x-kom hosting

Użycie procesora 100%! LOG

mishi93
utworzono
utworzono

WItam...podczas aktualizowania WIndowsa nagle zrestartował mi się komputer. PO kilka probach wlaczenia udało się go spowrotem odpalic,lecz dziala baaaaaaardzo wolno...
W 'msconfig' znalazlem kilka podejrzanych komend otwarcia wraz z wlaczeniem PC...jakieś daley-2000 itp.,Application Form.exe(to syf,sciągniety z gumtree,tez chce sie pozbyć)..Odtkicowalem te komendy,jednak jeszcze PCta nie restartowalem.

Załączam loga,który może coś wyjaśni.Proszę o pomoc! :)
OTL:
LOG:
[log]OTL logfile created on: 2011-09-25 15:07:28 - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Documents and Settings\Magda\Moje dokumenty\Pobieranie
Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

894,17 Mb Total Physical Memory | 428,53 Mb Available Physical Memory | 47,92% Memory free
2,11 Gb Paging File | 1,77 Gb Available in Paging File | 83,52% Paging File free
Paging file location(s): D:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 11,16 Gb Total Space | 3,61 Gb Free Space | 32,36% Space Free | Partition Type: FAT32
Drive D: | 44,71 Gb Total Space | 38,61 Gb Free Space | 86,36% Space Free | Partition Type: NTFS

Computer Name: AMBEREK | User Name: Magda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2011-09-25 14:59:22 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\Magda\Moje dokumenty\Pobieranie\RSIT.exe
PRC - [2011-09-25 14:52:40 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Magda\Moje dokumenty\Pobieranie\OTL.exe
PRC - [2011-09-06 22:45:30 | 003,722,416 | ---- | M] (AVAST Software) -- D:\AVAST Software\AvastUI.exe
PRC - [2011-09-06 22:45:28 | 000,044,768 | ---- | M] (AVAST Software) -- D:\AVAST Software\AvastSvc.exe
PRC - [2011-07-29 22:15:38 | 000,581,632 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
PRC - [2011-07-08 09:50:30 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2011-07-08 09:50:28 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011-05-04 04:52:36 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2011-04-08 12:59:52 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2010-11-17 11:13:46 | 000,110,592 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Documents and Settings\Magda\Dane aplikacji\PC Suite For Android Handset\ouc.exe
PRC - [2010-08-17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2010-07-27 18:44:08 | 000,345,376 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2009-02-09 13:25:58 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2008-04-14 19:21:50 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe
PRC - [2008-04-14 19:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-14 19:21:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008-04-14 19:21:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008-04-14 19:21:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-14 19:21:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 19:21:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 19:21:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2008-04-14 19:21:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-14 19:21:42 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008-04-14 19:21:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-14 19:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-14 19:21:10 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2008-04-14 19:21:10 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008-04-14 19:21:02 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2007-04-09 16:46:56 | 000,057,344 | ---- | M] (VM305SNAP) -- C:\WINDOWS\vm305_sti.exe
PRC - [2003-06-19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2011-09-25 14:59:22 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\Magda\Moje dokumenty\Pobieranie\RSIT.exe
MOD - [2011-09-25 14:52:40 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Magda\Moje dokumenty\Pobieranie\OTL.exe
MOD - [2011-09-25 12:26:40 | 001,576,960 | ---- | M] () -- D:\AVAST Software\defs\11092500\algo.dll
MOD - [2011-09-25 10:32:54 | 006,277,280 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2011-09-23 18:41:30 | 001,211,240 | ---- | M] (AVAST Software) -- D:\AVAST Software\defs\11092500\aswEngin.dll
MOD - [2011-09-23 18:41:29 | 000,321,320 | ---- | M] (AVAST Software) -- D:\AVAST Software\defs\11092500\aswCmnBS.dll
MOD - [2011-09-23 18:41:29 | 000,212,640 | ---- | M] () -- D:\AVAST Software\defs\11092500\aswRep.dll
MOD - [2011-09-23 18:41:29 | 000,098,864 | ---- | M] (AVAST Software) -- D:\AVAST Software\defs\11092500\aswCmnOS.dll
MOD - [2011-09-23 18:41:29 | 000,087,528 | ---- | M] (AVAST Software) -- D:\AVAST Software\defs\11092500\aswScan.dll
MOD - [2011-09-23 18:41:29 | 000,024,672 | ---- | M] (AVAST Software) -- D:\AVAST Software\defs\11092500\uiext.dll
MOD - [2011-09-23 18:41:28 | 000,181,040 | ---- | M] (AVAST Software) -- D:\AVAST Software\defs\11092500\aswCmnIS.dll
MOD - [2011-09-09 11:12:04 | 000,602,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\crypt32.dll
MOD - [2011-09-06 22:45:38 | 000,194,136 | ---- | M] (AVAST Software) -- D:\AVAST Software\1045\uiLangRes.dll
MOD - [2011-09-06 22:45:37 | 000,091,624 | ---- | M] (AVAST Software) -- D:\AVAST Software\1045\Base.dll
MOD - [2011-09-06 22:45:30 | 003,722,416 | ---- | M] (AVAST Software) -- D:\AVAST Software\AvastUI.exe
MOD - [2011-09-06 22:45:28 | 000,044,768 | ---- | M] (AVAST Software) -- D:\AVAST Software\AvastSvc.exe
MOD - [2011-09-06 22:45:27 | 001,783,408 | ---- | M] (AVAST Software) -- D:\AVAST Software\CommonRes.dll
MOD - [2011-09-06 22:45:25 | 000,398,576 | ---- | M] (AVAST Software) -- D:\AVAST Software\aswSqLt.dll
MOD - [2011-09-06 22:45:25 | 000,206,472 | ---- | M] (AVAST Software) -- D:\AVAST Software\aswProperty.dll
MOD - [2011-09-06 22:45:25 | 000,203,400 | ---- | M] (AVAST Software) -- D:\AVAST Software\aswLog.dll
MOD - [2011-09-06 22:45:25 | 000,178,144 | ---- | M] (AVAST Software) -- D:\AVAST Software\aswStrm.dll
MOD - [2011-09-06 22:45:25 | 000,025,728 | ---- | M] (AVAST Software) -- D:\AVAST Software\aswUtil.dll
MOD - [2011-09-06 22:45:24 | 000,040,672 | ---- | M] (AVAST Software) -- D:\AVAST Software\AhResMes.dll
MOD - [2011-09-06 22:45:23 | 000,682,344 | ---- | M] (AVAST Software) -- D:\AVAST Software\aswAux.dll
MOD - [2011-09-06 22:45:23 | 000,316,688 | ---- | M] (AVAST Software) -- D:\AVAST Software\aswCmnBS.dll
MOD - [2011-09-06 22:45:23 | 000,165,784 | ---- | M] (AVAST Software) -- D:\AVAST Software\aswData.dll
MOD - [2011-09-06 22:45:23 | 000,163,736 | ---- | M] (AVAST Software) -- D:\AVAST Software\aswCmnIS.dll
MOD - [2011-09-06 22:45:23 | 000,145,696 | ---- | M] (AVAST Software) -- D:\AVAST Software\aswDld.dll
MOD - [2011-09-06 22:45:23 | 000,096,280 | ---- | M] (AVAST Software) -- D:\AVAST Software\aswCmnOS.dll
MOD - [2011-09-06 22:45:23 | 000,048,888 | ---- | M] (AVAST Software) -- D:\AVAST Software\aswEngLdr.dll
MOD - [2011-09-06 22:45:23 | 000,013,896 | ---- | M] (AVAST Software) -- D:\AVAST Software\aswIdle.dll
MOD - [2011-09-06 22:45:22 | 000,150,352 | ---- | M] (AVAST Software) -- D:\AVAST Software\ashTask.dll
MOD - [2011-09-06 22:45:22 | 000,149,840 | ---- | M] (AVAST Software) -- D:\AVAST Software\ashServ.dll
MOD - [2011-09-06 22:45:22 | 000,122,512 | ---- | M] (AVAST Software) -- D:\AVAST Software\ashShell.dll
MOD - [2011-09-06 22:45:22 | 000,061,760 | ---- | M] (AVAST Software) -- D:\AVAST Software\ashTaskEx.dll
MOD - [2011-09-06 22:45:20 | 000,184,848 | ---- | M] (AVAST Software) -- D:\AVAST Software\ashBase.dll
MOD - [2011-09-06 22:45:20 | 000,062,832 | ---- | M] (AVAST Software) -- D:\AVAST Software\AhResBhv.dll
MOD - [2011-09-06 22:45:20 | 000,060,736 | ---- | M] (AVAST Software) -- D:\AVAST Software\AhResStd.dll
MOD - [2011-09-06 22:45:20 | 000,059,736 | ---- | M] (AVAST Software) -- D:\AVAST Software\AhResWS.dll
MOD - [2011-09-06 22:45:20 | 000,053,032 | ---- | M] (AVAST Software) -- D:\AVAST Software\AhResMai.dll
MOD - [2011-09-06 22:45:20 | 000,048,888 | ---- | M] (AVAST Software) -- D:\AVAST Software\AhResNS.dll
MOD - [2011-09-06 22:45:20 | 000,041,696 | ---- | M] (AVAST Software) -- D:\AVAST Software\AhResP2P.dll
MOD - [2011-09-06 22:45:20 | 000,034,456 | ---- | M] (AVAST Software) -- D:\AVAST Software\AhResJs.dll
MOD - [2011-09-06 22:45:19 | 000,072,072 | ---- | M] (AVAST Software) -- D:\AVAST Software\AavmRpch.dll
MOD - [2011-09-06 22:45:17 | 000,318,248 | ---- | M] (AVAST Software) -- D:\AVAST Software\Aavm4h.dll
MOD - [2011-07-29 22:15:40 | 000,188,416 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\system32\atipdlxx.dll
MOD - [2011-07-29 22:15:38 | 000,581,632 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
MOD - [2011-07-29 22:15:38 | 000,143,360 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.dll
MOD - [2011-07-29 22:15:38 | 000,043,520 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\system32\ati2edxx.dll
MOD - [2011-07-08 09:50:30 | 014,232,536 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\xul.dll
MOD - [2011-07-08 09:50:30 | 001,850,328 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011-07-08 09:50:30 | 000,781,272 | ---- | M] (sqlite.org) -- C:\Program Files\Mozilla Firefox\mozsqlite3.dll
MOD - [2011-07-08 09:50:30 | 000,646,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nss3.dll
MOD - [2011-07-08 09:50:30 | 000,343,000 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nssckbi.dll
MOD - [2011-07-08 09:50:30 | 000,203,736 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nspr4.dll
MOD - [2011-07-08 09:50:30 | 000,166,872 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\softokn3.dll
MOD - [2011-07-08 09:50:30 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\ssl3.dll
MOD - [2011-07-08 09:50:30 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
MOD - [2011-07-08 09:50:30 | 000,105,432 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\smime3.dll
MOD - [2011-07-08 09:50:30 | 000,105,432 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nssdbm3.dll
MOD - [2011-07-08 09:50:30 | 000,089,048 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nssutil3.dll
MOD - [2011-07-08 09:50:30 | 000,021,976 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\plc4.dll
MOD - [2011-07-08 09:50:30 | 000,019,416 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\xpcom.dll
MOD - [2011-07-08 09:50:30 | 000,019,416 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\plds4.dll
MOD - [2011-07-08 09:50:30 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
MOD - [2011-07-08 09:50:28 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
MOD - [2011-07-08 09:50:28 | 000,719,832 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\mozcpp19.dll
MOD - [2011-07-08 09:50:28 | 000,715,736 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\mozcrt19.dll
MOD - [2011-07-08 09:50:28 | 000,269,272 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\freebl3.dll
MOD - [2011-07-08 09:50:28 | 000,015,832 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\mozalloc.dll
MOD - [2011-06-21 20:18:34 | 001,510,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shdocvw.dll
MOD - [2011-06-21 20:18:34 | 001,025,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browseui.dll
MOD - [2011-06-21 20:18:34 | 000,669,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wininet.dll
MOD - [2011-06-21 20:18:34 | 000,628,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\urlmon.dll
MOD - [2011-05-04 04:52:36 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
MOD - [2011-04-29 19:25:12 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schannel.dll
MOD - [2011-04-08 12:59:52 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
MOD - [2011-03-25 06:15:42 | 005,912,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
MOD - [2011-03-03 08:55:00 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dnsapi.dll
MOD - [2011-02-08 15:33:58 | 000,978,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42.dll
MOD - [2011-02-08 15:33:58 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42u.dll
MOD - [2011-01-21 16:44:12 | 008,491,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2010-12-22 14:34:22 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kerberos.dll
MOD - [2010-12-20 19:32:08 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2010-12-20 19:25:52 | 000,732,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsasrv.dll
MOD - [2010-12-09 17:15:26 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2010-12-02 20:23:16 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Java\jre6\bin\msvcr71.dll
MOD - [2010-11-17 11:13:46 | 000,110,592 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Documents and Settings\Magda\Dane aplikacji\PC Suite For Android Handset\ouc.exe
MOD - [2010-11-09 16:52:36 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbc32.dll
MOD - [2010-10-23 02:47:24 | 001,748,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22509_x-ww_c7dad023\GdiPlus.dll
MOD - [2010-08-27 10:03:48 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\t2embed.dll
MOD - [2010-08-27 07:54:14 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srvsvc.dll
MOD - [2010-08-23 18:12:56 | 000,617,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comctl32.dll
MOD - [2010-08-23 18:12:54 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010-08-17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
MOD - [2010-08-16 10:45:10 | 000,590,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2010-07-27 18:44:08 | 000,345,376 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
MOD - [2010-07-27 18:44:08 | 000,152,864 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mdnsNSP.dll
MOD - [2010-07-16 14:00:50 | 001,287,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2010-04-16 17:38:54 | 000,406,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usp10.dll
MOD - [2010-01-29 16:45:20 | 000,307,260 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\system32\l3codeca.acm
MOD - [2009-12-24 09:04:54 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wintrust.dll
MOD - [2009-12-08 11:25:46 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2009-11-07 01:07:08 | 000,049,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netfxperf.dll
MOD - [2009-11-07 01:07:04 | 000,297,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mscoree.dll
MOD - [2009-10-13 11:34:26 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oakley.dll
MOD - [2009-10-12 14:40:14 | 000,150,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rastls.dll
MOD - [2009-10-12 14:40:14 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\raschap.dll
MOD - [2009-09-11 16:19:44 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msv1_0.dll
MOD - [2009-09-04 23:05:36 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msasn1.dll
MOD - [2009-08-25 10:19:46 | 000,354,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winhttp.dll
MOD - [2009-08-06 19:23:46 | 001,929,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuaueng.dll
MOD - [2009-07-28 01:19:10 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shsvcs.dll
MOD - [2009-07-17 21:04:02 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\atl.dll
MOD - [2009-07-17 18:17:58 | 001,439,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\query.dll
MOD - [2009-07-12 01:12:06 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
MOD - [2009-07-12 00:02:02 | 003,780,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll
MOD - [2009-07-12 00:02:02 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
MOD - [2009-07-12 00:02:00 | 000,569,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
MOD - [2009-06-25 10:27:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2009-06-25 10:27:54 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdigest.dll
MOD - [2009-06-10 08:16:42 | 000,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wkssvc.dll
MOD - [2009-05-07 17:34:14 | 000,347,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\localspl.dll
MOD - [2009-03-21 16:09:00 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2009-03-06 16:22:12 | 000,285,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pdh.dll
MOD - [2009-02-09 13:25:58 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
MOD - [2009-02-09 12:53:44 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2009-02-09 12:53:44 | 000,473,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\fastprox.dll
MOD - [2009-02-09 12:53:44 | 000,453,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvsd.dll
MOD - [2009-02-09 12:53:44 | 000,401,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcss.dll
MOD - [2008-10-23 14:42:42 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-10-15 18:36:56 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netapi32.dll
MOD - [2008-07-25 11:17:02 | 000,088,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll
MOD - [2008-07-25 11:17:00 | 000,089,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
MOD - [2008-07-25 11:16:40 | 000,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
MOD - [2008-07-07 22:29:10 | 000,253,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\es.dll
MOD - [2008-07-06 14:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
MOD - [2008-06-24 18:46:34 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mscms.dll
MOD - [2008-06-20 18:04:24 | 000,246,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mswsock.dll
MOD - [2008-06-12 16:23:52 | 000,428,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msdtcprx.dll
MOD - [2008-06-12 16:23:52 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msdtcuiu.dll
MOD - [2008-06-12 16:23:52 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mtxclu.dll
MOD - [2008-04-14 22:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-14 19:21:56 | 000,266,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\h323.tsp
MOD - [2008-04-14 19:21:56 | 000,207,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\unimdm.tsp
MOD - [2008-04-14 19:21:56 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-14 19:21:56 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ndptsp.tsp
MOD - [2008-04-14 19:21:56 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kmddsp.tsp
MOD - [2008-04-14 19:21:56 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hidphone.tsp
MOD - [2008-04-14 19:21:56 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdmaud.drv
MOD - [2008-04-14 19:21:56 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipconf.tsp
MOD - [2008-04-14 19:21:54 | 000,129,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ksproxy.ax
MOD - [2008-04-14 19:21:54 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kswdmcap.ax
MOD - [2008-04-14 19:21:50 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe
MOD - [2008-04-14 19:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
MOD - [2008-04-14 19:21:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe
MOD - [2008-04-14 19:21:42 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
MOD - [2008-04-14 19:21:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
MOD - [2008-04-14 19:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
MOD - [2008-04-14 19:21:10 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
MOD - [2008-04-14 19:21:02 | 000,483,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsvc.dll
MOD - [2008-04-14 19:21:02 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsapi.dll
MOD - [2008-04-14 19:21:02 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauserv.dll
MOD - [2008-04-14 19:21:00 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wsock32.dll
MOD - [2008-04-14 19:21:00 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wshtcpip.dll
MOD - [2008-04-14 19:21:00 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wtsapi32.dll
MOD - [2008-04-14 19:20:58 | 000,531,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemcore.dll
MOD - [2008-04-14 19:20:58 | 000,430,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\vssapi.dll
MOD - [2008-04-14 19:20:58 | 000,334,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wiaservc.dll
MOD - [2008-04-14 19:20:58 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\webcheck.dll
MOD - [2008-04-14 19:20:58 | 000,273,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemess.dll
MOD - [2008-04-14 19:20:58 | 000,214,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemcomn.dll
MOD - [2008-04-14 19:20:58 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winmm.dll
MOD - [2008-04-14 19:20:58 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\w32time.dll
MOD - [2008-04-14 19:20:58 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll
MOD - [2008-04-14 19:20:58 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmisvc.dll
MOD - [2008-04-14 19:20:58 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprov.dll
MOD - [2008-04-14 19:20:58 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32spl.dll
MOD - [2008-04-14 19:20:58 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winscard.dll
MOD - [2008-04-14 19:20:58 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiutils.dll
MOD - [2008-04-14 19:20:58 | 000,093,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wlnotify.dll
MOD - [2008-04-14 19:20:58 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiaprpl.dll
MOD - [2008-04-14 19:20:58 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2_32.dll
MOD - [2008-04-14 19:20:58 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscsvc.dll
MOD - [2008-04-14 19:20:58 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winsta.dll
MOD - [2008-04-14 19:20:58 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemsvc.dll
MOD - [2008-04-14 19:20:58 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winipsec.dll
MOD - [2008-04-14 19:20:58 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2help.dll
MOD - [2008-04-14 19:20:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemprox.dll
MOD - [2008-04-14 19:20:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-14 19:20:58 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winrnr.dll
MOD - [2008-04-14 19:20:56 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2008-04-14 19:20:56 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sxs.dll
MOD - [2008-04-14 19:20:56 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-14 19:20:56 | 000,388,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\themeui.dll
MOD - [2008-04-14 19:20:56 | 000,296,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\termsrv.dll
MOD - [2008-04-14 19:20:56 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapisrv.dll
MOD - [2008-04-14 19:20:56 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-14 19:20:56 | 000,181,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapi32.dll
MOD - [2008-04-14 19:20:56 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srsvc.dll
MOD - [2008-04-14 19:20:56 | 000,133,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\upnp.dll
MOD - [2008-04-14 19:20:56 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\umpnpmgr.dll
MOD - [2008-04-14 19:20:56 | 000,122,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\stobject.dll
MOD - [2008-04-14 19:20:56 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\trkwks.dll
MOD - [2008-04-14 19:20:56 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-14 19:20:56 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tcpmon.dll
MOD - [2008-04-14 19:20:56 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ssdpapi.dll
MOD - [2008-04-14 19:20:56 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usbmon.dll
MOD - [2008-04-14 19:20:56 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uniplat.dll
MOD - [2008-04-14 19:20:48 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolss.dll
MOD - [2008-04-14 19:20:48 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shimeng.dll
MOD - [2008-04-14 19:20:48 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shfolder.dll
MOD - [2008-04-14 19:20:46 | 000,675,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasdlg.dll
MOD - [2008-04-14 19:20:46 | 000,427,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samsrv.dll
MOD - [2008-04-14 19:20:46 | 000,325,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scesrv.dll
MOD - [2008-04-14 19:20:46 | 000,210,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasppp.dll
MOD - [2008-04-14 19:20:46 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schedsvc.dll
MOD - [2008-04-14 19:20:46 | 000,186,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scecli.dll
MOD - [2008-04-14 19:20:46 | 000,186,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasmans.dll
MOD - [2008-04-14 19:20:46 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\repdrvfs.dll
MOD - [2008-04-14 19:20:46 | 000,140,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc_os.dll
MOD - [2008-04-14 19:20:46 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll
MOD - [2008-04-14 19:20:46 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasqec.dll
MOD - [2008-04-14 19:20:46 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasman.dll
MOD - [2008-04-14 19:20:46 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\resutils.dll
MOD - [2008-04-14 19:20:46 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rastapi.dll
MOD - [2008-04-14 19:20:46 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\regapi.dll
MOD - [2008-04-14 19:20:46 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rtutils.dll
MOD - [2008-04-14 19:20:46 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sens.dll
MOD - [2008-04-14 19:20:46 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\seclogon.dll
MOD - [2008-04-14 19:20:46 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc.dll
MOD - [2008-04-14 19:20:44 | 000,409,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\qmgr.dll
MOD - [2008-04-14 19:20:44 | 000,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasapi32.dll
MOD - [2008-04-14 19:20:44 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\onex.dll
MOD - [2008-04-14 19:20:44 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psbase.dll
MOD - [2008-04-14 19:20:44 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-14 19:20:44 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\qutil.dll
MOD - [2008-04-14 19:20:44 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfctrs.dll
MOD - [2008-04-14 19:20:44 | 000,038,400 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
MOD - [2008-04-14 19:20:44 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfproc.dll
MOD - [2008-04-14 19:20:44 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pstorsvc.dll
MOD - [2008-04-14 19:20:44 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\profmap.dll
MOD - [2008-04-14 19:20:44 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfdisk.dll
MOD - [2008-04-14 19:20:44 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfos.dll
MOD - [2008-04-14 19:20:44 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcbcp.dll
MOD - [2008-04-14 19:20:44 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-14 19:20:44 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfnet.dll
MOD - [2008-04-14 19:20:44 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\powrprof.dll
MOD - [2008-04-14 19:20:44 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pjlmon.dll
MOD - [2008-04-14 19:20:44 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasadhlp.dll
MOD - [2008-04-14 19:20:42 | 001,710,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netshell.dll
MOD - [2008-04-14 19:20:42 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui1.dll
MOD - [2008-04-14 19:20:42 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntshrui.dll
MOD - [2008-04-14 19:20:42 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll
MOD - [2008-04-14 19:20:42 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui0.dll
MOD - [2008-04-14 19:20:42 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdsapi.dll
MOD - [2008-04-14 19:20:42 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlanman.dll
MOD - [2008-04-14 19:20:42 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlsapi.dll
MOD - [2008-04-14 19:20:40 | 000,629,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netcfgx.dll
MOD - [2008-04-14 19:20:40 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll
MOD - [2008-04-14 19:20:40 | 000,407,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netlogon.dll
MOD - [2008-04-14 19:20:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-14 19:20:40 | 000,198,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netman.dll
MOD - [2008-04-14 19:20:40 | 000,195,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msutb.dll
MOD - [2008-04-14 19:20:40 | 000,116,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mstlsapi.dll
MOD - [2008-04-14 19:20:40 | 000,091,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mydocs.dll
MOD - [2008-04-14 19:20:40 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\ncprov.dll
MOD - [2008-04-14 19:20:40 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ncobjapi.dll
MOD - [2008-04-14 19:20:40 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mspatcha.dll
MOD - [2008-04-14 19:20:40 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\nddeapi.dll
MOD - [2008-04-14 19:20:40 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netrap.dll
MOD - [2008-04-14 19:20:38 | 002,843,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msi.dll
MOD - [2008-04-14 19:20:38 | 001,000,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msgina.dll
MOD - [2008-04-14 19:20:38 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008-04-14 19:20:38 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msidle.dll
MOD - [2008-04-14 19:20:38 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msimg32.dll
MOD - [2008-04-14 19:20:36 | 000,586,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mlang.dll
MOD - [2008-04-14 19:20:36 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll
MOD - [2008-04-14 19:20:36 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mprapi.dll
MOD - [2008-04-14 19:20:36 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.dll
MOD - [2008-04-14 19:20:36 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mpr.dll
MOD - [2008-04-14 19:20:36 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\midimap.dll
MOD - [2008-04-14 19:20:34 | 000,330,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipnathlp.dll
MOD - [2008-04-14 19:20:34 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipsecsvc.dll
MOD - [2008-04-14 19:20:34 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\loadperf.dll
MOD - [2008-04-14 19:20:34 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iphlpapi.dll
MOD - [2008-04-14 19:20:34 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetpp.dll
MOD - [2008-04-14 19:20:34 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\linkinfo.dll
MOD - [2008-04-14 19:20:34 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ksuser.dll
MOD - [2008-04-14 19:20:32 | 001,092,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\esent.dll
MOD - [2008-04-14 19:20:32 | 000,346,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hnetcfg.dll
MOD - [2008-04-14 19:20:32 | 000,254,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\icm32.dll
MOD - [2008-04-14 19:20:32 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\esscli.dll
MOD - [2008-04-14 19:20:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-14 19:20:32 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imagehlp.dll
MOD - [2008-04-14 19:20:32 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2008-04-14 19:20:32 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eventlog.dll
MOD - [2008-04-14 19:20:32 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ersvc.dll
MOD - [2008-04-14 19:20:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hidserv.dll
MOD - [2008-04-14 19:20:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\feclient.dll
MOD - [2008-04-14 19:20:32 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hid.dll
MOD - [2008-04-14 19:20:32 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\icaapi.dll
MOD - [2008-04-14 19:20:30 | 000,304,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\duser.dll
MOD - [2008-04-14 19:20:30 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eappcfg.dll
MOD - [2008-04-14 19:20:30 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eappprxy.dll
MOD - [2008-04-14 19:20:30 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eapolqec.dll
MOD - [2008-04-14 19:20:28 | 000,367,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dsound.dll
MOD - [2008-04-14 19:20:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drprov.dll
MOD - [2008-04-14 19:20:26 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dot3api.dll
MOD - [2008-04-14 19:20:26 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dot3dlg.dll
MOD - [2008-04-14 19:20:24 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dimsntfy.dll
MOD - [2008-04-14 19:20:22 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dbghelp.dll
MOD - [2008-04-14 19:20:22 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dhcpcsvc.dll
MOD - [2008-04-14 19:20:22 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\devenum.dll
MOD - [2008-04-14 19:20:22 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\davclnt.dll
MOD - [2008-04-14 19:20:18 | 000,520,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptui.dll
MOD - [2008-04-14 19:20:18 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscui.dll
MOD - [2008-04-14 19:20:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscdll.dll
MOD - [2008-04-14 19:20:18 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptsvc.dll
MOD - [2008-04-14 19:20:18 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptdll.dll
MOD - [2008-04-14 19:20:16 | 001,267,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comsvcs.dll
MOD - [2008-04-14 19:20:16 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\credui.dll
MOD - [2008-04-14 19:20:14 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2008-04-14 19:20:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-14 19:20:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2008-04-14 19:20:12 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\colbact.dll
MOD - [2008-04-14 19:20:12 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clusapi.dll
MOD - [2008-04-14 19:20:12 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cnbjmon.dll
MOD - [2008-04-14 19:20:08 | 000,197,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\certcli.dll
MOD - [2008-04-14 19:20:06 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cabinet.dll
MOD - [2008-04-14 19:20:04 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browser.dll
MOD - [2008-04-14 19:20:04 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\authz.dll
MOD - [2008-04-14 19:20:04 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\audiosrv.dll
MOD - [2008-04-14 19:20:04 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\batmeter.dll
MOD - [2008-04-14 19:20:00 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll
MOD - [2008-04-14 19:19:58 | 000,143,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\adsldpc.dll
MOD - [2008-04-14 19:19:56 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\activeds.dll
MOD - [2008-04-14 19:19:56 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\actxprxy.dll
MOD - [2008-04-14 19:19:54 | 001,852,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\AcGenral.dll
MOD - [2008-04-14 19:19:54 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\acadproc.dll
MOD - [2008-04-14 19:18:50 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wmi.dll
MOD - [2008-04-14 19:16:32 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008-04-14 19:01:08 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cfgmgr32.dll
MOD - [2008-04-14 18:09:14 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapres.dll
MOD - [2008-04-14 18:05:18 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browselc.dll
MOD - [2008-04-13 20:37:58 | 002,953,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\xpsp2res.dll
MOD - [2008-04-13 19:37:58 | 000,208,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsaenh.dll
MOD - [2008-04-13 19:37:58 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dssenh.dll
MOD - [2008-04-13 18:23:32 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msprivs.dll
MOD - [2007-04-09 16:46:56 | 000,057,344 | ---- | M] (VM305SNAP) -- C:\WINDOWS\vm305_sti.exe
MOD - [2007-03-28 14:54:30 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcint.dll
MOD - [2006-10-18 21:47:22 | 000,133,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WPDShServiceObj.dll
MOD - [2006-10-18 21:47:18 | 000,284,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\PortableDeviceApi.dll
MOD - [2006-10-18 21:47:18 | 000,166,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\PortableDeviceTypes.dll
MOD - [2005-08-08 18:22:34 | 000,155,722 | ---- | M] (Vimicro) -- C:\WINDOWS\system32\VM305Prp.Ax
MOD - [2004-08-04 12:00:00 | 000,163,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleacc.dll
MOD - [2004-08-04 12:00:00 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42loc.dll
MOD - [2004-08-04 12:00:00 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\traffic.dll
MOD - [2004-08-04 12:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\utildll.dll
MOD - [2004-08-04 12:00:00 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.drv
MOD - [2004-08-04 12:00:00 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfts.dll
MOD - [2004-08-04 12:00:00 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pschdprf.dll
MOD - [2004-08-04 12:00:00 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsvpperf.dll
MOD - [2004-08-04 12:00:00 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapiperf.dll
MOD - [2004-08-04 12:00:00 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lz32.dll
MOD - [2003-06-19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
MOD - [2003-06-19 01:31:48 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
MOD - [2003-02-20 19:19:32 | 000,253,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Auto | Stopped] -- -- (PEVSystemStart)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011-09-06 22:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- D:\AVAST Software\AvastSvc.exe -- (avast! Antivirus)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2011-09-06 22:38:06 | 000,442,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011-09-06 22:37:54 | 000,320,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011-09-06 22:36:38 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011-09-06 22:36:36 | 000,052,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011-09-06 22:36:24 | 000,110,552 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011-09-06 22:36:12 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011-09-06 22:33:12 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011-07-29 22:15:40 | 003,331,072 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2010-11-02 19:42:42 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF) WinPcap Packet Driver (NPF)
DRV - [2010-08-11 11:44:02 | 000,114,688 | R--- | M] (ZTE Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbnet.sys -- (ZTEusbnet)
DRV - [2010-08-11 11:44:02 | 000,105,856 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\zteusbvoice.sys -- (ZTEusbvoice)
DRV - [2010-08-11 11:44:02 | 000,105,856 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2010-08-11 11:44:02 | 000,105,856 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2010-08-11 11:44:02 | 000,105,856 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2010-08-11 11:44:02 | 000,009,216 | R--- | M] (MBB Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\massfilter.sys -- (massfilter)
DRV - [2010-06-25 04:01:12 | 000,108,032 | R--- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\smhwser.sys -- (smhwser) USB Device for Legacy Serial Communication (Normal)
DRV - [2010-06-25 04:01:12 | 000,100,864 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\smhwdev.sys -- (smhwdev) SmartPhone dummy USB PNP Device (Normal)
DRV - [2010-06-25 04:01:12 | 000,025,728 | R--- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\smhwadb.sys -- (androidusb)
DRV - [2010-05-20 14:40:26 | 000,080,000 | ---- | M] (Vodafone) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vodafone_K380x-z_dc_enum.sys -- (vodafone_K380x-z_dc_enum)
DRV - [2009-10-26 22:31:12 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2006-05-08 10:24:24 | 000,391,688 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbVM305.sys -- (ZSMC0305)
DRV - [2005-06-17 17:17:48 | 000,352,000 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\camc6hal.sys -- (CAMCHALA)
DRV - [2005-06-17 17:17:00 | 000,038,144 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\camc6aud.sys -- (CAMCAUD)
DRV - [2005-05-25 01:39:44 | 000,465,952 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2004-08-03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1482476501-842925246-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://google.atcomet.com/b/"]http://google.atcomet.com/b/[/url]
IE - HKU\S-1-5-21-1482476501-842925246-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1482476501-842925246-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "Mario Forever Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2247187&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.pl"
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.9.1.14019
FF - prefs.js..extensions.enabledItems: {B042753D-F57E-4e8e-A01B-7379A6D4CEFB}:1.19
FF - prefs.js..extensions.enabledItems: en-GB@dictionaries.addons.mozilla.org:1.19
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {707db484-2428-402d-afb5-d85b387544c7}:2.1.0.15
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778
FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?client=ff&src=kw&tb=UT2V5&o=15158&locale=en_US&apn_uid=D9D6ED1C-A748-4BE1-9AC6-154D6A896813&apn_ptnrs=UG&apn_sauid=C3B47509-2F38-4442-987B-DF98827BB9C4&apn_dtid=&q="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@funwebproducts.com/Plugin: C:\Program Files\FunWebProducts\Installr\2.bin\NPFunWeb.dll (Fun Web Products, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: D:\AVAST Software\WebRep\FF [2011-09-24 12:54:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-09-23 22:04:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-09-23 22:04:34 | 000,000,000 | ---D | M]

[2009-09-23 22:04:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Magda\Dane aplikacji\Mozilla\Extensions
[2009-09-23 22:04:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Magda\Dane aplikacji\Mozilla\Firefox\Profiles\1q0okffk.default\extensions
[2010-08-20 01:46:20 | 000,000,000 | ---D | M] (Mario Forever Toolbar) -- C:\Documents and Settings\Magda\Dane aplikacji\Mozilla\Firefox\Profiles\1q0okffk.default\extensions\{707db484-2428-402d-afb5-d85b387544c7}
[2011-07-31 02:25:38 | 000,000,000 | ---D | M] (British English Dictionary) -- C:\Documents and Settings\Magda\Dane aplikacji\Mozilla\Firefox\Profiles\1q0okffk.default\extensions\en-GB@dictionaries.addons.mozilla.org
[2010-12-27 19:01:48 | 000,002,559 | ---- | M] () -- C:\Documents and Settings\Magda\Dane aplikacji\Mozilla\Firefox\Profiles\1q0okffk.default\searchplugins\askcom.xml
[2009-06-23 10:06:48 | 000,000,888 | ---- | M] () -- C:\Documents and Settings\Magda\Dane aplikacji\Mozilla\Firefox\Profiles\1q0okffk.default\searchplugins\conduit.xml
[2009-09-23 22:04:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010-12-02 20:23:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
() (No name found) -- C:\DOCUMENTS AND SETTINGS\MAGDA\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\1Q0OKFFK.DEFAULT\EXTENSIONS\{DD05FD3D-18DF-4CE4-AE53-E795339C5F01}.XPI
[2010-12-02 20:23:16 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011-09-24 12:54:12 | 000,000,000 | ---D | M] (avast! WebRep) -- D:\AVAST SOFTWARE\WEBREP\FF
[2011-07-08 09:50:30 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010-02-21 12:22:32 | 000,712,704 | ---- | M] (BitComet) -- C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll
[2010-12-02 20:23:16 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010-01-01 10:00:00 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2010-01-01 10:00:00 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2010-01-01 10:00:00 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2010-01-01 10:00:00 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2010-01-01 10:00:00 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2010-01-01 10:00:00 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2004-08-04 12:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Magda\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.)
O3 - HKU\S-1-5-21-1482476501-842925246-1801674531-1004\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [avast] D:\AVAST Software\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BigDog305] C:\WINDOWS\VM305_STI.EXE (VM305SNAP)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1482476501-842925246-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1482476501-842925246-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7EA53CA8-5F30-4B34-862F-A2116CFF0C32}: DhcpNameServer = 192.168.1.100
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\windows\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Magda\Moje dokumenty\TOP-STORY-3-GOAT.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Magda\Moje dokumenty\TOP-STORY-3-GOAT.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-09-23 18:56:30 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O33 - MountPoints2\{0a780ce2-8dc0-11df-a385-001636107150}\Shell\AutoRun\command - "" = I:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\spoolsv.exe
O33 - MountPoints2\{0a780ce2-8dc0-11df-a385-001636107150}\Shell\open\command - "" = I:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\spoolsv.exe
O33 - MountPoints2\{0e87c47c-35b8-11df-a2b1-001636107150}\Shell - "" = AutoRun
O33 - MountPoints2\{0e87c47c-35b8-11df-a2b1-001636107150}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn
O33 - MountPoints2\{1abda2f0-2b83-11df-a2a0-001636107150}\Shell\AutoRun\command - "" = RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\isee.exe
O33 - MountPoints2\{1abda2f0-2b83-11df-a2a0-001636107150}\Shell\open\command - "" = RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\isee.exe
O33 - MountPoints2\{1b972e69-da63-11e0-9843-001636107150}\Shell - "" = AutoRun
O33 - MountPoints2\{1b972e69-da63-11e0-9843-001636107150}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RUNdLl32.ExE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn
O33 - MountPoints2\{325314f8-bac1-11e0-a6e8-001636107150}\Shell - "" = AutoRun
O33 - MountPoints2\{325314f8-bac1-11e0-a6e8-001636107150}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn
O33 - MountPoints2\{4517f253-df76-11de-a1eb-001636107150}\Shell - "" = AutoRun
O33 - MountPoints2\{4517f253-df76-11de-a1eb-001636107150}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn
O33 - MountPoints2\{4ea7e869-c5b1-11e0-a6f2-b3f50e8ff6a3}\Shell - "" = AutoRun
O33 - MountPoints2\{4ea7e869-c5b1-11e0-a6f2-b3f50e8ff6a3}\Shell\AutoRun\command - "" = I:\setup_vmb_lite.exe /checkApplicationPresence
O33 - MountPoints2\{57b6610a-fe10-11df-a497-001636107150}\Shell - "" = AutoRun
O33 - MountPoints2\{57b6610a-fe10-11df-a497-001636107150}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn
O33 - MountPoints2\{598fa674-a869-11de-a16e-001636107150}\Shell - "" = AutoRun
O33 - MountPoints2\{598fa674-a869-11de-a16e-001636107150}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn
O33 - MountPoints2\{59dd96e5-bb16-11de-a194-001636107150}\Shell - "" = AutoRun
O33 - MountPoints2\{59dd96e5-bb16-11de-a194-001636107150}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn
O33 - MountPoints2\{5df2cd7c-b36c-11df-a3d4-001636107150}\Shell - "" = AutoRun
O33 - MountPoints2\{5df2cd7c-b36c-11df-a3d4-001636107150}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn
O33 - MountPoints2\{718b6198-d7cc-11e0-a74f-001636107150}\Shell\AutoRun\command - "" = I:\setup.exe
O33 - MountPoints2\{87ca7dda-dd77-11e0-9847-001636107150}\Shell - "" = AutoRun
O33 - MountPoints2\{87ca7dda-dd77-11e0-9847-001636107150}\Shell\AutoRun\command - "" = D:\PcOptions.exe
O33 - MountPoints2\{8f163c37-9dbd-11e0-a6ca-001636107150}\Shell - "" = AutoRun
O33 - MountPoints2\{8f163c37-9dbd-11e0-a6ca-001636107150}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{951ffbb8-b416-11de-a18a-0011f5daf373}\Shell\AutoRun\command - "" = 2a.exe
O33 - MountPoints2\{951ffbb8-b416-11de-a18a-0011f5daf373}\Shell\open\Command - "" = 2a.exe
O33 - MountPoints2\{b74e58bc-7cfa-11df-a355-001636107150}\Shell - "" = AutoRun
O33 - MountPoints2\{b74e58bc-7cfa-11df-a355-001636107150}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn
O33 - MountPoints2\{bea00bf8-271b-11e0-a524-001636107150}\Shell - "" = AutoRun
O33 - MountPoints2\{bea00bf8-271b-11e0-a524-001636107150}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn
O33 - MountPoints2\{c0591f9c-f71b-11de-a229-001636107150}\Shell - "" = AutoRun
O33 - MountPoints2\{c0591f9c-f71b-11de-a229-001636107150}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn
O33 - MountPoints2\{c291de81-ca66-11df-a3fc-001636107150}\Shell - "" = AutoRun
O33 - MountPoints2\{c291de81-ca66-11df-a3fc-001636107150}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn
O33 - MountPoints2\{e018426c-4ae1-11df-a2d9-001636107150}\Shell - "" = AutoRun
O33 - MountPoints2\{e018426c-4ae1-11df-a2d9-001636107150}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn
O33 - MountPoints2\{ed1926c0-ab77-11de-a179-0011f5daf373}\Shell - "" = AutoRun
O33 - MountPoints2\{ed1926c0-ab77-11de-a179-0011f5daf373}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn
O33 - MountPoints2\{f39278f4-d249-11df-a412-001636107150}\Shell - "" = AutoRun
O33 - MountPoints2\{f39278f4-d249-11df-a412-001636107150}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn
O33 - MountPoints2\{f9eb62ec-c0e7-11de-a1a4-001636107150}\Shell - "" = AutoRun
O33 - MountPoints2\{f9eb62ec-c0e7-11de-a1a4-001636107150}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: qsyurbuo - File not found
NetSvcs: jccbktre - File not found

MsConfig - StartUpReg: [b]Adobe ARM[/b] - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: [b]Adobe Reader Speed Launcher[/b] - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: [b]ALLUpdate[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]BitComet[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]Google Update[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]HW_OPENEYE_OUC_PC Suite For Android Handset[/b] - hkey= - key= - C:\Program Files\PC Suite For Android Handset\UpdateDog\ouc.exe (Huawei Technologies Co., Ltd.)
MsConfig - StartUpReg: [b]iTunesHelper[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]MS32DLL[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]My Document[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]Nowe Gadu-Gadu[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]RegistryBooster[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]sniffer[/b] - hkey= - key= - File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2

SafeBootMin: AppMgmt - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PEVSystemStart - File not found
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: procexp90.Sys - Driver
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: AppMgmt - File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PEVSystemStart - File not found
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: procexp90.Sys - Driver
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2011-09-25 15:09:32 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011-09-25 14:45:33 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011-09-25 14:06:55 | 000,000,000 | ---D | C] -- C:\windows\System32\URTTEMP
[2011-09-25 10:29:49 | 000,000,000 | ---D | C] -- C:\windows\Prefetch
[2011-09-24 16:02:50 | 000,000,000 | ---D | C] -- C:\windows\System32\pl-pl
[2011-09-24 16:02:49 | 000,000,000 | ---D | C] -- C:\windows\System32\pl
[2011-09-24 16:02:49 | 000,000,000 | ---D | C] -- C:\windows\l2schemas
[2011-09-24 16:02:49 | 000,000,000 | ---D | C] -- C:\windows\System32\bits
[2011-09-24 15:58:57 | 000,000,000 | ---D | C] -- C:\windows\network diagnostic
[2011-09-24 15:52:27 | 000,000,000 | -H-D | C] -- C:\windows\$NtServicePackUninstall$
[2011-09-24 15:52:24 | 000,000,000 | ---D | C] -- C:\windows\EHome
[2011-09-24 14:46:53 | 000,000,000 | ---D | C] -- C:\windows\System32\XPSViewer
[2011-09-24 14:46:46 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2011-09-24 14:46:42 | 000,000,000 | ---D | C] -- C:\windows\System32\en-US
[2011-09-24 14:46:33 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2011-09-24 14:37:12 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 6.0
[2011-09-24 12:54:43 | 000,020,568 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswFsBlk.sys
[2011-09-24 12:54:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\avast! Free Antivirus
[2011-09-24 12:54:42 | 000,320,856 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswSP.sys
[2011-09-24 12:54:39 | 000,052,568 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswTdi.sys
[2011-09-24 12:54:39 | 000,034,392 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswRdr.sys
[2011-09-24 12:54:38 | 000,442,200 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswSnx.sys
[2011-09-24 12:54:36 | 000,110,552 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswmon2.sys
[2011-09-24 12:54:36 | 000,104,536 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswmon.sys
[2011-09-24 12:54:36 | 000,030,808 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aavmker4.sys
[2011-09-24 12:54:09 | 000,199,304 | ---- | C] (AVAST Software) -- C:\windows\System32\aswBoot.exe
[2011-09-24 12:54:09 | 000,041,184 | ---- | C] (AVAST Software) -- C:\windows\avastSS.scr
[2011-09-24 12:53:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software
[2011-09-22 17:50:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magda\Moje dokumenty\Pobieranie
[2011-09-12 22:30:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magda\Dane aplikacji\PC Suite For Android Handset
[2011-09-12 22:29:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\PC Suite For Android Handset
[2011-09-12 22:29:22 | 000,000,000 | ---D | C] -- C:\Program Files\PC Suite For Android Handset
[2011-09-12 22:28:40 | 000,108,032 | R--- | C] (QUALCOMM Incorporated) -- C:\windows\System32\drivers\smhwser.sys
[2011-09-12 22:28:40 | 000,100,864 | R--- | C] (Huawei Technologies Co., Ltd.) -- C:\windows\System32\drivers\smhwdev.sys
[2011-09-09 21:08:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magda\Dane aplikacji\Kadu
[2011-09-08 23:36:56 | 000,000,000 | ---D | C] -- C:\Program Files\EASEUS
[2011-09-08 17:59:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magda\Moje dokumenty\allegro
[2011-09-08 17:59:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magda\Moje dokumenty\zdjeeeeee
[2011-09-08 17:58:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magda\Moje dokumenty\My PSP8 Files
[2011-09-08 17:58:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magda\Moje dokumenty\Moje wideo
[2011-09-08 17:58:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magda\Moje dokumenty\Moje obrazy
[2011-09-08 17:58:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magda\Moje dokumenty\Moja muzyka
[2011-09-08 17:58:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magda\Moje dokumenty\jeansy
[2011-09-08 17:58:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magda\Moje dokumenty\Downloads
[2011-09-08 17:58:05 | 000,000,000 | ---D | C] -- C:\untitled folder
[2011-09-06 02:14:38 | 000,299,520 | ---- | C] (InstallShield Corporation, Inc.) -- C:\windows\uninst.exe
[2011-09-06 02:14:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magda\WINDOWS
[2011-09-06 02:13:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magda\Ustawienia lokalne\Dane aplikacji\NeoSmart_Technologies
[2011-09-06 02:11:26 | 000,000,000 | ---D | C] -- C:\Program Files\NeoSmart Technologies
[2011-09-05 19:26:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magda\Dane aplikacji\InfraRecorder
[2011-09-04 20:08:04 | 000,000,000 | ---D | C] -- C:\Data
[2011-09-04 19:34:37 | 000,000,000 | ---D | C] -- C:\cmdcons
[2011-09-04 19:33:14 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe
[2011-09-04 19:33:14 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe
[2011-09-04 19:33:14 | 000,212,480 | ---- | C] (SteelWerX) -- C:\windows\SWXCACLS.exe
[2011-09-04 19:33:14 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe
[2011-09-04 19:33:09 | 000,000,000 | ---D | C] -- C:\windows\ERDNT
[2011-09-04 19:33:05 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Magda\Menu Start\Programy\Narzędzia administracyjne
[2011-09-04 19:09:03 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files
[2011-09-04 19:08:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\MFAData
[2011-09-04 17:53:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magda\Ustawienia lokalne\Dane aplikacji\Opera
[2011-09-04 17:53:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magda\Dane aplikacji\Opera
[2011-09-04 17:53:22 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2011-09-04 17:45:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magda\WapSter
[2011-09-04 17:45:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magda\Menu Start\Programy\WapSter
[2011-09-04 17:44:12 | 000,000,000 | ---D | C] -- C:\Program Files\WapSter
[2011-08-25 14:04:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Vodafone
[2011-08-13 19:52:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magda\Ustawienia lokalne\Dane aplikacji\ATI
[2011-08-13 19:52:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magda\Dane aplikacji\ATI
[2011-08-13 19:52:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ATI
[2011-08-13 15:57:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magda\Dane aplikacji\FLEXnet
[2011-08-13 15:46:35 | 000,009,216 | R--- | C] (MBB Incorporated) -- C:\windows\System32\drivers\massfilter.sys
[2011-08-13 15:41:08 | 000,114,688 | R--- | C] (ZTE Corporation) -- C:\windows\System32\drivers\ZTEusbnet.sys
[2011-08-13 15:41:04 | 000,105,856 | R--- | C] (ZTE Incorporated) -- C:\windows\System32\drivers\ZTEusbmdm6k.sys
[2011-08-13 15:41:00 | 000,105,856 | R--- | C] (ZTE Incorporated) -- C:\windows\System32\drivers\zteusbvoice.sys
[2011-08-13 15:40:56 | 000,105,856 | R--- | C] (ZTE Incorporated) -- C:\windows\System32\drivers\ZTEusbnmea.sys
[2011-08-13 15:40:52 | 000,105,856 | R--- | C] (ZTE Incorporated) -- C:\windows\System32\drivers\ZTEusbser6k.sys
[2011-08-13 15:40:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magda\Dane aplikacji\Vodafone
[2011-08-13 15:40:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\FLEXnet
[2011-08-13 15:39:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magda\Ustawienia lokalne\Dane aplikacji\{F3E8BCCE-24B6-4737-920E-0D6073630E2A}
[2011-08-13 15:37:53 | 000,000,000 | R-SD | C] -- C:\windows\assembly
[2011-08-13 15:37:32 | 000,000,000 | ---D | C] -- C:\windows\Microsoft.NET
[2011-07-31 15:38:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\Sports Interactive
[2011-07-31 14:13:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magda\Ustawienia lokalne\Dane aplikacji\uTorrent
[2011-07-29 22:18:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Catalyst Control Center
[2011-07-29 22:16:16 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2011-07-29 21:43:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2011-07-29 21:43:20 | 000,000,000 | ---D | C] -- C:\Program Files\Atheros
[2011-07-28 19:54:11 | 000,000,000 | ---D | C] -- C:\Program Files\Atheros(2)
[2011-07-28 19:53:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Atheros
[2011-07-28 19:53:28 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[6 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
[5 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[3 C:\Documents and Settings\Magda\Pulpit\*.tmp files -> C:\Documents and Settings\Magda\Pulpit\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2011-09-25 15:10:12 | 000,001,034 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2011-09-25 14:48:20 | 000,000,040 | ---- | M] () -- C:\Documents and Settings\All Users\Dokumenty\_rgpl
[2011-09-25 14:48:04 | 000,000,765 | ---- | M] () -- C:\windows\win.ini
[2011-09-25 14:48:04 | 000,000,227 | ---- | M] () -- C:\windows\system.ini
[2011-09-25 14:48:04 | 000,000,198 | -HS- | M] () -- C:\boot.ini
[2011-09-25 14:31:34 | 000,001,030 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2011-09-25 14:29:06 | 000,000,006 | -H-- | M] () -- C:\windows\tasks\SA.DAT
[2011-09-25 14:27:50 | 000,002,048 | --S- | M] () -- C:\windows\bootstat.dat
[2011-09-25 14:27:48 | 000,055,160 | ---- | M] () -- C:\windows\System32\ativvaxx.cap
[2011-09-25 14:11:10 | 000,503,308 | ---- | M] () -- C:\windows\System32\perfh015.dat
[2011-09-25 14:11:10 | 000,443,922 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2011-09-25 14:11:10 | 000,090,490 | ---- | M] () -- C:\windows\System32\perfc015.dat
[2011-09-25 14:11:08 | 001,099,080 | ---- | M] () -- C:\windows\System32\PerfStringBackup.INI
[2011-09-25 14:11:08 | 000,072,180 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2011-09-25 13:45:52 | 000,013,646 | ---- | M] () -- C:\windows\System32\wpa.dbl
[2011-09-25 11:38:16 | 000,237,552 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2011-09-25 11:36:50 | 006,029,312 | ---- | M] () -- C:\Documents and Settings\Magda\ntuser.dat
[2011-09-25 11:36:50 | 000,000,292 | -HS- | M] () -- C:\Documents and Settings\Magda\ntuser.ini
[2011-09-25 11:19:20 | 000,001,374 | ---- | M] () -- C:\windows\imsins.BAK
[2011-09-24 22:04:44 | 000,088,384 | ---- | M] () -- C:\Documents and Settings\Magda\Pulpit\022e191300015940.png
[2011-09-24 17:24:06 | 000,000,423 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\µTorrent.lnk
[2011-09-24 16:42:00 | 000,061,544 | ---- | M] () -- C:\Documents and Settings\Magda\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2011-09-24 15:58:42 | 000,251,152 | RHS- | M] () -- C:\ntldr
[2011-09-24 13:03:44 | 000,002,629 | ---- | M] () -- C:\windows\System32\CONFIG.NT
[2011-09-24 12:54:44 | 000,000,545 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\avast! Free Antivirus.lnk
[2011-09-24 11:22:56 | 000,000,291 | ---- | M] () -- C:\Documents and Settings\Magda\Pulpit\AQQ.lnk
[2011-09-22 17:46:18 | 000,023,040 | ---- | M] () -- C:\Documents and Settings\Magda\Pulpit\2a_LO_2011_2012.pdf
[2011-09-12 22:29:04 | 000,000,000 | -H-- | M] () -- C:\windows\System32\drivers\Msft_Kernel_smhwadb_01005.Wdf
[2011-09-11 21:19:18 | 000,000,450 | ---- | M] () -- C:\Niezapisany dokument 1
[2011-09-08 23:40:18 | 004,320,600 | -H-- | M] () -- C:\Documents and Settings\Magda\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2011-09-07 23:29:02 | 001,923,054 | ---- | M] () -- C:\Documents and Settings\Magda\Moje dokumenty\TOP-STORY-3-GOAT.bmp
[2011-09-06 22:45:30 | 000,199,304 | ---- | M] (AVAST Software) -- C:\windows\System32\aswBoot.exe
[2011-09-06 22:45:30 | 000,041,184 | ---- | M] (AVAST Software) -- C:\windows\avastSS.scr
[2011-09-06 22:38:06 | 000,442,200 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswSnx.sys
[2011-09-06 22:37:54 | 000,320,856 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswSP.sys
[2011-09-06 22:36:38 | 000,034,392 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswRdr.sys
[2011-09-06 22:36:36 | 000,052,568 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswTdi.sys
[2011-09-06 22:36:24 | 000,110,552 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswmon2.sys
[2011-09-06 22:36:20 | 000,104,536 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswmon.sys
[2011-09-06 22:36:12 | 000,020,568 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswFsBlk.sys
[2011-09-06 22:33:12 | 000,030,808 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aavmker4.sys
[2011-09-06 19:41:48 | 000,000,000 | RHS- | M] () -- C:\CONFIG.SYS
[2011-09-06 02:15:20 | 000,000,049 | ---- | M] () -- C:\windows\mbm3v0.ini
[2011-09-03 14:02:58 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Magda\Moje dokumenty\qt_temp.pg5424.png
[2011-09-03 14:02:46 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Magda\Moje dokumenty\qt_temp.aw5424.png
[2011-09-02 23:00:58 | 000,085,504 | ---- | M] () -- C:\Documents and Settings\Magda\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-08-31 19:11:40 | 000,000,122 | ---- | M] () -- C:\windows\WA.INI
[2011-08-25 18:30:14 | 000,000,372 | ---- | M] () -- C:\Documents and Settings\Magda\Moje dokumenty\spider.sav
[2011-08-15 13:33:28 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Magda\100_6497.JPG
[2011-08-13 15:40:22 | 000,000,000 | -H-- | M] () -- C:\windows\System32\drivers\Msft_Kernel_vodafone_K380x-z_dc_enum_01009.Wdf
[2011-07-29 22:15:40 | 003,107,788 | ---- | M] () -- C:\windows\System32\ativvaxx.dat
[2011-07-29 22:15:40 | 003,107,788 | ---- | M] () -- C:\windows\System32\ativva5x.dat
[2011-07-29 22:15:40 | 000,887,724 | ---- | M] () -- C:\windows\System32\ativva6x.dat
[2011-07-29 22:15:40 | 000,176,918 | ---- | M] () -- C:\windows\System32\atiicdxx.dat
[2011-07-29 22:15:40 | 000,090,112 | ---- | M] () -- C:\windows\System32\atibrtmon.exe
[2011-07-29 22:15:40 | 000,014,696 | ---- | M] () -- C:\windows\atiogl.xml
[2011-07-29 22:15:40 | 000,007,167 | ---- | M] () -- C:\windows\System32\atifglpf.xml
[2011-07-29 21:45:56 | 000,000,664 | ---- | M] () -- C:\windows\System32\d3d9caps.dat
[2011-07-28 19:54:26 | 000,000,000 | ---- | M] () -- C:\windows\ativpsrm.bin
[6 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
[5 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[3 C:\Documents and Settings\Magda\Pulpit\*.tmp files -> C:\Documents and Settings\Magda\Pulpit\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011-09-25 14:48:19 | 000,000,040 | ---- | C] () -- C:\Documents and Settings\All Users\Dokumenty\_rgpl
[2011-09-25 10:40:22 | 001,089,883 | ---- | C] () -- C:\windows\System32\dllcache\ntprint.cat
[2011-09-24 22:05:09 | 000,088,384 | ---- | C] () -- C:\Documents and Settings\Magda\Pulpit\022e191300015940.png
[2011-09-24 17:24:04 | 000,000,423 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\µTorrent.lnk
[2011-09-24 12:54:43 | 000,000,545 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\avast! Free Antivirus.lnk
[2011-09-24 11:22:55 | 000,000,291 | ---- | C] () -- C:\Documents and Settings\Magda\Pulpit\AQQ.lnk
[2011-09-22 17:46:17 | 000,023,040 | ---- | C] () -- C:\Documents and Settings\Magda\Pulpit\2a_LO_2011_2012.pdf
[2011-09-12 22:29:02 | 000,000,000 | -H-- | C] () -- C:\windows\System32\drivers\Msft_Kernel_smhwadb_01005.Wdf
[2011-09-11 21:19:19 | 000,000,450 | ---- | C] () -- C:\Niezapisany dokument 1
[2011-09-08 17:59:05 | 001,247,675 | ---- | C] () -- C:\Documents and Settings\Magda\Moje dokumenty\110209_222805.jpg
[2011-09-08 17:59:05 | 001,158,800 | ---- | C] () -- C:\Documents and Settings\Magda\Moje dokumenty\110209_222702.jpg
[2011-09-08 17:59:05 | 001,134,055 | ---- | C] () -- C:\Documents and Settings\Magda\Moje dokumenty\110209_222742.jpg
[2011-09-08 17:59:05 | 000,954,908 | ---- | C] () -- C:\Documents and Settings\Magda\Moje dokumenty\room1.JPG
[2011-09-08 17:59:05 | 000,954,908 | ---- | C] () -- C:\Documents and Settings\Magda\Moje dokumenty\room1(1).JPG
[2011-09-08 17:59:05 | 000,230,005 | ---- | C] () -- C:\Documents and Settings\Magda\Moje dokumenty\ziomek1.JPG
[2011-09-08 17:59:05 | 000,230,005 | ---- | C] () -- C:\Documents and Settings\Magda\Moje dokumenty\ziomek1(1).JPG
[2011-09-08 17:59:05 | 000,000,372 | ---- | C] () -- C:\Documents and Settings\Magda\Moje dokumenty\spider.sav
[2011-09-08 17:59:05 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Magda\Moje dokumenty\TalkAndWrite.lnk
[2011-09-08 17:59:05 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Magda\Moje dokumenty\qt_temp.pg5424.png
[2011-09-08 17:59:05 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Magda\Moje dokumenty\qt_temp.aw5424.png
[2011-09-08 17:59:04 | 001,325,231 | ---- | C] () -- C:\Documents and Settings\Magda\Moje dokumenty\110206_160323.jpg
[2011-09-08 17:59:04 | 001,291,601 | ---- | C] () -- C:\Documents and Settings\Magda\Moje dokumenty\110206_160457.jpg
[2011-09-08 17:59:04 | 001,201,032 | ---- | C] () -- C:\Documents and Settings\Magda\Moje dokumenty\110209_222650.jpg
[2011-09-07 23:29:01 | 001,923,054 | ---- | C] () -- C:\Documents and Settings\Magda\Moje dokumenty\TOP-STORY-3-GOAT.bmp
[2011-09-06 19:16:42 | 000,000,198 | -HS- | C] () -- C:\boot.ini
[2011-09-06 02:15:19 | 000,000,049 | ---- | C] () -- C:\windows\mbm3v0.ini
[2011-09-04 19:34:38 | 000,262,400 | RHS- | C] () -- C:\cmldr
[2011-09-04 19:33:14 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2011-09-04 19:33:14 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2011-09-04 19:33:14 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2011-09-04 19:33:14 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2011-09-04 19:33:14 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2011-09-04 02:33:27 | 004,320,600 | -H-- | C] () -- C:\Documents and Settings\Magda\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2011-08-15 13:33:26 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Magda\100_6497.JPG
[2011-08-13 15:40:21 | 000,000,000 | -H-- | C] () -- C:\windows\System32\drivers\Msft_Kernel_vodafone_K380x-z_dc_enum_01009.Wdf
[2011-07-30 22:01:06 | 000,000,634 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Mozilla Firefox.lnk
[2011-07-29 22:17:00 | 000,593,920 | ---- | C] () -- C:\windows\System32\ati2sgag.exe
[2011-07-29 22:15:39 | 000,055,160 | ---- | C] () -- C:\windows\System32\ativvaxx.cap
[2011-07-29 22:15:38 | 000,090,112 | ---- | C] () -- C:\windows\System32\atibrtmon.exe
[2011-07-28 19:54:24 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2011-02-21 10:40:57 | 000,043,864 | -H-- | C] () -- C:\windows\System32\mlfcache.dat
[2011-01-16 20:11:40 | 000,000,552 | ---- | C] () -- C:\windows\System32\d3d8caps.dat
[2010-12-11 20:27:38 | 000,152,064 | ---- | C] () -- C:\windows\System32\unrar.dll
[2010-12-11 20:27:38 | 000,019,968 | ---- | C] () -- C:\windows\System32\cpuinf32.dll
[2010-11-12 17:43:23 | 000,000,056 | -H-- | C] () -- C:\windows\System32\ezsidmv.dat
[2010-11-02 19:42:36 | 000,984,064 | ---- | C] () -- C:\Documents and Settings\Magda\Ustawienia lokalne\Dane aplikacji\99153.exe
[2010-08-27 14:31:28 | 000,000,021 | ---- | C] () -- C:\windows\clofghls.dll
[2010-08-26 00:20:25 | 000,000,052 | ---- | C] () -- C:\windows\mafosav.INI
[2010-07-15 13:00:24 | 000,000,122 | ---- | C] () -- C:\windows\WA.INI
[2010-05-09 02:02:34 | 000,000,000 | ---- | C] () -- C:\windows\iPlayer.INI
[2010-04-10 19:06:46 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\E08E80D9D4.sys
[2010-04-10 19:06:45 | 000,002,828 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\KGyGaAvL.sys
[2009-10-26 22:42:45 | 000,000,421 | ---- | C] () -- C:\windows\ODBC.INI
[2009-10-26 22:31:10 | 000,721,904 | ---- | C] () -- C:\windows\System32\drivers\sptd.sys
[2009-09-25 16:35:52 | 000,000,664 | ---- | C] () -- C:\windows\System32\d3d9caps.dat
[2009-09-23 23:51:40 | 000,085,504 | ---- | C] () -- C:\Documents and Settings\Magda\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-09-23 22:04:53 | 000,061,544 | ---- | C] () -- C:\Documents and Settings\Magda\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2009-09-23 22:04:48 | 000,000,000 | ---- | C] () -- C:\windows\nsreg.dat
[2009-09-23 19:53:22 | 000,270,336 | ---- | C] () -- C:\windows\System32\PlugPlayPCIDevice.exe
[2009-09-23 19:53:22 | 000,163,840 | ---- | C] () -- C:\windows\System32\MFCFirstRemove.exe
[2009-09-23 19:00:37 | 000,002,048 | --S- | C] () -- C:\windows\bootstat.dat
[2009-09-23 18:56:28 | 000,000,000 | ---- | C] () -- C:\windows\control.ini
[2009-09-23 18:55:23 | 000,000,488 | RH-- | C] () -- C:\windows\System32\logonui.exe.manifest
[2009-09-23 18:55:16 | 000,000,749 | RH-- | C] () -- C:\windows\System32\cdplayer.exe.manifest
[2009-09-23 18:53:11 | 000,021,856 | ---- | C] () -- C:\windows\System32\emptyregdb.dat
[2009-09-23 18:52:58 | 000,000,037 | ---- | C] () -- C:\windows\vbaddin.ini
[2009-09-23 18:52:58 | 000,000,036 | ---- | C] () -- C:\windows\vb.ini
[2009-09-23 18:51:51 | 000,026,717 | ---- | C] () -- C:\windows\System32\tslabels.ini
[2009-09-23 18:51:50 | 000,003,813 | ---- | C] () -- C:\windows\System32\msdtcprf.ini
[2009-09-23 18:38:51 | 001,099,080 | ---- | C] () -- C:\windows\System32\PerfStringBackup.INI
[2009-09-23 18:38:50 | 000,004,293 | ---- | C] () -- C:\windows\ODBCINST.INI
[2009-09-23 18:37:23 | 000,237,552 | ---- | C] () -- C:\windows\System32\FNTCACHE.DAT
[2008-04-23 02:39:12 | 003,107,788 | ---- | C] () -- C:\windows\System32\ativvaxx.dat
[2008-04-23 02:39:12 | 003,107,788 | ---- | C] () -- C:\windows\System32\ativva5x.dat
[2008-04-23 02:39:12 | 000,887,724 | ---- | C] () -- C:\windows\System32\ativva6x.dat
[2008-03-06 14:24:58 | 000,176,918 | ---- | C] () -- C:\windows\System32\atiicdxx.dat
[2004-08-04 12:00:00 | 013,107,200 | ---- | C] () -- C:\windows\System32\oembios.bin
[2004-08-04 12:00:00 | 001,015,477 | ---- | C] () -- C:\windows\System32\esentprf.ini
[2004-08-04 12:00:00 | 000,733,696 | ---- | C] () -- C:\windows\System32\qedwipes.dll
[2004-08-04 12:00:00 | 000,673,088 | ---- | C] () -- C:\windows\System32\mlang.dat
[2004-08-04 12:00:00 | 000,503,308 | ---- | C] () -- C:\windows\System32\perfh015.dat
[2004-08-04 12:00:00 | 000,443,922 | ---- | C] () -- C:\windows\System32\perfh009.dat
[2004-08-04 12:00:00 | 000,355,112 | ---- | C] () -- C:\windows\System32\msjetoledb40.dll
[2004-08-04 12:00:00 | 000,313,828 | ---- | C] () -- C:\windows\System32\perfi015.dat
[2004-08-04 12:00:00 | 000,272,128 | ---- | C] () -- C:\windows\System32\perfi009.dat
[2004-08-04 12:00:00 | 000,270,848 | ---- | C] () -- C:\windows\System32\sbe.dll
[2004-08-04 12:00:00 | 000,253,440 | ---- | C] () -- C:\windows\System32\compatUI.dll
[2004-08-04 12:00:00 | 000,218,003 | ---- | C] () -- C:\windows\System32\dssec.dat
[2004-08-04 12:00:00 | 000,199,168 | ---- | C] () -- C:\windows\System32\ir32_32.dll
[2004-08-04 12:00:00 | 000,186,880 | ---- | C] () -- C:\windows\System32\encdec.dll
[2004-08-04 12:00:00 | 000,160,578 | RHS- | C] () -- C:\windows\System32\pomqlnu.dll.vir
[2004-08-04 12:00:00 | 000,094,282 | ---- | C] () -- C:\windows\System32\msencode.dll
[2004-08-04 12:00:00 | 000,090,490 | ---- | C] () -- C:\windows\System32\perfc015.dat
[2004-08-04 12:00:00 | 000,072,180 | ---- | C] () -- C:\windows\System32\perfc009.dat
[2004-08-04 12:00:00 | 000,070,656 | ---- | C] () -- C:\windows\System32\amstream.dll
[2004-08-04 12:00:00 | 000,070,622 | ---- | C] () -- C:\windows\System32\edit.com
[2004-08-04 12:00:00 | 000,053,920 | ---- | C] () -- C:\windows\System32\dosx.exe
[2004-08-04 12:00:00 | 000,053,478 | ---- | C] () -- C:\windows\System32\tcpmon.ini
[2004-08-04 12:00:00 | 000,051,823 | ---- | C] () -- C:\windows\System32\command.com
[2004-08-04 12:00:00 | 000,046,258 | ---- | C] () -- C:\windows\System32\mib.bin
[2004-08-04 12:00:00 | 000,042,809 | ---- | C] () -- C:\windows\System32\key01.sys
[2004-08-04 12:00:00 | 000,042,537 | ---- | C] () -- C:\windows\System32\keyboard.sys
[2004-08-04 12:00:00 | 000,039,434 | ---- | C] () -- C:\windows\System32\mem.exe
[2004-08-04 12:00:00 | 000,035,648 | ---- | C] () -- C:\windows\System32\ntio411.sys
[2004-08-04 12:00:00 | 000,035,424 | ---- | C] () -- C:\windows\System32\ntio412.sys
[2004-08-04 12:00:00 | 000,034,990 | ---- | C] () -- C:\windows\System32\perfd015.dat
[2004-08-04 12:00:00 | 000,034,560 | ---- | C] () -- C:\windows\System32\ntio804.sys
[2004-08-04 12:00:00 | 000,034,560 | ---- | C] () -- C:\windows\System32\ntio404.sys
[2004-08-04 12:00:00 | 000,033,936 | ---- | C] () -- C:\windows\System32\ntio.sys
[2004-08-04 12:00:00 | 000,029,370 | ---- | C] () -- C:\windows\System32\ntdos411.sys
[2004-08-04 12:00:00 | 000,029,274 | ---- | C] () -- C:\windows\System32\ntdos412.sys
[2004-08-04 12:00:00 | 000,029,146 | ---- | C] () -- C:\windows\System32\ntdos804.sys
[2004-08-04 12:00:00 | 000,029,146 | ---- | C] () -- C:\windows\System32\ntdos404.sys
[2004-08-04 12:00:00 | 000,028,626 | ---- | C] () -- C:\windows\System32\perfd009.dat
[2004-08-04 12:00:00 | 000,027,898 | ---- | C] () -- C:\windows\System32\ntdos.sys
[2004-08-04 12:00:00 | 000,027,097 | ---- | C] () -- C:\windows\System32\country.sys
[2004-08-04 12:00:00 | 000,020,986 | ---- | C] () -- C:\windows\System32\debug.exe
[2004-08-04 12:00:00 | 000,019,806 | ---- | C] () -- C:\windows\System32\graphics.com
[2004-08-04 12:00:00 | 000,016,024 | ---- | C] () -- C:\windows\System32\rsvp.ini
[2004-08-04 12:00:00 | 000,015,360 | ---- | C] () -- C:\windows\System32\tsd32.dll
[2004-08-04 12:00:00 | 000,014,913 | ---- | C] () -- C:\windows\System32\kb16.com
[2004-08-04 12:00:00 | 000,014,336 | ---- | C] () -- C:\windows\System32\msdmo.dll
[2004-08-04 12:00:00 | 000,013,819 | ---- | C] () -- C:\windows\System32\pschdprf.ini
[2004-08-04 12:00:00 | 000,013,312 | ---- | C] () -- C:\windows\System32\win87em.dll
[2004-08-04 12:00:00 | 000,012,866 | ---- | C] () -- C:\windows\System32\edlin.exe
[2004-08-04 12:00:00 | 000,012,594 | ---- | C] () -- C:\windows\System32\append.exe
[2004-08-04 12:00:00 | 000,011,859 | ---- | C] () -- C:\windows\System32\setver.exe
[2004-08-04 12:00:00 | 000,009,043 | ---- | C] () -- C:\windows\System32\ansi.sys
[2004-08-04 12:00:00 | 000,008,520 | ---- | C] () -- C:\windows\System32\exe2bin.exe
[2004-08-04 12:00:00 | 000,007,116 | ---- | C] () -- C:\windows\System32\nlsfunc.exe
[2004-08-04 12:00:00 | 000,006,074 | ---- | C] () -- C:\windows\System32\rasctrs.ini
[2004-08-04 12:00:00 | 000,004,976 | ---- | C] () -- C:\windows\System32\himem.sys
[2004-08-04 12:00:00 | 000,004,569 | ---- | C] () -- C:\windows\System32\secupd.dat
[2004-08-04 12:00:00 | 000,004,461 | ---- | C] () -- C:\windows\System32\oembios.dat
[2004-08-04 12:00:00 | 000,003,346 | ---- | C] () -- C:\windows\System32\redir.exe
[2004-08-04 12:00:00 | 000,002,992 | ---- | C] () -- C:\windows\System32\perfci.ini
[2004-08-04 12:00:00 | 000,002,890 | ---- | C] () -- C:\windows\System32\perfwci.ini
[2004-08-04 12:00:00 | 000,001,804 | ---- | C] () -- C:\windows\System32\Dcache.bin
[2004-08-04 12:00:00 | 000,001,405 | ---- | C] () -- C:\windows\msdfmap.ini
[2004-08-04 12:00:00 | 000,001,295 | ---- | C] () -- C:\windows\System32\perffilt.ini
[2004-08-04 12:00:00 | 000,001,168 | ---- | C] () -- C:\windows\System32\loadfix.com
[2004-08-04 12:00:00 | 000,000,882 | ---- | C] () -- C:\windows\System32\share.exe
[2004-08-04 12:00:00 | 000,000,882 | ---- | C] () -- C:\windows\System32\fastopen.exe
[2004-08-04 12:00:00 | 000,000,817 | ---- | C] () -- C:\windows\System32\mscdexnt.exe
[2004-08-04 12:00:00 | 000,000,765 | ---- | C] () -- C:\windows\win.ini
[2004-08-04 12:00:00 | 000,000,741 | ---- | C] () -- C:\windows\System32\noise.dat
[2004-08-04 12:00:00 | 000,000,359 | ---- | C] () -- C:\windows\System32\prodspec.ini
[2004-08-04 12:00:00 | 000,000,227 | ---- | C] () -- C:\windows\system.ini
[2001-10-26 17:29:54 | 000,057,856 | ---- | C] () -- C:\windows\System32\dvdplay.exe
[2001-10-26 17:29:46 | 000,323,641 | ---- | C] () -- C:\windows\System32\usrdtea.dll
[2001-10-26 17:29:42 | 000,157,696 | ---- | C] () -- C:\windows\System32\paqsp.dll

[color=#E56717]========== LOP Check ==========[/color]

[2009-09-28 00:14:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2009-10-26 22:34:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2010-09-22 13:25:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2010-09-22 13:27:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla
[2011-02-21 01:41:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011-08-25 14:04:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Vodafone
[2011-09-04 19:08:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MFAData
[2011-09-04 19:09:04 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files
[2011-09-24 12:53:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software
[2009-09-26 18:23:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Nowe Gadu-Gadu
[2009-09-28 00:14:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\OpenFM
[2009-09-28 00:23:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\uTorrent
[2009-10-17 13:09:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\BESTplayer
[2009-10-26 22:31:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\DAEMON Tools Lite
[2010-05-14 19:17:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\BitComet
[2010-07-25 02:28:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Uniblue
[2010-09-22 13:25:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Gadu-Gadu 10
[2010-09-22 13:27:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\ipla
[2011-08-13 15:40:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Vodafone
[2011-09-04 17:53:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Opera
[2011-09-05 19:26:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\InfraRecorder
[2011-09-09 21:08:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\Kadu
[2011-09-12 22:30:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magda\Dane aplikacji\PC Suite For Android Handset

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2011-09-25 14:48:04 | 000,000,198 | -HS- | M] () -- C:\boot.ini
[2004-08-04 12:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2011-09-24 15:58:42 | 000,251,152 | RHS- | M] () -- C:\ntldr
[2004-08-04 12:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2011-09-06 19:41:48 | 000,000,000 | RHS- | M] () -- C:\CONFIG.SYS
[2009-09-23 18:56:30 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009-09-23 18:56:30 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2009-09-23 18:56:30 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004-08-03 23:00:14 | 000,262,400 | RHS- | M] () -- C:\cmldr
[2010-04-10 18:51:48 | 000,515,932 | ---- | M] () -- C:\vcredist_x86.log
[2011-09-11 21:19:18 | 000,000,450 | ---- | M] () -- C:\Niezapisany dokument 1


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2004-08-04 12:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys
[2011-09-24 15:52:24 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys
[2011-09-24 15:52:24 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys
[2011-09-24 15:52:24 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\sp3.cab:agp440.sys
[2008-04-13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008-04-13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\agp440.sys
[2008-04-13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2004-08-04 12:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2011-09-24 15:52:24 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2011-09-24 15:52:24 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2011-09-24 15:52:24 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\sp3.cab:atapi.sys
[2008-04-13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008-04-13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\atapi.sys
[2008-04-13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004-08-04 12:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2004-08-04 12:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2004-08-04 12:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2004-08-04 12:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2011-09-24 15:52:24 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2011-09-24 15:52:24 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2011-09-24 15:52:24 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\sp3.cab:cdrom.sys
[2008-04-13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008-04-13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\cdrom.sys
[2008-04-13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004-08-04 12:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2004-08-04 12:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2008-04-14 19:20:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008-04-14 19:20:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\eventlog.dll
[2008-04-14 19:20:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-04-13 21:20:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008-04-13 21:20:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\ndis.sys
[2008-04-13 21:20:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004-08-04 12:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2004-08-04 12:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008-04-14 19:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008-04-14 19:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\winlogon.exe
[2008-04-14 19:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe

< End of report >

[/log]

EXTRAS:
[log] OTL Extras logfile created on: 2011-09-25 15:07:28 - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Documents and Settings\Magda\Moje dokumenty\Pobieranie
Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

894,17 Mb Total Physical Memory | 428,53 Mb Available Physical Memory | 47,92% Memory free
2,11 Gb Paging File | 1,77 Gb Available in Paging File | 83,52% Paging File free
Paging file location(s): D:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 11,16 Gb Total Space | 3,61 Gb Free Space | 32,36% Space Free | Partition Type: FAT32
Drive D: | 44,71 Gb Total Space | 38,61 Gb Free Space | 86,36% Space Free | Partition Type: NTFS

Computer Name: AMBEREK | User Name: Magda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Opera.HTML] -- "C:\Program Files\Opera\Opera.exe" "%1"
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-1482476501-842925246-1801674531-1004\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- "C:\Program Files\Opera\Opera.exe" "%1"

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1"
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1"
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"6592:TCP" = 6592:TCP:*:Enabled:lqumzto
"26451:TCP" = 26451:TCP:*:Enabled:BitComet 26451 TCP
"26451:UDP" = 26451:UDP:*:Enabled:BitComet 26451 UDP

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\BitComet\BitComet.exe" = C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe
"C:\Program Files\Gadu-Gadu 10\GG.EXE" = C:\Program Files\Gadu-Gadu 10\GG.EXE:*:Enabled:Gadu-Gadu 10
"C:\Program Files\Nowe Gadu-Gadu\GG.EXE" = C:\Program Files\Nowe Gadu-Gadu\GG.EXE:*:Enabled:Nowe Gadu-Gadu
"C:\Program Files\Gadu-Gadu 101\gg.exe" = C:\Program Files\Gadu-Gadu 101\gg.exe:*:Enabled:Gadu-Gadu 10
"C:\Program Files\WapSter\WapSter AQQ\AQQ.exe" = C:\Program Files\WapSter\WapSter AQQ\AQQ.exe:*:Enabled:AQQ Instant Messenger -- (Creative Team S.A.)
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser
"C:\Documents and Settings\Magda\Ustawienia lokalne\Temp\pyl37.tmp\pyrun.exe" = C:\Documents and Settings\Magda\Ustawienia lokalne\Temp\pyl37.tmp\pyrun.exe:*:Enabled:pyrun
"C:\Program Files\Kadu\kadu.exe" = C:\Program Files\Kadu\kadu.exe:*:Enabled:Kadu instant messenger
"D:\WapSter AQQ\AQQ.exe" = D:\WapSter AQQ\AQQ.exe:*:Enabled:AQQ Instant Messenger -- (Creative Team S.A.)
"D:\torrewnt\uTorrent.exe" = D:\torrewnt\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"D:\torre\uTorrent.exe" = D:\torre\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{05832D65-6EDB-4D32-BA78-BCD0E2B91C02}" = Atheros Wireless LAN MiniPCI card Driver
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22F358CE-610B-A033-0D36-4FADA6E8F67A}" = Skins
"{255F566C-3F57-15AD-2CA5-E7EA41F9904F}" = Catalyst Control Center Graphics Full Existing
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java™ 6 Update 26
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4287A29F-EA4C-24E4-4AAE-3E6CDC9C965A}" = CCC Help English
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4FEEDAA3-0D0C-7584-63F2-0F216D3426C9}" = ccc-core-preinstall
"{64CB2553-C109-4132-AA51-1F421B515FD1}" = Microsoft .NET Framework 1.1 Polish Language Pack
"{80AE66E6-E9FA-0CAC-C9F1-4E5A144886F0}" = Catalyst Control Center Graphics Full New
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8AD824A5-1CCC-4BB7-82C9-E6FB25CC0479}" = A4 TECH PC Camera V
"{8D6EC7D6-E71D-8743-1396-591F4195F347}" = Catalyst Control Center Graphics Light
"{8FD697DD-C94F-22BE-6EFD-AA4CA7CF2B33}" = ccc-core-static
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1045-7B44-A94000000001}" = Adobe Reader 9.4.6 - Polish
"{B38C3184-F573-CDC2-9452-FA9C576AB010}" = ccc-utility
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{DB6901C6-E8B7-F5F0-F0C6-9028AFCD5A74}" = Catalyst Control Center Graphics Previews Common
"{E068CD0F-E631-17E7-9A01-05C2B2B54C84}" = Catalyst Control Center Core Implementation
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{FA3A247D-437A-455E-A88F-7EB6E5F9E799}" = Catalyst Control Center - Branding
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"{FFFF6D5C-E2F1-4B40-BC89-8923312E89EB}}_is1" = ACE Mega CoDecS Pack
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"All ATI Software" = ATI - Software Uninstall Utility
"AQQ" = WapSter AQQ
"ATI Display Driver" = ATI Display Driver
"avast" = avast! Free Antivirus
"CNXT_AUDIO" = Conexant AC-Link Audio
"Mozilla Firefox 5.0.1 (x86 pl)" = Mozilla Firefox 5.0.1 (x86 pl)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NapiProjekt_is1" = NapiProjekt 1.0.6.7
"PC Suite For Android Handset" = PC Suite For Android Handset
"uTorrent" = µTorrent
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2011-09-18 08:16:17 | Computer Name = AMBEREK | Source = MsiInstaller | ID = 11327
Description = Produkt: Adobe Reader 9.4.6 - Polish -- Błąd 1327.Niepoprawny dysk:
D:\

Error - 2011-09-18 08:16:19 | Computer Name = AMBEREK | Source = MsiInstaller | ID = 1024
Description = Produkt: Adobe Reader 9.4.6 - Polish - nie można zainstalować aktualizacji
'Adobe Reader 9.4.6 - CPSID_83708'. Kod błędu 1603. Instalator Windows może tworzyć
dzienniki, aby ułatwić rozwiązywanie problemów z instalowaniem pakietów oprogramowania.
Użyj następującego łącza, aby uzyskać instrukcje dotyczące włączania obsługi rejestrowania:
[url="http://go.microsoft.com/fwlink/?LinkId=23127"]http://go.microsoft....k/?LinkId=23127[/url]

Error - 2011-09-21 14:10:12 | Computer Name = AMBEREK | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Nie można określić nazwy serwera lub adresu

Error - 2011-09-21 14:10:12 | Computer Name = AMBEREK | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: To połączenie sieciowe nie istnieje.

Error - 2011-09-24 06:13:43 | Computer Name = AMBEREK | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd skype.exe, wersja 5.0.0.152, moduł powodujący
błąd , wersja 0.0.0.0, adres błędu 0x00000000.

Error - 2011-09-24 06:13:52 | Computer Name = AMBEREK | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd skype.exe, wersja 5.0.0.152, moduł powodujący
błąd , wersja 0.0.0.0, adres błędu 0x00000000.

Error - 2011-09-24 08:59:13 | Computer Name = AMBEREK | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd skype.exe, wersja 5.0.0.152, moduł powodujący
błąd unknown, wersja 0.0.0.0, adres błędu 0x00000000.

Error - 2011-09-24 08:59:39 | Computer Name = AMBEREK | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd skype.exe, wersja 5.0.0.152, moduł powodujący
błąd skype.exe, wersja 5.0.0.152, adres błędu 0x0014c7b9.

Error - 2011-09-25 07:54:03 | Computer Name = AMBEREK | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd skype.exe, wersja 5.0.0.152, moduł powodujący
błąd unknown, wersja 0.0.0.0, adres błędu 0x00000000.

Error - 2011-09-25 07:55:23 | Computer Name = AMBEREK | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd skype.exe, wersja 5.0.0.152, moduł powodujący
błąd skype.exe, wersja 5.0.0.152, adres błędu 0x0014c7b9.

[ System Events ]
Error - 2011-09-25 07:51:23 | Computer Name = AMBEREK | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok.

Error - 2011-09-25 07:51:30 | Computer Name = AMBEREK | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok.

Error - 2011-09-25 07:51:37 | Computer Name = AMBEREK | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok.

Error - 2011-09-25 08:31:06 | Computer Name = AMBEREK | Source = Service Control Manager | ID = 7009
Description = Limit czasu (30000 milisekund) podczas oczekiwania na połączenie się
z usługą Usługa Google Update (gupdate).

Error - 2011-09-25 08:31:06 | Computer Name = AMBEREK | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Usługa Google Update (gupdate) z powodu
następującego błędu: %%1053

Error - 2011-09-25 08:42:30 | Computer Name = AMBEREK | Source = Service Control Manager | ID = 7009
Description = Limit czasu (30000 milisekund) podczas oczekiwania na połączenie się
z usługą .NET Runtime Optimization Service v2.0.50727_X86.

Error - 2011-09-25 09:01:16 | Computer Name = AMBEREK | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok.

Error - 2011-09-25 09:04:16 | Computer Name = AMBEREK | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok.

Error - 2011-09-25 09:09:19 | Computer Name = AMBEREK | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok.

Error - 2011-09-25 09:10:21 | Computer Name = AMBEREK | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok.


< End of report >

[/log]


RSIT:
LOG:
[log]Logfile of random's system information tool 1.09 (written by random/random)
Run by Magda at 2011-09-25 15:09:29
Microsoft Windows XP Home Edition Dodatek Service Pack 3
System drive C: has 4 GB (32%) free of 11 GB
Total RAM: 894 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:09:45, on 2011-09-25
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\Ati2evxx.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\Ati2evxx.exe
D:\AVAST Software\AvastSvc.exe
C:\windows\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\windows\system32\svchost.exe
C:\windows\Explorer.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\VM305_STI.EXE
D:\AVAST Software\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Magda\Dane aplikacji\PC Suite For Android Handset\ouc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Magda\Moje dokumenty\Pobieranie\RSIT.exe
C:\Documents and Settings\Magda\Moje dokumenty\Pobieranie\OTL.exe
C:\Program Files\trend micro\Magda.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://google.atcomet.com/b/"]http://google.atcomet.com/b/[/url]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Hacked by Godzilla
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Magda\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [BigDog305] C:\WINDOWS\VM305_STI.EXE VIMICRO USB PC Camera (ZC0305)
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avast] "D:\AVAST Software\avastUI.exe" /nogui
O4 - HKLM\..\Run: [MSConfig] C:\windows\pchealth\helpctr\Binaries\MSCONFIG.EXE /auto
O4 - HKCU\..\Run: [CTFMON.EXE] C:\windows\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\windows\system32\browseui.dll
O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\windows\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\windows\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - D:\AVAST Software\AvastSvc.exe
O23 - Service: Usługa Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Usługa Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Usługa Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: PEVSystemStart - Unknown owner - C:\ComboFix\pev.3XE (file missing)

--
End of file - 4774 bytes

======Scheduled tasks folder======

C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Magda\Dane aplikacji\Mozilla\Firefox\Profiles\1q0okffk.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "www.google.pl"
prefs.js - "extensions.enabledItems" - "toolbar@ask.com:3.9.1.14019, {B042753D-F57E-4e8e-A01B-7379A6D4CEFB}:1.19, en-GB@dictionaries.addons.mozilla.org:1.19, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, jqs@sun.com:1.0, {707db484-2428-402d-afb5-d85b387544c7}:2.1.0.15, {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.16"
prefs.js - "keyword.URL" - "http://websearch.ask.com/redirect?client=ff&src=kw&tb=UT2V5&o=15158&locale=en_US&apn_uid=D9D6ED1C-A748-4BE1-9AC6-154D6A896813&apn_ptnrs=UG&apn_sauid=C3B47509-2F38-4442-987B-DF98827BB9C4&apn_dtid=&q="

"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"wrc@avast.com"=D:\AVAST Software\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@funwebproducts.com/Plugin]
"Description"=Fun Web Products Plugin
"Path"=C:\Program Files\FunWebProducts\Installr\2.bin\NPFunWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt
nsIBitCometAgent.xpt
AskHPRFF.js

C:\Program Files\Mozilla Firefox\plugins\
QuickTimePlugin.class
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npBitCometAgent.dll
npdeployJava1.dll

C:\Program Files\Mozilla Firefox\searchplugins\
allegro-pl.xml
fbc-pl.xml
google.xml
merlin-pl.xml
pwn-pl.xml
wikipedia-pl.xml
wp-pl.xml

C:\Documents and Settings\Magda\Dane aplikacji\Mozilla\Firefox\Profiles\1q0okffk.default\extensions\
{707db484-2428-402d-afb5-d85b387544c7}
en-GB@dictionaries.addons.mozilla.org

C:\Documents and Settings\Magda\Dane aplikacji\Mozilla\Firefox\Profiles\1q0okffk.default\searchplugins\
askcom.xml
conduit.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-04 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-05-04 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}]
IEPluginBHO Class - C:\Documents and Settings\Magda\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll [2009-12-02 37376]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]
"BigDog305"=C:\WINDOWS\VM305_STI.EXE [2007-04-09 57344]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-08-01 61440]
"avast"=D:\AVAST Software\avastUI.exe [2011-09-06 3722416]
"MSConfig"=C:\windows\pchealth\helpctr\Binaries\MSCONFIG.EXE [2008-04-14 171520]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\windows\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-09-08 37296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ALLUpdate]
C:\Program Files\ALLPlayer\ALLUpdate.exe sleep []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitComet]
C:\Program Files\BitComet\BitComet.exe /tray []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\Magda\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe /c []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HW_OPENEYE_OUC_PC Suite For Android Handset]
C:\Program Files\PC Suite For Android Handset\UpdateDog\ouc.exe [2010-11-17 110592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS32DLL]
C:\WINDOWS\MS32DLL.dll.vbs []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\My Document]
C:\Documents and Settings\Magda\Pulpit\Application Form\Application Form\ApplicationForm.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nowe Gadu-Gadu]
C:\Program Files\Nowe Gadu-Gadu\gg.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryBooster]
launcher.exe delay 20000 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\sniffer]
C:\WINDOWS\Temp\_ex-08.exe []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\windows\system32\Ati2evxx.dll [2011-07-29 143360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\BitComet\BitComet.exe"="C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Usługa Bonjour"
"C:\Program Files\Gadu-Gadu 10\GG.EXE"="C:\Program Files\Gadu-Gadu 10\GG.EXE:*:Enabled:Gadu-Gadu 10"
"C:\Program Files\Nowe Gadu-Gadu\GG.EXE"="C:\Program Files\Nowe Gadu-Gadu\GG.EXE:*:Enabled:Nowe Gadu-Gadu"
"C:\Program Files\Gadu-Gadu 101\gg.exe"="C:\Program Files\Gadu-Gadu 101\gg.exe:*:Enabled:Gadu-Gadu 10"
"C:\Program Files\WapSter\WapSter AQQ\AQQ.exe"="C:\Program Files\WapSter\WapSter AQQ\AQQ.exe:*:Enabled:AQQ Instant Messenger"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Documents and Settings\Magda\Ustawienia lokalne\Temp\pyl37.tmp\pyrun.exe"="C:\Documents and Settings\Magda\Ustawienia lokalne\Temp\pyl37.tmp\pyrun.exe:*:Enabled:pyrun"
"C:\Program Files\Kadu\kadu.exe"="C:\Program Files\Kadu\kadu.exe:*:Enabled:Kadu instant messenger"
"D:\WapSter AQQ\AQQ.exe"="D:\WapSter AQQ\AQQ.exe:*:Enabled:AQQ Instant Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\torrewnt\uTorrent.exe"="D:\torrewnt\uTorrent.exe:*:Enabled:µTorrent"
"D:\torre\uTorrent.exe"="D:\torre\uTorrent.exe:*:Enabled:µTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"msacm.vorbis"=vorbis.acm

======List of files/folders created in the last 2 months======

2011-09-25 15:09:32 ----D---- C:\Program Files\trend micro
2011-09-25 15:09:29 ----D---- C:\rsit
2011-09-25 14:45:33 ----SHD---- C:\Config.Msi
2011-09-25 14:06:55 ----D---- C:\windows\system32\URTTEMP
2011-09-25 11:19:08 ----HD---- C:\windows\$NtUninstallKB2570791$
2011-09-25 11:10:08 ----HD---- C:\windows\$NtUninstallKB2387149$
2011-09-25 11:09:57 ----HD---- C:\windows\$NtUninstallKB2479943$
2011-09-25 11:09:51 ----HD---- C:\windows\$NtUninstallKB2567680$
2011-09-25 11:09:46 ----HD---- C:\windows\$NtUninstallKB2478971$
2011-09-25 11:09:40 ----HD---- C:\windows\$NtUninstallKB2345886$
2011-09-25 11:09:34 ----HD---- C:\windows\$NtUninstallKB2536276-v2$
2011-09-25 11:09:28 ----HD---- C:\windows\$NtUninstallKB2296011$
2011-09-25 11:09:23 ----HD---- C:\windows\$NtUninstallKB2115168$
2011-09-25 11:09:17 ----HD---- C:\windows\$NtUninstallKB975558_WM8$
2011-09-25 11:09:00 ----HD---- C:\windows\$NtUninstallKB2378111_WM9$
2011-09-25 11:08:54 ----HD---- C:\windows\$NtUninstallKB951978$
2011-09-25 11:08:49 ----HD---- C:\windows\$NtUninstallKB2443105$
2011-09-25 11:08:42 ----HD---- C:\windows\$NtUninstallKB2481109$
2011-09-25 11:08:37 ----HD---- C:\windows\$NtUninstallKB975713$
2011-09-25 11:08:32 ----HD---- C:\windows\$NtUninstallKB2485663$
2011-09-25 11:08:27 ----HD---- C:\windows\$NtUninstallKB2440591$
2011-09-25 11:08:22 ----HD---- C:\windows\$NtUninstallKB982132$
2011-09-25 11:07:49 ----HD---- C:\windows\$NtUninstallKB961118$
2011-09-25 11:07:41 ----HD---- C:\windows\$NtUninstallKB2507938$
2011-09-25 11:07:32 ----HD---- C:\windows\$NtUninstallKB2616676-v2$
2011-09-25 11:07:26 ----HD---- C:\windows\$NtUninstallKB2510581$
2011-09-25 11:07:20 ----HD---- C:\windows\$NtUninstallKB956744$
2011-09-25 11:07:14 ----HD---- C:\windows\$NtUninstallKB2476490$
2011-09-25 11:07:09 ----HD---- C:\windows\$NtUninstallKB2503665$
2011-09-25 11:07:04 ----HD---- C:\windows\$NtUninstallKB2347290$
2011-09-25 11:06:55 ----HD---- C:\windows\$NtUninstallKB2483185$
2011-09-25 11:06:44 ----HD---- C:\windows\$NtUninstallKB2079403$
2011-09-25 11:01:43 ----HD---- C:\windows\$NtUninstallKB979687$
2011-09-25 11:01:22 ----HD---- C:\windows\$NtUninstallKB2570222$
2011-09-25 11:01:16 ----HD---- C:\windows\$NtUninstallKB2535512$
2011-09-25 11:01:05 ----HD---- C:\windows\$NtUninstallKB2412687$
2011-09-25 10:57:37 ----HD---- C:\windows\$NtUninstallKB2570947$
2011-09-25 10:57:31 ----HD---- C:\windows\$NtUninstallKB2508272$
2011-09-25 10:57:25 ----HD---- C:\windows\$NtUninstallKB980436$
2011-09-25 10:57:18 ----HD---- C:\windows\$NtUninstallKB981322$
2011-09-25 10:57:11 ----HD---- C:\windows\$NtUninstallKB2507618$
2011-09-25 10:56:59 ----HD---- C:\windows\$NtUninstallKB2419632$
2011-09-25 10:56:47 ----HD---- C:\windows\$NtUninstallKB2508429$
2011-09-25 10:56:28 ----HD---- C:\windows\$NtUninstallKB971029$
2011-09-25 10:56:12 ----HD---- C:\windows\$NtUninstallKB2506212$
2011-09-25 10:55:28 ----HD---- C:\windows\$NtUninstallKB981997$
2011-09-25 10:54:24 ----HD---- C:\windows\$NtUninstallKB2559049$
2011-09-25 10:50:44 ----HD---- C:\windows\$NtUninstallKB2544893$
2011-09-25 10:46:56 ----HD---- C:\windows\$NtUninstallKB2509553$
2011-09-25 10:46:51 ----HD---- C:\windows\$NtUninstallKB982665$
2011-09-25 10:46:46 ----HD---- C:\windows\$NtUninstallKB2541763$
2011-09-25 10:46:41 ----HD---- C:\windows\$NtUninstallKB2544521$
2011-09-25 10:46:35 ----HD---- C:\windows\$NtUninstallKB2555917$
2011-09-25 10:46:30 ----HD---- C:\windows\$NtUninstallKB2478960$
2011-09-25 10:46:22 ----HD---- C:\windows\$NtUninstallKB2393802$
2011-09-25 10:46:14 ----HD---- C:\windows\$NtUninstallKB2566454$
2011-09-25 10:46:09 ----HD---- C:\windows\$NtUninstallKB2562937$
2011-09-25 10:46:04 ----HD---- C:\windows\$NtUninstallKB2423089$
2011-09-25 10:45:56 ----HD---- C:\windows\$NtUninstallKB2360937$
2011-09-25 10:29:49 ----D---- C:\windows\Prefetch
2011-09-24 16:16:52 ----HD---- C:\windows\$NtUninstallKB979683$
2011-09-24 16:16:41 ----HD---- C:\windows\$NtUninstallKB980232$
2011-09-24 16:16:33 ----HD---- C:\windows\$NtUninstallKB2229593$
2011-09-24 16:16:26 ----HD---- C:\windows\$NtUninstallKB980218$
2011-09-24 16:16:18 ----HD---- C:\windows\$NtUninstallKB978338$
2011-09-24 16:16:08 ----HD---- C:\windows\$NtUninstallKB979559$
2011-09-24 16:15:58 ----HD---- C:\windows\$NtUninstallKB978542$
2011-09-24 16:15:49 ----HD---- C:\windows\$NtUninstallKB978601$
2011-09-24 16:15:41 ----HD---- C:\windows\$NtUninstallKB979482$
2011-09-24 16:15:33 ----HD---- C:\windows\$NtUninstallKB975562$
2011-09-24 16:15:23 ----HD---- C:\windows\$NtUninstallKB982381$
2011-09-24 16:15:16 ----HD---- C:\windows\$NtUninstallKB979309$
2011-09-24 16:15:09 ----HD---- C:\windows\$NtUninstallKB980182$
2011-09-24 16:14:56 ----HD---- C:\windows\$NtUninstallKB975561$
2011-09-24 16:14:47 ----HD---- C:\windows\$NtUninstallKB971468$
2011-09-24 16:14:39 ----HD---- C:\windows\$NtUninstallKB978251$
2011-09-24 16:14:29 ----HD---- C:\windows\$NtUninstallKB977165$
2011-09-24 16:14:20 ----HD---- C:\windows\$NtUninstallKB975560$
2011-09-24 16:14:13 ----HD---- C:\windows\$NtUninstallKB978037$
2011-09-24 16:14:05 ----HD---- C:\windows\$NtUninstallKB977914$
2011-09-24 16:13:58 ----HD---- C:\windows\$NtUninstallKB978706$
2011-09-24 16:13:50 ----HD---- C:\windows\$NtUninstallKB978207$
2011-09-24 16:13:42 ----HD---- C:\windows\$NtUninstallKB955759$
2011-09-24 16:13:34 ----HD---- C:\windows\$NtUninstallKB972270$
2011-09-24 16:13:24 ----HD---- C:\windows\$NtUninstallKB970430$
2011-09-24 16:13:17 ----HD---- C:\windows\$NtUninstallKB974318$
2011-09-24 16:13:09 ----HD---- C:\windows\$NtUninstallKB976325$
2011-09-24 16:13:01 ----HD---- C:\windows\$NtUninstallKB974392$
2011-09-24 16:12:54 ----HD---- C:\windows\$NtUninstallKB971737$
2011-09-24 16:12:47 ----HD---- C:\windows\$NtUninstallKB973687$
2011-09-24 16:12:40 ----HD---- C:\windows\$NtUninstallKB969947$
2011-09-24 16:12:32 ----HD---- C:\windows\$NtUninstallKB976749$
2011-09-24 16:12:23 ----HD---- C:\windows\$NtUninstallKB971486$
2011-09-24 16:12:12 ----HD---- C:\windows\$NtUninstallKB974455$
2011-09-24 16:12:03 ----HD---- C:\windows\$NtUninstallKB969059$
2011-09-24 16:11:57 ----HD---- C:\windows\$NtUninstallKB974112$
2011-09-24 16:11:50 ----HD---- C:\windows\$NtUninstallKB975025$
2011-09-24 16:11:43 ----HD---- C:\windows\$NtUninstallKB974571$
2011-09-24 16:11:35 ----HD---- C:\windows\$NtUninstallKB975467$
2011-09-24 16:11:26 ----HD---- C:\windows\$NtUninstallKB968389$
2011-09-24 16:11:19 ----HD---- C:\windows\$NtUninstallKB951376-v2$
2011-09-24 16:11:12 ----HD---- C:\windows\$NtUninstallKB946648$
2011-09-24 16:11:04 ----HD---- C:\windows\$NtUninstallKB956803$
2011-09-24 16:10:49 ----HD---- C:\windows\$NtUninstallKB956572$
2011-09-24 16:10:42 ----HD---- C:\windows\$NtUninstallKB956844$
2011-09-24 16:10:35 ----HD---- C:\windows\$NtUninstallKB938464-v2$
2011-09-24 16:10:28 ----HD---- C:\windows\$NtUninstallKB973869$
2011-09-24 16:10:21 ----HD---- C:\windows\$NtUninstallKB950762$
2011-09-24 16:10:14 ----HD---- C:\windows\$NtUninstallKB957097$
2011-09-24 16:10:07 ----HD---- C:\windows\$NtUninstallKB958687$
2011-09-24 16:10:00 ----HD---- C:\windows\$NtUninstallKB952287$
2011-09-24 16:09:53 ----HD---- C:\windows\$NtUninstallKB973354$
2011-09-24 16:09:46 ----HD---- C:\windows\$NtUninstallKB951066$
2011-09-24 16:09:39 ----HD---- C:\windows\$NtUninstallKB974112_1$
2011-09-24 16:09:32 ----HD---- C:\windows\$NtUninstallKB954600$
2011-09-24 16:09:24 ----HD---- C:\windows\$NtUninstallKB958644$
2011-09-24 16:09:16 ----HD---- C:\windows\$NtUninstallKB973687_1$
2011-09-24 16:09:09 ----HD---- C:\windows\$NtUninstallKB955069$
2011-09-24 16:09:01 ----HD---- C:\windows\$NtUninstallKB923561$
2011-09-24 16:08:53 ----HD---- C:\windows\$NtUninstallKB952954$
2011-09-24 16:08:46 ----HD---- C:\windows\$NtUninstallKB959426$
2011-09-24 16:08:39 ----HD---- C:\windows\$NtUninstallKB960859$
2011-09-24 16:08:32 ----HD---- C:\windows\$NtUninstallKB961371-v2$
2011-09-24 16:08:20 ----HD---- C:\windows\$NtUninstallKB982381_1$
2011-09-24 16:08:10 ----HD---- C:\windows\$NtUninstallKB972260$
2011-09-24 16:08:02 ----HD---- C:\windows\$NtUninstallKB950974$
2011-09-24 16:07:55 ----HD---- C:\windows\$NtUninstallKB971657$
2011-09-24 16:07:48 ----HD---- C:\windows\$NtUninstallKB971557$
2011-09-24 16:07:41 ----HD---- C:\windows\$NtUninstallKB960225$
2011-09-24 16:07:34 ----HD---- C:\windows\$NtUninstallKB961501$
2011-09-24 16:07:26 ----HD---- C:\windows\$NtUninstallKB971633$
2011-09-24 16:07:18 ----HD---- C:\windows\$NtUninstallKB952004$
2011-09-24 16:07:10 ----HD---- C:\windows\$NtUninstallKB973507$
2011-09-24 16:07:01 ----HD---- C:\windows\$NtUninstallKB967715$
2011-09-24 16:06:52 ----HD---- C:\windows\$NtUninstallKB951748$
2011-09-24 16:06:44 ----HD---- C:\windows\$NtUninstallKB970238$
2011-09-24 16:06:37 ----HD---- C:\windows\$NtUninstallKB960803$
2011-09-24 16:06:28 ----HD---- C:\windows\$NtUninstallKB973815$
2011-09-24 16:06:21 ----HD---- C:\windows\$NtUninstallKB968537$
2011-09-24 16:06:12 ----HD---- C:\windows\$NtUninstallKB956802$
2011-09-24 16:03:55 ----A---- C:\windows\setuplog.txt
2011-09-24 16:02:50 ----D---- C:\windows\system32\pl-pl
2011-09-24 16:02:49 ----D---- C:\windows\system32\pl
2011-09-24 16:02:49 ----D---- C:\windows\system32\bits
2011-09-24 16:02:49 ----D---- C:\windows\l2schemas
2011-09-24 15:58:57 ----D---- C:\windows\network diagnostic
2011-09-24 15:52:27 ----HD---- C:\windows\$NtServicePackUninstall$
2011-09-24 15:52:24 ----D---- C:\windows\EHome
2011-09-24 14:46:53 ----D---- C:\windows\system32\XPSViewer
2011-09-24 14:46:46 ----D---- C:\Program Files\MSBuild
2011-09-24 14:46:42 ----D---- C:\windows\system32\en-US
2011-09-24 14:46:33 ----D---- C:\Program Files\Reference Assemblies
2011-09-24 14:45:02 ----N---- C:\windows\system32\xpssvcs.dll
2011-09-24 14:45:02 ----N---- C:\windows\system32\xpsshhdr.dll
2011-09-24 14:45:02 ----N---- C:\windows\system32\prntvpt.dll
2011-09-24 14:37:23 ----HD---- C:\windows\$NtUninstallWIC$
2011-09-24 14:37:12 ----D---- C:\Program Files\MSXML 6.0
2011-09-24 13:33:43 ----HD---- C:\windows\$NtUninstallKB980218_0$
2011-09-24 13:33:31 ----HD---- C:\windows\$NtUninstallKB979683_0$
2011-09-24 13:33:24 ----HD---- C:\windows\$NtUninstallKB980195$
2011-09-24 13:33:18 ----HD---- C:\windows\$NtUninstallKB980232_0$
2011-09-24 13:33:13 ----HD---- C:\windows\$NtUninstallKB981350$
2011-09-24 13:33:07 ----HD---- C:\windows\$NtUninstallKB2229593_0$
2011-09-24 13:31:21 ----HD---- C:\windows\$NtUninstallKB978338_0$
2011-09-24 13:31:15 ----HD---- C:\windows\$NtUninstallKB977816$
2011-09-24 13:31:10 ----HD---- C:\windows\$NtUninstallKB981793$
2011-09-24 13:31:05 ----HD---- C:\windows\$NtUninstallKB978601_0$
2011-09-24 13:30:59 ----HD---- C:\windows\$NtUninstallKB979559_0$
2011-09-24 13:30:50 ----HD---- C:\windows\$NtUninstallKB978542_0$
2011-09-24 13:30:44 ----HD---- C:\windows\$NtUninstallKB979309_0$
2011-09-24 13:30:39 ----HD---- C:\windows\$NtUninstallKB978695_WM9$
2011-09-24 13:30:35 ----HD---- C:\windows\$NtUninstallKB979482_0$
2011-09-24 13:30:29 ----HD---- C:\windows\$NtUninstallKB975562_0$
2011-09-24 13:30:06 ----HD---- C:\windows\$NtUninstallKB982381_0$
2011-09-24 12:54:43 ----A---- C:\windows\system32\drivers\aswFsBlk.sys
2011-09-24 12:54:42 ----A---- C:\windows\system32\drivers\aswSP.sys
2011-09-24 12:54:39 ----A---- C:\windows\system32\drivers\aswTdi.sys
2011-09-24 12:54:39 ----A---- C:\windows\system32\drivers\aswRdr.sys
2011-09-24 12:54:38 ----A---- C:\windows\system32\drivers\aswSnx.sys
2011-09-24 12:54:36 ----A---- C:\windows\system32\drivers\aswmon2.sys
2011-09-24 12:54:36 ----A---- C:\windows\system32\drivers\aswmon.sys
2011-09-24 12:54:36 ----A---- C:\windows\system32\drivers\aavmker4.sys
2011-09-24 12:54:09 ----A---- C:\windows\system32\aswBoot.exe
2011-09-24 12:54:09 ----A---- C:\windows\avastSS.scr
2011-09-24 12:53:45 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software
2011-09-12 22:30:15 ----D---- C:\Documents and Settings\Magda\Dane aplikacji\PC Suite For Android Handset
2011-09-12 22:29:22 ----D---- C:\Program Files\PC Suite For Android Handset
2011-09-12 22:28:40 ----RA---- C:\windows\system32\wdfcoinstaller01005.dll
2011-09-12 22:28:40 ----RA---- C:\windows\system32\drivers\smhwser.sys
2011-09-12 22:28:40 ----RA---- C:\windows\system32\drivers\smhwdev.sys
2011-09-12 22:28:40 ----RA---- C:\windows\system32\drivers\smhwadb.sys
2011-09-09 21:08:01 ----D---- C:\Documents and Settings\Magda\Dane aplikacji\Kadu
2011-09-08 23:40:03 ----A---- C:\windows\BcdLog.txt
2011-09-08 23:40:01 ----A---- C:\windows\OutLog.txt
2011-09-08 23:36:56 ----D---- C:\Program Files\EASEUS
2011-09-08 17:58:05 ----D---- C:\untitled folder
2011-09-06 19:16:42 ----ASH---- C:\boot.ini
2011-09-06 02:15:19 ----A---- C:\windows\mbm3v0.ini
2011-09-06 02:14:38 ----A---- C:\windows\uninst.exe
2011-09-06 02:11:26 ----D---- C:\Program Files\NeoSmart Technologies
2011-09-05 19:26:15 ----D---- C:\Documents and Settings\Magda\Dane aplikacji\InfraRecorder
2011-09-04 20:08:04 ----D---- C:\Data
2011-09-04 19:34:37 ----D---- C:\cmdcons
2011-09-04 19:33:14 ----A---- C:\windows\zip.exe
2011-09-04 19:33:14 ----A---- C:\windows\SWXCACLS.exe
2011-09-04 19:33:14 ----A---- C:\windows\SWSC.exe
2011-09-04 19:33:14 ----A---- C:\windows\SWREG.exe
2011-09-04 19:33:14 ----A---- C:\windows\sed.exe
2011-09-04 19:33:14 ----A---- C:\windows\PEV.exe
2011-09-04 19:33:14 ----A---- C:\windows\NIRCMD.exe
2011-09-04 19:33:14 ----A---- C:\windows\MBR.exe
2011-09-04 19:33:14 ----A---- C:\windows\grep.exe
2011-09-04 19:33:09 ----D---- C:\windows\ERDNT
2011-09-04 19:09:03 ----HD---- C:\Documents and Settings\All Users\Dane aplikacji\Common Files
2011-09-04 19:08:00 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\MFAData
2011-09-04 17:53:32 ----D---- C:\Documents and Settings\Magda\Dane aplikacji\Opera
2011-09-04 17:53:22 ----D---- C:\Program Files\Opera
2011-09-04 17:44:12 ----D---- C:\Program Files\WapSter
2011-08-29 00:56:49 ----A---- C:\windows\ntbtlog.txt
2011-08-25 14:04:28 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Vodafone
2011-08-13 19:52:23 ----D---- C:\Documents and Settings\Magda\Dane aplikacji\ATI
2011-08-13 19:52:23 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\ATI
2011-08-13 15:57:03 ----D---- C:\Documents and Settings\Magda\Dane aplikacji\FLEXnet
2011-08-13 15:46:35 ----RA---- C:\windows\system32\drivers\massfilter.sys
2011-08-13 15:41:08 ----RA---- C:\windows\system32\drivers\ZTEusbnet.sys
2011-08-13 15:41:04 ----RA---- C:\windows\system32\drivers\ZTEusbmdm6k.sys
2011-08-13 15:41:00 ----RA---- C:\windows\system32\drivers\zteusbvoice.sys
2011-08-13 15:40:56 ----RA---- C:\windows\system32\drivers\ZTEusbnmea.sys
2011-08-13 15:40:52 ----RA---- C:\windows\system32\drivers\ZTEusbser6k.sys
2011-08-13 15:40:41 ----D---- C:\Documents and Settings\Magda\Dane aplikacji\Vodafone
2011-08-13 15:40:05 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\FLEXnet
2011-08-13 15:37:53 ----RSD---- C:\windows\assembly
2011-08-13 15:37:32 ----D---- C:\windows\Microsoft.NET
2011-07-31 00:01:42 ----A---- C:\windows\IsUn0415.exe
2011-07-29 22:17:00 ----N---- C:\windows\system32\ati2sgag.exe
2011-07-29 22:16:16 ----D---- C:\Program Files\ATI Technologies
2011-07-29 22:15:39 ----A---- C:\windows\system32\Oemdspif.dll
2011-07-29 22:15:39 ----A---- C:\windows\system32\ativvaxx.dll
2011-07-29 22:15:38 ----A---- C:\windows\system32\ativcoxx.dll
2011-07-29 22:15:38 ----A---- C:\windows\system32\atitvo32.dll
2011-07-29 22:15:38 ----A---- C:\windows\system32\atipdlxx.dll
2011-07-29 22:15:38 ----A---- C:\windows\system32\atiok3x2.dll
2011-07-29 22:15:38 ----A---- C:\windows\system32\atioglxx.dll
2011-07-29 22:15:38 ----A---- C:\windows\system32\atikvmag.dll
2011-07-29 22:15:38 ----A---- C:\windows\system32\atiiiexx.dll
2011-07-29 22:15:38 ----A---- C:\windows\system32\ATIDEMGX.dll
2011-07-29 22:15:38 ----A---- C:\windows\system32\ATIDDC.DLL
2011-07-29 22:15:38 ----A---- C:\windows\system32\atibrtmon.exe
2011-07-29 22:15:38 ----A---- C:\windows\system32\atiadlxx.dll
2011-07-29 22:15:38 ----A---- C:\windows\system32\ati3duag.dll
2011-07-29 22:15:37 ----A---- C:\windows\system32\drivers\ati2mtag.sys
2011-07-29 22:15:37 ----A---- C:\windows\system32\drivers\ati2erec.dll
2011-07-29 22:15:37 ----A---- C:\windows\system32\Ati2mdxx.exe
2011-07-29 22:15:37 ----A---- C:\windows\system32\ati2evxx.exe
2011-07-29 22:15:37 ----A---- C:\windows\system32\ati2evxx.dll
2011-07-29 22:15:37 ----A---- C:\windows\system32\ati2edxx.dll
2011-07-29 22:15:37 ----A---- C:\windows\system32\ati2dvag.dll
2011-07-29 22:15:37 ----A---- C:\windows\system32\ati2cqag.dll
2011-07-29 22:15:37 ----A---- C:\windows\system32\amdpcom32.dll
2011-07-29 21:43:20 ----D---- C:\Program Files\Common Files\InstallShield
2011-07-29 21:43:20 ----D---- C:\Program Files\Atheros
2011-07-28 19:54:11 ----D---- C:\Program Files\Atheros(2)
2011-07-28 19:53:51 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Atheros
2011-07-28 19:53:28 ----D---- C:\Program Files\Realtek

======List of files/folders modified in the last 2 months======

2011-09-25 14:48:04 ----A---- C:\windows\win.ini
2011-09-25 14:48:04 ----A---- C:\windows\system.ini
2011-09-25 14:11:08 ----A---- C:\windows\system32\PerfStringBackup.INI
2011-09-25 11:36:56 ----A---- C:\windows\SchedLgU.Txt
2011-09-25 11:19:20 ----A---- C:\windows\imsins.BAK
2011-09-25 10:32:18 ----A---- C:\windows\OEWABLog.txt
2011-09-09 11:12:04 ----A---- C:\windows\system32\crypt32.dll
2011-09-06 13:58:26 ----A---- C:\windows\system32\MRT.exe
2011-08-31 19:11:40 ----A---- C:\windows\WA.INI
2011-08-20 22:12:32 ----A---- C:\windows\DUMP703e.tmp

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2009-10-26 721904]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\windows\system32\drivers\Aavmker4.sys [2011-09-06 30808]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr.sys [2011-09-06 34392]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2011-09-06 442200]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2011-09-06 320856]
R1 aswTdi;avast! Network Shield Support; C:\windows\system32\drivers\aswTdi.sys [2011-09-06 52568]
R1 intelppm;Sterownik procesora Intel; C:\windows\system32\DRIVERS\intelppm.sys [2008-04-14 40448]
R2 aswFsBlk;aswFsBlk; C:\windows\system32\drivers\aswFsBlk.sys [2011-09-06 20568]
R2 aswMon2;avast! Standard Shield Support; C:\windows\system32\drivers\aswMon2.sys [2011-09-06 110552]
R3 ati2mtag;ati2mtag; C:\windows\system32\DRIVERS\ati2mtag.sys [2011-07-29 3331072]
R3 CAMCAUD;Conexant AMC 3D Environmental Audio; C:\windows\system32\drivers\camc6aud.sys [2005-06-17 38144]
R3 CAMCHALA;CAMCHALA; C:\windows\system32\drivers\camc6hal.sys [2005-06-17 352000]
R3 rtl8139;Sterownik NT karty Realtek RTL8139(A/B/C)-based PCI Fast Ethernet; C:\windows\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 vodafone_K380x-z_dc_enum;vodafone_K380x-z_dc_enum; C:\windows\system32\DRIVERS\vodafone_K380x-z_dc_enum.sys [2010-05-20 80000]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\windows\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S1 Amfilter;Compatible Mouse Filter Driver; C:\windows\system32\DRIVERS\Amfilter.sys []
S1 kbdhid;Sterownik klawiatury HID; C:\windows\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S3 abo5tqyq;abo5tqyq; C:\windows\system32\drivers\abo5tqyq.sys []
S3 Amusbprt;Compatible HID-compliant Mouse Driver; C:\windows\system32\DRIVERS\Amusbprt.sys []
S3 androidusb;ADB Interface Driver; C:\windows\System32\Drivers\smhwadb.sys [2010-06-25 25728]
S3 AR5211;Atheros Wireless Network Adapter Service; C:\windows\system32\DRIVERS\ar5211.sys [2005-05-25 465952]
S3 CCDECODE;Dekoder napisów; C:\windows\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 hidusb;Sterownik Microsoft klasy HID; C:\windows\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\windows\system32\DRIVERS\ewusbmdm.sys []
S3 massfilter;MBB Mass Storage Filter Driver; C:\windows\system32\DRIVERS\massfilter.sys [2010-08-11 9216]
S3 mouhid;Sterownik myszy HID; C:\windows\system32\DRIVERS\mouhid.sys [2004-08-04 12160]
S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\windows\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Koder-dekoder NABTS/FEC VBI; C:\windows\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Połączenie TV/wideo firmy Microsoft; C:\windows\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\windows\system32\drivers\ccdcmb.sys []
S3 nmwcdc;Nokia USB Generic; C:\windows\system32\drivers\ccdcmbo.sys []
S3 NPF;WinPcap Packet Driver (NPF); C:\windows\system32\drivers\NPF.sys [2010-11-02 50704]
S3 SLIP;BDA Slip De-Framer; C:\windows\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 smhwdev;SmartPhone dummy USB PNP Device (Normal); C:\windows\system32\DRIVERS\smhwdev.sys [2010-06-25 100864]
S3 smhwser;USB Device for Legacy Serial Communication (Normal); C:\windows\system32\DRIVERS\smhwser.sys [2010-06-25 108032]
S3 streamip;BDA IPSink; C:\windows\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerflt.sys []
S3 USBAAPL;Apple Mobile USB Driver; C:\windows\System32\Drivers\usbaapl.sys []
S3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\windows\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbscan;Sterownik skanera USB; C:\windows\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltj.sys []
S3 USBSTOR;Sterownik magazynu masowego USB; C:\windows\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WSTCODEC;Kodery-dekodery teletekstu w standardzie światowym; C:\windows\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\windows\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\windows\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 ZSMC0305;A4 TECH PC Camera V; C:\windows\System32\Drivers\usbVM305.sys [2006-05-08 391688]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\windows\system32\DRIVERS\ZTEusbmdm6k.sys [2010-08-11 105856]
S3 ZTEusbnet;ZTE USB-NDIS miniport; C:\windows\system32\DRIVERS\ZTEusbnet.sys [2010-08-11 114688]
S3 ZTEusbnmea;ZTE NMEA Port; C:\windows\system32\DRIVERS\ZTEusbnmea.sys [2010-08-11 105856]
S3 ZTEusbser6k;ZTE Diagnostic Port; C:\windows\system32\DRIVERS\ZTEusbser6k.sys [2010-08-11 105856]
S3 ZTEusbvoice;ZTE VoUSB Port; C:\windows\system32\DRIVERS\ZTEusbvoice.sys [2010-08-11 105856]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\windows\system32\Ati2evxx.exe [2011-07-29 581632]
R2 avast! Antivirus;avast! Antivirus; D:\AVAST Software\AvastSvc.exe [2011-09-06 44768]
R2 Bonjour Service;Usługa Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2010-07-27 345376]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-05-04 153376]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2008-09-23 593920]
S2 gupdate;Usługa Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-12 136176]
S2 PEVSystemStart;PEVSystemStart; C:\ComboFix\pev.3XE EXEC /i C:\ComboFix\HIDEC.3XE C:\ComboFix\SWREG.3XE ACL HKEY_LOCAL_MACHINE\System\CurrentControlSet\Enum\Root\LEGACY_Beep /RESET /Q []
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Usługa Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-12 136176]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WMPNetworkSvc;Usługa udostępniania w sieci programu Windows Media Player; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-12-01 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\windows\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
[/log]

INFO:
[log] info.txt logfile of random's system information tool 1.09 2011-09-25 15:09:59

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
µTorrent-->"D:\torre\uTorrent.exe" /UNINSTALL
7-Zip 9.20-->"C:\Program Files\7-Zip\Uninstall.exe"
A4 TECH PC Camera V-->C:\Program Files\InstallShield Installation Information\{8AD824A5-1CCC-4BB7-82C9-E6FB25CC0479}\setup.exe -runfromtemp -l0x0015 -removeonly
ACE Mega CoDecS Pack-->"C:\Program Files\ACE Mega CoDecS Pack\unins000.exe"
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10x_Plugin.exe -maintain plugin
Adobe Reader 9.4.6 - Polish-->MsiExec.exe /I{AC76BA86-7AD7-1045-7B44-A94000000001}
Adobe Shockwave Player 11.5-->"C:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe"
Aktualizacja dla systemu Windows XP (KB2345886)-->"C:\WINDOWS\$NtUninstallKB2345886$\spuninst\spuninst.exe"
Aktualizacja dla systemu Windows XP (KB2541763)-->"C:\WINDOWS\$NtUninstallKB2541763$\spuninst\spuninst.exe"
Aktualizacja dla systemu Windows XP (KB2616676-v2)-->"C:\WINDOWS\$NtUninstallKB2616676-v2$\spuninst\spuninst.exe"
Aktualizacja dla systemu Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Aktualizacja dla systemu Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
Aktualizacja dla systemu Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Aktualizacja dla systemu Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Aktualizacja dla systemu Windows XP (KB971029)-->"C:\WINDOWS\$NtUninstallKB971029$\spuninst\spuninst.exe"
Aktualizacja dla systemu Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
Aktualizacja dla systemu Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Aktualizacja dla systemu Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Aktualizacja dla systemu Windows XP (KB976749)-->"C:\WINDOWS\$NtUninstallKB976749$\spuninst\spuninst.exe"
Aktualizacja dla systemu Windows XP (KB978207)-->"C:\WINDOWS\$NtUninstallKB978207$\spuninst\spuninst.exe"
Aktualizacja dla systemu Windows XP (KB980182)-->"C:\WINDOWS\$NtUninstallKB980182$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla programu Windows Media Player (KB2378111)-->"C:\WINDOWS\$NtUninstallKB2378111_WM9$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla programu Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla programu Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla programu Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla programu Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9L$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla programu Windows Media Player (KB975558)-->"C:\WINDOWS\$NtUninstallKB975558_WM8$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla programu Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla programu Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2079403)-->"C:\WINDOWS\$NtUninstallKB2079403$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2115168)-->"C:\WINDOWS\$NtUninstallKB2115168$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2296011)-->"C:\WINDOWS\$NtUninstallKB2296011$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2347290)-->"C:\WINDOWS\$NtUninstallKB2347290$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2360937)-->"C:\WINDOWS\$NtUninstallKB2360937$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2387149)-->"C:\WINDOWS\$NtUninstallKB2387149$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2393802)-->"C:\WINDOWS\$NtUninstallKB2393802$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2412687)-->"C:\WINDOWS\$NtUninstallKB2412687$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2419632)-->"C:\WINDOWS\$NtUninstallKB2419632$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2423089)-->"C:\WINDOWS\$NtUninstallKB2423089$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2440591)-->"C:\WINDOWS\$NtUninstallKB2440591$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2443105)-->"C:\WINDOWS\$NtUninstallKB2443105$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2476490)-->"C:\WINDOWS\$NtUninstallKB2476490$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2478960)-->"C:\WINDOWS\$NtUninstallKB2478960$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2478971)-->"C:\WINDOWS\$NtUninstallKB2478971$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2479943)-->"C:\WINDOWS\$NtUninstallKB2479943$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2481109)-->"C:\WINDOWS\$NtUninstallKB2481109$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2483185)-->"C:\WINDOWS\$NtUninstallKB2483185$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2485663)-->"C:\WINDOWS\$NtUninstallKB2485663$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2503665)-->"C:\WINDOWS\$NtUninstallKB2503665$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2506212)-->"C:\WINDOWS\$NtUninstallKB2506212$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2507618)-->"C:\WINDOWS\$NtUninstallKB2507618$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2507938)-->"C:\WINDOWS\$NtUninstallKB2507938$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2508272)-->"C:\WINDOWS\$NtUninstallKB2508272$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2508429)-->"C:\WINDOWS\$NtUninstallKB2508429$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2509553)-->"C:\WINDOWS\$NtUninstallKB2509553$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2510581)-->"C:\WINDOWS\$NtUninstallKB2510581$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2535512)-->"C:\WINDOWS\$NtUninstallKB2535512$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2536276-v2)-->"C:\WINDOWS\$NtUninstallKB2536276-v2$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2544521)-->"C:\WINDOWS\$NtUninstallKB2544521$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2544893)-->"C:\WINDOWS\$NtUninstallKB2544893$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2555917)-->"C:\WINDOWS\$NtUninstallKB2555917$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2559049)-->"C:\WINDOWS\$NtUninstallKB2559049$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2562937)-->"C:\WINDOWS\$NtUninstallKB2562937$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2566454)-->"C:\WINDOWS\$NtUninstallKB2566454$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2567680)-->"C:\WINDOWS\$NtUninstallKB2567680$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2570222)-->"C:\WINDOWS\$NtUninstallKB2570222$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2570947)-->"C:\WINDOWS\$NtUninstallKB2570947$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Aktualizacja zabezpieczeń dla systemu Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB961371-v2)-->"C:\WINDOWS\$NtUninstallKB961371-v2$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB972260)-->"C:\WINDOWS\$NtUninstallKB972260$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB974455)-->"C:\WINDOWS\$NtUninstallKB974455$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB975561)-->"C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB976325)-->"C:\WINDOWS\$NtUninstallKB976325$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB977165)-->"C:\WINDOWS\$NtUninstallKB977165$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB978251)-->"C:\WINDOWS\$NtUninstallKB978251$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB978262)-->"C:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB979559)-->"C:\WINDOWS\$NtUninstallKB979559$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB979683)-->"C:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB979687)-->"C:\WINDOWS\$NtUninstallKB979687$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB980195)-->"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB980218)-->"C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB980436)-->"C:\WINDOWS\$NtUninstallKB980436$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB981322)-->"C:\WINDOWS\$NtUninstallKB981322$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB981997)-->"C:\WINDOWS\$NtUninstallKB981997$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB982132)-->"C:\WINDOWS\$NtUninstallKB982132$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB982381)-->"C:\WINDOWS\$NtUninstallKB982381$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB982665)-->"C:\WINDOWS\$NtUninstallKB982665$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Atheros Wireless LAN MiniPCI card Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{05832D65-6EDB-4D32-BA78-BCD0E2B91C02}\setup.exe" -l0x15
ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
avast! Free Antivirus-->D:\AVAST Software\aswRunDll.exe "D:\AVAST Software\Setup\setiface.dll" RunSetup
Bonjour-->MsiExec.exe /X{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}
Catalyst Control Center - Branding-->MsiExec.exe /I{FA3A247D-437A-455E-A88F-7EB6E5F9E799}
Conexant AC-Link Audio-->C:\Program Files\CONEXANT\CNXT_AUDIO\HXFSETUP.EXE -U -ItosEW6a.INF
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Java™ 6 Update 26-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216022FF}
Microsoft .NET Framework 1.1 Polish Language Pack-->MsiExec.exe /X{64CB2553-C109-4132-AA51-1F421B515FD1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9-->"C:\WINDOWS\$NtUninstallWdf01009$\spuninst\spuninst.exe"
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Mozilla Firefox 5.0.1 (x86 pl)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
NapiProjekt 1.0.6.7-->"C:\Program Files\NAPI-PROJEKT\unins000.exe"
PC Suite For Android Handset-->C:\Program Files\PC Suite For Android Handset\uninst.exe
Poprawka dla programu Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Poprawka dla systemu Windows XP (KB2570791)-->"C:\WINDOWS\$NtUninstallKB2570791$\spuninst\spuninst.exe"
Poprawka dla systemu Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Poprawka dla systemu Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Poprawka dla systemu Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
Poprawka dla systemu Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"
Poprawka dla systemu Windows XP (KB979306)-->"C:\WINDOWS\$NtUninstallKB979306$\spuninst\spuninst.exe"
Poprawka dla systemu Windows XP (KB981793)-->"C:\WINDOWS\$NtUninstallKB981793$\spuninst\spuninst.exe"
Skype™ 5.0-->MsiExec.exe /X{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
WapSter AQQ-->D:\WapSter AQQ\uninstall.exe
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"

======System event log======

Computer Name: AMBEREK
Event Code: 7036
Message: Usługa Zarządzanie aplikacjami weszła w stan zatrzymania.

Record Number: 16682
Source Name: Service Control Manager
Time Written: 20110908192634.000000+120
Event Type: informacje
User:

Computer Name: AMBEREK
Event Code: 7035
Message: Do usługi Zarządzanie aplikacjami został pomyślnie wysłany kod sterowania uruchom.

Record Number: 16681
Source Name: Service Control Manager
Time Written: 20110908192634.000000+120
Event Type: informacje
User: AMBEREK\Magda

Computer Name: AMBEREK
Event Code: 7023
Message: Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący błąd:
Nie można odnaleźć określonego modułu.


Record Number: 16680
Source Name: Service Control Manager
Time Written: 20110908192634.000000+120
Event Type: błąd
User:

Computer Name: AMBEREK
Event Code: 7036
Message: Usługa Zarządzanie aplikacjami weszła w stan zatrzymania.

Record Number: 16679
Source Name: Service Control Manager
Time Written: 20110908192634.000000+120
Event Type: informacje
User:

Computer Name: AMBEREK
Event Code: 7035
Message: Do usługi Zarządzanie aplikacjami został pomyślnie wysłany kod sterowania uruchom.

Record Number: 16678
Source Name: Service Control Manager
Time Written: 20110908192634.000000+120
Event Type: informacje
User: AMBEREK\Magda

=====Application event log=====

Computer Name: AMBEREK
Event Code: 0
Message: DEV: type=PortInserted, name=COM6

Record Number: 11694
Source Name: VmbService
Time Written: 20110830000628.000000+120
Event Type: informacje
User:

Computer Name: AMBEREK
Event Code: 0
Message: DEV: type=PortInserted, name=COM5

Record Number: 11693
Source Name: VmbService
Time Written: 20110830000628.000000+120
Event Type: informacje
User:

Computer Name: AMBEREK
Event Code: 0
Message: DEV: type=PortInserted, name=COM4

Record Number: 11692
Source Name: VmbService
Time Written: 20110830000628.000000+120
Event Type: informacje
User:

Computer Name: AMBEREK
Event Code: 0
Message: DEV: type=PortInserted, name=COM3

Record Number: 11691
Source Name: VmbService
Time Written: 20110830000628.000000+120
Event Type: informacje
User:

Computer Name: AMBEREK
Event Code: 0
Message: GetClient

Record Number: 11690
Source Name: VmbService
Time Written: 20110830000626.000000+120
Event Type: informacje
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\QuickTime\QTSystem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 13 Stepping 8, GenuineIntel
"PROCESSOR_REVISION"=0d08
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------
[/log]

Z góry dzieki za pomoc.

wirusolog
komentarz
komentarz

Uruchom [b]OTL[/b] i w dolne białe pole wklej to:
[code]
:OTL
MsConfig - StartUpReg: ALLUpdate - hkey= - key= - File not found
MsConfig - StartUpReg: BitComet - hkey= - key= - File not found
MsConfig - StartUpReg: Google Update - hkey= - key= - File not found
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - File not found
MsConfig - StartUpReg: MS32DLL - hkey= - key= - File not found
MsConfig - StartUpReg: My Document - hkey= - key= - File not found
MsConfig - StartUpReg: Nowe Gadu-Gadu - hkey= - key= - File not found
MsConfig - StartUpReg: RegistryBooster - hkey= - key= - File not found
MsConfig - StartUpReg: sniffer - hkey= - key= - File not found
O3 - HKU\S-1-5-21-1482476501-842925246-1801674531-1004\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "Mario Forever Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2247187&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.9.1.14019
FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?client=ff&src=kw&tb=UT2V5&o=15158&locale=en_US&apn_uid=D9D6ED1C-A748-4BE1-9AC6-154D6A896813&apn_ptnrs=UG&apn_sauid=C3B47509-2F38-4442-987B-DF98827BB9C4&apn_dtid=&q="

:Files
C:\DOCUMENTS AND SETTINGS\MAGDA\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\1Q0OKFFK.DEFAULT\EXTENSIONS\{DD05FD3D-18DF-4CE4-AE53-E795339C5F01}.XPI
C:\Documents and Settings\Magda\Dane aplikacji\Mozilla\Firefox\Profiles\1q0okffk.default\searchplugins\askcom.xml
C:\Documents and Settings\Magda\Dane aplikacji\Mozilla\Firefox\Profiles\1q0okffk.default\searchplugins\conduit.xml
C:\Documents and Settings\Magda\Dane aplikacji\Mozilla\Firefox\Profiles\1q0okffk.default\extensions\{707db484-2428-402d-afb5-d85b387544c7}
C:\Documents and Settings\Magda\Ustawienia lokalne\Temp\pyl37.tmp
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\DUMP703e.tmp
C:\WINDOWS\Temp\_ex-08.exe
C:\Documents and Settings\Magda\Pulpit\Application Form

:Services
PEVSystemStart

:Reg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"6592:TCP" =-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Documents and Settings\Magda\Ustawienia lokalne\Temp\pyl37.tmp\pyrun.exe" =-
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2]

:Commands
[emptyflash]
[emptytemp][/code]
Kliknij w [b]Wykonaj skrypt[/b]. Zatwierdź restart komputera.

[b]2.[/b] Ściągnij [url=http://www.teamxscript.org/too/AD-R.exe][b][color=blue][u]Ad-Remover[/url][/b][/color][/u] i wciśnij w nim [size=150][b]Clean[/b][/size]
Pokaż raport z tego narzędzia.

[b]3.[/b] Następnie uruchamiasz OTL ponownie, tym razem wywołujesz opcję [b]Skanuj[/b]. Pokazujesz log.

[b]4.[/b] Tworzysz i wklejasz log z [url=http://www.forumkomputerowe.pl/topic/6337-instrukcja-obslugi-tdsskiller/][b][color=blue][u]TDSSKiller'a[/url][/b][/color][/u]. Jeżeli coś wykryje ignoruj a jedynie wklej loga.

[b]5.[/b] Podłącz wszystkie urządzenia przenośne ([b]pendrive / komórki / mp3 / dyski przenośne[/b]) i użyj [url=http://www.hotfix.pl/uzytkowanie-programu-usbfix-a310.htm][b][color=blue][u]USBFix[/url][/b][/color][/u] z opcji [b][color=#FFA500]DELETION[/color][/b].
Pokaż raport z usuwania (wszystko opisane jest w poradniku)!

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.