [BOOT] ohci1394
Service C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Office Source Engine/Microsoft Corporation) [MANUAL] ose
Service Outlook
Service (Sterownik portu równoległego/Microsoft Corporation) [MANUAL] Parport
Service (Partition Manager/Microsoft Corporation) [BOOT] PartMgr
Service (VDM Parallel Driver/Microsoft Corporation) [AUTO] ParVdm
Service C:\WINDOWS\system32\DRIVERS\pci.sys (Licznik NT Plug and Play PCI/Microsoft Corporation) [BOOT] PCI
Service [SYSTEM] PCIDump
Service C:\WINDOWS\system32\DRIVERS\pciide.sys (Rodzajowy sterownik magistrali PCI IDE/Microsoft Corporation) [BOOT] PCIIde
Service C:\WINDOWS\system32\DRIVERS\pcmcia.sys (Sterownik magistrali PCMCIA/Microsoft Corporation) [BOOT] Pcmcia
Service [MANUAL] PDCOMP
Service [MANUAL] PDFRAME
Service [MANUAL] PDRELI
Service [MANUAL] PDRFRAME
Service [DISABLED] perc2
Service [DISABLED] perc2hib
Service PerfDisk
Service PerfNet
Service PerfOS
Service PerfProc
Service C:\WINDOWS\system32\services.exe (Usługi i aplikacja Kontroler/Microsoft Corporation) [AUTO] PlugPlay
Service C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) [AUTO] PolicyAgent
Service C:\WINDOWS\system32\DRIVERS\raspptp.sys (Peer-to-Peer Tunneling Protocol/Microsoft Corporation) [MANUAL] PptpMiniport
Service C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) [AUTO] ProtectedStorage
Service C:\WINDOWS\system32\DRIVERS\psched.sys (MS QoS Packet Scheduler/Microsoft Corporation) [MANUAL] PSched
Service C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies DirectParallel IO Library/Parallel Technologies, Inc.) [MANUAL] Ptilink
Service [DISABLED] ql1080
Service [DISABLED] Ql10wnt
Service [DISABLED] ql12160
Service [DISABLED] ql1240
Service [DISABLED] ql1280
Service C:\WINDOWS\system32\DRIVERS\rasacd.sys (RAS Automatic Connection Driver/Microsoft Corporation) [SYSTEM] RasAcd
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] RasAuto
Service C:\WINDOWS\system32\DRIVERS\rasl2tp.sys (RAS L2TP mini-port/call-manager driver/Microsoft Corporation) [MANUAL] Rasl2tp
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] RasMan
Service C:\WINDOWS\system32\DRIVERS\raspppoe.sys (RAS PPPoE mini-port/call-manager driver/Microsoft Corporation) [MANUAL] RasPppoe
Service C:\WINDOWS\system32\DRIVERS\raspti.sys (PTI DirectParallel(R) mini-port/call-manager driver/Microsoft Corporation) [MANUAL] Raspti
Service C:\WINDOWS\system32\DRIVERS\rdbss.sys (Redirected Drive Buffering SubSystem Driver/Microsoft Corporation) [SYSTEM] Rdbss
Service C:\WINDOWS\System32\DRIVERS\RDPCDD.sys (RDP Miniport/Microsoft Corporation) [SYSTEM] RDPCDD
Service RDPDD
Service C:\WINDOWS\system32\DRIVERS\rdpdr.sys (Microsoft RDP Device redirector/Microsoft Corporation) [MANUAL] rdpdr
Service RDPNP
Service (RDP Terminal Stack Driver (US/Canada Only, Not for Export)/Microsoft Corporation) [MANUAL] RDPWD
Service C:\WINDOWS\system32\sessmgr.exe (Menedżer sesji pomocy pulpitu zdalnego Microsoft®/Microsoft Corporation) [MANUAL] RDSessMgr
Service C:\WINDOWS\system32\DRIVERS\redbook.sys (Sterownik filtru audio Redbook/Microsoft Corporation) [SYSTEM] redbook
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] RemoteAccess
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] RemoteRegistry
Service C:\WINDOWS\system32\locator.exe (Rpc Locator/Microsoft Corporation) [MANUAL] RpcLocator
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] RpcSs
Service C:\WINDOWS\system32\rsvp.exe (Microsoft RSVP/Microsoft Corporation) [MANUAL] RSVP
Service C:\WINDOWS\system32\DRIVERS\RTL8192su.sys (Realtek RTL8192S USB NDIS Driver/Realtek Semiconductor Corporation ) [MANUAL] RTL8192su
Service C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) [AUTO] SamSs
Service C:\WINDOWS\System32\SCardSvr.exe (Smart Card Resource Management Server/Microsoft Corporation) [MANUAL] SCardSvr
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] Schedule
Service C:\WINDOWS\system32\DRIVERS\sdbus.sys (SecureDigital Bus Driver/Microsoft Corporation) [MANUAL] sdbus
Service C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision SECURITY Driver/Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [MANUAL] Secdrv
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] seclogon
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] SENS
Service (Sterownik urządzenia szeregowego/Microsoft Corporation) [AUTO] Serial
Service C:\WINDOWS\system32\DRIVERS\sffdisk.sys (Small Form Factor Disk Driver/Microsoft Corporation) [MANUAL] sffdisk
Service C:\WINDOWS\system32\DRIVERS\sffp_sd.sys (Small Form Factor SD Protocol Driver/Microsoft Corporation) [MANUAL] sffp_sd
Service (SCSI Floppy Driver/Microsoft Corporation) [SYSTEM] Sfloppy
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] SharedAccess
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] ShellHWDetection
Service [DISABLED] Simbad
Service [DISABLED] Sparrow
Service C:\WINDOWS\system32\drivers\splitter.sys (Microsoft Kernel Audio Splitter/Microsoft Corporation) [MANUAL] splitter
Service C:\WINDOWS\system32\spoolsv.exe (Spooler SubSystem App/Microsoft Corporation) [AUTO] Spooler
Service C:\WINDOWS\System32\Drivers\sptd.sys [BOOT] sptd
Service C:\WINDOWS\system32\DRIVERS\sr.sys (Sterownik filtru systemu plików Przywracania systemu/Microsoft Corporation) [BOOT] sr
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] srservice
Service C:\WINDOWS\system32\DRIVERS\srv.sys (Server driver/Microsoft Corporation) [MANUAL] Srv
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] SSDPSRV
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] stisvc
Service C:\WINDOWS\system32\DRIVERS\swenum.sys (Plug and Play Software Device Enumerator/Microsoft Corporation) [MANUAL] swenum
Service C:\WINDOWS\system32\drivers\swmidi.sys (Microsoft GS Wavetable Synthesizer/Microsoft Corporation) [MANUAL] swmidi
Service C:\WINDOWS\system32\dllhost.exe (COM Surrogate/Microsoft Corporation) [MANUAL] SwPrv
Service [DISABLED] symc810
Service [DISABLED] symc8xx
Service [DISABLED] sym_hi
Service [DISABLED] sym_u3
Service C:\WINDOWS\system32\DRIVERS\SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.) [MANUAL] SynTP
Service C:\WINDOWS\system32\drivers\sysaudio.sys (System Audio WDM Filter/Microsoft Corporation) [MANUAL] sysaudio
Service C:\WINDOWS\system32\smlogsvc.exe (Usługa dzienników wydajności i alertów/Microsoft Corporation) [MANUAL] SysmonLog
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] TapiSrv
Service C:\WINDOWS\system32\DRIVERS\tcpip.sys (TCP/IP Protocol Driver/Microsoft Corporation) [SYSTEM] Tcpip
Service (Named Pipe Transport Driver/Microsoft Corporation) [MANUAL] TDPIPE
Service (TCP Transport Driver/Microsoft Corporation) [MANUAL] TDTCP
Service C:\WINDOWS\system32\DRIVERS\termdd.sys (Terminal Server Driver/Microsoft Corporation) [SYSTEM] TermDD
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] TermService
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] Themes
Service C:\WINDOWS\system32\drivers\tifm21.sys (tifm21.sys/Texas Instruments) [MANUAL] tifm21
Service C:\WINDOWS\system32\tlntsvr.exe (Usługa Telnet/Microsoft Corporation) [DISABLED] TlntSvr
Service [DISABLED] TosIde
Service C:\WINDOWS\system32\drivers\TPwSav.sys (IO Driver/TOSHIBA ) [SYSTEM] TPwSav
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] TrkWks
Service TSDDD
Service (UDF File System Driver/Microsoft Corporation) [DISABLED] Udfs
Service [DISABLED] ultra
Service C:\WINDOWS\system32\DRIVERS\update.sys (Update Driver/Microsoft Corporation) [MANUAL] Update
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] upnphost
Service C:\WINDOWS\System32\ups.exe (UPS Service/Microsoft Corporation) [MANUAL] UPS
Service C:\WINDOWS\System32\Drivers\usbaapl.sys (Apple Mobile Device USB Driver/Apple, Inc.) [MANUAL] USBAAPL
Service C:\WINDOWS\system32\DRIVERS\usbehci.sys (EHCI eUSB Miniport Driver/Microsoft Corporation) [MANUAL] usbehci
Service C:\WINDOWS\system32\DRIVERS\usbhub.sys (Default Hub Driver for USB/Microsoft Corporation) [MANUAL] usbhub
Service C:\WINDOWS\system32\DRIVERS\usbscan.sys (USB Scanner Driver/Microsoft Corporation) [MANUAL] usbscan
Service C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS (USB Mass Storage Class Driver/Microsoft Corporation) [MANUAL] USBSTOR
Service C:\WINDOWS\system32\DRIVERS\usbuhci.sys (UHCI USB Miniport Driver/Microsoft Corporation) [MANUAL] usbuhci
Service C:\WINDOWS\System32\drivers\vga.sys (VGA/Super VGA Video Driver/Microsoft Corporation) [SYSTEM] VgaSave
Service [DISABLED] ViaIde
Service (Sterownik kopiowania woluminów w tle/Microsoft Corporation) [BOOT] VolSnap
Service C:\WINDOWS\System32\vssvc.exe (Usługa kopiowania woluminów w tle Microsoft®/Microsoft Corporation) [MANUAL] VSS
Service C:\WINDOWS\System32\Drivers\vulfnth.sys (VIA USB Host Controller Lower Filter Driver/VIA Technologies, Inc.) [MANUAL] vulfnths
Service C:\WINDOWS\System32\Drivers\vulfntr.sys (VIA USB Roothub Lower Filter Driver/VIA Technologies, Inc.) [MANUAL] vulfntrs
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] W32Time
Service W3SVC
Service C:\WINDOWS\system32\DRIVERS\wanarp.sys (MS Remote Access and Routing ARP Driver/Microsoft Corporation) [MANUAL] Wanarp
Service [MANUAL] WDICA
Service C:\WINDOWS\system32\drivers\wdmaud.sys (MMSYSTEM Wave/Midi API mapper/Microsoft Corporation) [MANUAL] wdmaud
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] WebClient
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] winmgmt
Service [MANUAL] Winsock
Service WinSock2
Service WinTrust
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] WmdmPmSN
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] Wmi
Service WmiApRpl
Service C:\WINDOWS\system32\wbem\wmiapsrv.exe (Usługa karty wydajności WMI/Microsoft Corporation) [MANUAL] WmiApSrv
Service (Winsock2 IFS Layer/Microsoft Corporation) [SYSTEM] WS2IFSL
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] wscsvc
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] wuauserv
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] WZCSVC
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] xmlprov
Service {988B7785-62B2-49EF-9559-5E1E63EA5778}
Service {AD511722-3332-43A8-83D6-532F70A21B7A}

---- EOF - GMER 1.0.15 ----
[/log]

To wszystko o co prosiłeś.

Pozdrawiam.

wirusolog
komentarz
komentarz

[b]1.[/b] Uruchom OTL i w oknie [b]Własne opcje skanowania/Skrypt[/b] wklej następujący tekst:

[code]:OTL
O4 - HKU\S-1-5-21-1844237615-1326574676-1177238915-1003..\Run: [Komunikator] File not found
O4 - HKLM..\Run: [TFncKy] File not found

:Files
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-1326574676-1177238915-1003UA.job
C:\WINDOWS\ssconf2.bin
C:\sound32.dll
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-1326574676-1177238915-1003Core.job

:Reg
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2]

:Commands
[emptyflash]
[emptytemp][/code]
Kliknij w [b]Wykonaj skrypt[/b]. Zatwierdź restart komputera.


[b]2.[/b] Do odinstalowania w panelu sterowania (dodaj lub usuń programy): [b]DAEMON Tools Toolbar[/b]

[b]3.[/b] Ściągnij [url=http://www.teamxscript.org/too/AD-R.exe][b][color=blue][u]Ad-Remover.exe[/url][/b][/color][/u] i wciśnij w nim opcję czyszczenie ([size="3"][b]Clean[/b][/size])
Po chwili wyświetli się raport - wklej go.

[b]4.[/b] Następnie uruchamiasz OTL ponownie, tym razem wywołujesz opcję [b]Skanuj[/b]. Pokazujesz nowe logi z OTL + raport z usuwania.

  • Dobra wypowiedź 1
Mr.Hankey
komentarz
komentarz

Raport po restarcie kompa:
[log]All processes killed
========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-1844237615-1326574676-1177238915-1003\Software\Microsoft\Windows\CurrentVersion\Run\\Komunikator deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\TFncKy deleted successfully.
========== FILES ==========
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-1326574676-1177238915-1003UA.job moved successfully.
C:\WINDOWS\ssconf2.bin moved successfully.
C:\sound32.dll moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-1326574676-1177238915-1003Core.job moved successfully.
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\ deleted successfully.
========== COMMANDS ==========

[EMPTYFLASH]

User: All Users

User: Default User

User: Kuba
->Flash cache emptied: 27694 bytes

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb


[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Kuba
->Temp folder emptied: 53142611 bytes
->Temporary Internet Files folder emptied: 109213154 bytes
->Java cache emptied: 1426623 bytes
->Google Chrome cache emptied: 378072166 bytes
->Opera cache emptied: 33105771 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2352022 bytes
%systemroot%\System32 .tmp files removed: 2596 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 5411922 bytes
RecycleBin emptied: 1026915488 bytes

Total Files Cleaned = 1 535,00 mb


OTL by OldTimer - Version 3.2.24.1 log created on 06282011_162831

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...
[/log]

AD-Remover raport:
[log]======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 =======

Updated by TeamXscript on 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
website: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Launched at 16:34:34 on 28/06/2011, Normal boot

Microsoft Windows XP Professional Dodatek Service Pack 3 (X86)
Kuba@COMPANY ( )

============== ACTION(S) ==============



(!) -- Temporary files deleted.




============== ADDITIONNAL SCAN ==============

**** Google Chrome Version [12.0.742.100] ****

Extension\icmlaeflemplmjndnaapfdbbnpncnbda (C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx) (?)

-- C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default --
Preferences - default_search_provider: "Google" (Enabled: true) (?)
Preferences - homepage: hxxp://www.google.com/
Preferences - homepage_is_newtabpage: false
Plugin - Chrome NaCl (Enabled: false) (C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\12.0.742.100\ppGoogleNaClPluginChrome.dll)
Plugin - "Chrome NaCl" (Enabled: false)

========================================

**** Internet Explorer Version [6.0.2900.5512] ****

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_Toolbar\WebBrowser|{32099AAC-C132-4136-9E9A-4E364A424E17} (x)
HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)

========================================

C:\Program Files\Ad-Remover\Quarantine: 0 File(s)
C:\Program Files\Ad-Remover\Backup: 13 File(s)

C:\Ad-Report-CLEAN[1].txt - 28/06/2011 16:34:39 (1177 Byte(s))

End at: 16:35:53, 28/06/2011

============== E.O.F ==============
[/log]

OTL.TXT:
[log]OTL logfile created on: 2011-06-28 16:41:50 - Run 2
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Documents and Settings\Kuba\Moje dokumenty\Downloads\Wczesniej
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,47 Gb Available Physical Memory | 73,56% Memory free
3,85 Gb Paging File | 3,44 Gb Available in Paging File | 89,38% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 43,42 Gb Total Space | 32,77 Gb Free Space | 75,47% Space Free | Partition Type: NTFS
Drive D: | 68,36 Gb Total Space | 51,66 Gb Free Space | 75,57% Space Free | Partition Type: NTFS

Computer Name: COMPANY | User Name: Kuba | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2011-06-27 19:27:58 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kuba\Moje dokumenty\Downloads\Wczesniej\OTL.exe
PRC - [2011-06-24 22:14:08 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2011-06-22 03:04:44 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe
PRC - [2011-06-14 00:52:23 | 001,011,768 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
PRC - [2011-06-07 17:51:12 | 000,421,160 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2011-06-07 17:51:02 | 000,820,520 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2011-05-25 14:06:20 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2011-05-10 13:10:58 | 003,459,712 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011-05-10 13:10:57 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011-04-08 12:59:52 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2011-04-06 16:20:16 | 000,349,472 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2010-05-13 10:01:52 | 000,966,656 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe
PRC - [2010-05-05 14:18:46 | 000,148,280 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\ezprint.exe
PRC - [2010-05-05 14:18:43 | 000,770,728 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe
PRC - [2010-04-14 21:45:21 | 000,598,696 | ---- | M] ( ) -- C:\WINDOWS\system32\lxeacoms.exe
PRC - [2009-02-09 13:18:00 | 000,163,908 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2008-07-24 16:02:06 | 000,490,952 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\daemon.exe
PRC - [2008-04-14 21:51:52 | 000,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe
PRC - [2008-04-14 21:51:52 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe
PRC - [2008-04-14 21:51:52 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2008-04-14 21:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-14 21:51:50 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe
PRC - [2008-04-14 21:51:44 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2008-04-14 21:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HTTPFILTER]
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-14 21:51:40 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2008-04-14 21:51:40 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
PRC - [2008-04-14 21:51:32 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
PRC - [2008-04-14 21:51:32 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\notepad.exe
PRC - [2008-04-14 21:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-14 21:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-14 21:51:12 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2008-04-14 21:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008-04-14 21:51:04 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2007-08-10 14:21:56 | 016,384,000 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe
PRC - [2007-07-25 17:19:54 | 000,888,832 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2007-07-25 17:19:54 | 000,200,704 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynToshiba.exe
PRC - [2007-06-30 07:18:06 | 000,028,672 | ---- | M] (TOSHIBA) -- C:\WINDOWS\system32\TCtrlIOHook.exe
PRC - [2006-10-27 00:47:42 | 000,031,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
PRC - [2006-02-09 12:47:08 | 000,184,320 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
PRC - [2005-12-27 12:06:32 | 000,073,728 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TDispVol.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2011-06-27 19:27:58 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kuba\Moje dokumenty\Downloads\Wczesniej\OTL.exe
MOD - [2011-05-10 13:10:55 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2008-04-14 21:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-14 21:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-14 21:50:58 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-14 21:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-14 21:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-14 21:50:48 | 008,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2008-04-14 21:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-14 21:50:48 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2008-04-14 21:50:46 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2008-04-14 21:50:46 | 000,584,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2008-04-14 21:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-14 21:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-14 21:50:46 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2008-04-14 21:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-14 21:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-14 21:50:38 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll
MOD - [2008-04-14 21:50:36 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2008-04-14 21:50:32 | 000,285,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-04-14 21:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-14 21:50:16 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2008-04-14 21:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-14 21:50:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2008-04-14 21:50:00 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2008-04-14 21:49:16 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2008-04-14 21:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008-04-14 21:29:10 | 001,054,208 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
MOD - [2002-03-02 11:40:00 | 000,045,056 | ---- | M] () -- C:\WINDOWS\system32\TDispVol.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011-05-10 13:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010-04-14 21:45:21 | 000,598,696 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\lxeacoms.exe -- (lxea_device)
SRV - [2010-04-14 21:45:14 | 000,193,192 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxeaserv.exe -- (lxeaCATSCustConnectService)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2011-06-20 07:35:45 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2011-05-10 13:03:54 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011-05-10 13:03:44 | 000,307,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011-05-10 13:02:37 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011-05-10 13:02:25 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011-05-10 12:59:56 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011-05-10 12:59:37 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011-05-10 12:59:35 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010-01-25 08:29:50 | 000,605,856 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8192su.sys -- (RTL8192su)
DRV - [2007-08-10 12:52:44 | 004,603,904 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007-07-25 17:07:06 | 000,290,304 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2006-06-22 15:27:12 | 000,011,264 | ---- | M] (TOSHIBA ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TPwSav.sys -- (TPwSav)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local



O1 HOSTS File: ([2011-06-25 22:01:06 | 000,000,770 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 74.208.10.249 gs.apple.com
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark S300-S400 Series\ezprint.exe ()
O4 - HKLM..\Run: [lxeamon.exe] C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [TCtryIOHook] C:\WINDOWS\System32\TCtrlIOHook.exe (TOSHIBA)
O4 - HKLM..\Run: [TDispVol] C:\WINDOWS\System32\TDispVol.exe (TOSHIBA Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\REALTEK 11n USB Wireless LAN Utility.lnk = C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe (Realtek Semiconductor Corp.)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: 使用快车3下载 - C:\Documents and Settings\Kuba\Dane aplikacji\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: 使用快车3下载全部链接 - C:\Documents and Settings\Kuba\Dane aplikacji\FlashGetBHO\GetAllUrl.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011-06-18 19:00:40 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found


SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2011-06-28 16:34:30 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Remover
[2011-06-28 16:28:31 | 000,000,000 | ---D | C] -- C:\_OTL
[2011-06-27 19:40:58 | 000,000,000 | ---D | C] -- C:\rsit
[2011-06-27 02:20:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Dane aplikacji\ObviousIdea
[2011-06-27 02:19:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\ObviousIdea
[2011-06-27 02:19:50 | 000,000,000 | ---D | C] -- C:\Program Files\ObviousIdea
[2011-06-25 22:24:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2011-06-25 22:17:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\iTunes
[2011-06-25 22:16:34 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011-06-25 22:16:29 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011-06-25 22:11:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\QuickTime
[2011-06-25 22:11:39 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2011-06-25 22:09:02 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011-06-25 22:07:30 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011-06-25 21:56:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Temp
[2011-06-25 20:37:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\Apple Computer
[2011-06-25 20:30:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Dane aplikacji\Apple Computer
[2011-06-25 20:30:19 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\WINDOWS\System32\GEARAspi.dll
[2011-06-25 20:29:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011-06-25 20:28:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Apple Computer
[2011-06-25 20:28:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Apple
[2011-06-25 20:28:11 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2011-06-25 20:28:00 | 004,517,664 | ---- | C] (Apple, Inc.) -- C:\WINDOWS\System32\usbaaplrc.dll
[2011-06-25 20:27:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2011-06-25 20:27:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Apple
[2011-06-25 20:26:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Apple Computer
[2011-06-24 22:14:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sun
[2011-06-24 22:14:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011-06-24 22:14:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2011-06-24 22:14:20 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011-06-24 22:14:20 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011-06-24 22:14:20 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011-06-24 22:14:20 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011-06-24 22:14:20 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011-06-24 22:14:03 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2011-06-24 22:13:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Dane aplikacji\Sun
[2011-06-24 19:36:12 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011-06-24 19:36:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Menu Start\Programy\HiJackThis
[2011-06-23 18:55:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Office
[2011-06-23 18:54:06 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2011-06-23 18:53:51 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2011-06-23 18:53:19 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2011-06-23 18:53:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2011-06-23 18:52:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2011-06-23 18:50:22 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2011-06-23 18:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2011-06-23 18:49:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Microsoft Help
[2011-06-23 18:48:48 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2011-06-23 18:48:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help
[2011-06-23 18:48:19 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2011-06-23 01:01:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\NapiProjekt
[2011-06-23 01:01:01 | 000,000,000 | ---D | C] -- C:\Program Files\NAPI-PROJEKT
[2011-06-22 22:37:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\DoctorWeb
[2011-06-22 18:30:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\.ssh
[2011-06-22 18:29:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\.nx
[2011-06-22 18:28:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\NX Client for Windows
[2011-06-22 18:28:26 | 000,000,000 | ---D | C] -- C:\Program Files\NX Client for Windows
[2011-06-22 16:46:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Dane aplikacji\FileZilla
[2011-06-22 16:45:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\FileZilla FTP Client
[2011-06-22 16:45:44 | 000,000,000 | ---D | C] -- C:\Program Files\FileZilla FTP Client
[2011-06-22 16:32:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Dane aplikacji\BITS
[2011-06-22 16:32:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Dane aplikacji\FlashGet
[2011-06-22 16:31:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Dane aplikacji\FlashGetBHO
[2011-06-22 16:31:53 | 000,000,000 | ---D | C] -- C:\Program Files\FlashGet Network
[2011-06-22 03:05:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Menu Start\Programy\Google Chrome
[2011-06-21 20:41:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Dane aplikacji\Kadu
[2011-06-21 20:40:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Menu Start\Programy\Kadu
[2011-06-21 20:40:20 | 000,000,000 | ---D | C] -- C:\Program Files\Kadu
[2011-06-21 00:32:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Dane aplikacji\Tlen.pl
[2011-06-21 00:32:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Tlen.pl
[2011-06-21 00:31:13 | 000,000,000 | ---D | C] -- C:\Program Files\Tlen.pl
[2011-06-20 14:56:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\SimAquarium
[2011-06-20 14:53:27 | 000,000,000 | ---D | C] -- C:\Program Files\OldOpera
[2011-06-20 14:40:55 | 003,463,656 | ---- | C] (Digital Illusions Software) -- C:\WINDOWS\SimAQUARIUM2 Tank-1.scr
[2011-06-20 14:40:54 | 000,000,000 | ---D | C] -- C:\Program Files\SimAQUARIUM2
[2011-06-20 14:40:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\SimAQUARIUM 2 Screensaver
[2011-06-20 14:37:12 | 000,000,000 | ---D | C] -- C:\Program Files\OldOpera 9
[2011-06-20 08:39:26 | 001,123,840 | ---- | C] (Karol Winnicki) -- C:\Documents and Settings\Kuba\Pulpit\BESTplayer.exe
[2011-06-20 08:39:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Dane aplikacji\BESTplayer
[2011-06-20 08:38:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\K-Lite Codec Pack
[2011-06-20 08:38:49 | 000,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\WINDOWS\System32\lameACM.acm
[2011-06-20 08:38:48 | 000,237,568 | ---- | C] (www.helixcommunity.org) -- C:\WINDOWS\System32\yv12vfw.dll
[2011-06-20 08:38:48 | 000,151,552 | ---- | C] (fccHandler) -- C:\WINDOWS\System32\ac3acm.acm
[2011-06-20 08:38:44 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack
[2011-06-20 08:08:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Spirograph
[2011-06-20 07:59:02 | 000,000,000 | ---D | C] -- C:\Program Files\ReflexiveArcade
[2011-06-20 07:42:08 | 000,000,000 | ---D | C] -- C:\Program Files\Formosoft
[2011-06-20 07:39:25 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Toolbar
[2011-06-20 07:38:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\DAEMON Tools Lite
[2011-06-20 07:38:19 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2011-06-20 07:35:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Dane aplikacji\DAEMON Tools
[2011-06-20 01:28:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data
[2011-06-20 00:28:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Pulpit\Programy
[2011-06-20 00:22:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Opera
[2011-06-20 00:22:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Dane aplikacji\Opera
[2011-06-20 00:22:16 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2011-06-19 16:16:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Dane aplikacji\Gadu-Gadu 10
[2011-06-19 16:16:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2011-06-19 16:14:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2011-06-19 07:08:27 | 000,000,000 | ---D | C] -- C:\Program Files\ARAX Disk Doctor Data Recovery
[2011-06-19 06:22:47 | 000,000,000 | ---D | C] -- C:\Program Files\Ontrack
[2011-06-19 05:52:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Dane aplikacji\uTorrent
[2011-06-18 22:50:11 | 000,000,000 | ---D | C] -- C:\Program Files\Convar
[2011-06-18 22:34:49 | 000,307,200 | ---- | C] (InstallShield Software Corporation) -- C:\WINDOWS\IsUn0415.exe
[2011-06-18 22:27:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Lx_cats
[2011-06-18 22:24:07 | 000,442,368 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeacoin.dll
[2011-06-18 22:23:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\ABBYY FineReader 6.0 Sprint
[2011-06-18 22:22:51 | 000,000,000 | ---D | C] -- C:\Program Files\Abbyy FineReader 6.0 Sprint
[2011-06-18 22:22:31 | 000,372,736 | ---- | C] (Lexmark International, Inc.) -- C:\WINDOWS\System32\LXEAwupd.dll
[2011-06-18 22:22:31 | 000,213,672 | ---- | C] (Lexmark International, Inc.) -- C:\WINDOWS\System32\LXEAwupd.exe
[2011-06-18 22:21:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\avast! Free Antivirus
[2011-06-18 22:21:56 | 000,307,928 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011-06-18 22:21:56 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011-06-18 22:21:54 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011-06-18 22:21:53 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011-06-18 22:21:53 | 000,049,240 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011-06-18 22:21:51 | 000,102,616 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011-06-18 22:21:51 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011-06-18 22:21:50 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011-06-18 22:21:49 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark
[2011-06-18 22:21:31 | 000,040,112 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011-06-18 22:21:31 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark Toolbar
[2011-06-18 22:21:30 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011-06-18 22:21:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Lexmark
[2011-06-18 22:21:14 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011-06-18 22:21:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software
[2011-06-18 22:20:55 | 000,847,872 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeausb1.dll
[2011-06-18 22:20:55 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeainpa.dll
[2011-06-18 22:20:55 | 000,356,352 | ---- | C] ( ) -- C:\WINDOWS\System32\LXEAhcp.dll
[2011-06-18 22:20:55 | 000,344,064 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeaiesc.dll
[2011-06-18 22:20:54 | 001,048,576 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeaserv.dll
[2011-06-18 22:20:54 | 000,643,072 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeapmui.dll
[2011-06-18 22:20:54 | 000,577,536 | ---- | C] ( ) -- C:\WINDOWS\System32\lxealmpm.dll
[2011-06-18 22:20:53 | 000,688,128 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeahbn3.dll
[2011-06-18 22:20:53 | 000,324,264 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeaih.exe
[2011-06-18 22:20:52 | 000,802,816 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeacomc.dll
[2011-06-18 22:20:52 | 000,598,696 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeacoms.exe
[2011-06-18 22:20:52 | 000,373,416 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeacfg.exe
[2011-06-18 22:20:52 | 000,372,736 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeacomm.dll
[2011-06-18 22:20:51 | 000,086,186 | ---- | C] (Lexmark International) -- C:\WINDOWS\System32\LXEAcfg.dll
[2011-06-18 22:20:17 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark S300-S400 Series
[2011-06-18 22:15:21 | 000,011,264 | ---- | C] (TOSHIBA ) -- C:\WINDOWS\System32\drivers\TPwSav.sys
[2011-06-18 22:15:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\XP
[2011-06-18 22:15:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Vista64
[2011-06-18 22:14:41 | 000,000,000 | ---D | C] -- C:\Temp
[2011-06-18 22:14:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\TOSHIBA
[2011-06-18 22:14:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SDA
[2011-06-18 22:14:06 | 000,290,304 | ---- | C] (Texas Instruments) -- C:\WINDOWS\System32\drivers\tifm21.sys
[2011-06-18 22:14:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2011-06-18 22:14:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\tiinst
[2011-06-18 22:13:32 | 000,094,208 | ---- | C] (TOSHIBA Corporation) -- C:\WINDOWS\System32\TCtrlCommon.dll
[2011-06-18 22:13:32 | 000,073,728 | ---- | C] (TOSHIBA Corporation) -- C:\WINDOWS\System32\TDispVol.exe
[2011-06-18 22:13:32 | 000,000,000 | ---D | C] -- C:\Program Files\TOSHIBA
[2011-06-18 22:09:00 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2011-06-18 22:07:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Lang
[2011-06-18 22:05:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\RTCOM
[2011-06-18 22:04:59 | 009,715,200 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTLCPL.exe
[2011-06-18 22:04:59 | 004,603,904 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys
[2011-06-18 22:04:59 | 001,191,936 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RtlUpd.exe
[2011-06-18 22:04:59 | 000,282,624 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RTSndMgr.cpl
[2011-06-18 22:04:59 | 000,086,016 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SoundMan.exe
[2011-06-18 22:04:56 | 002,165,760 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\MicCal.exe
[2011-06-18 22:04:55 | 002,808,832 | ---- | C] (RealTek Semicoductor Corp.) -- C:\WINDOWS\alcwzrd.exe
[2011-06-18 22:04:55 | 000,299,008 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\ALSndMgr.cpl
[2011-06-18 22:04:55 | 000,069,632 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\Alcmtr.exe
[2011-06-18 22:04:51 | 000,520,192 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RtlExUpd.dll
[2011-06-18 22:04:51 | 000,315,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\HideWin.exe
[2011-06-18 22:01:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\nView_Profiles
[2011-06-18 22:00:26 | 000,801,312 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcplui.exe
[2011-06-18 22:00:26 | 000,453,152 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvudisp.exe
[2011-06-18 22:00:26 | 000,420,384 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcpl.cpl
[2011-06-18 22:00:26 | 000,143,360 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcolor.exe
[2011-06-18 22:00:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\nview
[2011-06-18 22:00:05 | 002,744,320 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwss.dll
[2011-06-18 22:00:05 | 000,081,920 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwddi.dll
[2011-06-18 22:00:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\XTreme-G Drivers
[2011-06-18 22:00:04 | 003,796,992 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvvitvs.dll
[2011-06-18 22:00:04 | 001,253,376 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvPVEnc.ax
[2011-06-18 22:00:03 | 009,592,832 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvoglnt.dll
[2011-06-18 22:00:03 | 003,489,792 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvgames.dll
[2011-06-18 22:00:03 | 001,273,856 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmobls.dll
[2011-06-18 22:00:03 | 000,229,376 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmccs.dll
[2011-06-18 22:00:03 | 000,188,416 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmccss.dll
[2011-06-18 22:00:03 | 000,086,016 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmctray.dll
[2011-06-18 22:00:03 | 000,045,056 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmccsrs.dll
[2011-06-18 22:00:02 | 004,710,400 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvdisps.dll
[2011-06-18 22:00:02 | 001,560,576 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuda.dll
[2011-06-18 22:00:02 | 000,401,408 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvid.dll
[2011-06-18 22:00:01 | 013,680,640 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcpl.dll
[2011-06-18 22:00:01 | 000,135,168 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcodins.dll
[2011-06-18 22:00:01 | 000,135,168 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcod.dll
[2011-06-18 22:00:00 | 000,667,648 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvapi.dll
[2011-06-18 21:59:59 | 006,185,088 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nv4_disp.dll
[2011-06-18 21:59:59 | 000,000,000 | ---D | C] -- C:\nVidia Forceware
[2011-06-18 21:55:28 | 000,000,000 | ---D | C] -- C:\Drivers
[2011-06-18 21:18:37 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2011-06-18 20:56:48 | 000,000,000 | ---D | C] -- C:\Intel
[2011-06-18 20:54:07 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2011-06-18 20:53:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2011-06-18 20:48:08 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011-06-18 20:37:57 | 000,453,152 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NVUNINST.EXE
[2011-06-18 20:37:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2011-06-18 20:29:04 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2011-06-18 20:29:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2011-06-18 20:28:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2011-06-18 20:28:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2011-06-18 20:28:55 | 000,000,000 | R--D | C] -- C:\Program Files
[2011-06-18 20:28:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2011-06-18 20:28:41 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\dgrpsetu.dll
[2011-06-18 20:28:41 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dgrpsetu.dll
[2011-06-18 20:28:41 | 000,085,532 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgsetup.dll
[2011-06-18 20:28:41 | 000,085,532 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dgsetup.dll
[2011-06-18 20:28:40 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\EqnClass.Dll
[2011-06-18 20:28:40 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnclass.dll
[2011-06-18 20:28:40 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2011-06-18 20:28:40 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2011-06-18 20:28:22 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start
[2011-06-18 20:28:22 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty
[2011-06-18 20:28:22 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart
[2011-06-18 20:28:22 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Szablony
[2011-06-18 20:28:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Ulubione
[2011-06-18 20:28:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Pulpit
[2011-06-18 20:28:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2011-06-18 20:28:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2011-06-18 20:27:57 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft
[2011-06-18 20:27:57 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji
[2011-06-18 20:27:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2011-06-18 20:27:30 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2011-06-18 20:20:51 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2011-06-18 20:20:51 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2011-06-18 20:20:51 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2011-06-18 20:20:51 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl-pl
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\Network Diagnostic
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\L2Schemas
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1045
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2011-06-18 20:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2011-06-18 19:30:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2011-06-18 19:30:53 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2011-06-18 19:27:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Menu Start\Programy\WinRAR
[2011-06-18 19:27:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Dane aplikacji\WinRAR
[2011-06-18 19:27:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\WinRAR
[2011-06-18 19:27:47 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2011-06-18 19:27:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Moje dokumenty\Downloads
[2011-06-18 19:25:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Dane aplikacji\Macromedia
[2011-06-18 19:25:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Dane aplikacji\Adobe
[2011-06-18 19:24:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google
[2011-06-18 19:24:33 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Kuba\UserData
[2011-06-18 19:22:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\REALTEK 11n USB Wireless LAN Utility
[2011-06-18 19:21:16 | 000,605,856 | R--- | C] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\drivers\RTL8192su.sys
[2011-06-18 19:21:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\OPTIONS
[2011-06-18 19:21:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\RtlGina
[2011-06-18 19:21:05 | 000,000,000 | ---D | C] -- C:\Program Files\REALTEK
[2011-06-18 19:21:01 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2011-06-18 19:11:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Dane aplikacji\Identities
[2011-06-18 19:11:45 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2011-06-18 19:11:42 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Kuba\Moje dokumenty\Moja muzyka
[2011-06-18 19:11:41 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Kuba\Moje dokumenty\Moje obrazy
[2011-06-18 19:11:36 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Kuba\Dane aplikacji\Microsoft
[2011-06-18 19:11:36 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Kuba\Cookies
[2011-06-18 19:11:36 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Kuba\SendTo
[2011-06-18 19:11:36 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Kuba\Recent
[2011-06-18 19:11:36 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Kuba\Dane aplikacji
[2011-06-18 19:11:36 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Kuba\Ulubione
[2011-06-18 19:11:36 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Kuba\Moje dokumenty
[2011-06-18 19:11:36 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Kuba\Menu Start
[2011-06-18 19:11:36 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Kuba\Menu Start\Programy\Autostart
[2011-06-18 19:11:36 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Kuba\Menu Start\Programy\Akcesoria
[2011-06-18 19:11:36 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Kuba\Szablony
[2011-06-18 19:11:36 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Kuba\PrintHood
[2011-06-18 19:11:36 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Kuba\NetHood
[2011-06-18 19:11:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Pulpit
[2011-06-18 19:11:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Microsoft
[2011-06-18 19:11:35 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Kuba\Ustawienia lokalne
[2011-06-18 19:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2011-06-18 19:10:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2011-06-18 19:10:49 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2011-06-18 19:10:48 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft
[2011-06-18 19:10:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2011-06-18 19:04:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2011-06-18 19:04:40 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[2011-06-18 19:03:01 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2011-06-18 19:03:01 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2011-06-18 19:03:00 | 000,029,184 | ---- | C] (RICOH Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2011-06-18 19:01:55 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2011-06-18 19:01:55 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2011-06-18 19:01:55 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2011-06-18 19:01:41 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2011-06-18 19:01:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2011-06-18 19:01:00 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2011-06-18 19:01:00 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2011-06-18 18:59:43 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2011-06-18 18:59:33 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2011-06-18 18:59:33 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2011-06-18 18:59:23 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2011-06-18 18:59:18 | 000,000,000 | ---D | C] -- C:\Program Files\Usługi online
[2011-06-18 18:59:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2011-06-18 18:58:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2011-06-18 18:58:40 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2011-06-18 18:58:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2011-06-18 18:58:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2011-06-18 18:58:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2011-06-18 18:58:24 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2011-06-18 18:58:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2011-06-18 18:58:01 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll
[2011-06-18 18:58:01 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\isrdbg32.dll
[2011-06-18 18:57:58 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2011-06-18 18:57:54 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2011-06-18 18:57:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2011-06-18 18:57:42 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2011-06-18 18:57:41 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje obrazy
[2011-06-18 18:57:13 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Gry
[2011-06-18 18:56:56 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2011-06-18 18:56:47 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Narzędzia administracyjne
[2011-06-18 18:56:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2011-06-18 18:56:37 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moja muzyka
[2011-06-18 18:56:36 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2011-06-18 18:56:28 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2011-06-18 18:56:24 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2011-06-18 18:56:16 | 000,044,544 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hticons.dll
[2011-06-18 18:56:16 | 000,013,312 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\dllcache\htrn_jis.dll
[2011-06-18 18:56:00 | 000,283,136 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2011-06-18 18:55:59 | 000,351,744 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hypertrm.dll
[2011-06-18 18:55:58 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2011-06-18 18:55:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2011-06-18 18:55:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2011-06-18 18:55:35 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje wideo
[2011-06-18 18:54:54 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Akcesoria
[2006-12-12 10:13:20 | 000,032,768 | ---- | C] (COMPAL ELECTRONIC INC.) -- C:\Documents and Settings\All Users\Dane aplikacji\EBLib.dll
[2006-07-28 15:25:26 | 000,019,456 | ---- | C] (COMPAL ELECTRONIC INC.) -- C:\Documents and Settings\All Users\Dane aplikacji\LPCFilter.sys

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2011-06-28 16:37:37 | 000,210,919 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011-06-28 16:37:14 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011-06-28 16:34:31 | 000,001,554 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\AD-R.lnk
[2011-06-28 16:30:54 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011-06-27 14:26:47 | 000,000,101 | ---- | M] () -- C:\Documents and Settings\Kuba\.Xauthority
[2011-06-27 03:41:53 | 000,007,680 | ---- | M] () -- C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-06-27 02:19:55 | 000,000,849 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\Light Image Resizer 4.lnk
[2011-06-26 01:00:21 | 000,001,492 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk
[2011-06-25 22:19:09 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011-06-25 22:17:20 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\iTunes.lnk
[2011-06-25 22:11:59 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\QuickTime Player.lnk
[2011-06-25 22:01:06 | 000,000,770 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011-06-24 22:14:08 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011-06-24 22:14:08 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011-06-24 22:14:08 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011-06-24 22:14:08 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011-06-24 22:14:08 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011-06-24 19:36:55 | 000,002,441 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\HiJackThis.lnk
[2011-06-24 14:13:16 | 000,266,208 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011-06-23 01:01:03 | 000,000,662 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\NapiProjekt.lnk
[2011-06-22 18:29:44 | 000,001,773 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\Shell.lnk
[2011-06-22 18:28:28 | 000,000,695 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\NX Client for Windows.lnk
[2011-06-22 16:45:48 | 000,000,783 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\FileZilla.lnk
[2011-06-22 16:34:27 | 000,000,204 | ---- | M] () -- C:\WINDOWS\System32\secustat.dat
[2011-06-22 16:33:40 | 000,000,025 | ---- | M] () -- C:\WINDOWS\libem.INI
[2011-06-22 03:05:37 | 000,002,295 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\Google Chrome.lnk
[2011-06-22 00:53:12 | 000,001,243 | ---- | M] () -- C:\Documents and Settings\Kuba\Moje dokumenty\Ptasie Mleczko.rtf
[2011-06-22 00:51:06 | 000,001,136 | ---- | M] () -- C:\Documents and Settings\Kuba\Moje dokumenty\Krem czekoladowy.rtf
[2011-06-22 00:50:48 | 000,000,992 | ---- | M] () -- C:\Documents and Settings\Kuba\Moje dokumenty\Ciasto Marchewkowe.rtf
[2011-06-22 00:32:10 | 000,001,178 | ---- | M] () -- C:\Documents and Settings\Kuba\Moje dokumenty\Serniczek.rtf
[2011-06-22 00:04:31 | 000,001,410 | ---- | M] () -- C:\Documents and Settings\Kuba\Moje dokumenty\Chleb Dukana.rtf
[2011-06-21 20:40:57 | 000,000,640 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\Kadu.lnk
[2011-06-20 14:55:13 | 000,000,603 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\OldOpera.lnk
[2011-06-20 14:40:54 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\SimAQUARIUM v2.06 Tank-1.lnk
[2011-06-20 08:38:14 | 001,123,840 | ---- | M] (Karol Winnicki) -- C:\Documents and Settings\Kuba\Pulpit\BESTplayer.exe
[2011-06-20 07:38:25 | 000,000,733 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\DAEMON Tools Lite.lnk
[2011-06-19 18:21:51 | 000,000,313 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\Kuba - Utrata Wagi.html
[2011-06-19 16:09:36 | 000,448,586 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2011-06-19 16:09:36 | 000,392,630 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011-06-19 16:09:36 | 000,074,648 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2011-06-19 16:09:36 | 000,058,930 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011-06-18 22:27:00 | 000,198,605 | ---- | M] () -- C:\WINDOWS\System32\LexFiles.ulf
[2011-06-18 22:21:52 | 000,002,644 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011-06-18 22:07:39 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\Mój komputer.lnk
[2011-06-18 22:07:37 | 000,000,344 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\Moje dokumenty.lnk
[2011-06-18 22:07:01 | 000,940,794 | ---- | M] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2011-06-18 22:07:01 | 000,146,650 | ---- | M] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2011-06-18 22:04:51 | 000,315,392 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\HideWin.exe
[2011-06-18 20:53:23 | 000,004,444 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF
[2011-06-18 19:22:06 | 000,001,828 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\REALTEK 11n USB Wireless LAN Utility.lnk
[2011-06-18 19:22:00 | 000,376,832 | ---- | M] () -- C:\WINDOWS\System32\AegisI5Installer.exe
[2011-06-18 19:04:44 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2011-06-18 19:03:35 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2011-06-18 19:00:40 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2011-06-18 19:00:40 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2011-06-18 19:00:40 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2011-06-18 19:00:40 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2011-06-18 19:00:37 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2011-06-18 19:00:36 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2011-06-18 19:00:36 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2011-06-18 19:00:25 | 000,004,293 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2011-06-18 18:57:11 | 000,021,856 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011-06-18 18:54:18 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2011-06-16 09:00:00 | 000,073,216 | ---- | M] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011-06-16 09:00:00 | 000,000,038 | ---- | M] () -- C:\WINDOWS\avisplitter.ini
[2011-06-02 01:15:52 | 000,243,200 | ---- | M] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011-06-02 01:10:30 | 000,644,608 | ---- | M] () -- C:\WINDOWS\System32\xvidcore.dll
[2011-05-10 13:10:59 | 000,040,112 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011-05-10 13:10:55 | 000,199,304 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011-05-10 13:03:54 | 000,441,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011-05-10 13:03:44 | 000,307,928 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011-05-10 13:02:37 | 000,049,240 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011-05-10 13:02:25 | 000,102,616 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011-05-10 13:02:22 | 000,096,344 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011-05-10 12:59:56 | 000,025,432 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011-05-10 12:59:37 | 000,030,808 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011-05-10 12:59:35 | 000,019,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011-05-10 08:06:08 | 004,517,664 | ---- | M] (Apple, Inc.) -- C:\WINDOWS\System32\usbaaplrc.dll

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011-06-28 16:34:31 | 000,001,554 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\AD-R.lnk
[2011-06-27 02:19:55 | 000,000,849 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\Light Image Resizer 4.lnk
[2011-06-26 01:00:22 | 000,001,498 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Opera.lnk
[2011-06-26 01:00:21 | 000,001,492 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk
[2011-06-25 22:19:08 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011-06-25 22:17:20 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\iTunes.lnk
[2011-06-25 22:11:59 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\QuickTime Player.lnk
[2011-06-25 20:28:13 | 000,001,830 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Apple Software Update.lnk
[2011-06-24 19:36:12 | 000,002,441 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\HiJackThis.lnk
[2011-06-23 01:01:03 | 000,000,662 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\NapiProjekt.lnk
[2011-06-22 18:30:14 | 000,000,101 | ---- | C] () -- C:\Documents and Settings\Kuba\.Xauthority
[2011-06-22 18:29:44 | 000,001,773 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\Shell.lnk
[2011-06-22 18:28:28 | 000,000,695 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\NX Client for Windows.lnk
[2011-06-22 16:45:48 | 000,000,783 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\FileZilla.lnk
[2011-06-22 16:34:27 | 000,000,204 | ---- | C] () -- C:\WINDOWS\System32\secustat.dat
[2011-06-22 16:33:40 | 000,000,025 | ---- | C] () -- C:\WINDOWS\libem.INI
[2011-06-22 03:05:37 | 000,002,295 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\Google Chrome.lnk
[2011-06-22 00:53:12 | 000,001,243 | ---- | C] () -- C:\Documents and Settings\Kuba\Moje dokumenty\Ptasie Mleczko.rtf
[2011-06-22 00:51:06 | 000,001,136 | ---- | C] () -- C:\Documents and Settings\Kuba\Moje dokumenty\Krem czekoladowy.rtf
[2011-06-22 00:50:48 | 000,000,992 | ---- | C] () -- C:\Documents and Settings\Kuba\Moje dokumenty\Ciasto Marchewkowe.rtf
[2011-06-22 00:32:10 | 000,001,178 | ---- | C] () -- C:\Documents and Settings\Kuba\Moje dokumenty\Serniczek.rtf
[2011-06-22 00:04:31 | 000,001,410 | ---- | C] () -- C:\Documents and Settings\Kuba\Moje dokumenty\Chleb Dukana.rtf
[2011-06-21 20:40:57 | 000,000,640 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\Kadu.lnk
[2011-06-20 14:56:25 | 000,002,070 | ---- | C] () -- C:\Documents and Settings\Kuba\Menu Start\Programy\SimAquarium.lnk
[2011-06-20 14:55:19 | 000,000,603 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\OldOpera.lnk
[2011-06-20 14:40:54 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\SimAQUARIUM v2.06 Tank-1.lnk
[2011-06-20 08:40:52 | 000,007,680 | ---- | C] () -- C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-06-20 08:38:54 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2011-06-20 08:38:54 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2011-06-20 08:38:49 | 000,000,414 | ---- | C] () -- C:\WINDOWS\System32\lame_acm.xml
[2011-06-20 08:38:48 | 000,644,608 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011-06-20 08:38:48 | 000,243,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011-06-20 08:38:47 | 000,073,216 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011-06-20 08:08:50 | 000,002,092 | ---- | C] () -- C:\Documents and Settings\Kuba\Menu Start\Programy\Spirograph.lnk
[2011-06-20 07:38:25 | 000,000,733 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\DAEMON Tools Lite.lnk
[2011-06-19 18:21:50 | 000,000,313 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\Kuba - Utrata Wagi.html
[2011-06-19 06:23:17 | 000,000,634 | ---- | C] () -- C:\WINDOWS\System32\MAPISVC.INF
[2011-06-18 22:35:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\vusetup.dll
[2011-06-18 22:24:14 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxeavs.dll
[2011-06-18 22:23:59 | 000,070,133 | ---- | C] () -- C:\WINDOWS\System32\lxeaprpr.chm
[2011-06-18 22:23:58 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\lxeagcfg.dll
[2011-06-18 22:23:57 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\lxeacui.dll
[2011-06-18 22:23:57 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\lxeacuir.dll
[2011-06-18 22:23:57 | 000,008,694 | ---- | C] () -- C:\WINDOWS\System32\lxeacommuilogo_rtl.bmp
[2011-06-18 22:23:57 | 000,008,694 | ---- | C] () -- C:\WINDOWS\System32\lxeacommuilogo.bmp
[2011-06-18 22:21:12 | 000,000,044 | -H-- | C] () -- C:\WINDOWS\System32\lxearwrd.ini
[2011-06-18 22:20:56 | 000,198,605 | ---- | C] () -- C:\WINDOWS\System32\LexFiles.ulf
[2011-06-18 22:20:55 | 000,331,776 | ---- | C] () -- C:\WINDOWS\System32\LXEAinst.dll
[2011-06-18 22:20:53 | 000,323,584 | ---- | C] () -- C:\WINDOWS\System32\lxeains.dll
[2011-06-18 22:20:53 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\lxeainsb.dll
[2011-06-18 22:20:53 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lxeagrd.dll
[2011-06-18 22:20:53 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\lxeainsr.dll
[2011-06-18 22:20:53 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\lxeajswr.dll
[2011-06-18 22:20:52 | 000,253,952 | ---- | C] () -- C:\WINDOWS\System32\lxeacu.dll
[2011-06-18 22:20:52 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\lxeacub.dll
[2011-06-18 22:20:52 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\lxeacur.dll
[2011-06-18 22:20:51 | 000,002,106 | ---- | C] () -- C:\WINDOWS\System32\lxea.loc
[2011-06-18 22:20:17 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\LXEAsmr.dll
[2011-06-18 22:20:16 | 000,299,008 | ---- | C] () -- C:\WINDOWS\System32\LXEAsm.dll
[2011-06-18 22:15:21 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\EBLib.DLL
[2011-06-18 22:13:32 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\TDispVol.dll
[2011-06-18 22:07:39 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\Mój komputer.lnk
[2011-06-18 22:07:37 | 000,000,344 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\Moje dokumenty.lnk
[2011-06-18 22:07:01 | 000,940,794 | ---- | C] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2011-06-18 22:07:01 | 000,146,650 | ---- | C] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2011-06-18 22:05:38 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2011-06-18 22:05:07 | 000,000,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTHDAEQ3.dat
[2011-06-18 22:05:07 | 000,000,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTHDAEQ2.dat
[2011-06-18 22:05:07 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\RtkHDAud.dat
[2011-06-18 22:00:26 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2011-06-18 22:00:26 | 001,657,376 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2011-06-18 22:00:26 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2011-06-18 22:00:26 | 001,346,080 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2011-06-18 22:00:26 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2011-06-18 22:00:26 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2011-06-18 22:00:26 | 000,449,056 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2011-06-18 22:00:26 | 000,436,768 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2011-06-18 22:00:26 | 000,210,919 | ---- | C] () -- C:\WINDOWS\System32\nvapps.xml
[2011-06-18 22:00:26 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\nvtuicpl.cpl
[2011-06-18 22:00:26 | 000,018,795 | ---- | C] () -- C:\WINDOWS\System32\nvdisp.nvu
[2011-06-18 20:53:23 | 000,004,444 | ---- | C] () -- C:\WINDOWS\System32\pid.PNF
[2011-06-18 20:29:03 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011-06-18 20:29:01 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2011-06-18 20:29:00 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2011-06-18 20:29:00 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2011-06-18 20:28:59 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2011-06-18 20:28:38 | 000,001,734 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2011-06-18 20:28:20 | 000,399,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2011-06-18 20:28:20 | 000,144,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2011-06-18 20:28:20 | 000,105,628 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2011-06-18 20:28:20 | 000,037,509 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2011-06-18 20:28:20 | 000,034,747 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2011-06-18 20:28:20 | 000,033,765 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2011-06-18 20:28:20 | 000,016,825 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2011-06-18 20:28:20 | 000,013,497 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2011-06-18 20:28:20 | 000,012,363 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2011-06-18 20:28:20 | 000,010,027 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2011-06-18 20:28:20 | 000,008,599 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2011-06-18 20:28:20 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2011-06-18 20:28:20 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2011-06-18 20:28:19 | 002,033,887 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2011-06-18 20:28:19 | 001,246,357 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP3.CAT
[2011-06-18 20:28:19 | 000,808,524 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2011-06-18 20:28:19 | 000,634,012 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2011-06-18 20:27:30 | 000,266,208 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011-06-18 20:26:27 | 000,000,211 | -HS- | C] () -- C:\boot.ini
[2011-06-18 20:26:22 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2011-06-18 19:22:06 | 000,001,828 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\REALTEK 11n USB Wireless LAN Utility.lnk
[2011-06-18 19:21:56 | 000,376,832 | ---- | C] () -- C:\WINDOWS\System32\AegisI5Installer.exe
[2011-06-18 19:21:05 | 000,451,072 | ---- | C] () -- C:\WINDOWS\System32\ISSRemoveSP.exe
[2011-06-18 19:11:48 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Kuba\Menu Start\Programy\Outlook Express.lnk
[2011-06-18 19:11:46 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\Kuba\Menu Start\Programy\Internet Explorer.lnk
[2011-06-18 19:11:37 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\Kuba\Menu Start\Programy\Pomoc zdalna.lnk
[2011-06-18 19:11:37 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Kuba\Menu Start\Programy\Windows Media Player.lnk
[2011-06-18 19:04:44 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2011-06-18 19:03:35 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011-06-18 19:02:54 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2011-06-18 19:02:31 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2011-06-18 19:02:25 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2011-06-18 19:02:23 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2011-06-18 19:02:21 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2011-06-18 19:02:08 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2011-06-18 19:02:02 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2011-06-18 19:01:58 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2011-06-18 19:01:44 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2011-06-18 19:00:40 | 000,002,644 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2011-06-18 19:00:40 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2011-06-18 19:00:40 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2011-06-18 19:00:40 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2011-06-18 19:00:40 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2011-06-18 19:00:36 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2011-06-18 19:00:36 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2011-06-18 19:00:35 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2011-06-18 18:59:22 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Windows Movie Maker.lnk
[2011-06-18 18:59:07 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2011-06-18 18:58:51 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2011-06-18 18:58:51 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2011-06-18 18:58:45 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2011-06-18 18:58:04 | 000,380,416 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2011-06-18 18:57:13 | 000,000,643 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Windows Messenger.lnk
[2011-06-18 18:57:11 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011-06-18 18:56:11 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Pod mikroskopem.bmp
[2011-06-18 18:56:11 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Stiuk z Santa Fe.bmp
[2011-06-18 18:56:11 | 000,026,680 | ---- | C] () -- C:\WINDOWS\Wachlarze.bmp
[2011-06-18 18:56:11 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Nefryt.bmp
[2011-06-18 18:56:11 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rododendron.bmp
[2011-06-18 18:56:11 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Na rybkach.bmp
[2011-06-18 18:56:11 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Indiański pled.bmp
[2011-06-18 18:56:10 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Bąbelki.bmp
[2011-06-18 18:56:10 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Kawa.bmp
[2011-06-18 18:56:10 | 000,016,730 | ---- | C] () -- C:\WINDOWS\Puch.bmp
[2011-06-18 18:56:10 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Niebieska koronka 16.bmp
[2011-06-18 18:56:07 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2011-06-18 18:56:07 | 000,001,225 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2011-06-18 18:56:06 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2011-06-18 18:56:01 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2008-04-14 22:16:20 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2006-12-31 06:57:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006-01-04 09:59:52 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\TCtrlIO.dll
[2003-01-28 00:09:20 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\libexpat.dll
[2001-10-26 19:15:16 | 000,448,586 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat
[2001-10-26 19:15:16 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat
[2001-10-26 19:15:16 | 000,074,648 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat
[2001-10-26 19:15:16 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat
[2001-08-23 16:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001-08-23 16:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001-08-18 00:30:24 | 000,392,630 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001-08-18 00:30:24 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001-08-18 00:30:24 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001-08-18 00:30:22 | 000,058,930 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001-08-18 00:15:38 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001-07-22 01:36:48 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001-07-22 01:36:04 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001-07-22 01:24:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

[color=#E56717]========== LOP Check ==========[/color]

[2011-06-18 22:21:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software
[2011-06-19 16:16:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2011-06-21 00:32:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Tlen.pl
[2011-06-18 22:15:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Vista64
[2011-06-18 22:16:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\XP
[2011-06-25 20:30:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011-06-20 08:39:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\BESTplayer
[2011-06-22 16:34:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\BITS
[2011-06-20 07:35:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\DAEMON Tools
[2011-06-28 16:26:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\FileZilla
[2011-06-22 16:32:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\FlashGet
[2011-06-22 16:31:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\FlashGetBHO
[2011-06-19 19:34:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\Gadu-Gadu 10
[2011-06-27 14:07:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\Kadu
[2011-06-27 02:22:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\ObviousIdea
[2011-06-26 01:00:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\Opera
[2011-06-21 00:33:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\Tlen.pl
[2011-06-22 16:56:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\uTorrent

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2011-06-28 16:35:54 | 000,002,351 | ---- | M] () -- C:\Ad-Report-CLEAN[1].txt
[2011-06-18 19:00:40 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2011-06-18 18:54:18 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2001-07-22 01:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2011-06-18 19:00:40 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2011-06-18 19:00:40 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2011-06-18 19:00:40 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008-04-13 21:13:04 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008-04-13 23:02:00 | 000,251,152 | RHS- | M] () -- C:\ntldr
[2011-06-28 16:37:07 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2008-04-14 22:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2008-04-14 22:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008-04-13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008-04-13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008-04-13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2001-08-18 00:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2001-08-18 00:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2008-04-14 22:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008-04-13 23:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2008-04-14 21:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008-04-14 21:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-04-13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008-04-13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2008-04-14 21:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008-04-14 21:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe

< End of report >
[/log]

Extras.TXT:
[log]OTL Extras logfile created on: 2011-06-28 16:41:51 - Run 2
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Documents and Settings\Kuba\Moje dokumenty\Downloads\Wczesniej
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,47 Gb Available Physical Memory | 73,56% Memory free
3,85 Gb Paging File | 3,44 Gb Available in Paging File | 89,38% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 43,42 Gb Total Space | 32,77 Gb Free Space | 75,47% Space Free | Partition Type: NTFS
Drive D: | 68,36 Gb Total Space | 51,66 Gb Free Space | 75,57% Space Free | Partition Type: NTFS

Computer Name: COMPANY | User Name: Kuba | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1542:TCP" = 1542:TCP:*:Enabled:Realtek WPS TCP Prot
"1542:UDP" = 1542:UDP:*:Enabled:Realtek WPS UDP Prot
"53:UDP" = 53:UDP:*:Enabled:Realtek AP UDP Prot

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe" = C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe:*:Enabled:RtWlan -- (Realtek Semiconductor Corp.)
"C:\WINDOWS\system32\lxeacoms.exe" = C:\WINDOWS\system32\lxeacoms.exe:*:Enabled:S300-S400 Series Server -- ( )
"C:\Program Files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe" = C:\Program Files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe:*:Enabled:ABBYY FineReader -- (ABBYY (BIT Software))
"C:\Program Files\Gadu-Gadu 10\gg.exe" = C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Program Files\OldOpera\opera.exe" = C:\Program Files\OldOpera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Program Files\Tlen.pl\tlen.exe" = C:\Program Files\Tlen.pl\tlen.exe:*:Enabled:Komunikator Tlen.pl
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3
"C:\Program Files\NX Client for Windows\nxclient.exe" = C:\Program Files\NX Client for Windows\nxclient.exe:*:Enabled:nxclient -- ()
"C:\Program Files\NX Client for Windows\bin\nxssh.exe" = C:\Program Files\NX Client for Windows\bin\nxssh.exe:*:Enabled:nxssh -- ()


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5BCA8D15-BCB6-421E-9654-238B43456A4F}" = TOSHIBA Controls Driver
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}" = MobileMe Control Panel
"{7E6066E6-8B5B-4100-B0FA-1D9E9B663CBA}" = iTunes
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{90120000-0010-0415-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Polish) 12
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007
"{9C049499-055C-4a0c-A916-1D8CA1FF45EB}" = REALTEK Wireless LAN Driver and Utility
"{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}" = TOSHIBA Controls
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support
"{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour
"{C441297F-C9F2-4177-9D5F-1B10F0358E32}" = Opera 10.54
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{DB780B85-B4B5-4864-A49C-9B706B169C93}" = TIPCI
"{EBE030DD-D404-4D92-85E9-8C3624820808}_is1" = Light Image Resizer 4.0.6.8
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Ad-Remover" = Ad-Remover par C_XX
"avast" = avast! Free Antivirus
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FileZilla Client" = FileZilla Client 3.5.0
"InstallShield_{DB780B85-B4B5-4864-A49C-9B706B169C93}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"Kadu" = Kadu 0.9.2
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.2.0 (Full)
"Lexmark S300-S400 Series" = Lexmark S300-S400 Series
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"NapiProjekt_is1" = NapiProjekt 1.0.6.9
"NVIDIA Drivers" = NVIDIA Drivers
"nxclient_is1" = NX Client for Windows 3.5.0-5
"Opera 11.11.2109" = Opera 11.11
"SimAQUARIUM2 Tank-1 Screensaver_is1" = SimAQUARIUM2 Tank-1 Screensaver
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR 4.01 (32-bitowy)
"XTreme-G Drivers_is1" = XTreme-G 182.06m XP 32bit

[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"SimAquarium" = SimAquarium
"Spirograph" = Spirograph

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2011-06-22 17:19:44 | Computer Name = COMPANY | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd nxclient.exe, wersja 0.0.0.0, moduł powodujący
błąd unknown, wersja 0.0.0.0, adres błędu 0x00d81e2c.

Error - 2011-06-25 17:21:54 | Computer Name = COMPANY | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd kadu.exe, wersja 0.6.6.0, moduł powodujący
błąd qtwebkit4.dll, wersja 4.7.3.0, adres błędu 0x006cfce6.

[ System Events ]
Error - 2011-06-28 11:28:33 | Computer Name = COMPANY | Source = Service Control Manager | ID = 7031
Description = Usługa Apple Mobile Device niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1. W przeciągu 60000 milisekund zostanie podjęta następująca czynność
korekcyjna: Uruchom usługę ponownie.

Error - 2011-06-28 11:28:33 | Computer Name = COMPANY | Source = Service Control Manager | ID = 7034
Description = Usługa Usługa Bonjour niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1.

Error - 2011-06-28 11:28:33 | Computer Name = COMPANY | Source = Service Control Manager | ID = 7034
Description = Usługa Java Quick Starter niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1.

Error - 2011-06-28 11:28:33 | Computer Name = COMPANY | Source = Service Control Manager | ID = 7034
Description = Usługa NVIDIA Display Driver Service niespodziewanie zakończyła pracę.
Wystąpiło to razy: 1.

Error - 2011-06-28 11:28:33 | Computer Name = COMPANY | Source = Service Control Manager | ID = 7034
Description = Usługa lxea_device niespodziewanie zakończyła pracę. Wystąpiło to
razy: 1.

Error - 2011-06-28 11:28:41 | Computer Name = COMPANY | Source = Service Control Manager | ID = 7034
Description = Usługa Usługa iPod niespodziewanie zakończyła pracę. Wystąpiło to
razy: 1.

Error - 2011-06-28 11:31:12 | Computer Name = COMPANY | Source = Service Control Manager | ID = 7009
Description = Limit czasu (30000 milisekund) podczas oczekiwania na połączenie się
z usługą lxeaCATSCustConnectService.

Error - 2011-06-28 11:31:12 | Computer Name = COMPANY | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi lxeaCATSCustConnectService z powodu następującego
błędu: %%1053

Error - 2011-06-28 11:37:41 | Computer Name = COMPANY | Source = Service Control Manager | ID = 7009
Description = Limit czasu (30000 milisekund) podczas oczekiwania na połączenie się
z usługą lxeaCATSCustConnectService.

Error - 2011-06-28 11:37:41 | Computer Name = COMPANY | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi lxeaCATSCustConnectService z powodu następującego
błędu: %%1053


< End of report >
[/log]

Wydaje mi się, że wszystko aczkolwiek nie wiem gdzie mogę znaleźć raport usuwania po OTL. Sam nie chciałem nic klikać, więc jak czegoś brakuje to proszę napisz a dopełnie obowiązku.

Pozdrawiam.

wirusolog
komentarz
komentarz (edytowane)

Mała poprawka i kroki końcowe.

[hr]

[b]1.[/b] Uruchom OTL i w oknie [b]Własne opcje skanowania/Skrypt[/b] wklej następujący tekst:

[code]:Files
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\System32\secustat.dat

:OTL
O1 - Hosts: 74.208.10.249 gs.apple.com
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
[/code]
Klikniij w [b]Wykonaj Skrypt[/b]. Tym razem restartu nie będzie / wyskoczy raport, nic z nim nie rób, notatnik zamknij.

[b]2.[/b] W OTL wciśnij przycisk [b]Sprzątanie[/b].

[b]3.[/b] Uruchom Ad-Remover'a i wciśnij w nim [b]UNINSTALL[/b].

[b]4.[/b] Aktualizacja zabezpieczeń:
[quote]
Internet Explorer [b](Version = 6.0.2900.5512)[/b]
"Adobe Flash Player Plugin" =[b] Adobe Flash Player 10 Plugin[/b]
"{C441297F-C9F2-4177-9D5F-1B10F0358E32}" = [b]Opera 10.54[/b]
[/quote]
[list]
[*]Jest tu bardzo stara wersja IE. Trzeba aktualizować IE bo dużo programów korzysta z silnika, bez Twojej wiedzy, nawet jeżeli korzystasz z Opery. Tak więc aktualizacja do wersji [url=http://windows.microsoft.com/pl-PL/internet-explorer/products/ie/home][b][color=blue][u]8[/url][/b][/color][/u].
[*]Nie jest podana tu konkretna wersja Flash, upewnij się że masz zainstalowany [url="http://get.adobe.com/flashplayer/"][color="#0000FF"][b]Adobe Flash Player 10.3.181.34[/b][/color][/url].
[*]W logu jest widoczna wersja przeglądarki -> Opera 11.11, tak więc wersja 10.54 do pełnej deinstalacji[/list]

[b]5.[/b] Do wyczyszczenia punkty przywracania systemu: [url=http://www.searchengines.pl/Czyszczenie-punktow-przywracania-systemu-t141981.html][b][color="#0000FF"][u]LINK[/url][/b][/color][/u]

[b]6.[/b] Zalecam [b]pełne skanowania[/b] [url=http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?part=dl-10804572&subj=dl&tag=button][b][color="#0000FF"][u]MBAM[/url][/b][/color][/u] (po instalacji zaaktualizuj ręczne baze wirusów) + [url=http://www.dobreprogramy.pl/Dr.WEB-CureIt,Program,Windows,12976.html][b][color="#0000FF"][u]Dr.Web CureIt![/url][/b][/color][/u].
Jeżeli obydwa skanery coś wykryją usuwasz w przypadku MBAM / leczysz i usuwasz w przypadku Dr.Web'a. Po usunięciu zagrożeń pokazujesz z obydwu programów raporty.

  • Dobra wypowiedź 1
Mr.Hankey
komentarz
komentarz (edytowane)

Jeżeli chodzi o skan Dr.Webem to nic nie wykrył i w zasadzie nie wiem gdzie kliknąć tam żeby pojawił się raport więc zrobiłem screena:
[URL=http://imageshack.us/photo/my-images/29/webmb.jpg/][IMG]http://img29.imageshack.us/img29/605/webmb.th.jpg[/IMG][/URL]

Co do MBAM to pokiełbasiłek nieco:
-Pierwsze skanowanie wykryło jeden zainfekowany plik sound32.dll i trochę się przestraszyłem żeby go usuwać bo możliwe, że pochrzaniłbym coś na kompie, więc to zostawiłem i przeszedłem do Dr.Web, który jak podałem wyżej - nic nie wykrył.
-Drugie skanowanie (po Dr.Web-ie) wykryło 2 zagrożenia (sound32.dll i jakiś inny plik na dysku, który niestety usunąłem bez zapisu loga)
-Trzecie skanowanie ponownie wykryło zagrożenie w sound32.dll i tym razem je usunąłem, a oto log:
[log]Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Wersja bazy: 6970

Windows 5.1.2600 Dodatek Service Pack 3
Internet Explorer 8.0.6001.18702

2011-06-29 04:51:29
mbam-log-2011-06-29 (04-51-29).txt

Typ skanowania: Pełne skanowanie (C:\|D:\|)
Przeskanowano obiektów: 192528
Upłynęło: 23 minut(y), 2 sekund(y)

Zainfekowanych procesów w pamięci: 0
Zainfekowanych modułów w pamięci: 0
Zainfekowanych kluczy rejestru: 0
Zainfekowanych wartości rejestru: 0
Zainfekowane informacje rejestru systemowego: 0
Zainfekowanych folderów: 0
Zainfekowanych plików: 1

Zainfekowanych procesów w pamięci:
(Nie znaleziono zagrożeń)

Zainfekowanych modułów w pamięci:
(Nie znaleziono zagrożeń)

Zainfekowanych kluczy rejestru:
(Nie znaleziono zagrożeń)

Zainfekowanych wartości rejestru:
(Nie znaleziono zagrożeń)

Zainfekowane informacje rejestru systemowego:
(Nie znaleziono zagrożeń)

Zainfekowanych folderów:
(Nie znaleziono zagrożeń)

Zainfekowanych plików:
c:\sound32.dll (Trojan.Agent) -> Quarantined and deleted successfully.
[/log]

Do tego mam kilka pytań:
[b]1.[/b] Czy jak usunąłem sound32.dll to nie będzie to miało negatywnego wpływu na mój komputer?
[b]2.[/b] Na komputerze lepiej zostawić AVAST czy MBAM?

Edit:
//Z siecią jakby się poprawiło, jak wstanę to dokładnie przetestuję bo teraz po pracy idę spać. Jednak Ping na testach nadal wypada blado (70-100).

Niemniej jednak wielkie dzięki jak do pory pomaga :)
Pozdrawiam.

wirusolog
komentarz
komentarz

Gorzej jest z tym, że z Twoich przypuszczeń ten plik się odradza, co mnie niepokoi.

[quote name='MrHankey' timestamp='1309319546' post='1288569']
Do tego mam kilka pytań:
[b]1.[/b] Czy jak usunąłem sound32.dll to nie będzie to miało negatywnego wpływu na mój komputer?
[b]2.[/b] Na komputerze lepiej zostawić AVAST czy MBAM?
[/quote]
Ad 1) Nic się nie stanie, to jest plik zarażony i trzeba go wyelminować.
Ad 2) MBAM to jedynie skaner na żądanie, a Avast to ochrona w czasie rzeczywistym. Nalegam, żeby skan MBAMem przeprowadzać raz w tygodniu, tak dla świętego spokoju.

[b]--> sound32.dll <--[/b] sprawdźmy czy dalej gdzieś on jest na dysku.

[hr]

Ściągnij -> [url=http://images.malwareremoval.com/jpshortstuff/SystemLook.exe][b][color=blue][u]SystemLook.exe[/url][/b][/color][/u]
Uruchom i w dolne białe okienko wklej to:
[quote]
:filefind
sound32.dll

:regfind
sound32.dll
[/quote]
Kliknij w [b]Look[/b]. Czekaj aż pojawi się raport i po wyskoczeniu raportu pokaż mi go.

  • Dobra wypowiedź 1
stabilo
komentarz
komentarz

To mi bardziej wygląda na winę sprzętu sieciowego.

Mr.Hankey
komentarz
komentarz

[quote name='wirusolog' date='29 czerwiec 2011 - 09:27' timestamp='1309336185' post='1288639']
Ściągnij -> SystemLook.exe
Uruchom i w dolne białe okienko wklej to:
Cytat
:filefind
sound32.dll

:regfind
sound32.dll

Kliknij w Look. Czekaj aż pojawi się raport i po wyskoczeniu raportu pokaż mi go.
[/quote]

[log]SystemLook 04.09.10 by jpshortstuff
Log created at 14:14 on 29/06/2011 by Kuba
Administrator - Elevation successful

========== filefind ==========

Searching for "sound32.dll "
No files found.

========== regfind ==========

Searching for "sound32.dll "
No data found.

-= EOF =-[/log]


Dziś wieczorem dam znać w temacie jak wygląda sprawa sprawa z siecią - czy nadal przerywa czy już nie.

Pozdrawiam.

wirusolog
komentarz
komentarz

Tego pliku nie ma dysku ani żadnego wpisu.
Czyli Twoje problemy nie wynikają z wirusami.

  • Dobra wypowiedź 1
Mr.Hankey
komentarz
komentarz (edytowane)

[quote name='wirusolog' date='29 czerwiec 2011 - 14:48' timestamp='1309355440' post='1288899']
Tego pliku nie ma dysku ani żadnego wpisu.
Czyli Twoje problemy nie wynikają z wirusami.
[/quote]

Początkowo założyłem ten temat w "Awarie Komputerów" bo sam nie wiedziałem co dokładnie wywołuje mój błąd, ale któryś z Moderatorów musiał go tutaj przenieść. W takim razie jeżeli nie jest to sprawa wirusowa to czy jakiś Moderator może wrzucić ten temat do dobrego działu, ponieważ problem nadal występuje?

Wielkie podziękowania dla WIRUSOLOG za to, że przeprowadził mnie przez wszystko krok po kroku.

Pozdrawiam.

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.