x-kom hosting

Komputer strasznie muli, filmy tna

makavel1983
utworzono
utworzono (edytowane)

Witam mam problem z komputerem moich rodzicow, strasznie wszystko muli, ostatnio wykrylem z pomoca "malwarebytes , anti malware" trojan.downloadera i prawdopodobnie go usunalem, ale komputer muli dalej : oto LOGI:

OTL
[i][b][log] OTL logfile created on: 2011-12-20 19:40:58 - Run 1[/b][/i]
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Właściciel\Moje dokumenty\Downloads
Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1023,48 Mb Total Physical Memory | 183,63 Mb Available Physical Memory | 17,94% Memory free
1,66 Gb Paging File | 0,92 Gb Available in Paging File | 55,65% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 18,63 Gb Total Space | 2,32 Gb Free Space | 12,48% Space Free | Partition Type: FAT32
Drive D: | 18,64 Gb Total Space | 7,88 Gb Free Space | 42,28% Space Free | Partition Type: NTFS
Drive E: | 18,64 Gb Total Space | 3,86 Gb Free Space | 20,72% Space Free | Partition Type: NTFS
Drive F: | 18,64 Gb Total Space | 4,78 Gb Free Space | 25,64% Space Free | Partition Type: NTFS
Drive I: | 298,02 Gb Total Space | 241,28 Gb Free Space | 80,96% Space Free | Partition Type: FAT32

Computer Name: W-0CD416825FCE4 | User Name: Właściciel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2011-12-20 19:38:54 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Właściciel\Moje dokumenty\Downloads\OTL.exe
PRC - [2011-12-07 12:16:30 | 001,047,096 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2011-12-04 10:22:08 | 000,855,904 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe
PRC - [2011-12-04 10:21:56 | 000,827,232 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
PRC - [2011-12-03 01:22:12 | 002,415,456 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2011-11-28 01:19:04 | 001,229,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2011-10-24 14:28:52 | 000,421,888 | ---- | M] (Apple Inc.) -- C:\Program Files\QuickTime\QTTask.exe
PRC - [2011-10-12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011-09-08 20:53:26 | 000,743,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2011-08-31 17:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011-08-31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011-08-15 06:21:40 | 000,337,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2011-08-02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2011-05-04 04:52:36 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2011-04-08 12:59:52 | 000,507,624 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2011-04-08 12:59:52 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2011-01-20 11:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2010-09-20 23:07:44 | 000,932,288 | R--- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
PRC - [2010-09-03 14:43:14 | 001,424,384 | ---- | M] (Siliten) -- C:\Program Files\SilverCrest MTS2219-SL Driver\KbClient_FD2.exe
PRC - [2010-09-03 14:42:50 | 000,860,672 | ---- | M] (Siliten) -- C:\Program Files\SilverCrest MTS2219-SL Driver\MouClient_FD2.exe
PRC - [2010-08-17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2010-04-06 02:27:46 | 026,102,056 | ---- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe
PRC - [2010-04-06 02:27:46 | 000,078,008 | R--- | M] (Skype Technologies) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe
PRC - [2009-08-21 11:36:46 | 000,878,080 | ---- | M] (ActMask Co.,Ltd - [url="http://www.all2pdf.com"]http://www.all2pdf.com[/url]) -- C:\WINDOWS\system32\PrintDisp.exe
PRC - [2009-06-26 15:25:24 | 000,356,352 | ---- | M] () -- C:\Program Files\ScanWizard 5\ScannerFinder.exe
PRC - [2009-06-16 07:38:34 | 000,077,824 | ---- | M] (ActMask Co.,Ltd - [url="HTTP://WWW.ALL2PDF.COM"]HTTP://WWW.ALL2PDF.COM[/url]) -- C:\WINDOWS\system32\PrintCtrl.exe
PRC - [2009-02-09 13:25:58 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2008-06-20 12:08:08 | 000,065,536 | ---- | M] (France Telecom SA) -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
PRC - [2008-05-02 22:46:00 | 000,159,812 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2008-04-15 12:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-15 12:00:00 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-15 12:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008-04-15 12:00:00 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2008-04-15 12:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
PRC - [2008-04-15 12:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2008-04-15 12:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008-04-15 12:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008-04-15 12:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-15 12:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-15 12:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-15 12:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2008-04-15 12:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-15 12:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-15 12:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008-04-14 22:51:32 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
PRC - [2006-11-13 14:57:16 | 001,289,000 | ---- | M] (Microsoft Corporation) -- D:\medion\wcescomm.exe
PRC - [2006-11-13 14:57:06 | 000,199,464 | ---- | M] (Microsoft Corporation) -- D:\medion\rapimgr.exe
PRC - [2004-06-09 08:37:02 | 000,040,960 | R--- | M] (BIGDOG) -- C:\WINDOWS\VM_STI.EXE


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2011-12-20 19:38:54 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Właściciel\Moje dokumenty\Downloads\OTL.exe
MOD - [2011-12-17 18:32:16 | 000,859,488 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1857_0\plugins\avgnpss.dll
MOD - [2011-12-16 12:24:06 | 005,094,240 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcorex.dll
MOD - [2011-12-07 12:16:30 | 001,047,096 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
MOD - [2011-12-07 12:16:30 | 000,411,192 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\16.0.912.63\ppgooglenaclpluginchrome.dll
MOD - [2011-12-07 12:16:28 | 003,767,864 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\16.0.912.63\pdf.dll
MOD - [2011-12-07 12:15:06 | 009,848,888 | ---- | M] (The ICU Project) -- C:\Program Files\Google\Chrome\Application\16.0.912.63\icudt.dll
MOD - [2011-12-07 12:15:00 | 028,802,616 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\16.0.912.63\chrome.dll
MOD - [2011-12-07 12:14:58 | 000,122,952 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\16.0.912.63\avutil-51.dll
MOD - [2011-12-07 12:14:56 | 000,222,280 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\16.0.912.63\avformat-53.dll
MOD - [2011-12-07 12:14:54 | 001,746,504 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\16.0.912.63\avcodec-53.dll
MOD - [2011-12-07 08:22:34 | 008,593,056 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\16.0.912.63\gcswf32.dll
MOD - [2011-12-04 10:22:08 | 000,855,904 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe
MOD - [2011-12-04 10:21:56 | 000,827,232 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
MOD - [2011-12-03 01:22:12 | 002,415,456 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
MOD - [2011-12-02 03:16:40 | 000,913,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgxpl.dll
MOD - [2011-11-29 11:56:54 | 001,866,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwd.dll
MOD - [2011-11-29 11:56:48 | 000,823,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcslx.dll
MOD - [2011-11-28 01:19:04 | 001,229,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
MOD - [2011-11-23 20:06:44 | 000,022,400 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\Skype\Plugins\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games\53F537B72987463CB06D78F5541A3239\skGamesUpdate.dll
MOD - [2011-11-22 02:26:48 | 003,111,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avguires.dll
MOD - [2011-11-12 01:20:06 | 000,327,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgidpmx.dll
MOD - [2011-11-05 14:13:50 | 011,081,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ieframe.dll
MOD - [2011-11-04 20:13:50 | 002,000,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iertutil.dll
MOD - [2011-11-04 20:13:50 | 001,212,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\urlmon.dll
MOD - [2011-11-04 20:13:50 | 000,916,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wininet.dll
MOD - [2011-11-01 17:07:04 | 001,288,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2011-10-24 14:28:52 | 000,421,888 | ---- | M] (Apple Inc.) -- C:\Program Files\QuickTime\QTTask.exe
MOD - [2011-10-12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
MOD - [2011-10-10 06:23:48 | 000,891,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgntopensslx.dll
MOD - [2011-10-10 06:23:48 | 000,137,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgopensslx.dll
MOD - [2011-10-10 06:23:44 | 000,934,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcfgx.dll
MOD - [2011-10-10 06:23:42 | 001,159,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgidpsdkx.dll
MOD - [2011-10-06 06:42:44 | 000,276,320 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avglogx.dll
MOD - [2011-10-04 06:23:16 | 000,365,408 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgsysx.dll
MOD - [2011-10-04 06:22:56 | 000,244,064 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgclitx.dll
MOD - [2011-09-28 08:06:42 | 000,602,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\crypt32.dll
MOD - [2011-09-26 11:41:20 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleacc.dll
MOD - [2011-09-08 20:53:26 | 000,743,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
MOD - [2011-08-31 17:00:50 | 002,223,176 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll
MOD - [2011-08-31 17:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
MOD - [2011-08-31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
MOD - [2011-08-31 17:00:48 | 000,173,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll
MOD - [2011-08-15 06:21:40 | 000,337,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
MOD - [2011-08-15 06:21:38 | 000,429,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgchjwx.dll
MOD - [2011-08-15 06:21:38 | 000,364,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcclix.dll
MOD - [2011-08-15 06:21:36 | 000,225,632 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcertx.dll
MOD - [2011-08-05 06:10:54 | 000,515,936 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgdecider.dll
MOD - [2011-08-02 06:09:10 | 000,376,128 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdwsc.dll
MOD - [2011-08-02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
MOD - [2011-08-02 06:08:36 | 000,499,040 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgsrmx.dll
MOD - [2011-08-02 06:08:34 | 000,548,704 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgsched.dll
MOD - [2011-08-02 06:08:32 | 000,176,992 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avglngx.dll
MOD - [2011-08-02 06:08:14 | 000,172,384 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgchclx.dll
MOD - [2011-05-14 01:17:40 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
MOD - [2011-05-14 01:12:34 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll
MOD - [2011-05-04 04:52:36 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
MOD - [2011-04-29 19:25:12 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schannel.dll
MOD - [2011-04-08 12:59:52 | 000,507,624 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
MOD - [2011-04-08 12:59:52 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
MOD - [2011-03-04 08:36:56 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\jscript.dll
MOD - [2011-03-03 08:55:00 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dnsapi.dll
MOD - [2011-02-08 15:33:58 | 000,978,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42.dll
MOD - [2011-02-08 15:33:58 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42u.dll
MOD - [2011-01-21 15:44:12 | 008,491,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2011-01-20 11:20:44 | 002,834,240 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\Engine.dll
MOD - [2011-01-20 11:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
MOD - [2011-01-20 11:19:46 | 001,455,424 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTCommonRes.dll
MOD - [2010-12-22 13:34:22 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kerberos.dll
MOD - [2010-12-21 10:33:52 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Java\jre6\bin\msvcr71.dll
MOD - [2010-12-20 19:32:08 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2010-12-20 18:25:52 | 000,732,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsasrv.dll
MOD - [2010-12-09 16:15:26 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2010-11-29 09:38:50 | 000,292,160 | ---- | M] (DT Soft Ltd.) -- C:\Program Files\DAEMON Tools Lite\imgengine.dll
MOD - [2010-11-18 14:50:14 | 000,770,384 | ---- | M] (Microsoft Corporation) -- C:\Program Files\DAEMON Tools Lite\msvcr100.dll
MOD - [2010-11-18 14:50:14 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files\DAEMON Tools Lite\msvcp100.dll
MOD - [2010-11-18 14:50:12 | 004,368,720 | ---- | M] (Microsoft Corporation) -- C:\Program Files\DAEMON Tools Lite\mfc100u.dll
MOD - [2010-11-09 15:52:36 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbc32.dll
MOD - [2010-10-23 02:47:24 | 001,748,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22509_x-ww_c7dad023\GdiPlus.dll
MOD - [2010-09-22 18:12:42 | 000,378,264 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll
MOD - [2010-09-20 23:07:44 | 000,932,288 | R--- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
MOD - [2010-09-03 14:43:14 | 001,424,384 | ---- | M] (Siliten) -- C:\Program Files\SilverCrest MTS2219-SL Driver\KbClient_FD2.exe
MOD - [2010-09-03 14:42:50 | 000,860,672 | ---- | M] (Siliten) -- C:\Program Files\SilverCrest MTS2219-SL Driver\MouClient_FD2.exe
MOD - [2010-09-03 14:31:36 | 000,053,248 | ---- | M] () -- C:\Program Files\SilverCrest MTS2219-SL Driver\UniFunc.dll
MOD - [2010-08-27 07:54:14 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srvsvc.dll
MOD - [2010-08-23 18:12:56 | 000,617,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comctl32.dll
MOD - [2010-08-23 18:12:54 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010-08-17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
MOD - [2010-08-16 10:45:10 | 000,590,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2010-07-25 11:40:44 | 000,077,824 | ---- | M] (Siliten) -- C:\Program Files\SilverCrest MTS2219-SL Driver\BackInDll.dll
MOD - [2010-06-14 09:43:18 | 001,172,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msxml3.dll
MOD - [2010-04-16 17:38:54 | 000,406,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usp10.dll
MOD - [2010-04-06 02:27:46 | 026,102,056 | ---- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe
MOD - [2010-04-06 02:27:46 | 003,347,640 | R--- | M] (EasyBits Media AS) -- C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll
MOD - [2010-04-06 02:27:46 | 000,078,008 | R--- | M] (Skype Technologies) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe
MOD - [2010-03-10 06:43:04 | 001,509,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shdocvw.dll
MOD - [2010-03-10 06:43:00 | 001,025,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browseui.dll
MOD - [2009-12-24 09:04:54 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wintrust.dll
MOD - [2009-12-08 11:25:46 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2009-10-13 12:34:26 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oakley.dll
MOD - [2009-10-12 15:40:14 | 000,150,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rastls.dll
MOD - [2009-10-12 15:40:14 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\raschap.dll
MOD - [2009-09-11 16:19:44 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msv1_0.dll
MOD - [2009-09-04 23:05:36 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msasn1.dll
MOD - [2009-08-25 11:19:46 | 000,354,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winhttp.dll
MOD - [2009-08-21 11:36:46 | 000,878,080 | ---- | M] (ActMask Co.,Ltd - [url="http://www.all2pdf.com"]http://www.all2pdf.com[/url]) -- C:\WINDOWS\system32\PrintDisp.exe
MOD - [2009-08-06 19:23:46 | 001,929,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuaueng.dll
MOD - [2009-07-28 00:19:10 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shsvcs.dll
MOD - [2009-07-22 16:58:26 | 000,258,048 | ---- | M] () -- C:\Program Files\ScanWizard 5\SFRes.dll
MOD - [2009-07-17 21:04:02 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\atl.dll
MOD - [2009-07-17 18:17:58 | 001,439,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\query.dll
MOD - [2009-07-12 00:02:02 | 003,780,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll
MOD - [2009-07-12 00:02:02 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
MOD - [2009-07-12 00:02:00 | 000,569,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
MOD - [2009-06-26 15:25:24 | 000,356,352 | ---- | M] () -- C:\Program Files\ScanWizard 5\ScannerFinder.exe
MOD - [2009-06-25 10:27:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2009-06-25 10:27:54 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdigest.dll
MOD - [2009-06-16 07:38:34 | 000,077,824 | ---- | M] (ActMask Co.,Ltd - [url="HTTP://WWW.ALL2PDF.COM"]HTTP://WWW.ALL2PDF.COM[/url]) -- C:\WINDOWS\system32\PrintCtrl.exe
MOD - [2009-06-10 08:16:42 | 000,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wkssvc.dll
MOD - [2009-05-07 17:34:14 | 000,347,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\localspl.dll
MOD - [2009-05-01 11:47:08 | 000,029,184 | ---- | M] (ActMask Co.,Ltd) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\ActPrint.dll
MOD - [2009-03-21 16:09:00 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2009-03-08 04:34:48 | 000,236,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\webcheck.dll
MOD - [2009-03-08 04:32:48 | 000,128,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advpack.dll
MOD - [2009-03-06 16:22:12 | 000,285,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pdh.dll
MOD - [2009-02-09 13:25:58 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
MOD - [2009-02-09 12:53:44 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2009-02-09 12:53:44 | 000,473,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\fastprox.dll
MOD - [2009-02-09 12:53:44 | 000,453,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvsd.dll
MOD - [2009-02-09 12:53:44 | 000,401,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcss.dll
MOD - [2009-02-05 10:16:26 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\ScanWizard 5\Scanners\Mssti.dll
MOD - [2009-01-07 18:20:36 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\normaliz.dll
MOD - [2008-12-17 14:19:40 | 000,090,112 | R--- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 9.0\Reader\LogTransport2.dll
MOD - [2008-10-23 14:42:42 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-10-15 18:36:56 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netapi32.dll
MOD - [2008-07-07 22:29:10 | 000,253,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\es.dll
MOD - [2008-06-24 18:46:34 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mscms.dll
MOD - [2008-06-20 18:04:24 | 000,246,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mswsock.dll
MOD - [2008-06-20 12:08:08 | 000,065,536 | ---- | M] (France Telecom SA) -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
MOD - [2008-06-20 12:07:50 | 000,026,112 | ---- | M] (France Telecom SA) -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\IfHelper.dll
MOD - [2008-06-12 16:23:52 | 000,428,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msdtcprx.dll
MOD - [2008-06-12 16:23:52 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msdtcuiu.dll
MOD - [2008-06-12 16:23:52 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mtxclu.dll
MOD - [2008-05-02 22:46:00 | 000,425,984 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvapi.dll
MOD - [2008-05-02 22:46:00 | 000,258,048 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvrspl.dll
MOD - [2008-05-02 22:46:00 | 000,159,812 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
MOD - [2008-05-02 22:46:00 | 000,086,016 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvmctray.dll
MOD - [2008-04-15 14:00:00 | 001,267,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comsvcs.dll
MOD - [2008-04-15 14:00:00 | 000,531,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemcore.dll
MOD - [2008-04-15 14:00:00 | 000,510,976 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\System\wab32.dll
MOD - [2008-04-15 14:00:00 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2008-04-15 14:00:00 | 000,409,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\qmgr.dll
MOD - [2008-04-15 14:00:00 | 000,296,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\termsrv.dll
MOD - [2008-04-15 14:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemess.dll
MOD - [2008-04-15 14:00:00 | 000,255,488 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\System\wab32res.dll
MOD - [2008-04-15 14:00:00 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\esscli.dll
MOD - [2008-04-15 14:00:00 | 000,214,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemcomn.dll
MOD - [2008-04-15 14:00:00 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schedsvc.dll
MOD - [2008-04-15 14:00:00 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-15 14:00:00 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\repdrvfs.dll
MOD - [2008-04-15 14:00:00 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srsvc.dll
MOD - [2008-04-15 14:00:00 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmisvc.dll
MOD - [2008-04-15 14:00:00 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msoert2.dll
MOD - [2008-04-15 14:00:00 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiutils.dll
MOD - [2008-04-15 14:00:00 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiaprpl.dll
MOD - [2008-04-15 14:00:00 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-15 14:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\colbact.dll
MOD - [2008-04-15 14:00:00 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\ncprov.dll
MOD - [2008-04-15 14:00:00 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemsvc.dll
MOD - [2008-04-15 14:00:00 | 000,038,400 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
MOD - [2008-04-15 14:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemprox.dll
MOD - [2008-04-15 14:00:00 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\icaapi.dll
MOD - [2008-04-15 14:00:00 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauserv.dll
MOD - [2008-04-15 12:00:00 | 002,953,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\xpsp2res.dll
MOD - [2008-04-15 12:00:00 | 002,843,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msi.dll
MOD - [2008-04-15 12:00:00 | 002,113,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dxdiagn.dll
MOD - [2008-04-15 12:00:00 | 001,852,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\AcGenral.dll
MOD - [2008-04-15 12:00:00 | 001,710,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netshell.dll
MOD - [2008-04-15 12:00:00 | 001,689,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\d3d9.dll
MOD - [2008-04-15 12:00:00 | 001,092,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\esent.dll
MOD - [2008-04-15 12:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
MOD - [2008-04-15 12:00:00 | 001,000,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msgina.dll
MOD - [2008-04-15 12:00:00 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-15 12:00:00 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2008-04-15 12:00:00 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2008-04-15 12:00:00 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sxs.dll
MOD - [2008-04-15 12:00:00 | 000,675,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasdlg.dll
MOD - [2008-04-15 12:00:00 | 000,629,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netcfgx.dll
MOD - [2008-04-15 12:00:00 | 000,586,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mlang.dll
MOD - [2008-04-15 12:00:00 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-15 12:00:00 | 000,520,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptui.dll
MOD - [2008-04-15 12:00:00 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
MOD - [2008-04-15 12:00:00 | 000,483,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsvc.dll
MOD - [2008-04-15 12:00:00 | 000,436,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\d3dim.dll
MOD - [2008-04-15 12:00:00 | 000,433,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\riched20.dll
MOD - [2008-04-15 12:00:00 | 000,430,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\vssapi.dll
MOD - [2008-04-15 12:00:00 | 000,427,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samsrv.dll
MOD - [2008-04-15 12:00:00 | 000,427,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\xpob2res.dll
MOD - [2008-04-15 12:00:00 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll
MOD - [2008-04-15 12:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netlogon.dll
MOD - [2008-04-15 12:00:00 | 000,388,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\themeui.dll
MOD - [2008-04-15 12:00:00 | 000,367,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dsound.dll
MOD - [2008-04-15 12:00:00 | 000,346,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hnetcfg.dll
MOD - [2008-04-15 12:00:00 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-15 12:00:00 | 000,334,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wiaservc.dll
MOD - [2008-04-15 12:00:00 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscui.dll
MOD - [2008-04-15 12:00:00 | 000,330,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipnathlp.dll
MOD - [2008-04-15 12:00:00 | 000,325,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scesrv.dll
MOD - [2008-04-15 12:00:00 | 000,304,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\duser.dll
MOD - [2008-04-15 12:00:00 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll
MOD - [2008-04-15 12:00:00 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-15 12:00:00 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ddraw.dll
MOD - [2008-04-15 12:00:00 | 000,266,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\h323.tsp
MOD - [2008-04-15 12:00:00 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapisrv.dll
MOD - [2008-04-15 12:00:00 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui1.dll
MOD - [2008-04-15 12:00:00 | 000,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasapi32.dll
MOD - [2008-04-15 12:00:00 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-15 12:00:00 | 000,210,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasppp.dll
MOD - [2008-04-15 12:00:00 | 000,208,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsaenh.dll
MOD - [2008-04-15 12:00:00 | 000,207,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\unimdm.tsp
MOD - [2008-04-15 12:00:00 | 000,198,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netman.dll
MOD - [2008-04-15 12:00:00 | 000,197,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\certcli.dll
MOD - [2008-04-15 12:00:00 | 000,195,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msutb.dll
MOD - [2008-04-15 12:00:00 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\activeds.dll
MOD - [2008-04-15 12:00:00 | 000,186,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scecli.dll
MOD - [2008-04-15 12:00:00 | 000,186,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasmans.dll
MOD - [2008-04-15 12:00:00 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipsecsvc.dll
MOD - [2008-04-15 12:00:00 | 000,181,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapi32.dll
MOD - [2008-04-15 12:00:00 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winmm.dll
MOD - [2008-04-15 12:00:00 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTFIME.IME
MOD - [2008-04-15 12:00:00 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\w32time.dll
MOD - [2008-04-15 12:00:00 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll
MOD - [2008-04-15 12:00:00 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\credui.dll
MOD - [2008-04-15 12:00:00 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-15 12:00:00 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wiavusd.dll
MOD - [2008-04-15 12:00:00 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\onex.dll
MOD - [2008-04-15 12:00:00 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntshrui.dll
MOD - [2008-04-15 12:00:00 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imagehlp.dll
MOD - [2008-04-15 12:00:00 | 000,143,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\adsldpc.dll
MOD - [2008-04-15 12:00:00 | 000,140,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc_os.dll
MOD - [2008-04-15 12:00:00 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dssenh.dll
MOD - [2008-04-15 12:00:00 | 000,133,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\upnp.dll
MOD - [2008-04-15 12:00:00 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eappcfg.dll
MOD - [2008-04-15 12:00:00 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dhcpcsvc.dll
MOD - [2008-04-15 12:00:00 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll
MOD - [2008-04-15 12:00:00 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\umpnpmgr.dll
MOD - [2008-04-15 12:00:00 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oledlg.dll
MOD - [2008-04-15 12:00:00 | 000,122,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\stobject.dll
MOD - [2008-04-15 12:00:00 | 000,122,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvfw32.dll
MOD - [2008-04-15 12:00:00 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll
MOD - [2008-04-15 12:00:00 | 000,116,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mstlsapi.dll
MOD - [2008-04-15 12:00:00 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mapi32.dll
MOD - [2008-04-15 12:00:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008-04-15 12:00:00 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2008-04-15 12:00:00 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32spl.dll
MOD - [2008-04-15 12:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscdll.dll
MOD - [2008-04-15 12:00:00 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winscard.dll
MOD - [2008-04-15 12:00:00 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\loadperf.dll
MOD - [2008-04-15 12:00:00 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcint.dll
MOD - [2008-04-15 12:00:00 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\actxprxy.dll
MOD - [2008-04-15 12:00:00 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psbase.dll
MOD - [2008-04-15 12:00:00 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iphlpapi.dll
MOD - [2008-04-15 12:00:00 | 000,093,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wlnotify.dll
MOD - [2008-04-15 12:00:00 | 000,091,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mydocs.dll
MOD - [2008-04-15 12:00:00 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\trkwks.dll
MOD - [2008-04-15 12:00:00 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mprapi.dll
MOD - [2008-04-15 12:00:00 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-15 12:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2_32.dll
MOD - [2008-04-15 12:00:00 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui0.dll
MOD - [2008-04-15 12:00:00 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscsvc.dll
MOD - [2008-04-15 12:00:00 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browser.dll
MOD - [2008-04-15 12:00:00 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\qutil.dll
MOD - [2008-04-15 12:00:00 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolss.dll
MOD - [2008-04-15 12:00:00 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetpp.dll
MOD - [2008-04-15 12:00:00 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.dll
MOD - [2008-04-15 12:00:00 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wlanapi.dll
MOD - [2008-04-15 12:00:00 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sti.dll
MOD - [2008-04-15 12:00:00 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browselc.dll
MOD - [2008-04-15 12:00:00 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdsapi.dll
MOD - [2008-04-15 12:00:00 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shimeng.dll
MOD - [2008-04-15 12:00:00 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptnet.dll
MOD - [2008-04-15 12:00:00 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll
MOD - [2008-04-15 12:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptsvc.dll
MOD - [2008-04-15 12:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\authz.dll
MOD - [2008-04-15 12:00:00 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasqec.dll
MOD - [2008-04-15 12:00:00 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasman.dll
MOD - [2008-04-15 12:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cabinet.dll
MOD - [2008-04-15 12:00:00 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mpr.dll
MOD - [2008-04-15 12:00:00 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\devenum.dll
MOD - [2008-04-15 12:00:00 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\resutils.dll
MOD - [2008-04-15 12:00:00 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rastapi.dll
MOD - [2008-04-15 12:00:00 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clusapi.dll
MOD - [2008-04-15 12:00:00 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ndptsp.tsp
MOD - [2008-04-15 12:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eventlog.dll
MOD - [2008-04-15 12:00:00 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winsta.dll
MOD - [2008-04-15 12:00:00 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42loc.dll
MOD - [2008-04-15 12:00:00 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsapi.dll
MOD - [2008-04-15 12:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
MOD - [2008-04-15 12:00:00 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\xmlprovi.dll
MOD - [2008-04-15 12:00:00 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\regapi.dll
MOD - [2008-04-15 12:00:00 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cnbjmon.dll
MOD - [2008-04-15 12:00:00 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msprivs.dll
MOD - [2008-04-15 12:00:00 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tcpmon.dll
MOD - [2008-04-15 12:00:00 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rtutils.dll
MOD - [2008-04-15 12:00:00 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlanman.dll
MOD - [2008-04-15 12:00:00 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\audiosrv.dll
MOD - [2008-04-15 12:00:00 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfctrs.dll
MOD - [2008-04-15 12:00:00 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eappprxy.dll
MOD - [2008-04-15 12:00:00 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sens.dll
MOD - [2008-04-15 12:00:00 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\AcAdProc.dll
MOD - [2008-04-15 12:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ncobjapi.dll
MOD - [2008-04-15 12:00:00 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfproc.dll
MOD - [2008-04-15 12:00:00 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ssdpapi.dll
MOD - [2008-04-15 12:00:00 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pstorsvc.dll
MOD - [2008-04-15 12:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
MOD - [2008-04-15 12:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kmddsp.tsp
MOD - [2008-04-15 12:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptdll.dll
MOD - [2008-04-15 12:00:00 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winipsec.dll
MOD - [2008-04-15 12:00:00 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\traffic.dll
MOD - [2008-04-15 12:00:00 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eapolqec.dll
MOD - [2008-04-15 12:00:00 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hidphone.tsp
MOD - [2008-04-15 12:00:00 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mspatcha.dll
MOD - [2008-04-15 12:00:00 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\batmeter.dll
MOD - [2008-04-15 12:00:00 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\profmap.dll
MOD - [2008-04-15 12:00:00 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfdisk.dll
MOD - [2008-04-15 12:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\utildll.dll
MOD - [2008-04-15 12:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dot3api.dll
MOD - [2008-04-15 12:00:00 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\davclnt.dll
MOD - [2008-04-15 12:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shfolder.dll
MOD - [2008-04-15 12:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfos.dll
MOD - [2008-04-15 12:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcbcp.dll
MOD - [2008-04-15 12:00:00 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wsock32.dll
MOD - [2008-04-15 12:00:00 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-15 12:00:00 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ersvc.dll
MOD - [2008-04-15 12:00:00 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lpk.dll
MOD - [2008-04-15 12:00:00 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.drv
MOD - [2008-04-15 12:00:00 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hid.dll
MOD - [2008-04-15 12:00:00 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2help.dll
MOD - [2008-04-15 12:00:00 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\linkinfo.dll
MOD - [2008-04-15 12:00:00 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wshtcpip.dll
MOD - [2008-04-15 12:00:00 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dimsntfy.dll
MOD - [2008-04-15 12:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-15 12:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\seclogon.dll
MOD - [2008-04-15 12:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\midimap.dll
MOD - [2008-04-15 12:00:00 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wtsapi32.dll
MOD - [2008-04-15 12:00:00 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\nddeapi.dll
MOD - [2008-04-15 12:00:00 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfnet.dll
MOD - [2008-04-15 12:00:00 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\powrprof.dll
MOD - [2008-04-15 12:00:00 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipconf.tsp
MOD - [2008-04-15 12:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winrnr.dll
MOD - [2008-04-15 12:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usbmon.dll
MOD - [2008-04-15 12:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cfgmgr32.dll
MOD - [2008-04-15 12:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pjlmon.dll
MOD - [2008-04-15 12:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
MOD - [2008-04-15 12:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe
MOD - [2008-04-15 12:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drprov.dll
MOD - [2008-04-15 12:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008-04-15 12:00:00 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uniplat.dll
MOD - [2008-04-15 12:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
MOD - [2008-04-15 12:00:00 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasctrs.dll
MOD - [2008-04-15 12:00:00 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfts.dll
MOD - [2008-04-15 12:00:00 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netrap.dll
MOD - [2008-04-15 12:00:00 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pschdprf.dll
MOD - [2008-04-15 12:00:00 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsvpperf.dll
MOD - [2008-04-15 12:00:00 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dot3dlg.dll
MOD - [2008-04-15 12:00:00 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dciman32.dll
MOD - [2008-04-15 12:00:00 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlsapi.dll
MOD - [2008-04-15 12:00:00 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\d3d8thk.dll
MOD - [2008-04-15 12:00:00 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasadhlp.dll
MOD - [2008-04-15 12:00:00 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sensapi.dll
MOD - [2008-04-15 12:00:00 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msidle.dll
MOD - [2008-04-15 12:00:00 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wmi.dll
MOD - [2008-04-15 12:00:00 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapiperf.dll
MOD - [2008-04-15 12:00:00 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc.dll
MOD - [2008-04-15 12:00:00 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msimg32.dll
MOD - [2008-04-14 22:51:58 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdmaud.drv
MOD - [2008-04-14 22:51:54 | 000,129,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ksproxy.ax
MOD - [2008-04-14 22:51:54 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kswdmcap.ax
MOD - [2008-04-14 22:51:32 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
MOD - [2008-04-14 22:50:36 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ksuser.dll
MOD - [2008-04-14 22:50:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hidserv.dll
MOD - [2008-03-28 15:45:38 | 000,106,496 | R--- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 9.0\Reader\logsession.dll
MOD - [2006-11-13 15:57:02 | 000,138,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rapi.dll
MOD - [2006-11-13 15:56:26 | 000,023,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ceutil.dll
MOD - [2006-11-13 14:57:16 | 001,289,000 | ---- | M] (Microsoft Corporation) -- D:\medion\wcescomm.exe
MOD - [2006-11-13 14:57:06 | 000,199,464 | ---- | M] (Microsoft Corporation) -- D:\medion\rapimgr.exe
MOD - [2006-11-13 14:56:28 | 000,025,384 | ---- | M] (Microsoft Corporation) -- D:\medion\tcp2udp.dll
MOD - [2006-11-13 14:56:26 | 000,022,312 | ---- | M] (Microsoft Corporation) -- D:\medion\rapiproxystub.dll
MOD - [2006-11-13 14:56:20 | 000,018,216 | ---- | M] (Microsoft Corporation) -- D:\medion\dtptdns.dll
MOD - [2006-10-18 21:47:22 | 000,133,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WPDShServiceObj.dll
MOD - [2006-10-18 21:47:18 | 000,284,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\PortableDeviceApi.dll
MOD - [2006-10-18 21:47:18 | 000,166,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\PortableDeviceTypes.dll
MOD - [2004-08-31 06:26:36 | 000,233,539 | R--- | M] (Vimicro) -- C:\WINDOWS\system32\VM31bPrp.Ax
MOD - [2004-06-15 08:00:00 | 000,116,736 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\CNMLM61.DLL
MOD - [2004-06-15 08:00:00 | 000,017,920 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD61.DLL
MOD - [2004-06-09 08:37:02 | 000,040,960 | R--- | M] (BIGDOG) -- C:\WINDOWS\VM_STI.EXE
MOD - [2003-10-14 11:52:32 | 002,301,952 | ---- | M] (C-Media Corporation) -- C:\WINDOWS\system\cmicnfg.cpl
MOD - [2003-04-24 13:29:08 | 000,032,768 | ---- | M] (C-Media Corporation) -- C:\WINDOWS\system32\udaprop.dll
MOD - [2003-03-19 06:20:00 | 001,060,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MFC71.dll
MOD - [2003-02-21 13:42:22 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSVCR71.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011-12-04 10:22:08 | 000,855,904 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe -- (vToolbarUpdater)
SRV - [2011-10-12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011-08-31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011-08-02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011-03-18 08:11:02 | 000,947,528 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2011-03-09 18:02:58 | 000,212,352 | ---- | M] (FileOpen Systems Inc.) [Disabled | Stopped] -- C:\Documents and Settings\All Users\Dane aplikacji\FileOpen\Services\FileOpenManagerSvc32.exe -- (FileOpenManagerSvc)
SRV - [2009-06-16 07:38:34 | 000,077,824 | ---- | M] (ActMask Co.,Ltd - [url="HTTP://WWW.ALL2PDF.COM"]HTTP://WWW.ALL2PDF.COM[/url]) [Auto | Running] -- C:\WINDOWS\system32\PrintCtrl.exe -- (Printer Control)
SRV - [2008-06-20 12:08:08 | 000,065,536 | ---- | M] (France Telecom SA) [Auto | Running] -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2011-10-07 06:23:48 | 000,230,608 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2011-10-04 06:21:42 | 000,016,720 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011-09-13 06:30:10 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011-08-31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011-08-08 06:08:58 | 000,040,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011-07-11 01:14:38 | 000,295,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011-07-11 01:14:28 | 000,024,272 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011-07-11 01:14:28 | 000,023,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011-07-11 01:14:26 | 000,134,608 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011-05-21 18:24:14 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2010-06-19 08:30:12 | 000,014,848 | ---- | M] (Siliten) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\InputFilter_FlexDef2b.sys -- (InputFilter_Hid_FlexDef2b) Siliten HID Devices(FlexDef2b)
DRV - [2008-04-14 00:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2006-03-01 19:53:54 | 000,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcandis5.sys -- (PCANDIS5)
DRV - [2006-01-19 17:33:26 | 000,402,432 | R--- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WlanBZXP.sys -- (SG762_XP)
DRV - [2004-09-07 09:11:50 | 000,090,568 | R--- | M] (VM) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbVM31b.sys -- (ZSMC302)
DRV - [2003-09-23 11:38:34 | 000,034,688 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcampr5.sys -- (PCAMPR5)
DRV - [2002-12-27 04:41:00 | 000,026,880 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\viaagp1.sys -- (viaagp1)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [url="http://www.google.com/ie"]http://www.google.com/ie[/url]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = [url="http://www.google.com/ie"]http://www.google.com/ie[/url]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [url="http://www.google.com"]http://www.google.com[/url]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.gazeta.pl/0,0.html?p=125"]http://www.gazeta.pl/0,0.html?p=125[/url]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = [url="http://www.google.com/ie"]http://www.google.com/ie[/url]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = [url="http://www.google.com/ie"]http://www.google.com/ie[/url]
IE - HKCU\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Livebox\SearchURLHook\SearchPageURL.dll ()
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.775: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.775: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0: C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.775: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010-09-05 17:42:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2011-11-04 20:02:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\Documents and Settings\All Users\Dane aplikacji\AVG Secure Search\9.0.0.18\ [2011-12-04 10:22:24 | 000,000,000 | ---D | M]


[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.63\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.63\gears.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.63\gcswf32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\
CHR - Extension: Szukaj w Google = C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.2\
CHR - Extension: AVG Safe Search = C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1857_0\
CHR - Extension: Gmail = C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\

O1 HOSTS File: ([2008-04-15 12:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\9.0.0.18\AVG Secure Search_toolbar.dll ()
O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\9.0.0.18\AVG Secure Search_toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE (BIGDOG)
O4 - HKLM..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd File not found
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [Launch SilverCrest MTS2219-SL-K] C:\Program Files\SilverCrest MTS2219-SL Driver\KbClient_FD2.exe (Siliten)
O4 - HKLM..\Run: [Launch SilverCrest MTS2219-SL-M] C:\Program Files\SilverCrest MTS2219-SL Driver\MouClient_FD2.exe (Siliten)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [ORAHSSSessionManager] C:\Program Files\Livebox\SessionManager\SessionManager.exe (France Telecom SA)
O4 - HKLM..\Run: [PrintDisp] C:\WINDOWS\system32\PrintDisp.exe (ActMask Co.,Ltd - [url="http://www.all2pdf.com"]http://www.all2pdf.com[/url])
O4 - HKLM..\Run: [TkBellExe] "C:\Program Files\Real Alternative\Update_OB\realsched.exe" -osboot File not found
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe ()
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [H/PC Connection Agent] D:\medion\Wcescomm.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Scanner Finder.lnk = C:\Program Files\ScanWizard 5\ScannerFinder.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Easy-WebPrint Add To Print List - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint High Speed Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Preview - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Funkcja Google Sidewiki - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html File not found
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\medion\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Utwórz Ulubione dla urządzenia przenośnego... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\medion\INetRepl.dll (Microsoft Corporation)
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} [url="http://kitchenplanner.ikea.com/PL/Core/Player/2020PlayerAX_IKEA_Win32.cab"]http://kitchenplanne..._IKEA_Win32.cab[/url] (20-20 3D Viewer for IKEA)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [url="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab"]http://download.macr...ash/swflash.cab[/url] (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 0.0.0.0
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{91426ABC-68C9-4790-9FF4-737C2A759427}: DhcpNameServer = 192.168.1.1 0.0.0.0
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\9.0.1\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-04-24 10:23:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found


SafeBootMin: AppMgmt - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: AppMgmt - File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2011-12-18 21:56:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Dane aplikacji\Malwarebytes
[2011-12-18 21:55:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes' Anti-Malware
[2011-12-18 21:55:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
[2011-12-18 21:55:48 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011-12-18 21:55:48 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011-12-18 21:38:18 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011-12-18 21:38:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Menu Start\Programy\HiJackThis
[2011-12-18 21:25:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Dane aplikacji\Apple Computer
[2011-12-18 21:21:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\QuickTime
[2011-12-18 21:16:37 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2011-12-18 21:16:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Apple Computer
[2011-12-18 21:15:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2011-12-18 21:15:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\Apple
[2011-12-18 21:15:13 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2011-12-18 21:15:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Apple
[2011-12-18 21:14:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\Apple Computer
[2011-12-18 18:41:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\nvidia icons
[2011-12-18 18:19:56 | 000,000,000 | -HSD | C] -- C:\FOUND.034
[2011-12-18 17:57:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\NapiProjekt
[2011-12-18 17:57:47 | 000,000,000 | ---D | C] -- C:\Program Files\NapiProjekt
[2011-12-18 11:31:51 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Właściciel\Recent
[2011-12-04 10:53:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Dane aplikacji\AVG Secure Search
[2011-12-04 10:22:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cache
[2011-12-04 10:22:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG Secure Search
[2011-12-01 20:13:54 | 000,000,000 | -HSD | C] -- C:\FOUND.033
[2011-11-04 20:05:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\AVG 2012
[2011-11-04 20:04:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVG Secure Search
[2011-11-04 20:04:54 | 000,000,000 | ---D | C] -- C:\Program Files\AVG Secure Search
[2011-11-04 20:02:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Dane aplikacji\AVG2012
[2011-11-04 19:59:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG2012
[2011-11-01 07:10:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\20-20 Technologies
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2011-12-20 19:55:10 | 000,000,472 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{9893095B-8A5A-409F-B9B3-853C4E3B8ACF}.job
[2011-12-20 19:41:04 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011-12-20 15:03:16 | 000,175,314 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011-12-20 15:02:42 | 000,001,040 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011-12-20 15:02:42 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1454471165-854245398-1177238915-1003.job
[2011-12-20 15:02:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011-12-20 15:02:08 | 1073,270,784 | -HS- | M] () -- C:\hiberfil.sys
[2011-12-19 22:08:04 | 000,199,551 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\Drucken - Gmail - Zamówienie ze sklepu Electromarket.pdf
[2011-12-18 23:30:06 | 000,000,296 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1454471165-854245398-1177238915-1003.job
[2011-12-18 21:55:54 | 000,000,688 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2011-12-18 21:50:26 | 000,002,453 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\HiJackThis.lnk
[2011-12-18 21:21:36 | 000,001,508 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\QuickTime Player.lnk
[2011-12-18 18:43:34 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011-12-18 18:41:34 | 000,001,078 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Play Portal Now.lnk
[2011-12-18 18:21:12 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011-12-18 17:57:58 | 000,000,561 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\NapiProjekt.lnk
[2011-12-18 17:57:36 | 000,874,496 | ---- | M] () -- C:\WINDOWS\is-N0TCI.exe
[2011-12-18 17:57:36 | 000,011,761 | ---- | M] () -- C:\WINDOWS\is-N0TCI.msg
[2011-12-18 17:57:36 | 000,002,388 | ---- | M] () -- C:\WINDOWS\is-N0TCI.lst
[2011-12-18 17:57:36 | 000,000,598 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\ALLPlayer V5.0.lnk
[2011-12-18 17:54:54 | 000,080,384 | ---- | M] () -- C:\WINDOWS\System32\mkzlib.dll
[2011-12-18 17:54:52 | 000,024,576 | ---- | M] () -- C:\WINDOWS\System32\mkunicode.dll
[2011-12-18 09:55:22 | 000,000,040 | ---- | M] () -- C:\Documents and Settings\All Users\Dokumenty\_rgpl
[2011-12-17 18:50:54 | 000,001,717 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk
[2011-12-14 22:56:30 | 000,114,968 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011-12-14 15:32:40 | 000,000,636 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\AVG 2012.lnk
[2011-11-20 15:52:44 | 000,080,896 | ---- | M] () -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-10-31 08:53:44 | 000,044,544 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\noname3
[2011-10-31 08:53:34 | 000,045,056 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\noname1
[2011-10-31 08:53:16 | 000,045,056 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\noname
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011-12-19 22:08:01 | 000,199,551 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\Drucken - Gmail - Zamówienie ze sklepu Electromarket.pdf
[2011-12-18 21:55:53 | 000,000,688 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2011-12-18 21:38:18 | 000,002,453 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\HiJackThis.lnk
[2011-12-18 21:21:34 | 000,001,508 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\QuickTime Player.lnk
[2011-12-18 21:15:16 | 000,001,830 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Apple Software Update.lnk
[2011-12-18 18:43:21 | 1073,270,784 | -HS- | C] () -- C:\hiberfil.sys
[2011-12-18 18:41:32 | 000,001,078 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Play Portal Now.lnk
[2011-12-18 18:26:42 | 000,182,347 | ---- | C] () -- C:\WINDOWS\System32\nvapps.nvb
[2011-12-18 18:21:11 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011-12-18 17:57:57 | 000,000,561 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\NapiProjekt.lnk
[2011-12-18 17:57:35 | 000,874,496 | ---- | C] () -- C:\WINDOWS\is-N0TCI.exe
[2011-12-18 17:57:35 | 000,011,761 | ---- | C] () -- C:\WINDOWS\is-N0TCI.msg
[2011-12-18 17:57:35 | 000,002,388 | ---- | C] () -- C:\WINDOWS\is-N0TCI.lst
[2011-12-18 17:57:34 | 000,000,598 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\ALLPlayer V5.0.lnk
[2011-12-18 09:55:21 | 000,000,040 | ---- | C] () -- C:\Documents and Settings\All Users\Dokumenty\_rgpl
[2011-11-04 20:05:07 | 000,000,636 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\AVG 2012.lnk
[2011-10-31 08:53:42 | 000,044,544 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\noname3
[2011-10-31 08:53:33 | 000,045,056 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\noname1
[2011-10-31 08:53:12 | 000,045,056 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\noname
[2011-09-15 18:33:58 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Właściciel\Dane aplikacji\$_hpcst$.hpc
[2010-12-23 09:57:27 | 001,391,616 | ---- | C] () -- C:\WINDOWS\System32\ActPDF.dll
[2010-12-23 09:55:40 | 000,691,200 | ---- | C] () -- C:\WINDOWS\System32\PrintLog.exe
[2010-12-23 09:55:40 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\PrtPass.exe
[2010-12-22 20:21:02 | 000,207,360 | ---- | C] () -- C:\WINDOWS\System32\evrprop.dll
[2010-12-22 20:20:04 | 000,080,384 | ---- | C] () -- C:\WINDOWS\System32\mkzlib.dll
[2010-12-22 20:20:01 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\mkunicode.dll
[2010-12-22 20:11:07 | 000,644,608 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010-12-22 20:11:06 | 000,258,048 | ---- | C] () -- C:\WINDOWS\System32\libFLAC.dll
[2010-10-16 08:04:10 | 000,000,112 | ---- | C] () -- C:\WINDOWS\SCRABMAN.INI
[2010-09-24 18:37:13 | 000,067,584 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010-09-23 17:32:39 | 000,000,050 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2010-07-05 17:55:56 | 000,000,035 | ---- | C] () -- C:\WINDOWS\Ulead32.INI
[2010-07-05 17:55:25 | 000,000,039 | ---- | C] () -- C:\WINDOWS\System32\mscandc.ini
[2010-04-27 20:48:00 | 000,080,896 | ---- | C] () -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-04-26 19:58:46 | 000,044,491 | ---- | C] () -- C:\WINDOWS\System32\MiiIniFile13.ini
[2010-04-26 19:58:38 | 000,285,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\Onsio.sys
[2010-04-26 19:58:38 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\drivers\Onsreged.sys
[2010-04-26 19:37:50 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS61.DLL
[2010-04-24 17:02:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2010-04-24 16:34:44 | 000,118,784 | ---- | C] () -- C:\WINDOWS\ShowBmp.exe
[2010-04-24 16:34:44 | 000,014,385 | ---- | C] () -- C:\WINDOWS\Tw561a.ini
[2010-04-24 16:34:44 | 000,000,081 | ---- | C] () -- C:\WINDOWS\Setup8a.ini
[2010-04-24 15:34:56 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010-04-24 15:15:01 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll.old
[2010-04-24 14:36:31 | 000,000,427 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010-04-24 14:28:34 | 000,049,152 | R--- | C] () -- C:\WINDOWS\amcap.exe
[2010-04-24 14:28:34 | 000,024,576 | R--- | C] () -- C:\WINDOWS\System32\RunSetup.dll
[2010-04-24 12:12:05 | 000,000,092 | ---- | C] () -- C:\WINDOWS\CMISETUP.INI
[2010-04-24 12:12:05 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CMCDPLAY.INI
[2010-04-24 12:12:03 | 000,233,472 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.exe
[2010-04-24 12:12:03 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll
[2010-04-24 12:12:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Wininit.ini
[2010-04-24 12:12:02 | 000,266,240 | ---- | C] () -- C:\WINDOWS\CMIUninstall.exe
[2010-04-24 12:12:02 | 000,225,280 | ---- | C] () -- C:\WINDOWS\CmiRmRedundDir.exe
[2010-04-24 12:12:02 | 000,028,672 | ---- | C] () -- C:\WINDOWS\CMIRmDriver.dll
[2010-04-24 10:27:15 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010-04-24 10:20:12 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010-04-24 10:01:58 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010-04-24 10:00:46 | 000,114,968 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008-04-15 12:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2008-04-15 12:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008-04-15 12:00:00 | 000,355,486 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat
[2008-04-15 12:00:00 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat
[2008-04-15 12:00:00 | 000,311,604 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008-04-15 12:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008-04-15 12:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008-04-15 12:00:00 | 000,049,492 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat
[2008-04-15 12:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008-04-15 12:00:00 | 000,039,992 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008-04-15 12:00:00 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat
[2008-04-15 12:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008-04-15 12:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008-04-15 12:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2008-04-15 12:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008-04-15 12:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2006-10-22 12:22:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006-10-22 12:22:00 | 001,630,208 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2006-10-22 12:22:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006-10-22 12:22:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2006-10-22 12:22:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006-10-22 12:22:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006-10-22 12:22:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006-10-22 12:22:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2006-10-22 12:22:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2006-10-22 12:22:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[1999-01-22 18:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

[color=#E56717]========== LOP Check ==========[/color]

[2010-04-24 15:03:52 | 000,000,000 | RHSD | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2010-05-08 22:33:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\WinZip
[2010-07-23 17:10:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Panda Security
[2010-10-15 14:47:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MFAData
[2010-10-15 14:55:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG Security Toolbar
[2010-10-15 14:56:18 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files
[2010-12-22 20:12:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ALLConverter
[2010-12-23 09:55:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Iceni
[2011-02-27 10:47:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\e-file
[2011-05-09 20:28:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\FileOpen
[2011-05-21 18:23:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2011-11-04 20:00:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG2012
[2011-12-04 10:22:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG Secure Search
[2010-04-24 20:25:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\Panda Security
[2010-08-23 21:10:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\BESTplayer
[2010-12-23 09:55:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\Iceni
[2011-05-09 20:30:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\FileOpen
[2011-05-21 18:23:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\DAEMON Tools Lite
[2011-09-15 18:33:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\GoPal Assistant
[2011-11-04 20:02:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\AVG2012
[2011-12-04 10:53:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\AVG Secure Search
[2011-12-20 19:55:10 | 000,000,472 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{9893095B-8A5A-409F-B9B3-853C4E3B8ACF}.job

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2011-12-20 15:02:06 | 805,306,368 | -HS- | M] () -- C:\pagefile.sys
[2008-04-15 12:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2008-04-15 12:00:00 | 000,251,152 | RHS- | M] () -- C:\ntldr
[2008-04-15 12:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2010-04-24 10:10:56 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010-04-24 10:23:08 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010-04-24 10:23:08 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010-04-24 10:23:08 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010-04-24 10:23:08 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2011-12-20 15:02:08 | 1073,270,784 | -HS- | M] () -- C:\hiberfil.sys


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2008-04-15 12:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2008-04-15 12:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008-04-15 12:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2008-04-15 12:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2008-04-15 12:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2008-04-15 12:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008-04-15 12:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2009-12-22 20:39:20 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\system32\dllcache\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2008-04-15 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008-04-15 12:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-04-15 12:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008-04-15 12:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2008-04-15 14:00:00 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008-04-15 12:00:00 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe

< End of report >

[i][b][/log][/b][/i]

RSIT:

[i][b][log][/b][/i]

[i][b]info.txt logfile of random's system information tool 1.09 2011-12-20 20:17:36[/b][/i]

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
7-Zip 4.65-->"C:\Program Files\7-Zip\Uninstall.exe"
ABBYY FineReader 6.0 Sprint-->MsiExec.exe /X{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
ABBYY FineReader OCR Engine for ScanWizard-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{345C90FB-FA10-11D5-9C2A-0080C85A0C2D}\setup.exe"
Adobe Reader 9.4.4-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A94000000001}
Aktualizacja dla systemu Windows Internet Explorer 8 (KB976662)-->"C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe"
Aktualizacja dla systemu Windows Internet Explorer 8 (KB980182)-->"C:\WINDOWS\ie8updates\KB980182-IE8\spuninst\spuninst.exe"
Aktualizacja dla systemu Windows Internet Explorer 8 (KB980302)-->"C:\WINDOWS\ie8updates\KB980302-IE8\spuninst\spuninst.exe"
Aktualizacja dla systemu Windows XP (KB2467659)-->"C:\WINDOWS\$NtUninstallKB2467659$\spuninst\spuninst.exe"
Aktualizacja dla systemu Windows XP (KB2541763)-->"C:\WINDOWS\$NtUninstallKB2541763$\spuninst\spuninst.exe"
Aktualizacja dla systemu Windows XP (KB2607712)-->"C:\WINDOWS\$NtUninstallKB2607712$\spuninst\spuninst.exe"
Aktualizacja dla systemu Windows XP (KB2616676)-->"C:\WINDOWS\$NtUninstallKB2616676$\spuninst\spuninst.exe"
Aktualizacja dla systemu Windows XP (KB2641690)-->"C:\WINDOWS\$NtUninstallKB2641690$\spuninst\spuninst.exe"
Aktualizacja dla systemu Windows XP (KB971029)-->"C:\WINDOWS\$NtUninstallKB971029$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla Microsoft Windows (KB2564958)-->"C:\WINDOWS\$NtUninstallKB2564958$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB2183461)-->"C:\WINDOWS\ie8updates\KB2183461-IE8\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB2360131)-->"C:\WINDOWS\ie8updates\KB2360131-IE8\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB2416400)-->"C:\WINDOWS\ie8updates\KB2416400-IE8\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB2482017)-->"C:\WINDOWS\ie8updates\KB2482017-IE8\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB2497640)-->"C:\WINDOWS\ie8updates\KB2497640-IE8\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB2510531)-->"C:\WINDOWS\ie8updates\KB2510531-IE8\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB2530548)-->"C:\WINDOWS\ie8updates\KB2530548-IE8\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB2544521)-->"C:\WINDOWS\ie8updates\KB2544521-IE8\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB2559049)-->"C:\WINDOWS\ie8updates\KB2559049-IE8\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB2586448)-->"C:\WINDOWS\ie8updates\KB2586448-IE8\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB2618444)-->"C:\WINDOWS\ie8updates\KB2618444-IE8\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB981332)-->"C:\WINDOWS\ie8updates\KB981332-IE8\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB982381)-->"C:\WINDOWS\ie8updates\KB982381-IE8\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2296199)-->"C:\WINDOWS\$NtUninstallKB2296199$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2393802)-->"C:\WINDOWS\$NtUninstallKB2393802$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2412687)-->"C:\WINDOWS\$NtUninstallKB2412687$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2419632)-->"C:\WINDOWS\$NtUninstallKB2419632$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2423089)-->"C:\WINDOWS\$NtUninstallKB2423089$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2436673)-->"C:\WINDOWS\$NtUninstallKB2436673$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2440591)-->"C:\WINDOWS\$NtUninstallKB2440591$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2443105)-->"C:\WINDOWS\$NtUninstallKB2443105$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2476490)-->"C:\WINDOWS\$NtUninstallKB2476490$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2476687)-->"C:\WINDOWS\$NtUninstallKB2476687$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2478960)-->"C:\WINDOWS\$NtUninstallKB2478960$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2478971)-->"C:\WINDOWS\$NtUninstallKB2478971$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2479628)-->"C:\WINDOWS\$NtUninstallKB2479628$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2479943)-->"C:\WINDOWS\$NtUninstallKB2479943$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2481109)-->"C:\WINDOWS\$NtUninstallKB2481109$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2483185)-->"C:\WINDOWS\$NtUninstallKB2483185$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2485376)-->"C:\WINDOWS\$NtUninstallKB2485376$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2485663)-->"C:\WINDOWS\$NtUninstallKB2485663$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2503658)-->"C:\WINDOWS\$NtUninstallKB2503658$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2503665)-->"C:\WINDOWS\$NtUninstallKB2503665$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2506212)-->"C:\WINDOWS\$NtUninstallKB2506212$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2506223)-->"C:\WINDOWS\$NtUninstallKB2506223$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2507618)-->"C:\WINDOWS\$NtUninstallKB2507618$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2507938)-->"C:\WINDOWS\$NtUninstallKB2507938$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2508272)-->"C:\WINDOWS\$NtUninstallKB2508272$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2508429)-->"C:\WINDOWS\$NtUninstallKB2508429$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2509553)-->"C:\WINDOWS\$NtUninstallKB2509553$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2511455)-->"C:\WINDOWS\$NtUninstallKB2511455$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2524375)-->"C:\WINDOWS\$NtUninstallKB2524375$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2535512)-->"C:\WINDOWS\$NtUninstallKB2535512$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2536276)-->"C:\WINDOWS\$NtUninstallKB2536276$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2536276-v2)-->"C:\WINDOWS\$NtUninstallKB2536276-v2$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2544893)-->"C:\WINDOWS\$NtUninstallKB2544893$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2544893-v2)-->"C:\WINDOWS\$NtUninstallKB2544893-v2$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2555917)-->"C:\WINDOWS\$NtUninstallKB2555917$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2562937)-->"C:\WINDOWS\$NtUninstallKB2562937$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2566454)-->"C:\WINDOWS\$NtUninstallKB2566454$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2567053)-->"C:\WINDOWS\$NtUninstallKB2567053$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2567680)-->"C:\WINDOWS\$NtUninstallKB2567680$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2570222)-->"C:\WINDOWS\$NtUninstallKB2570222$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2570947)-->"C:\WINDOWS\$NtUninstallKB2570947$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2592799)-->"C:\WINDOWS\$NtUninstallKB2592799$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2618451)-->"C:\WINDOWS\$NtUninstallKB2618451$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2619339)-->"C:\WINDOWS\$NtUninstallKB2619339$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2620712)-->"C:\WINDOWS\$NtUninstallKB2620712$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2624667)-->"C:\WINDOWS\$NtUninstallKB2624667$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2633171)-->"C:\WINDOWS\$NtUninstallKB2633171$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2639417)-->"C:\WINDOWS\$NtUninstallKB2639417$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
ALLConverter PRO 1.0-->"C:\Program Files\ALLConverter PRO\unins000.exe"
ALLPlayer V5.X-->"C:\Program Files\ALLPlayer\unins000.exe"
Apple Application Support-->MsiExec.exe /I{A83279FD-CA4B-4206-9535-90974DE76654}
Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
Archiwizator WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Assistant 5.05.010-->D:\Assistant\Uninstall.exe
AVG 2012-->"C:\Program Files\AVG\AVG2012\avgmfapx.exe" /AppMode=SETUP /Uninstall
AVG 2012-->MsiExec.exe /I{4E74D41C-5864-4561-9F6B-069372513A0B}
AVG 2012-->MsiExec.exe /I{8398852A-7B61-4808-8F58-D0A40D1B2CB6}
Canon Camera Support Core Library-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{91F1A0D6-23AD-49FE-8D4E-379485652214} /l1033
Canon Camera Window DS for ZoomBrowser EX-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{91203BD3-6C3E-472F-ADBD-F60FDC7C4010}
Canon Camera Window DVC for ZoomBrowser EX-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{4C96958A-6562-4143-B820-FF4890D3B734}
Canon Camera Window for ZoomBrowser EX-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{C7281207-4AA4-425E-B57A-0E9EF8445635}
Canon Internet Library for ZoomBrowser EX-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{2F81FBFC-9A37-431F-9050-14B55485DF5A}
Canon MovieEdit Task for ZoomBrowser EX-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{8AF1E098-1A5C-4336-BBE2-D047ABB401ED}
Canon PhotoRecord-->MsiExec.exe /X{0878E100-C0BB-41E8-B4C6-C486B61FDA7B}
Canon PIXMA iP3000-->C:\WINDOWS\system32\CNMCP61.exe "-PRINTERNAMECanon PIXMA iP3000" "-HELPERDLLC:\BJPrinter\CNMWINDOWS\Canon PIXMA iP3000 Installer\Inst2\cnmis.dll" "-RCDLLC:\BJPrinter\CNMWINDOWS\Canon PIXMA iP3000 Installer\Inst2\cnmi0415.dll"
Canon RAW Image Task for ZoomBrowser EX-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{45EF4EE3-F591-4B74-A477-0CAE12934CE7}
Canon RemoteCapture Task for ZoomBrowser EX-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{28291BD5-92D2-4685-82DC-CCA925C53CCA}
Canon Utilities PhotoStitch 3.1-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{218BBBE3-FE63-4BB2-81A8-7435575A84FA}
Canon ZoomBrowser EX-->MsiExec.exe /X{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
CD-LabelPrint-->"C:\Program Files\Canon\CD-LabelPrint\Uninstal.exe" Canon.CDLabelPrint.Application
C-Media 3D Audio-->C:\WINDOWS\CMIUnInstall.exe
DAEMON Tools Lite-->C:\Program Files\DAEMON Tools Lite\uninst.exe
Easy-WebPrint-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Canon\Easy-WebPrint\Uninst.isu"
ffdshow [rev 2754] [2009-03-10]-->"C:\Program Files\ffdshow\unins000.exe"
FileOpen Client-->MsiExec.exe /X{ABC082A6-A587-493C-83C1-5F2C60A8BAA8}
Google Chrome-->"C:\Program Files\Google\Chrome\Application\16.0.912.63\Installer\setup.exe" --uninstall --multi-install --chrome --system-level
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7}
ICatch (VI) PC Camera-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F48C6EA5-3B43-11D6-86A6-0050BA0259A2}\setup.exe"
Infix 4.19-->"C:\Program Files\Iceni\Infix4\unins000.exe"
Java™ 6 Update 26-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216023FF}
Livebox-->C:\Program Files\Livebox\installation\core\Installgui.exe -u
Malwarebytes' Anti-Malware wersja 1.51.2.1300-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft ActiveSync-->MsiExec.exe /I{99052DB7-9592-4522-A558-5417BBAD48EE}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office 2000 Premium-->MsiExec.exe /I{00000415-78E1-11D2-B60F-006097C998E7}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
NapiProjekt 2.0.0 (build 2151)-->"C:\Program Files\NapiProjekt\unins000.exe"
Nero - Burning Rom-->MsiExec.exe /X{A4D7B764-4140-11D4-88EB-0050DA3579C0}
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe"
Poprawka dla systemu Windows XP (KB2443685)-->"C:\WINDOWS\$NtUninstallKB2443685$\spuninst\spuninst.exe"
Poprawka dla systemu Windows XP (KB2570791)-->"C:\WINDOWS\$NtUninstallKB2570791$\spuninst\spuninst.exe"
Poprawka dla systemu Windows XP (KB2633952)-->"C:\WINDOWS\$NtUninstallKB2633952$\spuninst\spuninst.exe"
Profesor Henry 6.0 Rozumienie ze słuchu i konwersacje-->"C:\Program Files\Edgard\Profesor Henry 6.0 Rozumienie ze słuchu i konwersacje\unins000.exe"
QuickTime-->MsiExec.exe /I{7BE15435-2D3E-4B58-867F-9C75BED0208C}
Real Alternative 1.9.0 Lite-->"C:\Program Files\Real Alternative\unins000.exe"
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|12.0
RealUpgrade 1.0-->MsiExec.exe /I{F4F4F84E-804F-4E9A-84D7-C34283F0088F}
ScanWizard 5-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B08D262E-D902-11D5-9C28-0080C85A0C2D}\setup.exe"
SilverCrest MTS2219-SL Driver-->"C:\Program Files\InstallShield Installation Information\{1E494817-D81E-4B0E-B379-F34DF4DCDA58}\setup.exe" -runfromtemp -l0x0015 -removeonly
Skype™ 4.2-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
Spelling Dictionaries Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004}
Sun ODF Plugin for Microsoft Office 3.1-->MsiExec.exe /X{DF204E20-C29C-4434-BCFE-D9BAF76CEF8D}
Super Kulki-->"C:\Program Files\Super Kulki\unins000.exe"
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"

======System event log======

Computer Name: W-0CD416825FCE4
Event Code: 4201
Message: System wykrył, że karta sieciowa \DEVICE\TCPIP_{91426ABC-68C9-4790-9FF4-737C2A759427} została podłączona do sieci
i ma zainicjowane normalne działanie na karcie sieciowej.

Record Number: 39015
Source Name: Tcpip
Time Written: 20111122190210.000000+060
Event Type: informacje
User:

Computer Name: W-0CD416825FCE4
Event Code: 4201
Message: System wykrył, że karta sieciowa \DEVICE\TCPIP_{91426ABC-68C9-4790-9FF4-737C2A759427} została podłączona do sieci
i ma zainicjowane normalne działanie na karcie sieciowej.

Record Number: 39014
Source Name: Tcpip
Time Written: 20111122190208.000000+060
Event Type: informacje
User:

Computer Name: W-0CD416825FCE4
Event Code: 35
Message: Usługa czasu synchronizuje teraz czas systemowy z czasem źródła
czasu time.windows.com (ntp.m|0x1|192.168.1.10:123->207.46.250.85:123).

Record Number: 39013
Source Name: W32Time
Time Written: 20111122190019.000000+060
Event Type: informacje
User:

Computer Name: W-0CD416825FCE4
Event Code: 29
Message: Dostawca czasu NtpClient jest skonfigurowany, tak aby pobierać czas z jednego lub kilku
źródeł czasu, jednak żadne ze źródeł jest obecnie niedostępne.
Przez 14 min nie nastąpi próba kontaktu ze źródłem.
NtpClient nie ma źródła dokładnego czasu.

Record Number: 39012
Source Name: W32Time
Time Written: 20111122184531.000000+060
Event Type: błąd
User:

Computer Name: W-0CD416825FCE4
Event Code: 17
Message: Dostawca czasu NtpClient: Wystąpił błąd podczas wyszukiwania serwera DNS
ręcznie skonfigurowanej końcówki „time.windows.com,0x1”. Klient NtpClient ponowi próbę
wyszukania serwera DNS za 15 min.
Wystąpił błąd: Próba przeprowadzenia operacji, wykonywanej przez gniazdo, na nieosiągalnym hoście. (0x80072751)

Record Number: 39011
Source Name: W32Time
Time Written: 20111122184531.000000+060
Event Type: błąd
User:

=====Application event log=====

Computer Name: W-0CD416825FCE4
Event Code: 7
Message: Pomyślnie wykonano automatyczne pobranie aktualizacji numeru sekwencji listy głównej innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>

Record Number: 4004
Source Name: crypt32
Time Written: 20101224204522.000000+060
Event Type: informacje
User:

Computer Name: W-0CD416825FCE4
Event Code: 11707
Message: Product: Solution Disk -- Installation operation completed successfully.

Record Number: 4003
Source Name: MsiInstaller
Time Written: 20101224204513.000000+060
Event Type: informacje
User: W-0CD416825FCE4\Właściciel

Computer Name: W-0CD416825FCE4
Event Code: 11707
Message: Product: ISScript -- Installation operation completed successfully.

Record Number: 4002
Source Name: MsiInstaller
Time Written: 20101224204454.000000+060
Event Type: informacje
User: W-0CD416825FCE4\Właściciel

Computer Name: W-0CD416825FCE4
Event Code: 11707
Message: Product: ISScript -- Installation operation completed successfully.

Record Number: 4001
Source Name: MsiInstaller
Time Written: 20101224204422.000000+060
Event Type: informacje
User: W-0CD416825FCE4\Właściciel

Computer Name: W-0CD416825FCE4
Event Code: 1000
Message: Aplikacja powodująca błąd svchost.exe, wersja 5.1.2600.5512, moduł powodujący błąd unknown, wersja 0.0.0.0, adres błędu 0x5e5262eb.

Record Number: 4000
Source Name: Application Error
Time Written: 20101224200957.000000+060
Event Type: błąd
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 8 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=0801
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------

[i][b][/log][/b][/i]

RSIT LOG:
[i][b][log][/b][/i]
Logfile of random's system information tool 1.09 (written by random/random)
Run by Właściciel at 2011-12-20 20:17:03
Microsoft Windows XP Home Edition Dodatek Service Pack 3
System drive C: has 2 GB (12%) free of 19 GB
Total RAM: 1023 MB (10% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:17:32, on 2011-12-20
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\Program Files\AVG\AVG2012\AVGRSX.EXE
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\VM_STI.EXE
C:\WINDOWS\system32\PrintDisp.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\SilverCrest MTS2219-SL Driver\KbClient_FD2.exe
C:\Program Files\SilverCrest MTS2219-SL Driver\MouClient_FD2.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PrintCtrl.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
D:\medion\Wcescomm.exe
C:\Program Files\ScanWizard 5\ScannerFinder.exe
D:\medion\rapimgr.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\notepad.exe
C:\WINDOWS\notepad.exe
C:\Documents and Settings\Właściciel\Moje dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\Właściciel.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.gazeta.pl/0,0.html?p=125"]http://www.gazeta.pl/0,0.html?p=125[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft....k/?LinkId=69157[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft....k/?LinkId=54896[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft....k/?LinkId=54896[/url]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft....k/?LinkId=69157[/url]
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Livebox\SearchURLHook\SearchPageURL.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\9.0.0.18\AVG Secure Search_toolbar.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: IplexToALLPlayer - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~1\ALLPLA~1\Iplex\IPLEXT~1.DLL
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\9.0.0.18\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [ORAHSSSessionManager] "C:\Program Files\Livebox\SessionManager\SessionManager.exe"
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real Alternative\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [PrintDisp] C:\WINDOWS\system32\PrintDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Launch SilverCrest MTS2219-SL-K] C:\Program Files\SilverCrest MTS2219-SL Driver\KbClient_FD2.exe
O4 - HKLM\..\Run: [Launch SilverCrest MTS2219-SL-M] C:\Program Files\SilverCrest MTS2219-SL Driver\MouClient_FD2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ALLUpdate] "C:\Program Files\ALLPlayer\ALLUpdate.exe" "sleep"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [H/PC Connection Agent] "D:\medion\Wcescomm.exe"
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Scanner Finder.lnk = C:\Program Files\ScanWizard 5\ScannerFinder.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Funkcja Google Sidewiki - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\medion\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\medion\INetRepl.dll
O9 - Extra 'Tools' menuitem: Utwórz Ulubione dla urządzenia przenośnego... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\medion\INetRepl.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} (20-20 3D Viewer for IKEA) - [url="http://kitchenplanner.ikea.com/PL/Core/Player/2020PlayerAX_IKEA_Win32.cab"]http://kitchenplanne..._IKEA_Win32.cab[/url]
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\9.0.1\ViProtocol.dll
O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - Unknown owner - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Usługa Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Usługa Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Printer Control - ActMask Co.,Ltd - [url="HTTP://WWW.ALL2PDF.COM"]HTTP://WWW.ALL2PDF.COM[/url] - C:\WINDOWS\system32\PrintCtrl.exe
O23 - Service: vToolbarUpdater - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe

--
End of file - 11180 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{9893095B-8A5A-409F-B9B3-853C4E3B8ACF}.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1454471165-854245398-1177238915-1003.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1454471165-854245398-1177238915-1003.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-09-05 341600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG2012\avgssie.dll [2011-11-11 1378144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Security Toolbar - C:\Program Files\AVG Secure Search\9.0.0.18\AVG Secure Search_toolbar.dll [2011-12-04 1547104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-04 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF925EF3-7A87-44E4-9CAF-8D7B280BF616}]
IplexToALLPlayer - C:\PROGRA~1\ALLPLA~1\Iplex\IPLEXT~1.DLL [2011-02-09 400384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-05-04 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2004-04-16 405504]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files\AVG Secure Search\9.0.0.18\AVG Secure Search_toolbar.dll [2011-12-04 1547104]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Cmaudio"=RunDll32 cmicnfg.cpl,CMICtrlWnd []
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-02 13529088]
"nwiz"=nwiz.exe /install []
"ORAHSSSessionManager"=C:\Program Files\Livebox\SessionManager\SessionManager.exe [2008-06-10 107248]
"BigDogPath"=C:\WINDOWS\VM_STI.EXE [2004-06-09 40960]
"NeroCheck"=C:\WINDOWS\system32\\NeroCheck.exe [2001-07-09 155648]
"TkBellExe"=C:\Program Files\Real Alternative\Update_OB\realsched.exe -osboot []
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"PrintDisp"=C:\WINDOWS\system32\PrintDisp.exe [2009-08-21 878080]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2011-10-24 421888]
"Launch SilverCrest MTS2219-SL-K"=C:\Program Files\SilverCrest MTS2219-SL Driver\KbClient_FD2.exe [2010-09-03 1424384]
"Launch SilverCrest MTS2219-SL-M"=C:\Program Files\SilverCrest MTS2219-SL Driver\MouClient_FD2.exe [2010-09-03 860672]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]
"AVG_TRAY"=C:\Program Files\AVG\AVG2012\avgtray.exe [2011-12-03 2415456]
"vProt"=C:\Program Files\AVG Secure Search\vprot.exe [2011-12-04 827232]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-05-02 86016]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 59240]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2011-08-31 449608]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-04-06 26102056]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-15 15360]
"ALLUpdate"=C:\Program Files\ALLPlayer\ALLUpdate.exe [2011-08-16 1379840]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"H/PC Connection Agent"=D:\medion\Wcescomm.exe [2006-11-13 1289000]

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE
Scanner Finder.lnk - C:\Program Files\ScanWizard 5\ScannerFinder.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\AVG\AVG10\avgmfapx.exe"="C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:Instalator AVG"
"C:\WINDOWS\System32\RUNDLL32.EXE"="C:\WINDOWS\System32\RUNDLL32.EXE:*:Enabled:Uruchamia plik DLL jako aplikację"
"C:\WINDOWS\System32\dpvsetup.exe"="C:\WINDOWS\System32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\mIRC\mirc.exe"="C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC"
"C:\Program Files\Livebox\Connectivity\ConnectivityManager.exe"="C:\Program Files\Livebox\Connectivity\ConnectivityManager.exe:*:enabled:CSS"
"D:\medion\rapimgr.exe"="D:\medion\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"D:\medion\wcescomm.exe"="D:\medion\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"D:\medion\WCESMgr.exe"="D:\medion\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\AVG\AVG2012\avgmfapx.exe"="C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:Instalator AVG"
"C:\Program Files\AVG\AVG2012\avgnsx.exe"="C:\Program Files\AVG\AVG2012\avgnsx.exe:*:Enabled:Ochrona Sieci"
"C:\Program Files\AVG\AVG2012\avgdiagex.exe"="C:\Program Files\AVG\AVG2012\avgdiagex.exe:*:Enabled:Diagnostyka AVG 2012"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\medion\rapimgr.exe"="D:\medion\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"D:\medion\wcescomm.exe"="D:\medion\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"D:\medion\WCESMgr.exe"="D:\medion\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FFDS"=ff_vfw.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv

======List of files/folders created in the last 1 month======

2011-12-20 20:17:03 ----D---- C:\rsit
2011-12-18 21:56:03 ----D---- C:\Documents and Settings\Właściciel\Dane aplikacji\Malwarebytes
2011-12-18 21:55:51 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
2011-12-18 21:55:48 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-12-18 21:55:48 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2011-12-18 21:38:18 ----D---- C:\Program Files\Trend Micro
2011-12-18 21:25:06 ----D---- C:\Documents and Settings\Właściciel\Dane aplikacji\Apple Computer
2011-12-18 21:16:37 ----D---- C:\Program Files\QuickTime
2011-12-18 21:16:34 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Apple Computer
2011-12-18 21:15:41 ----D---- C:\Program Files\Common Files\Apple
2011-12-18 21:15:13 ----D---- C:\Program Files\Apple Software Update
2011-12-18 21:15:13 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Apple
2011-12-18 18:43:21 ----ASH---- C:\hiberfil.sys
2011-12-18 18:41:32 ----D---- C:\WINDOWS\nvidia icons
2011-12-18 18:21:11 ----A---- C:\WINDOWS\system32\d3d9caps.dat
2011-12-18 18:19:56 ----SHD---- C:\FOUND.034
2011-12-18 17:57:47 ----D---- C:\Program Files\NapiProjekt
2011-12-18 17:57:35 ----A---- C:\WINDOWS\is-N0TCI.exe
2011-12-14 22:17:52 ----HD---- C:\WINDOWS\$NtUninstallKB2639417$
2011-12-14 22:17:44 ----HD---- C:\WINDOWS\$NtUninstallKB2624667$
2011-12-14 22:12:28 ----HD---- C:\WINDOWS\$NtUninstallKB2633952$
2011-12-14 22:12:22 ----HD---- C:\WINDOWS\$NtUninstallKB2619339$
2011-12-14 22:12:15 ----HD---- C:\WINDOWS\$NtUninstallKB2618451$
2011-12-14 22:12:10 ----HD---- C:\WINDOWS\$NtUninstallKB2620712$
2011-12-14 22:11:40 ----HD---- C:\WINDOWS\$NtUninstallKB2633171$
2011-12-04 10:53:45 ----D---- C:\Documents and Settings\Właściciel\Dane aplikacji\AVG Secure Search
2011-12-04 10:22:13 ----D---- C:\WINDOWS\system32\cache
2011-12-04 10:22:09 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\AVG Secure Search
2011-12-01 20:13:54 ----SHD---- C:\FOUND.033

======List of files/folders modified in the last 1 month======

2011-12-20 11:26:56 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-12-18 17:54:54 ----A---- C:\WINDOWS\system32\mkzlib.dll
2011-12-18 17:54:52 ----A---- C:\WINDOWS\system32\mkunicode.dll
2011-12-14 22:12:44 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSEH;AVGIDSEH; C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys [2011-07-11 23120]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx86.sys [2011-09-13 32592]
R0 uagp35;Filtr AGPv3.5 firmy Microsoft; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2008-04-14 44672]
R0 viaagp1;VIA AGP Filter; C:\WINDOWS\system32\DRIVERS\viaagp1.sys [2002-12-27 26880]
R1 AmdK7;Sterownik procesora AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-15 41856]
R1 Avgldx86;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx86.sys [2011-10-07 230608]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx86.sys [2011-08-08 40016]
R1 Avgtdix;AVG TDI Driver; C:\WINDOWS\system32\DRIVERS\avgtdix.sys [2011-07-11 295248]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2011-05-21 218688]
R1 kbdhid;Sterownik klawiatury HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R3 AVGIDSDriver;AVGIDSDriver; C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-11 134608]
R3 AVGIDSFilter;AVGIDSFilter; C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-11 24272]
R3 AVGIDSShim;AVGIDSShim; C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys [2011-10-04 16720]
R3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2003-10-17 754560]
R3 FETNDIS;Sterownik NT karty VIA PCI 10/100Mb Fast Ethernet; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 hidusb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-15 10368]
R3 InputFilter_Hid_FlexDef2b;Siliten HID Devices(FlexDef2b) Driver Service; C:\WINDOWS\system32\DRIVERS\InputFilter_FlexDef2b.sys [2010-06-19 14848]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 mouhid;Sterownik myszy HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-15 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-02 6554496]
R3 SG762_XP;SAGEM 802.11g XG762 1211B Driver; C:\WINDOWS\system32\DRIVERS\WlanBZXP.sys [2006-01-19 402432]
R3 usbaudio;Sterownik audio USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
R3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-15 20608]
R3 ZSMC302;VIMICRO USB PC Camera; C:\WINDOWS\System32\Drivers\usbVM31b.sys [2004-09-07 90568]
S3 CCDECODE;Dekoder napisów; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;Koder-dekoder NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Połączenie TV/wideo firmy Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []
S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbprint;Klasa PRINTER USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Sterownik skanera USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-11-06 28672]
S3 WSTCODEC;Kodery-dekodery teletekstu w standardzie światowym; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 WS2IFSL;Środowisko wspomagające dostawcę usług innych niż IFS - Windows Socket 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-04-15 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
R2 FTRTSVC;France Telecom Routing Table Service; C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [2008-06-20 65536]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-05-04 153376]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-02 159812]
R2 Printer Control;Printer Control; C:\WINDOWS\system32\PrintCtrl.exe [2009-06-16 77824]
R2 vToolbarUpdater;vToolbarUpdater; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe [2011-12-04 855904]
S2 gupdate;Usługa Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-24 135664]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-03-18 947528]
S3 gupdatem;Usługa Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-24 135664]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-04-24 182768]
S3 WMPNetworkSvc;Usługa udostępniania w sieci programu Windows Media Player; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-12-01 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-15 14336]
S4 FileOpenManagerSvc;FileOpenManagerSvc; C:\Documents and Settings\All Users\Dane aplikacji\FileOpen\Services\FileOpenManagerSvc32.exe [2011-03-09 212352]

-----------------EOF-----------------

[i][b][/log][/b][/i]



[i][b]WIELKIE DZIEKI ZA WSZELKA POMOC[/b][/i]

Edytowane przez makavel1983

Quke
komentarz
komentarz

Ja tu nic nie widzę . Dla pewności przeskanuj system jeszcze tym [url="http://www.eset.pl/Pobierz/Dodatkowe_narzedzia/ESET_Online_Scanner"]http://www.eset.pl/Pobierz/Dodatkowe_narzedzia/ESET_Online_Scanner[/url]

Natsuki Kuga
komentarz
komentarz

Spoiler nie chce się otworzyć. Wstaw to na www.wklej.org.

makavel1983
komentarz
komentarz

OTL
[url="http://www.wklej.org/id/651904/"]http://www.wklej.org/id/651904/[/url]

LOG RSIT>
[url="http://www.wklej.org/id/651905/"]http://www.wklej.org/id/651905/[/url]

INFO RSIT
[url="http://www.wklej.org/id/651907/"]http://www.wklej.org/id/651907/[/url]

Natsuki Kuga
komentarz
komentarz

Do OTL wklej:
[code]
:OTL
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.

:Commands
[emptytemp]
[/code]
[b]Wykonaj skrypt,[/b] pokaż raport.

Do [url="http://jpshortstuff.247fixes.com/SystemLook.exe"][b]SystemLook[/b][/url] wklej:
[code]
:dir
C:\WINDOWS
C:\Documents and Settings\All Users\Dokumenty

:file
C:\WINDOWS\system32\mkzlib.dll
C:\WINDOWS\system32\mkunicode.dll
[/code]
[b]Look,[/b] pokaż raport.

Pokaż jeszcze log z Gmer. (w przyklejonych)

Pobierz [url="http://www.hdtune.com/"][b]HDTune[/b][/url] i pokaż screeny ze wszystkich jego zakładek.

Wszystkie pliki z folderu [b]C:\WINDOWS\Minidump[/b] spakuj w archiwum, wrzuć na jakiś serwer (np. mediafire) i podaj link.

  • 2 tygodnie później...
makavel1983
komentarz
komentarz

LOG z OTL:
http://www.wklej.org/id/657166/

Jeszcze jeden LOG z OTL, bo w pierwszym nie poustawialem wszystkich parametrow, tak jak w

opisie na stronie:
http://www.wklej.org/id/657247/

LOG z systemlook
http://www.wklej.org/id/657169/

1. LOG GMER>QUICK SCAN

http://www.wklej.org/id/657215/

2.LOG GMER DYSKI:
http://www.wklej.org/id/657212/

3.LOG GMER USLUGI>
http://www.wklej.org/id/657220/

HDTune - niestety jak go wlaczam system sie zawiesza i pojawia sie blue screen (nie wiem czy

moze miec na to wplyw wymiana kosci RAMU albo karty graf., ktora ostatnio zrobilem - moj

ojciec sie skarzyl, ze kilka razy w tym tyg. po tej wymianie mial takiego samego blue screena)

C:\WINDOWS\Minidump jest pusty (patrzylem tez na pliki ukryte i szukalem folderu na innych dyskach)

Quke
komentarz
komentarz

jak chcesz się pozbyć śmieci z dysku to format dysku na pewno pomoże .

//+20% za namawianie do formatu
//raaz

Natsuki Kuga
komentarz
komentarz (edytowane)

[quote name='Quke' timestamp='1325200281' post='1407589']
jak chcesz się pozbyć śmieci z dysku to format dysku na pewno pomoże .
[/quote]
Skoro każdemu tak chętnie go polecasz, to może sam sobie go zrób i przestań polecać innym? To jest ostateczność, wątpię żeby komukolwiek chciałoby się co tydzień robić backup plików i przeinstalowywać system bo mu wystąpił jakiś drobny problem, a jest śmierdzącym leniem i nie chce poszukać w Google (licząc występowanie u przeciętnego użytkownika komputera).


@Autor
W OTL miało być [b]Wykonaj skrypt,[/b] a nie [b]Skanuj.[/b] Powtórz.

Cały czas widzę na dysku folderu FOUND.*** . To Ty uruchamiasz Scandiska, czy on sam wymusza skanowanie?

Pliki:
[code]
C:\WINDOWS\system32\mkzlib.dll
C:\WINDOWS\system32\mkunicode.dll
C:\WINDOWS\ap561.exe
C:\WINDOWS\ShowBmp.exe
C:\WINDOWS\is-N0TCI.lst
C:\WINDOWS\is-N0TCI.msg
C:\WINDOWS\is-N0TCI.exe
C:\WINDOWS\amcap.exe
[/code]
Przeskanuj na www.virustotal.com i pokaż wyniki.

Wejdź w Start ->PPM na Mój komputer -> Właściwości -> karta Zaawansowane -> Uruchamianie i odzyskiwanie -> Zwaria systemu -> ma być zaznaczone Zapisz zdarzenie do dziennika systemu, odznaczone automatycznie uruchom pownownie, w ścieżce Plik zrzutu ma być %SystemRoot%\MEMORY.DMP . Jeśli BSOD wystąpi, zrób mu zdjęcie + daj pliki z folderu Minidump (bo tak nie wiadomo, o co komputerowi chodzi).

Zamiast HDTune użyj [url="http://www.programosy.pl/program,crystaldiskinfo.html"][b]CrystalDiskInfo.[/b][/url]

Edytowane przez Natsuki Kuga
  • Dobra wypowiedź 1
makavel1983
komentarz
komentarz (edytowane)

1) OTO LOG z wykonania skryptu

[url="http://www.wklej.org/id/659486/"]http://www.wklej.org/id/659486/[/url]

2) Scandiska sam nie uruchamiam.
3) tylko w ponizszym pliku znaleziono trojana> , mam skasowac ten plik?


[size=1]0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is goodware. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is malware.[/size]
File name: [b]amcap.exe[/b]

Submission date: [b]2012-01-02 21:12:31 (UTC)[/b]

Current status: [b]finished[/b]


Result: [b][color=red]1[/color]/ 43 (2.3%[/b]
ByteHero 1.0.0.1 2011.12.31 Trojan.Malware.Win32.xPack.g

Zaraz postaram sie uzupelnic reszte informacji.

Pozdrawiam

________________________________________________________

Oto natomiast screenshot z programu crystal disc info:

[url="http://www.mediafire.com/?cyj1b94ghp10c6c"]http://www.mediafire...cyj1b94ghp10c6c[/url]

Edytowane przez makavel1983
Natsuki Kuga
komentarz
komentarz

Mam rozumieć, że w innych plikach nic nie wykryto?

Dysk zaczyna realokować sektory - to najwyraźniej jest przyczyna włączania się Scandiska i wolnej pracy komputera.

makavel1983
komentarz
komentarz

tak , reszta plikow byla czysta.

Powinienem w takim razie myslec o zakupie nowego dysku ?

Natsuki Kuga
komentarz
komentarz

Zwróć się jeszcze z tym screenem do działu sprzętowego, niech oni to dokładnie ocenią.

Co do tego pliku - przesuń go na razie w inne miejsce. Jeśli nie będzie żadnych błędów o jego braku, skasuj.

W OTL kliknij [b]Sprzątanie[/b]. Inne narzędzia też możesz usunąć.

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.