x-kom hosting

Plansza na poczatku windowsa- problem z mega wirusem

grumilo
utworzono
utworzono

Witam.
Streszcze sytuacje: Zawsze przegladajac poczte dostaje dziwne maile z zagranicy (spam), ale w nie nie wchodze, wczoraj dostalem rowniez (z niemiec), ale w tytule bylo moje imie i nazwisko i adres, wszedlem i pisalo cos o zamowieniu, byly dane i chcialem zobaczyc zalacznik, kliknalem cos sie zainstalowalo i tyle. Po wylaczeniu kompa chce go uruchomic i jest problem:
Windows sie uruchamia normalnie, ale od razu po jego uruchomieniu pojawia sie plansza po niemiecki z jakimis glupotami, oraz na dole miejsce na wpisanie kodu ukash i jeszcze jednego na 100 euro hehe. Problem polega na tym, ze plansza zajmuje caly ekran i nie mam dostepu do niczego z windowsa, nie dziala alt+ctr+del ani nic. Probowalem uruchomic kompa przez awaryjne uruchomienie, ale nie nie da sie tego zrobic. Cudem uruchomilem antywirusa - wylaczalem kompa za pomoca guzika, wyskoczyl blad i pulpit, przeskanowalem go avastem w trybie pelnym, ale i to nie pomoglo. Problem wystepuna na laptopie Samsung NC10. Prosze o pomoc - stawiam dobre piwo.

djmakus
komentarz
komentarz

zastosuj się do zasad tego działu i utwórz odpowiednie logi z OTL http://www.forumpc.pl/index.php?showtopic=104338

[quote] Probowalem uruchomic kompa przez awaryjne uruchomienie, ale nie nie da sie tego zrobic.[/quote]
komp się zawiesza czy coś innego ?

grumilo
komentarz
komentarz (edytowane)

[log]
PRC - [2012-05-17 12:34:12 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ZENON PAWŁOWSKI\Moje dokumenty\Pobieranie\OTL.exe
PRC - [2012-04-25 19:18:29 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012-04-25 19:18:16 | 000,016,824 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2012-04-04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012-04-04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012-03-07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012-03-07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012-01-03 09:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
PRC - [2010-12-10 18:30:50 | 000,086,880 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
PRC - [2010-12-10 18:29:30 | 029,293,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
PRC - [2010-12-10 18:29:30 | 000,238,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
PRC - [2010-11-25 17:39:25 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2010-08-17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2010-05-14 11:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2010-04-30 16:24:22 | 000,138,584 | ---- | M] () -- C:\Program Files\PLAY ONLINE\UIExec.exe
PRC - [2010-04-30 16:20:52 | 000,252,784 | ---- | M] () -- C:\Program Files\PLAY ONLINE\AssistantServices.exe
PRC - [2009-02-09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2009-02-06 12:10:02 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe
PRC - [2008-10-06 19:07:26 | 000,679,936 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
PRC - [2008-04-15 14:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-15 14:00:00 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-15 14:00:00 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe
PRC - [2008-04-15 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008-04-15 14:00:00 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2008-04-15 14:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2008-04-15 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008-04-15 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008-04-15 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-15 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-15 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-15 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2008-04-15 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-15 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [BTHSVCS]
PRC - [2008-04-15 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-15 14:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008-02-29 00:00:16 | 000,256,536 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxsrvc.exe
PRC - [2008-02-29 00:00:10 | 000,170,520 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxext.exe
PRC - [2007-04-01 10:02:36 | 000,273,256 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
PRC - [2006-10-30 15:29:28 | 000,036,864 | ---- | M] () -- C:\Program Files\Samsung\Samsung Network Manager\SNMWLANService.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2012-05-17 12:34:12 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ZENON PAWŁOWSKI\Moje dokumenty\Pobieranie\OTL.exe
MOD - [2012-05-17 12:13:47 | 001,759,232 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12051700\algo.dll
MOD - [2012-05-15 16:14:53 | 001,261,192 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\defs\12051700\aswEngin.dll
MOD - [2012-05-15 16:14:53 | 000,397,016 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\defs\12051700\aswFiDb.dll
MOD - [2012-05-15 16:14:53 | 000,283,240 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\defs\12051700\aswRep.dll
MOD - [2012-05-15 16:14:52 | 000,349,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\defs\12051700\aswCmnBS.dll
MOD - [2012-05-15 16:14:52 | 000,214,736 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\defs\12051700\aswCmnIS.dll
MOD - [2012-05-15 16:14:52 | 000,103,472 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\defs\12051700\aswScan.dll
MOD - [2012-05-15 16:14:52 | 000,101,424 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\defs\12051700\aswCmnOS.dll
MOD - [2012-05-15 16:14:52 | 000,040,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\defs\12051700\uiext.dll
MOD - [2012-05-15 16:14:48 | 000,047,352 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\defs\12051700\ArPot.dll
MOD - [2012-04-26 23:58:49 | 000,120,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswJsFlt.dll
MOD - [2012-04-26 04:23:34 | 000,295,760 | ---- | M] (Movavi) -- C:\Program Files\Movavi Video Converter 11\vcContext.dll
MOD - [2012-04-25 19:18:30 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
MOD - [2012-04-25 19:18:29 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
MOD - [2012-04-25 19:18:28 | 000,269,240 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\freebl3.dll
MOD - [2012-04-25 19:18:27 | 001,952,696 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012-04-25 19:18:27 | 000,043,960 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\mozglue.dll
MOD - [2012-04-25 19:18:27 | 000,016,312 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\mozalloc.dll
MOD - [2012-04-25 19:18:25 | 000,838,584 | ---- | M] (sqlite.org) -- C:\Program Files\Mozilla Firefox\mozsqlite3.dll
MOD - [2012-04-25 19:18:23 | 000,646,072 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nss3.dll
MOD - [2012-04-25 19:18:23 | 000,371,640 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nssckbi.dll
MOD - [2012-04-25 19:18:23 | 000,187,320 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nspr4.dll
MOD - [2012-04-25 19:18:22 | 000,109,496 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nssdbm3.dll
MOD - [2012-04-25 19:18:22 | 000,105,400 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nssutil3.dll
MOD - [2012-04-25 19:18:17 | 000,022,456 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\plc4.dll
MOD - [2012-04-25 19:18:16 | 000,020,920 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\plds4.dll
MOD - [2012-04-25 19:18:16 | 000,016,824 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
MOD - [2012-04-25 19:18:15 | 000,170,936 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\softokn3.dll
MOD - [2012-04-25 19:18:15 | 000,105,400 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\smime3.dll
MOD - [2012-04-25 19:18:14 | 000,158,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\ssl3.dll
MOD - [2012-04-25 19:18:10 | 000,019,896 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\xpcom.dll
MOD - [2012-04-25 19:18:09 | 015,743,928 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\xul.dll
MOD - [2012-04-04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
MOD - [2012-04-04 15:56:38 | 002,165,320 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll
MOD - [2012-04-04 15:56:38 | 001,082,440 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamcore.dll
MOD - [2012-04-04 15:56:38 | 000,476,232 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll
MOD - [2012-04-04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
MOD - [2012-04-04 15:56:38 | 000,080,968 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll
MOD - [2012-03-07 01:15:28 | 000,228,632 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\1045\uiLangRes.dll
MOD - [2012-03-07 01:15:28 | 000,095,232 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\1045\Base.dll
MOD - [2012-03-07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
MOD - [2012-03-07 01:15:15 | 004,675,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\CommonRes.dll
MOD - [2012-03-07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
MOD - [2012-03-07 01:15:13 | 000,215,736 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2012-03-07 01:15:10 | 000,399,088 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswSqLt.dll
MOD - [2012-03-07 01:15:10 | 000,265,712 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswStrm.dll
MOD - [2012-03-07 01:15:10 | 000,214,736 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswProperty.dll
MOD - [2012-03-07 01:15:10 | 000,027,264 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswUtil.dll
MOD - [2012-03-07 01:15:09 | 002,111,448 | ---- | M] (AVAST! Software) -- C:\Program Files\AVAST Software\Avast\aswAra.dll
MOD - [2012-03-07 01:15:09 | 000,217,296 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswLog.dll
MOD - [2012-03-07 01:15:08 | 000,682,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswAux.dll
MOD - [2012-03-07 01:15:07 | 000,942,904 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashMaiSv.dll
MOD - [2012-03-07 01:15:07 | 000,615,888 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashWebSv.dll
MOD - [2012-03-07 01:15:07 | 000,337,800 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnBS.dll
MOD - [2012-03-07 01:15:07 | 000,217,832 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashServ.dll
MOD - [2012-03-07 01:15:07 | 000,184,872 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswData.dll
MOD - [2012-03-07 01:15:07 | 000,164,248 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnIS.dll
MOD - [2012-03-07 01:15:07 | 000,153,936 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashTask.dll
MOD - [2012-03-07 01:15:07 | 000,146,208 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswDld.dll
MOD - [2012-03-07 01:15:07 | 000,098,864 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnOS.dll
MOD - [2012-03-07 01:15:07 | 000,050,448 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswEngLdr.dll
MOD - [2012-03-07 01:15:07 | 000,013,896 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswIdle.dll
MOD - [2012-03-07 01:15:06 | 000,406,816 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashBase.dll
MOD - [2012-03-07 01:15:06 | 000,123,536 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashShell.dll
MOD - [2012-03-07 01:15:06 | 000,061,760 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashTaskEx.dll
MOD - [2012-03-07 01:15:06 | 000,048,888 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashWsFtr.dll
MOD - [2012-03-07 01:15:05 | 000,059,224 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AhResWS.dll
MOD - [2012-03-07 01:15:04 | 000,063,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AhResBhv.dll
MOD - [2012-03-07 01:15:04 | 000,061,272 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AhResStd.dll
MOD - [2012-03-07 01:15:04 | 000,054,568 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AhResMai.dll
MOD - [2012-03-07 01:15:04 | 000,050,960 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AhResNS.dll
MOD - [2012-03-07 01:15:04 | 000,048,376 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AhResP2P.dll
MOD - [2012-03-07 01:15:04 | 000,047,352 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AhResMes.dll
MOD - [2012-03-07 01:15:04 | 000,034,456 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AhResJs.dll
MOD - [2012-03-07 01:15:03 | 000,345,040 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\Aavm4h.dll
MOD - [2012-03-07 01:15:03 | 000,096,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AavmRpch.dll
MOD - [2012-03-02 05:59:48 | 011,082,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ieframe.dll
MOD - [2012-03-01 12:59:47 | 001,212,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\urlmon.dll
MOD - [2012-03-01 12:59:47 | 000,916,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wininet.dll
MOD - [2012-03-01 12:59:46 | 002,000,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iertutil.dll
MOD - [2012-02-29 16:10:17 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wintrust.dll
MOD - [2012-02-29 16:10:17 | 000,148,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imagehlp.dll
MOD - [2012-02-09 17:43:29 | 001,748,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll
MOD - [2012-01-06 23:17:02 | 008,527,008 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2012-01-03 09:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
MOD - [2011-11-16 16:21:48 | 000,354,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winhttp.dll
MOD - [2011-11-16 16:21:48 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schannel.dll
MOD - [2011-11-01 18:07:03 | 001,288,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2011-10-14 16:47:23 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winmm.dll
MOD - [2011-09-28 09:06:42 | 000,602,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\crypt32.dll
MOD - [2011-09-26 11:41:20 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleacc.dll
MOD - [2011-05-14 01:17:40 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
MOD - [2011-05-14 01:12:34 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll
MOD - [2011-04-18 22:51:18 | 003,781,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfc90u.dll
MOD - [2011-04-18 22:51:18 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll
MOD - [2011-04-18 22:51:18 | 000,569,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll
MOD - [2011-03-03 08:55:00 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dnsapi.dll
MOD - [2011-02-08 15:33:57 | 000,978,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42.dll
MOD - [2011-01-21 16:44:11 | 008,491,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2010-12-22 14:34:22 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kerberos.dll
MOD - [2010-12-20 19:32:08 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2010-12-20 19:25:52 | 000,732,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsasrv.dll
MOD - [2010-12-10 18:30:50 | 000,176,480 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwvss_xp.dll
MOD - [2010-12-10 18:30:50 | 000,086,880 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
MOD - [2010-12-10 18:29:30 | 000,064,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sqlctr90.dll
MOD - [2010-12-09 17:15:25 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2010-11-25 17:39:26 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Java\jre6\bin\msvcr71.dll
MOD - [2010-11-25 17:39:25 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
MOD - [2010-11-09 16:52:35 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbc32.dll
MOD - [2010-09-22 18:12:42 | 000,378,264 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll
MOD - [2010-08-27 10:03:47 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\t2embed.dll
MOD - [2010-08-27 07:54:13 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srvsvc.dll
MOD - [2010-08-23 18:12:55 | 000,617,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comctl32.dll
MOD - [2010-08-23 18:12:53 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010-08-17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
MOD - [2010-08-16 10:45:09 | 000,590,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2010-05-14 11:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
MOD - [2010-04-30 16:24:22 | 000,138,584 | ---- | M] () -- C:\Program Files\PLAY ONLINE\UIExec.exe
MOD - [2010-04-30 16:20:52 | 000,252,784 | ---- | M] () -- C:\Program Files\PLAY ONLINE\AssistantServices.exe
MOD - [2010-04-16 17:38:53 | 000,406,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usp10.dll
MOD - [2010-03-18 17:47:22 | 000,030,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Aspnet_perf.dll
MOD - [2010-03-18 17:47:22 | 000,017,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\aspnet_counters.dll
MOD - [2010-03-18 14:16:28 | 000,771,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcr100_clr0400.dll
MOD - [2010-03-18 14:16:28 | 000,413,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
MOD - [2010-03-18 14:16:28 | 000,129,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\CORPerfMonExt.dll
MOD - [2010-03-18 14:16:28 | 000,121,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\PerfCounter.dll
MOD - [2010-03-15 12:28:22 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2009-12-08 11:25:45 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2009-11-07 02:07:08 | 000,049,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netfxperf.dll
MOD - [2009-11-07 02:07:04 | 000,297,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mscoree.dll
MOD - [2009-10-13 12:34:25 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oakley.dll
MOD - [2009-10-12 15:40:13 | 000,150,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rastls.dll
MOD - [2009-10-12 15:40:13 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\raschap.dll
MOD - [2009-09-11 16:19:43 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msv1_0.dll
MOD - [2009-09-04 23:05:35 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msasn1.dll
MOD - [2009-08-06 19:23:46 | 001,929,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuaueng.dll
MOD - [2009-07-28 01:19:10 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shsvcs.dll
MOD - [2009-07-17 21:04:02 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\atl.dll
MOD - [2009-07-17 18:17:57 | 001,439,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\query.dll
MOD - [2009-06-25 10:27:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2009-06-25 10:27:54 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdigest.dll
MOD - [2009-06-10 08:16:42 | 000,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wkssvc.dll
MOD - [2009-05-07 17:34:14 | 000,347,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\localspl.dll
MOD - [2009-04-29 06:35:21 | 001,499,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shdocvw.dll
MOD - [2009-03-21 16:08:59 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2009-03-08 04:34:48 | 000,236,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\webcheck.dll
MOD - [2009-03-06 16:22:12 | 000,285,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pdh.dll
MOD - [2009-02-27 20:04:20 | 000,311,296 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.POL
MOD - [2009-02-09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
MOD - [2009-02-09 12:53:44 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2009-02-09 12:53:44 | 000,473,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\fastprox.dll
MOD - [2009-02-09 12:53:44 | 000,401,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcss.dll
MOD - [2009-02-09 12:53:43 | 000,453,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvsd.dll
MOD - [2009-01-07 18:20:36 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\normaliz.dll
MOD - [2008-10-23 14:42:41 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-10-17 17:05:48 | 000,344,159 | ---- | M] (Your Company Name) -- C:\Program Files\Samsung\Samsung Network Manager\SNMCoreDll.dll
MOD - [2008-10-15 18:36:55 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netapi32.dll
MOD - [2008-10-06 19:07:26 | 000,679,936 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
MOD - [2008-07-25 11:16:40 | 000,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
MOD - [2008-07-07 22:29:10 | 000,253,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\es.dll
MOD - [2008-07-06 14:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
MOD - [2008-06-24 18:46:33 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mscms.dll
MOD - [2008-06-20 18:04:23 | 000,246,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mswsock.dll
MOD - [2008-06-12 16:23:52 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mtxclu.dll
MOD - [2008-04-15 14:00:00 | 002,953,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\xpsp2res.dll
MOD - [2008-04-15 14:00:00 | 002,843,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msi.dll
MOD - [2008-04-15 14:00:00 | 001,852,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\AcGenral.dll
MOD - [2008-04-15 14:00:00 | 001,710,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netshell.dll
MOD - [2008-04-15 14:00:00 | 001,689,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\d3d9.dll
MOD - [2008-04-15 14:00:00 | 001,267,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comsvcs.dll
MOD - [2008-04-15 14:00:00 | 001,092,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\esent.dll
MOD - [2008-04-15 14:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
MOD - [2008-04-15 14:00:00 | 001,025,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browseui.dll
MOD - [2008-04-15 14:00:00 | 001,000,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msgina.dll
MOD - [2008-04-15 14:00:00 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-15 14:00:00 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2008-04-15 14:00:00 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2008-04-15 14:00:00 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sxs.dll
MOD - [2008-04-15 14:00:00 | 000,675,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasdlg.dll
MOD - [2008-04-15 14:00:00 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dbghelp.dll
MOD - [2008-04-15 14:00:00 | 000,629,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netcfgx.dll
MOD - [2008-04-15 14:00:00 | 000,586,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mlang.dll
MOD - [2008-04-15 14:00:00 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-15 14:00:00 | 000,531,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemcore.dll
MOD - [2008-04-15 14:00:00 | 000,520,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptui.dll
MOD - [2008-04-15 14:00:00 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
MOD - [2008-04-15 14:00:00 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2008-04-15 14:00:00 | 000,483,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsvc.dll
MOD - [2008-04-15 14:00:00 | 000,430,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\vssapi.dll
MOD - [2008-04-15 14:00:00 | 000,427,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samsrv.dll
MOD - [2008-04-15 14:00:00 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll
MOD - [2008-04-15 14:00:00 | 000,409,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\qmgr.dll
MOD - [2008-04-15 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netlogon.dll
MOD - [2008-04-15 14:00:00 | 000,388,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\themeui.dll
MOD - [2008-04-15 14:00:00 | 000,384,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcdlg.dll
MOD - [2008-04-15 14:00:00 | 000,367,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dsound.dll
MOD - [2008-04-15 14:00:00 | 000,346,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hnetcfg.dll
MOD - [2008-04-15 14:00:00 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-15 14:00:00 | 000,334,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wiaservc.dll
MOD - [2008-04-15 14:00:00 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscui.dll
MOD - [2008-04-15 14:00:00 | 000,330,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipnathlp.dll
MOD - [2008-04-15 14:00:00 | 000,325,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scesrv.dll
MOD - [2008-04-15 14:00:00 | 000,304,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\duser.dll
MOD - [2008-04-15 14:00:00 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll
MOD - [2008-04-15 14:00:00 | 000,296,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\termsrv.dll
MOD - [2008-04-15 14:00:00 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-15 14:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemess.dll
MOD - [2008-04-15 14:00:00 | 000,266,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\h323.tsp
MOD - [2008-04-15 14:00:00 | 000,254,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\icm32.dll
MOD - [2008-04-15 14:00:00 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapisrv.dll
MOD - [2008-04-15 14:00:00 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\esscli.dll
MOD - [2008-04-15 14:00:00 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui1.dll
MOD - [2008-04-15 14:00:00 | 000,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasapi32.dll
MOD - [2008-04-15 14:00:00 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-15 14:00:00 | 000,214,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemcomn.dll
MOD - [2008-04-15 14:00:00 | 000,210,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasppp.dll
MOD - [2008-04-15 14:00:00 | 000,208,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsaenh.dll
MOD - [2008-04-15 14:00:00 | 000,207,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\unimdm.tsp
MOD - [2008-04-15 14:00:00 | 000,198,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netman.dll
MOD - [2008-04-15 14:00:00 | 000,197,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\certcli.dll
MOD - [2008-04-15 14:00:00 | 000,195,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msutb.dll
MOD - [2008-04-15 14:00:00 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schedsvc.dll
MOD - [2008-04-15 14:00:00 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\activeds.dll
MOD - [2008-04-15 14:00:00 | 000,186,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scecli.dll
MOD - [2008-04-15 14:00:00 | 000,186,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasmans.dll
MOD - [2008-04-15 14:00:00 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-15 14:00:00 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipsecsvc.dll
MOD - [2008-04-15 14:00:00 | 000,181,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapi32.dll
MOD - [2008-04-15 14:00:00 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemdisp.dll
MOD - [2008-04-15 14:00:00 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\repdrvfs.dll
MOD - [2008-04-15 14:00:00 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTFIME.IME
MOD - [2008-04-15 14:00:00 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\w32time.dll
MOD - [2008-04-15 14:00:00 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll
MOD - [2008-04-15 14:00:00 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srsvc.dll
MOD - [2008-04-15 14:00:00 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\credui.dll
MOD - [2008-04-15 14:00:00 | 000,155,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\modemui.dll
MOD - [2008-04-15 14:00:00 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-15 14:00:00 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmisvc.dll
MOD - [2008-04-15 14:00:00 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wiavusd.dll
MOD - [2008-04-15 14:00:00 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprov.dll
MOD - [2008-04-15 14:00:00 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\onex.dll
MOD - [2008-04-15 14:00:00 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntshrui.dll
MOD - [2008-04-15 14:00:00 | 000,143,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\adsldpc.dll
MOD - [2008-04-15 14:00:00 | 000,140,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc_os.dll
MOD - [2008-04-15 14:00:00 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dssenh.dll
MOD - [2008-04-15 14:00:00 | 000,133,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\upnp.dll
MOD - [2008-04-15 14:00:00 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eappcfg.dll
MOD - [2008-04-15 14:00:00 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe
MOD - [2008-04-15 14:00:00 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dhcpcsvc.dll
MOD - [2008-04-15 14:00:00 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll
MOD - [2008-04-15 14:00:00 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\umpnpmgr.dll
MOD - [2008-04-15 14:00:00 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oledlg.dll
MOD - [2008-04-15 14:00:00 | 000,122,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\stobject.dll
MOD - [2008-04-15 14:00:00 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll
MOD - [2008-04-15 14:00:00 | 000,116,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mstlsapi.dll
MOD - [2008-04-15 14:00:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008-04-15 14:00:00 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2008-04-15 14:00:00 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wshbth.dll
MOD - [2008-04-15 14:00:00 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32spl.dll
MOD - [2008-04-15 14:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscdll.dll
MOD - [2008-04-15 14:00:00 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winscard.dll
MOD - [2008-04-15 14:00:00 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\loadperf.dll
MOD - [2008-04-15 14:00:00 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiutils.dll
MOD - [2008-04-15 14:00:00 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcint.dll
MOD - [2008-04-15 14:00:00 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\actxprxy.dll
MOD - [2008-04-15 14:00:00 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psbase.dll
MOD - [2008-04-15 14:00:00 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iphlpapi.dll
MOD - [2008-04-15 14:00:00 | 000,093,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wlnotify.dll
MOD - [2008-04-15 14:00:00 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsvpsp.dll
MOD - [2008-04-15 14:00:00 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\trkwks.dll
MOD - [2008-04-15 14:00:00 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiaprpl.dll
MOD - [2008-04-15 14:00:00 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mprapi.dll
MOD - [2008-04-15 14:00:00 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-15 14:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2_32.dll
MOD - [2008-04-15 14:00:00 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui0.dll
MOD - [2008-04-15 14:00:00 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscsvc.dll
MOD - [2008-04-15 14:00:00 | 000,078,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\unimdmat.dll
MOD - [2008-04-15 14:00:00 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browser.dll
MOD - [2008-04-15 14:00:00 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\qutil.dll
MOD - [2008-04-15 14:00:00 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolss.dll
MOD - [2008-04-15 14:00:00 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetpp.dll
MOD - [2008-04-15 14:00:00 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.dll
MOD - [2008-04-15 14:00:00 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sti.dll
MOD - [2008-04-15 14:00:00 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-15 14:00:00 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browselc.dll
MOD - [2008-04-15 14:00:00 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdsapi.dll
MOD - [2008-04-15 14:00:00 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shimeng.dll
MOD - [2008-04-15 14:00:00 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptnet.dll
MOD - [2008-04-15 14:00:00 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll
MOD - [2008-04-15 14:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptsvc.dll
MOD - [2008-04-15 14:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\authz.dll
MOD - [2008-04-15 14:00:00 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasqec.dll
MOD - [2008-04-15 14:00:00 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasman.dll
MOD - [2008-04-15 14:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\colbact.dll
MOD - [2008-04-15 14:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cabinet.dll
MOD - [2008-04-15 14:00:00 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mpr.dll
MOD - [2008-04-15 14:00:00 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\resutils.dll
MOD - [2008-04-15 14:00:00 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rastapi.dll
MOD - [2008-04-15 14:00:00 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clusapi.dll
MOD - [2008-04-15 14:00:00 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ndptsp.tsp
MOD - [2008-04-15 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eventlog.dll
MOD - [2008-04-15 14:00:00 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winsta.dll
MOD - [2008-04-15 14:00:00 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42loc.dll
MOD - [2008-04-15 14:00:00 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsapi.dll
MOD - [2008-04-15 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
MOD - [2008-04-15 14:00:00 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\xmlprovi.dll
MOD - [2008-04-15 14:00:00 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\regapi.dll
MOD - [2008-04-15 14:00:00 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cnbjmon.dll
MOD - [2008-04-15 14:00:00 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msprivs.dll
MOD - [2008-04-15 14:00:00 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\ncprov.dll
MOD - [2008-04-15 14:00:00 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tcpmon.dll
MOD - [2008-04-15 14:00:00 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rtutils.dll
MOD - [2008-04-15 14:00:00 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlanman.dll
MOD - [2008-04-15 14:00:00 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemsvc.dll
MOD - [2008-04-15 14:00:00 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\audiosrv.dll
MOD - [2008-04-15 14:00:00 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfctrs.dll
MOD - [2008-04-15 14:00:00 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eappprxy.dll
MOD - [2008-04-15 14:00:00 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sens.dll
MOD - [2008-04-15 14:00:00 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\AcAdProc.dll
MOD - [2008-04-15 14:00:00 | 000,038,400 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
MOD - [2008-04-15 14:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ncobjapi.dll
MOD - [2008-04-15 14:00:00 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfproc.dll
MOD - [2008-04-15 14:00:00 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ssdpapi.dll
MOD - [2008-04-15 14:00:00 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pstorsvc.dll
MOD - [2008-04-15 14:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kmddsp.tsp
MOD - [2008-04-15 14:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptdll.dll
MOD - [2008-04-15 14:00:00 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winipsec.dll
MOD - [2008-04-15 14:00:00 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\traffic.dll
MOD - [2008-04-15 14:00:00 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eapolqec.dll
MOD - [2008-04-15 14:00:00 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hidphone.tsp
MOD - [2008-04-15 14:00:00 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mspatcha.dll
MOD - [2008-04-15 14:00:00 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\batmeter.dll
MOD - [2008-04-15 14:00:00 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\profmap.dll
MOD - [2008-04-15 14:00:00 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfdisk.dll
MOD - [2008-04-15 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\utildll.dll
MOD - [2008-04-15 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dot3api.dll
MOD - [2008-04-15 14:00:00 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\davclnt.dll
MOD - [2008-04-15 14:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shfolder.dll
MOD - [2008-04-15 14:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfos.dll
MOD - [2008-04-15 14:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcbcp.dll
MOD - [2008-04-15 14:00:00 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wsock32.dll
MOD - [2008-04-15 14:00:00 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-15 14:00:00 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ersvc.dll
MOD - [2008-04-15 14:00:00 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\feclient.dll
MOD - [2008-04-15 14:00:00 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.drv
MOD - [2008-04-15 14:00:00 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hid.dll
MOD - [2008-04-15 14:00:00 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2help.dll
MOD - [2008-04-15 14:00:00 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\linkinfo.dll
MOD - [2008-04-15 14:00:00 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wshtcpip.dll
MOD - [2008-04-15 14:00:00 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dimsntfy.dll
MOD - [2008-04-15 14:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemprox.dll
MOD - [2008-04-15 14:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-15 14:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\seclogon.dll
MOD - [2008-04-15 14:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\midimap.dll
MOD - [2008-04-15 14:00:00 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wtsapi32.dll
MOD - [2008-04-15 14:00:00 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\nddeapi.dll
MOD - [2008-04-15 14:00:00 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfnet.dll
MOD - [2008-04-15 14:00:00 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\powrprof.dll
MOD - [2008-04-15 14:00:00 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipconf.tsp
MOD - [2008-04-15 14:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winrnr.dll
MOD - [2008-04-15 14:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usbmon.dll
MOD - [2008-04-15 14:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\fltlib.dll
MOD - [2008-04-15 14:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cfgmgr32.dll
MOD - [2008-04-15 14:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pjlmon.dll
MOD - [2008-04-15 14:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
MOD - [2008-04-15 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe
MOD - [2008-04-15 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drprov.dll
MOD - [2008-04-15 14:00:00 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uniplat.dll
MOD - [2008-04-15 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
MOD - [2008-04-15 14:00:00 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfts.dll
MOD - [2008-04-15 14:00:00 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netrap.dll
MOD - [2008-04-15 14:00:00 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\icaapi.dll
MOD - [2008-04-15 14:00:00 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pschdprf.dll
MOD - [2008-04-15 14:00:00 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsvpperf.dll
MOD - [2008-04-15 14:00:00 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dot3dlg.dll
MOD - [2008-04-15 14:00:00 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlsapi.dll
MOD - [2008-04-15 14:00:00 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\d3d8thk.dll
MOD - [2008-04-15 14:00:00 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasadhlp.dll
MOD - [2008-04-15 14:00:00 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapres.dll
MOD - [2008-04-15 14:00:00 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sensapi.dll
MOD - [2008-04-15 14:00:00 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauserv.dll
MOD - [2008-04-15 14:00:00 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msidle.dll
MOD - [2008-04-15 14:00:00 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wmi.dll
MOD - [2008-04-15 14:00:00 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapiperf.dll
MOD - [2008-04-15 14:00:00 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\security.dll
MOD - [2008-04-15 14:00:00 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc.dll
MOD - [2008-04-15 14:00:00 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msimg32.dll
MOD - [2008-04-15 14:00:00 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lz32.dll
MOD - [2008-04-14 23:51:58 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdmaud.drv
MOD - [2008-04-14 23:50:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hidserv.dll
MOD - [2008-02-29 00:00:16 | 000,256,536 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxsrvc.exe
MOD - [2008-02-29 00:00:10 | 000,170,520 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxext.exe
MOD - [2008-02-15 21:49:32 | 000,180,224 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxres.dll
MOD - [2008-02-15 21:46:26 | 000,204,800 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxpph.dll
MOD - [2008-02-15 21:46:18 | 000,024,576 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxexps.dll
MOD - [2008-02-15 21:46:08 | 000,048,128 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxsrvc.dll
MOD - [2008-02-15 21:45:44 | 000,102,400 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hccutils.dll
MOD - [2008-02-15 21:45:40 | 000,208,896 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxdev.dll
MOD - [2008-02-15 21:45:28 | 003,293,184 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxress.dll
MOD - [2007-07-06 19:21:34 | 000,045,056 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files\Samsung\Easy Display Manager\SABI2.dll
MOD - [2007-04-01 10:02:36 | 000,273,256 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
MOD - [2007-04-01 10:00:28 | 002,842,624 | ---- | M] () -- C:\WINDOWS\system32\btwicons.dll
MOD - [2007-04-01 09:40:40 | 000,114,688 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\bthcrp.dll
MOD - [2007-04-01 09:23:58 | 000,491,581 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\wbtapi.dll
MOD - [2007-04-01 09:22:32 | 000,581,632 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\WidcommSdk.dll
MOD - [2006-10-30 15:29:28 | 000,036,864 | ---- | M] () -- C:\Program Files\Samsung\Samsung Network Manager\SNMWLANService.exe
MOD - [2006-08-12 13:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll
MOD - [2005-10-14 02:37:22 | 000,035,032 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\instapi.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Auto | Stopped] -- C:\Documents and Settings\All Users\Dane aplikacji\DatacardService\DCService.exe -- (DCService.exe)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012-04-25 19:18:30 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-04-04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012-03-07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010-04-30 16:20:52 | 000,252,784 | ---- | M] () [Auto | Running] -- C:\Program Files\PLAY ONLINE\AssistantServices.exe -- (UI Assistant Service)
SRV - [2010-01-15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2008-05-13 09:44:00 | 000,077,480 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe -- (Samsung Update Plus)
SRV - [2006-10-30 15:29:28 | 000,036,864 | ---- | M] () [Auto | Running] -- C:\Program Files\Samsung\Samsung Network Manager\SNMWLANService.exe -- (SNM WLAN Service)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbdev.sys -- (hwusbdev)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (az80axc8)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (ah304ie8)
DRV - [2012-04-04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012-03-07 01:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012-03-07 01:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012-03-07 01:02:00 | 000,035,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012-03-07 01:01:53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012-03-07 01:01:39 | 000,095,704 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012-03-07 01:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012-03-07 00:58:29 | 000,024,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010-08-23 14:48:49 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2010-06-01 14:07:00 | 000,117,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2010-05-22 14:48:20 | 000,070,656 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2010-03-25 10:08:30 | 000,105,728 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2010-03-20 11:56:04 | 000,101,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2009-10-29 19:28:24 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2009-10-29 19:28:24 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2009-10-29 19:28:24 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2009-10-29 19:28:24 | 000,009,216 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\massfilter.sys -- (massfilter)
DRV - [2008-10-08 08:35:10 | 001,334,432 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
DRV - [2008-09-29 21:23:00 | 000,119,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hspamdm.sys -- (hspamdm)
DRV - [2008-09-29 21:23:00 | 000,098,560 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hspaserd.sys -- (hspaserd) SAMSUNG HSPA Modem Diagnostic Serial Port (WDM)
DRV - [2008-09-29 21:23:00 | 000,091,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hspabus.sys -- (hspabus) SAMSUNG HSPA USB Composite Device driver (WDM)
DRV - [2008-09-29 21:23:00 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hspamdfl.sys -- (hspamdfl)
DRV - [2008-09-23 22:23:58 | 000,238,464 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VMC326.sys -- (VMC326)
DRV - [2008-08-27 01:35:00 | 004,753,920 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008-06-27 10:02:00 | 000,289,024 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2008-06-25 16:51:41 | 000,003,328 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hitmanpro3.sys -- (hitmanpro3)
DRV - [2008-01-14 20:01:02 | 000,030,208 | ---- | M] (Samsung Electronics,.LTD) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SamsungEDS.SYS -- (DNSeFilter)
DRV - [2007-03-31 22:02:42 | 000,876,384 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2007-03-23 19:50:42 | 000,067,960 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2007-03-23 19:50:08 | 000,037,424 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2007-03-23 19:49:54 | 000,539,072 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2006-10-30 15:29:28 | 000,019,840 | ---- | M] (Samsung) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SUE_PD.sys -- (SUEPD)
DRV - [2005-10-27 06:18:05 | 000,004,300 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\MEMIO.SYS -- (DOSMEMIO)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = [url="http://www.google.com/ie"]http://www.google.com/ie[/url]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = [url="http://www.google.com/ie"]http://www.google.com/ie[/url]
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://search.live.com/results.aspx?q=%7BsearchTerms%7D&src=%7Breferrer:source?%7D"]http://search.live.c...ferrer:source?}[/url]


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = [url="http://www.google.com/toolbar/ie8/intl/pl/done.html"]http://www.google.co...tl/pl/done.html[/url]

IE - HKU\S-1-5-21-548589035-1777499971-1682452241-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [url="http://www.google.com"]http://www.google.com[/url]
IE - HKU\S-1-5-21-548589035-1777499971-1682452241-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://search.babylon.com/?affID=110819&babsrc=HP_ss&mntrId=c4f66b2d00000000000000216396f29a"]http://search.babylo...00000216396f29a[/url]
IE - HKU\S-1-5-21-548589035-1777499971-1682452241-1005\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = [url="http://www.google.com/ie"]http://www.google.com/ie[/url]
IE - HKU\S-1-5-21-548589035-1777499971-1682452241-1005\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-548589035-1777499971-1682452241-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://search.live.com/results.aspx?q=%7BsearchTerms%7D&src=IE-SearchBox&Form=IE8SRC"]http://search.live.c...Box&Form=IE8SRC[/url]
IE - HKU\S-1-5-21-548589035-1777499971-1682452241-1005\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = [url="http://search.babylon.com/?q=%7BsearchTerms%7D&affID=110819&babsrc=SP_ss&mntrId=c4f66b2d00000000000000216396f29a"]http://search.babylo...00000216396f29a[/url]
IE - HKU\S-1-5-21-548589035-1777499971-1682452241-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-548589035-1777499971-1682452241-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 195.116.53.12:3128

[color=#E56717]========== FireFox ==========[/color]

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Documents and Settings\ZENON PAWŁOWSKI\Ustawienia lokalne\Dane aplikacji\Google\Update\1.2.183.29\npGoogleOneClick8.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-04-17 08:28:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Flock 2.0.3\extensions\\Components: C:\Program Files\Flock\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Flock 2.0.3\extensions\\Plugins: C:\Program Files\Flock\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Flock 2.5.5\extensions\\Components: C:\Program Files\Flock\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Flock 2.5.5\extensions\\Plugins: C:\Program Files\Flock\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\K-Meleon\Extensions\\Plugins: D:\Program Files\K-Meleon\Plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\K-Meleon\Extensions\\Components: D:\Program Files\K-Meleon\Components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-04-25 19:18:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-09-27 02:47:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Components: D:\Mozillka\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Plugins: D:\Mozillka\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0b1\extensions\\Components: C:\Program Files\Mozilla Firefox 4.0 Beta 1\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0b1\extensions\\Plugins: C:\Program Files\Mozilla Firefox 4.0 Beta 1\plugins

[2010-10-16 14:46:08 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\ZENON PAWŁOWSKI\Dane aplikacji\Mozilla\Extensions
[2012-05-17 11:08:23 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\ZENON PAWŁOWSKI\Dane aplikacji\Mozilla\Firefox\Profiles\aqh4zfvm.default\extensions
[2010-11-04 22:15:13 | 000,000,000 | ---D | M] (20-20 3D Viewer) -- C:\Documents and Settings\ZENON PAWŁOWSKI\Dane aplikacji\Mozilla\Firefox\Profiles\aqh4zfvm.default\extensions\2020Player@2020Technologies.com
[2011-11-10 21:40:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-04-25 19:18:30 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010-11-25 17:39:26 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011-10-04 19:08:39 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2012-04-22 16:29:52 | 000,002,313 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2011-10-04 19:08:39 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2011-10-04 19:08:39 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2011-10-04 19:08:39 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2011-10-04 19:08:39 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2011-10-04 19:08:39 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2008-04-15 14:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (YouTube To ALLPlayer) - {61DB16C5-B733-43F4-872E-B20DC9E72740} - C:\Program Files\ALLPlayer\YouTubeToALLPlayer.dll (ALLPlayer.org)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (DealPly) - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files\DealPly\DealPlyIE.dll (DealPly Technologies Ltd)
O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll File not found
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DMHotKey] C:\Program Files\Samsung\Easy Display Manager\DMLoader.exe (SAMSUNG Electronics)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [UIExec] C:\Program Files\PLAY ONLINE\UIExec.exe ()
O4 - HKU\S-1-5-21-548589035-1777499971-1682452241-1005..\Run: [1] C:\Documents and Settings\ZENON PAWŁOWSKI\Dane aplikacji\430203.exe File not found
O4 - HKU\S-1-5-21-548589035-1777499971-1682452241-1005..\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe ()
O4 - HKU\S-1-5-21-548589035-1777499971-1682452241-1005..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray File not found
O4 - HKU\S-1-5-21-548589035-1777499971-1682452241-1005..\Run: [Odkurzacz-MCD] C:\Program Files\Odkurzacz\odk_mcd.exe (Franmo Software)
O4 - HKU\S-1-5-21-548589035-1777499971-1682452241-1005..\Run: [UpdateStar] C:\Documents and Settings\ZENON PAWŁOWSKI\Dane aplikacji\UpdateStar\UpdateStar.exe -A File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-548589035-1777499971-1682452241-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.5.0)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [url="http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab"]http://fpdownload2.m...ash/swflash.cab[/url] (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F36382BE-C45D-4337-9CD2-31C5E26900B5}: DhcpNameServer = 62.179.1.63 62.179.1.62
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\ZENON PAWŁOWSKI\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\ZENON PAWŁOWSKI\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O27 - HKLM IFEO\taskmgr.exe: Debugger - P9KDMF.EXE File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008-10-31 16:49:53 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{08a0c4cb-a8a6-11e0-8f33-001377d0781a}\Shell - "" = AutoRun
O33 - MountPoints2\{08a0c4cb-a8a6-11e0-8f33-001377d0781a}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{367810c5-08de-11de-87f9-001377d0781a}\Shell - "" = AutoRun
O33 - MountPoints2\{367810c5-08de-11de-87f9-001377d0781a}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a
O33 - MountPoints2\{65770dc6-8d12-11e0-8ef0-001377d0781a}\Shell - "" = AutoRun
O33 - MountPoints2\{65770dc6-8d12-11e0-8ef0-001377d0781a}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{65770dc9-8d12-11e0-8ef0-001377d0781a}\Shell - "" = AutoRun
O33 - MountPoints2\{65770dc9-8d12-11e0-8ef0-001377d0781a}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{a0100f7f-bdf7-11e0-8f55-001377d0781a}\Shell - "" = AutoRun
O33 - MountPoints2\{a0100f7f-bdf7-11e0-8f55-001377d0781a}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{af77ad84-8a5d-11e0-8ee4-00216396f29a}\Shell - "" = AutoRun
O33 - MountPoints2\{af77ad84-8a5d-11e0-8ee4-00216396f29a}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{b41826ce-7edd-11e0-8ec8-001377d0781a}\Shell - "" = AutoRun
O33 - MountPoints2\{b41826ce-7edd-11e0-8ec8-001377d0781a}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{b41826d0-7edd-11e0-8ec8-001377d0781a}\Shell - "" = AutoRun
O33 - MountPoints2\{b41826d0-7edd-11e0-8ec8-001377d0781a}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - StartUpReg: [b]Adobe Reader Speed Launcher[/b] - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: [b]Alcmtr[/b] - hkey= - key= - C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
MsConfig - StartUpReg: [b]ALLUpdate[/b] - hkey= - key= - C:\Program Files\ALLPlayer\ALLUpdate.exe ()
MsConfig - StartUpReg: [b]BatteryManager[/b] - hkey= - key= - C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe ()
MsConfig - StartUpReg: [b]BluetoothAuthenticationAgent[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]DAEMON Tools Lite[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]EDS[/b] - hkey= - key= - C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe (Samsung Electronics,.LTD)
MsConfig - StartUpReg: [b]Gadu-Gadu[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]Gadu-Gadu 10[/b] - hkey= - key= - C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.)
MsConfig - StartUpReg: [b]Google Update[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]HotKeysCmds[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]IgfxTray[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]IPLA![/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]MagicKeyboard[/b] - hkey= - key= - C:\Program Files\Samsung\MagicKBD\PreMKbd.exe ()
MsConfig - StartUpReg: [b]MSMSGS[/b] - hkey= - key= - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
MsConfig - StartUpReg: [b]Persistence[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]RTHDCPL[/b] - hkey= - key= - C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
MsConfig - StartUpReg: [b]SunJavaUpdateSched[/b] - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig - StartUpReg: [b]SynTPEnh[/b] - hkey= - key= - File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2



[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2012-05-17 11:38:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ZENON PAWŁOWSKI\Dane aplikacji\Malwarebytes
[2012-05-17 11:38:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes' Anti-Malware
[2012-05-17 11:38:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
[2012-05-17 11:38:39 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012-05-17 11:38:38 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012-05-16 16:28:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ZENON PAWŁOWSKI\Dane aplikacji\Nojnxoof
[2012-05-10 11:55:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ZENON PAWŁOWSKI\Ustawienia lokalne\Dane aplikacji\fontconfig
[2012-05-10 11:55:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ZENON PAWŁOWSKI\.gimp-2.8
[2012-05-10 11:55:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ZENON PAWŁOWSKI\Ustawienia lokalne\Dane aplikacji\gegl-0.2
[2012-05-10 11:24:22 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2
[2012-05-08 19:23:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ZENON PAWŁOWSKI\Dane aplikacji\MOVAVI
[2012-05-08 19:22:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Movavi Video Converter 11
[2012-05-08 19:21:06 | 000,000,000 | ---D | C] -- C:\Program Files\Movavi Video Converter 11
[2012-05-08 19:12:28 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje wideo
[2012-05-08 16:13:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ZENON PAWŁOWSKI\Dane aplikacji\Blender Foundation
[2012-05-08 16:07:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ZENON PAWŁOWSKI\.thumbnails
[2012-05-08 16:06:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Blender Foundation
[2012-05-08 16:05:40 | 000,000,000 | ---D | C] -- C:\Program Files\Blender Foundation
[2012-05-08 11:52:53 | 000,000,000 | R--D | C] -- C:\Documents and Settings\ZENON PAWŁOWSKI\Moje dokumenty\Moje wideo
[2012-05-08 11:51:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ZENON PAWŁOWSKI\Ustawienia lokalne\Dane aplikacji\WMTools Downloaded Files
[2012-05-07 15:40:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\gimp1
[2012-05-07 14:34:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Pivot Stickfigure Animator
[2012-05-07 14:34:09 | 000,000,000 | ---D | C] -- C:\Program Files\Pivot Stickfigure Animator
[2012-05-03 11:21:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ZENON PAWŁOWSKI\Moje dokumenty\My Cheat Tables
[2012-05-03 11:21:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Cheat Engine 6.1
[2012-05-03 11:21:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ZENON PAWŁOWSKI\Dane aplikacji\OpenCandy
[2012-05-03 11:21:23 | 000,000,000 | ---D | C] -- C:\Program Files\Cheat Engine 6.1
[2012-04-30 19:17:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ZENON PAWŁOWSKI\Dane aplikacji\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1
[2012-04-30 19:16:56 | 000,000,000 | ---D | C] -- C:\Program Files\e-Deklaracje
[2012-04-30 19:16:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2012-04-26 12:29:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ZENON PAWŁOWSKI\Menu Start\Programy\Plus500
[2012-04-26 12:28:37 | 000,000,000 | ---D | C] -- C:\Program Files\Plus500
[2012-04-26 12:28:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ZENON PAWŁOWSKI\Ustawienia lokalne\Dane aplikacji\Plus500
[2012-04-25 19:18:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Mozilla
[2012-04-25 19:18:40 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012-04-22 16:30:36 | 000,000,000 | ---D | C] -- C:\Program Files\DealPly
[2012-04-22 16:30:06 | 000,000,000 | ---D | C] -- C:\Program Files\BabylonToolbar
[2012-04-22 16:29:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ZENON PAWŁOWSKI\Ustawienia lokalne\Dane aplikacji\Babylon
[2012-04-22 16:29:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Babylon
[2012-04-22 16:29:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ZENON PAWŁOWSKI\Dane aplikacji\Babylon
[2012-04-22 16:29:24 | 000,000,000 | ---D | C] -- C:\Program Files\FLVPlayer
[2012-04-15 01:02:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Super Balls
[2012-04-15 01:02:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ZENON PAWŁOWSKI\Ustawienia lokalne\Dane aplikacji\Balls
[2012-04-15 01:02:26 | 000,000,000 | ---D | C] -- C:\Program Files\Super Balls
[2012-04-11 20:43:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\ALLConverter PRO
[2012-04-11 20:43:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ZENON PAWŁOWSKI\Ustawienia lokalne\Dane aplikacji\ALLConverter
[2012-04-11 20:43:36 | 000,000,000 | ---D | C] -- C:\Program Files\ALLConverter PRO
[2012-04-11 20:43:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\ALLPlayer
[2012-04-11 20:42:39 | 000,000,000 | ---D | C] -- C:\Program Files\ALLPlayer
[2012-04-11 20:33:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ZENON PAWŁOWSKI\Dane aplikacji\NapiProjekt
[2012-04-11 20:33:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\NapiProjekt
[2012-04-11 20:32:55 | 000,000,000 | ---D | C] -- C:\Program Files\NapiProjekt
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2012-05-17 15:05:00 | 000,001,172 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-548589035-1777499971-1682452241-1005UA.job
[2012-05-17 15:00:30 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012-05-17 15:00:27 | 1063,702,528 | -HS- | M] () -- C:\hiberfil.sys
[2012-05-17 11:45:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012-05-17 11:38:44 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes Anti-Malware.lnk
[2012-05-17 11:08:40 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012-05-15 18:05:00 | 000,001,120 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-548589035-1777499971-1682452241-1005Core.job
[2012-05-14 01:46:16 | 000,018,432 | ---- | M] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-05-13 18:00:00 | 000,000,428 | ---- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for ZENON PAWŁOWSKI.job
[2012-05-12 19:05:46 | 000,099,048 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-05-12 17:11:20 | 000,604,008 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2012-05-12 17:11:20 | 000,541,696 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012-05-12 17:11:20 | 000,123,514 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2012-05-12 17:11:20 | 000,102,754 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012-05-12 16:57:33 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012-05-11 21:50:50 | 000,481,078 | ---- | M] () -- C:\WINDOWS\System32\winsh323
[2012-05-11 21:50:40 | 000,481,078 | ---- | M] () -- C:\WINDOWS\System32\winsh322
[2012-05-11 21:50:32 | 000,481,078 | ---- | M] () -- C:\WINDOWS\System32\winsh321
[2012-05-11 21:50:22 | 000,481,078 | ---- | M] () -- C:\WINDOWS\System32\winsh320
[2012-05-11 12:44:24 | 000,000,754 | ---- | M] () -- C:\WINDOWS\WORDPAD.INI
[2012-05-10 16:52:47 | 000,180,145 | ---- | M] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\plDurTeplTeXNJOurvXDT
[2012-05-10 16:04:50 | 000,054,021 | ---- | M] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\VqqfoVfAVjfnGjtnqG
[2012-05-10 15:55:52 | 000,015,107 | ---- | M] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Moje dokumenty\nLsVLyttqoxjfnsqUo
[2012-05-10 15:55:52 | 000,015,107 | ---- | M] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\LAoVqLyqLVxdsfG
[2012-05-10 15:55:52 | 000,011,073 | ---- | M] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Ustawienia lokalne\Dane aplikacji\rJspprvOOgeQupppNNrp
[2012-05-10 15:50:30 | 000,032,848 | ---- | M] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\yoAnnGVAssLUUq
[2012-05-10 15:49:08 | 000,086,157 | ---- | M] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\VGEEqGGUAEqnsVGnjoy
[2012-05-10 15:49:08 | 000,086,157 | ---- | M] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Moje dokumenty\sAUVotVoUsnjEq
[2012-05-10 15:41:43 | 000,208,008 | ---- | M] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\stUfVjLLLndUUd
[2012-05-10 15:36:13 | 000,021,352 | ---- | M] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\qAyEjqVtLqoVsL
[2012-05-10 15:33:31 | 000,021,390 | ---- | M] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\DNllaeesXDTsurJgureXD
[2012-05-10 15:31:46 | 000,011,389 | ---- | M] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\ndsttssnVGUtjo
[2012-05-10 15:29:30 | 000,018,658 | ---- | M] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\EynndsfqLAoyLVGUsfx
[2012-05-10 14:11:54 | 068,221,952 | ---- | M] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\UfVVoGEsAstnss
[2012-05-10 14:05:11 | 000,967,820 | ---- | M] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Moje dokumenty\alpseaTTlpsTrugv
[2012-05-10 13:55:43 | 003,000,315 | ---- | M] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\sguplJNNJOXNvgQNJ
[2012-05-10 13:50:24 | 003,000,355 | ---- | M] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\rQevrlgppXXsJTTvTrNr
[2012-05-10 11:55:04 | 000,000,407 | ---- | M] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\yLfGdsstfGdtoy
[2012-05-10 11:42:52 | 000,024,064 | -HS- | M] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Moje dokumenty\AoyGnALLjxdtfxdAEq
[2012-05-08 20:03:04 | 085,116,928 | ---- | M] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\sUyGyojLtsststA
[2012-05-08 19:55:25 | 001,387,150 | ---- | M] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\qLjjoqqyLAEqsfxUtf
[2012-05-08 19:22:43 | 000,000,831 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Movavi Video Converter 11.lnk
[2012-05-08 19:16:04 | 001,387,150 | ---- | M] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\UtVVGUUsVxnjEqLjGd
[2012-05-08 19:10:55 | 000,099,465 | ---- | M] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\VGddtfffGdtVGn
[2012-05-08 19:06:01 | 000,110,592 | ---- | M] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\gurlJgOsQrvguNepD
[2012-05-08 19:00:37 | 000,089,088 | ---- | M] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\NrgaOQueplJTOQNvO
[2012-05-08 16:06:29 | 000,001,745 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Blender.lnk
[2012-05-07 14:39:14 | 000,031,470 | ---- | M] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\JrDQQsJaNNDQXggge
[2012-05-07 14:34:12 | 000,000,701 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Pivot Stickfigure Animator.lnk
[2012-05-07 00:40:56 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012-05-03 11:21:33 | 000,000,760 | ---- | M] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\Cheat Engine.lnk
[2012-04-30 19:16:58 | 000,000,670 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\e-Deklaracje.lnk
[2012-04-27 18:45:12 | 000,009,547 | ---- | M] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\vsOOppQDrTJegXuD
[2012-04-26 18:38:10 | 000,481,078 | ---- | M] () -- C:\WINDOWS\System32\winsh325
[2012-04-26 18:37:48 | 000,481,078 | ---- | M] () -- C:\WINDOWS\System32\winsh324
[2012-04-26 12:29:05 | 000,000,616 | ---- | M] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\Plus500.lnk
[2012-04-23 14:26:31 | 000,000,063 | ---- | M] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\oyLnAoEEynAGdtV
[2012-04-22 16:30:14 | 000,000,237 | ---- | M] () -- C:\QsQupNNNlJTeQpNDvTOe
[2012-04-22 16:29:25 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\FLV Player.lnk
[2012-04-19 20:38:56 | 000,040,504 | ---- | M] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\guaNJOggQrsXDaeXNvOuN
[2012-04-19 20:28:47 | 000,070,155 | ---- | M] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\oyLAoqqqLjxdtVG
[2012-04-17 09:02:33 | 000,111,323 | ---- | M] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\uNJaTssvOQrvOlTepDTOQ
[2012-04-17 08:28:43 | 000,002,644 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012-04-16 22:41:52 | 000,000,624 | ---- | M] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\ooEssLnAoqLqVj
[2012-04-15 01:02:35 | 000,000,684 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Super Balls.lnk
[2012-04-13 10:30:11 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\Skrót do Moje miejsca interfejsu Bluetooth.lnk
[2012-04-11 20:43:50 | 000,000,739 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\YouTube to ALLPlayer.lnk
[2012-04-11 20:43:46 | 000,000,773 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\ALLConverter PRO.lnk
[2012-04-11 20:43:08 | 000,000,694 | ---- | M] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\ALLPlayer.lnk
[2012-04-11 20:33:06 | 000,000,715 | ---- | M] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\NapiProjekt.lnk
[2012-04-04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-05-17 11:38:44 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes Anti-Malware.lnk
[2012-05-16 16:28:50 | 000,481,078 | ---- | C] () -- C:\WINDOWS\System32\winsh325
[2012-05-16 16:28:50 | 000,481,078 | ---- | C] () -- C:\WINDOWS\System32\winsh324
[2012-05-16 16:28:50 | 000,481,078 | ---- | C] () -- C:\WINDOWS\System32\winsh323
[2012-05-16 16:28:50 | 000,481,078 | ---- | C] () -- C:\WINDOWS\System32\winsh322
[2012-05-16 16:28:50 | 000,481,078 | ---- | C] () -- C:\WINDOWS\System32\winsh321
[2012-05-16 16:28:50 | 000,481,078 | ---- | C] () -- C:\WINDOWS\System32\winsh320
[2012-05-10 16:04:49 | 000,054,021 | ---- | C] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\VqqfoVfAVjfnGjtnqG
[2012-05-10 16:03:01 | 000,086,157 | ---- | C] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\VGEEqGGUAEqnsVGnjoy
[2012-05-10 16:02:51 | 000,015,107 | ---- | C] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\LAoVqLyqLVxdsfG
[2012-05-10 15:55:52 | 000,011,073 | ---- | C] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Ustawienia lokalne\Dane aplikacji\rJspprvOOgeQupppNNrp
[2012-05-10 15:50:30 | 000,032,848 | ---- | C] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\yoAnnGVAssLUUq
[2012-05-10 15:41:42 | 000,208,008 | ---- | C] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\stUfVjLLLndUUd
[2012-05-10 15:36:13 | 000,021,352 | ---- | C] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\qAyEjqVtLqoVsL
[2012-05-10 15:33:30 | 000,021,390 | ---- | C] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\DNllaeesXDTsurJgureXD
[2012-05-10 15:29:30 | 000,018,658 | ---- | C] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\EynndsfqLAoyLVGUsfx
[2012-05-10 15:14:31 | 000,180,145 | ---- | C] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\plDurTeplTeXNJOurvXDT
[2012-05-10 14:11:05 | 068,221,952 | ---- | C] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\UfVVoGEsAstnss
[2012-05-10 13:53:06 | 003,000,315 | ---- | C] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\sguplJNNJOXNvgQNJ
[2012-05-10 13:50:22 | 003,000,355 | ---- | C] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\rQevrlgppXXsJTTvTrNr
[2012-05-10 11:42:50 | 000,024,064 | -HS- | C] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Moje dokumenty\AoyGnALLjxdtfxdAEq
[2012-05-10 11:31:27 | 000,000,734 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\GIMP 2.lnk
[2012-05-08 20:02:06 | 085,116,928 | ---- | C] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\sUyGyojLtsststA
[2012-05-08 19:54:52 | 001,387,150 | ---- | C] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\qLjjoqqyLAEqsfxUtf
[2012-05-08 19:22:43 | 000,000,831 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Movavi Video Converter 11.lnk
[2012-05-08 19:15:12 | 001,387,150 | ---- | C] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\UtVVGUUsVxnjEqLjGd
[2012-05-08 19:10:54 | 000,099,465 | ---- | C] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\VGddtfffGdtVGn
[2012-05-08 19:06:00 | 000,110,592 | ---- | C] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\gurlJgOsQrvguNepD
[2012-05-08 19:00:34 | 000,089,088 | ---- | C] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\NrgaOQueplJTOQNvO
[2012-05-08 16:06:29 | 000,001,745 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Blender.lnk
[2012-05-07 14:39:14 | 000,031,470 | ---- | C] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\JrDQQsJaNNDQXggge
[2012-05-07 14:34:12 | 000,000,701 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Pivot Stickfigure Animator.lnk
[2012-05-03 11:21:33 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\Cheat Engine.lnk
[2012-04-30 19:16:58 | 000,000,676 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\e-Deklaracje.lnk
[2012-04-30 19:16:58 | 000,000,670 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\e-Deklaracje.lnk
[2012-04-27 18:45:12 | 000,009,547 | ---- | C] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\vsOOppQDrTJegXuD
[2012-04-26 12:29:05 | 000,000,616 | ---- | C] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\Plus500.lnk
[2012-04-23 14:26:31 | 000,000,063 | ---- | C] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\oyLnAoEEynAGdtV
[2012-04-22 16:30:11 | 000,000,237 | ---- | C] () -- C:\QsQupNNNlJTeQpNDvTOe
[2012-04-22 16:29:24 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\FLV Player.lnk
[2012-04-19 20:28:47 | 000,070,155 | ---- | C] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\oyLAoqqqLjxdtVG
[2012-04-19 20:28:08 | 000,040,504 | ---- | C] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\guaNJOggQrsXDaeXNvOuN
[2012-04-17 09:02:33 | 000,111,323 | ---- | C] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\uNJaTssvOQrvOlTepDTOQ
[2012-04-16 22:41:51 | 000,000,624 | ---- | C] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\ooEssLnAoqLqVj
[2012-04-15 01:02:35 | 000,000,684 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Super Balls.lnk
[2012-04-13 10:30:11 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\Skrót do Moje miejsca interfejsu Bluetooth.lnk
[2012-04-11 20:43:50 | 000,000,739 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\YouTube to ALLPlayer.lnk
[2012-04-11 20:43:46 | 000,000,773 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\ALLConverter PRO.lnk
[2012-04-11 20:43:08 | 000,000,694 | ---- | C] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\ALLPlayer.lnk
[2012-04-11 20:42:49 | 000,258,048 | ---- | C] () -- C:\WINDOWS\System32\libFLAC.dll
[2012-04-11 20:33:06 | 000,000,715 | ---- | C] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Pulpit\NapiProjekt.lnk
[2012-02-15 12:29:27 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011-06-15 06:43:30 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2011-04-02 16:15:30 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\phpc.exe
[2010-12-24 17:15:50 | 000,000,056 | ---- | C] () -- C:\WINDOWS\Kulki.ini
[2010-12-24 04:53:21 | 000,018,432 | ---- | C] () -- C:\Documents and Settings\ZENON PAWŁOWSKI\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-12-24 04:53:20 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI
[2010-08-06 21:01:09 | 000,000,192 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2010-07-17 09:18:48 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

[color=#E56717]========== LOP Check ==========[/color]

[2011-10-13 22:59:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software
[2012-04-22 16:29:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Babylon
[2012-05-16 20:28:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DatacardService
[2011-10-07 00:14:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\framezoo.com
[2011-05-28 00:51:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Free Labs
[2011-02-11 21:34:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2011-11-22 23:57:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\IsolatedStorage
[2011-04-18 23:09:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\WA-PRO
[2012-05-16 20:29:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\WLAN
[2012-05-16 20:23:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ZENON PAWŁOWSKI\Dane aplikacji\Babylon
[2012-05-16 20:23:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ZENON PAWŁOWSKI\Dane aplikacji\BESTplayer
[2012-05-08 16:13:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ZENON PAWŁOWSKI\Dane aplikacji\Blender Foundation
[2012-05-16 20:23:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ZENON PAWŁOWSKI\Dane aplikacji\debug
[2012-04-30 19:17:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ZENON PAWŁOWSKI\Dane aplikacji\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1
[2011-10-07 00:14:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ZENON PAWŁOWSKI\Dane aplikacji\framezoo.com
[2012-05-16 20:23:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ZENON PAWŁOWSKI\Dane aplikacji\Gadu-Gadu 10
[2012-05-08 19:23:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ZENON PAWŁOWSKI\Dane aplikacji\MOVAVI
[2012-04-11 20:36:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ZENON PAWŁOWSKI\Dane aplikacji\NapiProjekt
[2012-05-16 16:28:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ZENON PAWŁOWSKI\Dane aplikacji\Nojnxoof
[2012-05-03 11:21:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ZENON PAWŁOWSKI\Dane aplikacji\OpenCandy
[2011-03-15 17:11:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ZENON PAWŁOWSKI\Dane aplikacji\Opera
[2012-05-16 20:23:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ZENON PAWŁOWSKI\Dane aplikacji\TeamViewer
[2012-05-16 20:23:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ZENON PAWŁOWSKI\Dane aplikacji\UpdateStar
[2011-04-18 22:47:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ZENON PAWŁOWSKI\Dane aplikacji\WA-PRO
[2011-05-28 00:06:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ZENON PAWŁOWSKI\Dane aplikacji\WinMacro
[2012-05-16 20:23:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ZENON PAWŁOWSKI\Dane aplikacji\ZennoPoster3

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2008-10-31 16:49:53 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010-10-08 16:42:29 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2008-04-15 14:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2008-10-31 16:49:53 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2012-05-17 15:00:27 | 1063,702,528 | -HS- | M] () -- C:\hiberfil.sys
[2008-10-31 16:49:53 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2008-10-31 16:49:53 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010-10-18 16:40:57 | 000,004,639 | ---- | M] () -- C:\nAAEofVfEyyfVo
[2008-04-15 14:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008-04-15 14:00:00 | 000,251,152 | RHS- | M] () -- C:\ntldr
[2010-10-18 16:42:01 | 000,001,015 | ---- | M] () -- C:\oVEVffVfEExxqq
[2012-05-17 15:00:25 | 1598,029,824 | -HS- | M] () -- C:\pagefile.sys
[2008-10-31 17:01:57 | 000,000,173 | ---- | M] () -- C:\QQXrDJJTgeuNlvTgsQXNl
[2012-04-22 16:30:14 | 000,000,237 | ---- | M] () -- C:\QsQupNNNlJTeQpNDvTOe
[2011-07-08 14:07:24 | 000,000,041 | ---- | M] () -- C:\redialplay.bat
[2008-06-27 18:00:04 | 000,008,696 | -H-- | M] () -- C:\UqGxxEEooEEoooGxxxx
[2011-11-22 23:38:47 | 000,044,123 | ---- | M] () -- C:\VEAsdUnLnGGqyqqEsAj
[2011-06-27 19:19:38 | 000,000,000 | ---- | M] () -- C:\vgagsssQXNDvTgeupNDJ

[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2008-04-15 14:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys
[2008-04-15 14:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2008-04-15 14:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008-04-15 14:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:atapi.sys
[2008-04-14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008-04-14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008-04-15 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2008-04-15 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2008-04-15 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2008-04-15 14:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008-04-15 14:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:cdrom.sys
[2008-04-15 14:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2008-04-15 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008-04-15 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-04-15 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008-04-15 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2012-04-04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008-04-15 14:00:00 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008-04-15 14:00:00 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe

[/log]

juz sobie z tym poradzilem cudem. Uruchomilem pare antywirosow i programow do trojanow i mi usunelo to dziadostwo. Tylko teraz jest drugi problem z zawartoscia dysku, bo pliki zostaly pozmieniane na jakies dziwne typu: ooEssLnAoqLqVj czy YlfGdsstfGdtoy o nieznanych formatach i nie da sie ich uruchomic. Niestety tak stalo sie z wiekszoscia plikow. Maja chyba rozmiar prawidlowy (np widze ze pliki filmow maja po ok 700 mega, ale maja ta zmieniona nazwe i format taki, ze nie moge ich otworzyc).

Gość
komentarz
komentarz (edytowane)

Popraw te spoiler bo sie nie da otworzyć. Albo zamieśc logi na [b]wklej.to[/b]

grumilo
komentarz
komentarz

http://wklej.to/Dt8om

Gość
komentarz
komentarz

Log jest uciety. Wklej go porządnie. Maja byc dwa: [b]OTL.txt i Extras.txt[/b]

grumilo
komentarz
komentarz

http://wklej.to/fawEn

http://wklej.to/anCGO

Gość
komentarz
komentarz

Uruchom [b]OTL[/b] i w oknie [b]własne opcje skanowania/skrypt[/b] wklej:

Klikasz w [b]Wykonaj skrypt[/b]

[code]:Files
C:\WINDOWS\System32\winsh323
C:\WINDOWS\System32\winsh322
C:\WINDOWS\System32\winsh321
C:\WINDOWS\System32\winsh320
C:\WINDOWS\System32\winsh325
C:\WINDOWS\System32\winsh324

:OTL
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (ankf05qb)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (akj8gh0r)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKU\S-1-5-21-548589035-1777499971-1682452241-1005..\Run: [1] C:\Documents and Settings\ZENON PAWŁOWSKI\Dane aplikacji\430203.exe File not found
O4 - HKU\S-1-5-21-548589035-1777499971-1682452241-1005..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray File not found
O33 - MountPoints2\{08a0c4cb-a8a6-11e0-8f33-001377d0781a}\Shell - "" = AutoRun
O33 - MountPoints2\{08a0c4cb-a8a6-11e0-8f33-001377d0781a}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{367810c5-08de-11de-87f9-001377d0781a}\Shell - "" = AutoRun
O33 - MountPoints2\{367810c5-08de-11de-87f9-001377d0781a}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a
O33 - MountPoints2\{65770dc6-8d12-11e0-8ef0-001377d0781a}\Shell - "" = AutoRun
O33 - MountPoints2\{65770dc6-8d12-11e0-8ef0-001377d0781a}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{65770dc9-8d12-11e0-8ef0-001377d0781a}\Shell - "" = AutoRun
O33 - MountPoints2\{65770dc9-8d12-11e0-8ef0-001377d0781a}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{a0100f7f-bdf7-11e0-8f55-001377d0781a}\Shell - "" = AutoRun
O33 - MountPoints2\{a0100f7f-bdf7-11e0-8f55-001377d0781a}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{af77ad84-8a5d-11e0-8ee4-00216396f29a}\Shell - "" = AutoRun
O33 - MountPoints2\{af77ad84-8a5d-11e0-8ee4-00216396f29a}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{b41826ce-7edd-11e0-8ec8-001377d0781a}\Shell - "" = AutoRun
O33 - MountPoints2\{b41826ce-7edd-11e0-8ec8-001377d0781a}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{b41826d0-7edd-11e0-8ec8-001377d0781a}\Shell - "" = AutoRun
O33 - MountPoints2\{b41826d0-7edd-11e0-8ec8-001377d0781a}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a

:Commands
[emptyflash]
[emptytemp][/code]


2.Pobierz [b]AdwCleaner[/b] i przy zamknietych przegladarkach.uruchom opcje [b]Delete[/b]
[url="http://general-changelog-team.fr/outils/289-adwcleaner"]http://general-chang.../289-adwcleaner[/url]

Wykonaj nowy skan OTL i przedstaw raport. [b]Extras[/b] już nie potrzebny.

grumilo
komentarz
komentarz

W Skrypcie nie wkleilem koncowki "
:Commands
[emptyflash]
[emptytemp]"
Bo wieszal sie program i pokazywalo tylko "killing processes. DO NOT INTERRUPT". Uzylem tego programu co mi poleciles i przeskanowalem raz jeszcze OTLem, tutaj jsa logi: http://wklej.to/IuYw0 . Niestety pliki dalej maja zmieniona nazwe i format na jakis nieznamy. Mimo to np moge uruchomic filmy w all playerze. Tylko jak teraz przywrocic ich poprzednia nazwe?

Gość
komentarz
komentarz (edytowane)

[quote]Niestety pliki dalej maja zmieniona nazwe i format na jakis nieznamy. Mimo to np moge uruchomic filmy w all playerze. Tylko jak teraz przywrocic ich poprzednia nazwe? [/quote]


Otwórz pliki video. Potem daj zapisz jako. nazwy zostana zmienione.

[quote]W Skrypcie nie wkleilem koncowki "
:Commands
[emptyflash]
[emptytemp]"[/quote]


Uruchom OTL i wklej

[code]:Commands
[emptytemp][/code]

Sprawdź czy wykona komendę opróżniania TEMP.

Wyczyść foldery przywracania systemu - instrukcja [url="http://www.fixitpc.pl/topic/5-dezynfekcja-kroki-finalizujace-temat/page__p__42415#entry42415"]http://www.fixitpc.p...2415#entry42415[/url]

grumilo
komentarz
komentarz

OTL nie dziala-wiesza sie po wpisaniu tej komendy. Tez nie moge wyczyscic folderow w sposob jak podales w linku, bo rowniez komp sie zawiesza bez mozliwosci zrobienia czegokolwiek.

Gość
komentarz
komentarz

Uruchom OTL i kliknij Sprzątanie. Zrob to w trybie awaryjnym.
Zmieniłeś nazwy plików video?

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.