x-kom hosting

Problem z odświeżaniem pulpitu i widoku folderów

Dzani1125
utworzono
utworzono

Witam wszystkich, mam pewien problem. Na pulpicie mam ustawione foldery po swojemu, natomiast gdy wcisne PPM i klikne odśwież wszystkie foldery, pliki zmieniają swoją pozycje, też mam tak jak uruchomie komputer, co mam zrobić żeby ikony nie pzeskakiwały gdy nacisne odśwież natomiast drugi problem polega : jak wchodze w mój komputer w dysk np E i mam zaznaczoną opcje "Widoki", "ikony" następnie z niej wychodze i wchodze ponownie to po chwili samoczynnie zmienia się na inny widok tak samo mam z odświeżaniem gdy odświeże rozstawione ikony foldery po mojemu automatycznie przeskakują na lewą strone. Proszę bardzo o pomoc. :(

Gość
komentarz
komentarz

PPM na Pulpit > Rozmieść ikony według > Wyrównaj do siatki

odznacz Autorozmieszczanie

Dzani1125
komentarz
komentarz

Już to robiłem i nic to nie dało

Gość
komentarz
komentarz

Co to za system? Jaka architektura 32bit czy 64?

Sprawdź na nowym profilu (nowe konto)

Dzani1125
komentarz
komentarz

System to Microsoft Windows XP Professional Wersja 2002 dodatek Service Pack 3 jak nowe konto nie rozumiem ?

Gość
komentarz
komentarz

[quote]jak nowe konto nie rozumiem ? [/quote]

A co tu jest do rozumienia. Założ nowe konto na prawach admina i sprawdź. Moze profil jest uszkodzony.
A swoja drogą, nie wykluczam infekcji rootkitem.

Daj logi z [b]OTL i Gmera[/b]. Bedzie jakis podglad systuacji.
http://www.forumpc.pl/index.php?showtopic=116175

http://www.forumpc.pl/index.php?showtopic=104338

Dzani1125
komentarz
komentarz (edytowane)

Tutaj z OTL:

[spoiler]3,50 Gb Total Physical Memory | 2,89 Gb Available Physical Memory | 82,49% Memory free
5,34 Gb Paging File | 4,64 Gb Available in Paging File | 86,94% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 390,63 Gb Total Space | 310,29 Gb Free Space | 79,43% Space Free | Partition Type: NTFS
Drive E: | 540,88 Gb Total Space | 298,03 Gb Free Space | 55,10% Space Free | Partition Type: NTFS
Drive G: | 660,36 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: KUCHARSKI | User Name: DZIECIAKI_PSUJE | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2012-06-01 14:11:01 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\DZIECIAKI_PSUJE\Pulpit\Zając\OTL.exe
PRC - [2012-06-01 14:07:55 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\DZIECIAKI_PSUJE\Pulpit\uvireufb.exe
PRC - [2012-05-11 21:18:36 | 000,949,104 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2012-04-04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012-03-07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012-03-07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011-10-08 06:50:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011-04-08 18:23:44 | 002,240,512 | ---- | M] () -- C:\Program Files\Vtune\TBPANEL.exe
PRC - [2009-12-23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2009-10-15 14:11:48 | 000,223,464 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe
PRC - [2009-10-15 14:11:44 | 000,375,000 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe
PRC - [2008-12-04 09:38:50 | 000,430,080 | ---- | M] () -- C:\Program Files\Icon7\iConfig\capturesound.exe
PRC - [2004-08-04 00:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2012-06-01 14:07:55 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\DZIECIAKI_PSUJE\Pulpit\uvireufb.exe
MOD - [2012-05-31 20:10:11 | 001,764,352 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12053101\algo.dll
MOD - [2011-10-08 06:50:00 | 001,564,264 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nView\nView.dll
MOD - [2011-10-08 06:50:00 | 000,355,432 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nView\nvShell.dll
MOD - [2011-04-08 18:23:44 | 002,240,512 | ---- | M] () -- C:\Program Files\Vtune\TBPANEL.exe
MOD - [2010-07-04 23:32:38 | 000,010,752 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerCOM.dll
MOD - [2009-10-28 05:40:14 | 003,885,984 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2009-08-21 14:45:30 | 000,503,202 | ---- | M] () -- C:\Program Files\DeviceVM\Browser Configuration Utility\sqlite3.dll
MOD - [2008-12-04 09:38:50 | 000,430,080 | ---- | M] () -- C:\Program Files\Icon7\iConfig\capturesound.exe
MOD - [2007-01-31 11:33:24 | 000,032,768 | ---- | M] () -- C:\Program Files\Vtune\TBPanelExt.dll
MOD - [2002-04-18 19:16:38 | 000,094,636 | ---- | M] () -- C:\WINDOWS\dropcpyr.dll
MOD - [1998-10-31 04:55:56 | 000,005,120 | ---- | M] () -- C:\Program Files\Vtune\TBMANAGE.DLL


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2012-05-03 08:31:10 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-04-21 03:16:42 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-04-04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012-03-07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011-12-30 14:36:17 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) [Disabled | Stopped] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2011-10-08 06:50:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011-06-13 22:09:22 | 000,267,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)
SRV - [2009-12-23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009-10-15 14:11:48 | 000,223,464 | ---- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe -- (BCUService)
SRV - [2008-07-29 20:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2004-08-04 00:44:28 | 000,075,264 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\tlntsvr.exe -- (TlntSvr)
SRV - [2004-08-04 00:44:26 | 000,114,688 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDEdsdm)
SRV - [2004-08-04 00:44:26 | 000,114,688 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDE)
SRV - [2004-08-04 00:44:18 | 000,033,280 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\clipsrv.exe -- (ClipSrv)
SRV - [2004-08-04 00:44:06 | 000,033,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\msgsvc.dll -- (Messenger)
SRV - [2004-08-04 00:43:54 | 000,017,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter)
SRV - [2001-10-26 19:29:36 | 000,049,152 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\mprdim.dll -- (RemoteAccess)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\DOCUME~1\DZIECI~1\USTAWI~1\Temp\uxroqpow.sys -- (uxroqpow)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\CDriver.sys -- (MSICDSetup)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (ag8k2j22)
DRV - [2012-06-01 11:29:55 | 000,139,448 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PnkBstrK.sys -- (PnkBstrK)
DRV - [2012-04-21 14:47:05 | 000,477,240 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2012-04-19 05:57:38 | 000,113,072 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2012-04-04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012-03-07 01:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012-03-07 01:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012-03-07 01:02:00 | 000,035,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012-03-07 01:01:53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012-03-07 01:01:39 | 000,095,704 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012-03-07 01:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012-03-07 00:58:29 | 000,024,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011-07-08 01:21:30 | 000,119,656 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvhda32.sys -- (NVHDA)
DRV - [2011-03-18 18:08:54 | 000,025,240 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2010-08-04 15:16:54 | 002,127,728 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2010-07-04 21:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2010-01-29 11:40:04 | 000,082,320 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files\UltraISO\drivers\ISODrive.sys -- (ISODrive)
DRV - [2009-11-30 08:31:42 | 000,050,176 | R--- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1c51x86.sys -- (L1c)
DRV - [2008-12-26 12:56:04 | 000,017,792 | ---- | M] (Avnex) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vcsvad.sys -- (VCSVADHWSer) Avnex Virtual Audio Device (WDM)
DRV - [2008-08-27 18:10:36 | 000,031,360 | ---- | M] (Dritek System Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HMuFtI7S300.sys -- (HMuFtI7S300) Dritek HID Mouse Filter for Icon7 S300 (Windows XP)
DRV - [2007-05-02 12:11:18 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2007-05-02 12:11:18 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2007-05-02 12:11:16 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM)
DRV - [2007-03-16 10:11:38 | 000,012,256 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\TBPanel.sys -- (TBPanel)
DRV - [2007-03-16 10:11:38 | 000,012,256 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\TBPanel.sys -- (Cardex)
DRV - [2007-01-29 07:40:22 | 000,449,408 | ---- | M] (MSI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MSILiveVirtualCamera.sys -- (MSILiveVirtualCamera)
DRV - [2006-11-04 06:45:48 | 000,178,913 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\V0260Vid.sys -- (V0260VID)
DRV - [2006-07-24 17:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2004-08-04 00:38:14 | 000,800,000 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot)
DRV - [2004-08-04 00:34:16 | 000,120,064 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\pcmcia.sys -- (Pcmcia)
DRV - [2004-08-03 23:14:18 | 000,143,360 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\fastfat.sys -- (Fastfat)
DRV - [2004-08-03 23:00:32 | 000,066,176 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\udfs.sys -- (Udfs)
DRV - [2001-10-26 18:46:18 | 000,012,032 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\acpiec.sys -- (ACPIEC)
DRV - [2001-10-26 16:50:46 | 000,097,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2001-08-17 23:52:06 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\cbidf2k.sys -- (cbidf2k)
DRV - [1996-04-03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL Inc.)
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}"]http://search.live.c...ferrer:source?}[/url]
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = [url="http://search.sweetim.com/search.asp?src=6&q={searchTerms}&barid={6A21868D-685C-11E1-A67C-D98804255F2A}"]http://search.sweeti...C-D98804255F2A}[/url]
IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = [url="http://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20111026121105062&tb_oid=26-10-2011&tb_mrud=26-10-2011"]http://slirsredirect...mrud=26-10-2011[/url]


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-854245398-73586283-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKU\S-1-5-21-854245398-73586283-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-854245398-73586283-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.google.pl/"]http://www.google.pl/[/url]
IE - HKU\S-1-5-21-854245398-73586283-839522115-1003\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL Inc.)
IE - HKU\S-1-5-21-854245398-73586283-839522115-1003\..\URLSearchHook: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\prxtbMyA0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-854245398-73586283-839522115-1003\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.)
IE - HKU\S-1-5-21-854245398-73586283-839522115-1003\..\URLSearchHook: {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\prxtbfre0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-854245398-73586283-839522115-1003\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKU\S-1-5-21-854245398-73586283-839522115-1003\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKU\S-1-5-21-854245398-73586283-839522115-1003\..\SearchScopes\{0067A287-7007-46F8-B742-22D129DACD96}: "URL" = [url="http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC"]http://search.live.c...Box&Form=IE8SRC[/url]
IE - HKU\S-1-5-21-854245398-73586283-839522115-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC"]http://search.live.c...Box&Form=IE8SRC[/url]
IE - HKU\S-1-5-21-854245398-73586283-839522115-1003\..\SearchScopes\{0D4B5C97-7CC1-475D-9428-D2B0B1BF3830}: "URL" = [url="http://searchya.com/?chnl=dcom-100&s=1&cr=1582775790&cd=2XzutAtN2Y1L1QzutN0D0TzutBtDtCtBtDtAtCtD&q={searchTerms}"]http://searchya.com/...q={searchTerms}[/url]
IE - HKU\S-1-5-21-854245398-73586283-839522115-1003\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = [url="http://search.babylon.com/?q={searchTerms}&AF=108758&babsrc=SP_ss&mntrId=886cf86a0000000000008c89a5334d80"]http://search.babylo...0008c89a5334d80[/url]
IE - HKU\S-1-5-21-854245398-73586283-839522115-1003\..\SearchScopes\{6C48E2D7-D2F6-4e18-A034-01D66505089B}: "URL" = [url="http://www.google.com/cse?cx=partner-pub-3794288947762788%3A4067623346&ie=UTF-8&q={searchTerms}&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A4067623346"]http://www.google.co...88%3A4067623346[/url]
IE - HKU\S-1-5-21-854245398-73586283-839522115-1003\..\SearchScopes\{8F476EC3-0DFA-4E4B-8113-E8B1DD69A28D}: "URL" = [url="http://szukaj.gazeta.pl/portalSearch.do?s.si(navigation"]http://szukaj.gazeta...s.si(navigation[/url]).navigationEnabled=true&s.sm.query={searchTerms}
IE - HKU\S-1-5-21-854245398-73586283-839522115-1003\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = [url="http://isearch.avg.com/search?cid={2EC36FC7-5D0D-49B0-81FA-C1F000820D92}&mid=f195a7ec924d47d09aaa48a727736dab-175559af91860ddca380d0dee874d1a193ca3982&lang=pl&ds=st011&pr=sa&d=2012-05-12"]http://isearch.avg.c...sa&d=2012-05-12[/url] 15:30:55&v=11.0.0.9&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-854245398-73586283-839522115-1003\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = [url="http://www.daemon-search.com/search?q={searchTerms}"]http://www.daemon-se...q={searchTerms}[/url]
IE - HKU\S-1-5-21-854245398-73586283-839522115-1003\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = [url="http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2475029"]http://search.condui...&ctid=CT2475029[/url]
IE - HKU\S-1-5-21-854245398-73586283-839522115-1003\..\SearchScopes\{C025FA1A-1A80-4469-AEA9-038F031B26CA}: "URL" = [url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"]http://www.bing.com/...Box&FORM=IE8SRC[/url]
IE - HKU\S-1-5-21-854245398-73586283-839522115-1003\..\SearchScopes\{CEC0A81D-FE91-4b53-9551-DDE46828011C}: "URL" = [url="http://www.bing.com/search?q={searchTerms}&form=SPLBR2&pc=SPLH"]http://www.bing.com/...=SPLBR2&pc=SPLH[/url]
IE - HKU\S-1-5-21-854245398-73586283-839522115-1003\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = [url="http://search.sweetim.com/search.asp?src=6&q={searchTerms}&barid={6A21868D-685C-11E1-A67C-D98804255F2A}"]http://search.sweeti...C-D98804255F2A}[/url]
IE - HKU\S-1-5-21-854245398-73586283-839522115-1003\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = [url="http://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20111026121105062&tb_oid=26-10-2011&tb_mrud=26-10-2011"]http://slirsredirect...mrud=26-10-2011[/url]
IE - HKU\S-1-5-21-854245398-73586283-839522115-1003\..\SearchScopes\{F9B9E14A-40BE-4e88-B1E5-A80784620C5C}: "URL" = [url="http://search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=STDVM"]http://search.yahoo....cevm&type=STDVM[/url]
IE - HKU\S-1-5-21-854245398-73586283-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-854245398-73586283-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>


[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://searchya.com"
FF - prefs.js..keyword.URL: "http://isearch.avg.com/search?cid=%7B6871ee60-768b-4662-a987-6f8e04af184c%7D&mid=f195a7ec924d47d09aaa48a727736dab-175559af91860ddca380d0dee874d1a193ca3982&ds=st011&v=11.0.0.9&lang=pl&pr=sa&d=2012-05-12%2015%3A30%3A55&sap=ku&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "Google"


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: E:\Programy\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: E:\Programy\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@vividas.com/npVividasPlayer: C:\Program Files\Vividas\Player\npVividasPlayer.dll ( )

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-05-31 15:10:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-05-12 15:40:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2011-12-22 14:09:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\DZIECIAKI_PSUJE\Dane aplikacji\Mozilla\Extensions
[2012-05-21 17:59:51 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\DZIECIAKI_PSUJE\Dane aplikacji\Mozilla\Firefox\Profiles\ozcoy75u.default\extensions
[2012-05-21 17:59:51 | 000,000,000 | ---D | M] (MyAshampoo Community Toolbar) -- C:\Documents and Settings\DZIECIAKI_PSUJE\Dane aplikacji\Mozilla\Firefox\Profiles\ozcoy75u.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
[2012-04-29 23:06:41 | 000,000,000 | ---D | M] (free-downloads.net Community Toolbar) -- C:\Documents and Settings\DZIECIAKI_PSUJE\Dane aplikacji\Mozilla\Firefox\Profiles\ozcoy75u.default\extensions\{ecdee021-0d17-467f-a1ff-c7a115230949}
[2012-03-22 22:20:51 | 000,000,000 | ---D | M] ("DAEMON Tools Toolbar") -- C:\Documents and Settings\DZIECIAKI_PSUJE\Dane aplikacji\Mozilla\Firefox\Profiles\ozcoy75u.default\extensions\DTToolbar@toolbarnet.com
[2012-05-13 08:20:49 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\DZIECIAKI_PSUJE\Dane aplikacji\Mozilla\Firefox\Profiles\ozcoy75u.default\extensions\engine@conduit.com
[2012-03-11 01:54:42 | 000,000,000 | ---D | M] (searchya.com) -- C:\Documents and Settings\DZIECIAKI_PSUJE\Dane aplikacji\Mozilla\Firefox\Profiles\ozcoy75u.default\extensions\ffxtlbr@searchya.com
[2012-05-12 15:40:55 | 000,003,849 | ---- | M] () -- C:\Documents and Settings\DZIECIAKI_PSUJE\Dane aplikacji\Mozilla\Firefox\Profiles\ozcoy75u.default\searchplugins\avg-secure-search.xml
[2012-03-11 00:48:58 | 000,001,465 | ---- | M] () -- C:\Documents and Settings\DZIECIAKI_PSUJE\Dane aplikacji\Mozilla\Firefox\Profiles\ozcoy75u.default\searchplugins\searchya.xml
[2012-03-07 15:50:12 | 000,003,974 | ---- | M] () -- C:\Documents and Settings\DZIECIAKI_PSUJE\Dane aplikacji\Mozilla\Firefox\Profiles\ozcoy75u.default\searchplugins\sweetim.xml
[2012-05-12 15:40:37 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-05-20 22:40:16 | 000,550,833 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\DZIECIAKI_PSUJE\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\OZCOY75U.DEFAULT\EXTENSIONS\DIVXWEBPLAYER@DIVX.COM.XPI
[2012-04-21 03:18:00 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012-04-21 04:18:44 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2012-04-21 04:18:44 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2012-04-21 04:18:44 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2012-04-21 04:18:44 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2012-04-21 04:18:44 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-04-21 04:18:44 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2001-10-26 17:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Documents and Settings\DZIECIAKI_PSUJE\Dane aplikacji\Complitly\Complitly.dll (SimplyGen)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (MyAshampoo Toolbar) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\prxtbMyA0.dll (Conduit Ltd.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\Programy\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (no name) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - No CLSID value found.
O2 - BHO: (free-downloads.net Toolbar) - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\prxtbfre0.dll (Conduit Ltd.)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found.
O3 - HKLM\..\Toolbar: (MyAshampoo Toolbar) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\prxtbMyA0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL Inc.)
O3 - HKLM\..\Toolbar: (free-downloads.net Toolbar) - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\prxtbfre0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKU\S-1-5-21-854245398-73586283-839522115-1003\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-854245398-73586283-839522115-1003\..\Toolbar\WebBrowser: (MyAshampoo Toolbar) - {A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - C:\Program Files\MyAshampoo\prxtbMyA0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-854245398-73586283-839522115-1003\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL Inc.)
O3 - HKU\S-1-5-21-854245398-73586283-839522115-1003\..\Toolbar\WebBrowser: (free-downloads.net Toolbar) - {ECDEE021-0D17-467F-A1FF-C7A115230949} - C:\Program Files\free-downloads.net\prxtbfre0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-854245398-73586283-839522115-1003\..\Toolbar\WebBrowser: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BCU] C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.)
O4 - HKLM..\Run: [CaptureSound] C:\Program Files\Icon7\iConfig\capturesound.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [Resume copy] C:\WINDOWS\COPYFSTQ.EXE ()
O4 - HKU\S-1-5-21-854245398-73586283-839522115-1003..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)
O4 - HKU\S-1-5-21-854245398-73586283-839522115-1003..\Run: [TBPanel] C:\Program Files\Vtune\TBPanel.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-854245398-73586283-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-854245398-73586283-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - E:\Programy\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Search the Web - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\MenuExt.html ()
O8 - Extra context menu item: Wyślij &do programu OneNote - E:\Programy\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Programy\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Programy\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Programy\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Programy\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - mswsock.dll File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_30)
O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} [url="https://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.66.2.cab"]https://battlefield....er_1.0.66.2.cab[/url] (Battlefield Play4Free Updater)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_30)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [url="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab"]http://download.macr...ash/swflash.cab[/url] (Shockwave Flash Object)
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} [url="http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.5.1.0.cab"]http://content.syste...yri_4.5.1.0.cab[/url] (SysInfo Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AE34ABA8-AC2F-4BFB-8E20-AE3701260DF0}: DhcpNameServer = 192.168.1.1 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\DZIECIAKI_PSUJE\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\DZIECIAKI_PSUJE\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011-10-09 00:48:21 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - Services: "CyberLink PowerDVD 11.0 Service"
MsConfig - Services: "CyberLink PowerDVD 11.0 Monitor Service"
MsConfig - Services: "CLHNServiceForPowerDVD"
MsConfig - Services: "Steam Client Service"
MsConfig - Services: "JavaQuickStarterService"
MsConfig - Services: "PnkBstrA"
MsConfig - StartUpReg: [b]ALLUpdate[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]HDAudDeck[/b] - hkey= - key= - C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe (VIA Technologies, Inc.)
MsConfig - StartUpReg: [b]iConfig[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]NBJ[/b] - hkey= - key= - C:\Program Files\Ahead\Nero BackItUp\NBJ.exe (Ahead Software AG)
MsConfig - StartUpReg: [b]NeroFilterCheck[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]NvCplDaemon[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]RemoteControl11[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]S300[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]Steam[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]SunJavaUpdateSched[/b] - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 2
MsConfig - State: "startup" - 2

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2012-05-31 17:01:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes' Anti-Malware
[2012-05-31 17:01:52 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012-05-31 15:17:01 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\DZIECIAKI_PSUJE\Recent
[2012-05-31 15:16:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\avast! Free Antivirus
[2012-05-30 14:47:15 | 000,337,880 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012-05-30 14:47:15 | 000,020,696 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012-05-30 14:47:13 | 000,612,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012-05-30 14:47:13 | 000,095,704 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012-05-30 14:47:13 | 000,089,048 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012-05-30 14:47:13 | 000,053,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012-05-30 14:47:13 | 000,035,672 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012-05-30 14:47:13 | 000,024,920 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012-05-30 14:46:56 | 000,041,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2012-05-30 14:46:55 | 000,201,352 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2012-05-29 22:52:56 | 000,000,000 | ---D | C] -- C:\Program Files\Skype Password
[2012-05-29 22:52:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DZIECIAKI_PSUJE\Menu Start\Programy\Skype Password
[2012-05-29 22:52:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Ashampoo
[2012-05-29 22:52:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DZIECIAKI_PSUJE\Menu Start\Programy\San Andreas Multiplayer
[2012-05-29 22:52:55 | 000,000,000 | ---D | C] -- C:\Program Files\Ashampoo
[2012-05-29 22:52:54 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2012-05-29 22:06:29 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012-05-28 11:19:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Onet.pl
[2012-05-28 11:19:44 | 000,000,000 | ---D | C] -- C:\Program Files\Onet
[2012-05-28 11:19:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DZIECIAKI_PSUJE\Dane aplikacji\Kamerzysta
[2012-05-19 18:54:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DZIECIAKI_PSUJE\Moje dokumenty\GTA Vice City User Files
[2012-05-15 17:21:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DZIECIAKI_PSUJE\Dane aplikacji\PriceGong
[2012-05-14 21:38:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DZIECIAKI_PSUJE\Ustawienia lokalne\Dane aplikacji\NFS Underground 2
[2012-05-14 21:38:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DirectX
[2012-05-13 21:26:43 | 000,000,000 | -HSD | C] -- C:\Boot
[2012-05-13 11:51:38 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012-05-13 10:11:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\DZIECIAKI_PSUJE\Pulpit\Do Windowsa 7
[2012-05-13 08:20:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DZIECIAKI_PSUJE\Dane aplikacji\Ashampoo
[2012-05-13 08:20:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DZIECIAKI_PSUJE\Ustawienia lokalne\Dane aplikacji\MyAshampoo
[2012-05-13 08:20:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DZIECIAKI_PSUJE\Ustawienia lokalne\Dane aplikacji\Temp
[2012-05-13 08:20:51 | 000,000,000 | ---D | C] -- C:\Program Files\MyAshampoo
[2012-05-13 08:20:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DZIECIAKI_PSUJE\Ustawienia lokalne\Dane aplikacji\ashampoo
[2012-05-13 08:20:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ashampoo
[2012-05-13 07:36:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DZIECIAKI_PSUJE\Dane aplikacji\PowerISO
[2012-05-12 15:40:38 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012-05-12 15:40:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Mozilla
[2012-05-12 15:40:34 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012-05-12 15:34:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\ImgBurn
[2012-05-12 15:31:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\PowerISO
[2012-05-12 15:30:28 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files
[2012-05-08 17:45:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DZIECIAKI_PSUJE\Ustawienia lokalne\Dane aplikacji\MotionDSP
[2012-05-08 17:45:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\MotionDSP
[2012-05-07 15:45:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data
[2012-05-07 15:43:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Codemasters
[2012-05-06 18:51:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Hi-Rez Studios
[2012-05-06 10:54:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\MATS
[2012-05-06 10:54:56 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Fix it Center
[2012-05-06 10:53:31 | 000,014,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2012-05-06 10:53:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\windowspowershell
[2012-05-05 21:20:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Picasa 3
[2012-05-05 19:27:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DZIECIAKI_PSUJE\Ustawienia lokalne\Dane aplikacji\cFos
[2012-05-05 19:27:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\cFos
[2012-05-03 00:16:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DZIECIAKI_PSUJE\Moje dokumenty\FIFA 08
[2012-05-02 02:46:28 | 004,472,832 | ---- | C] (Google Inc.) -- C:\WINDOWS\System32\GPhotos.scr
[2012-05-01 07:26:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DZIECIAKI_PSUJE\Moje dokumenty\KONAMI
[2012-05-01 07:24:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\KONAMI
[2012-05-01 07:16:28 | 000,000,000 | ---D | C] -- C:\Program Files\KONAMI
[2012-05-01 07:16:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\KONAMI
[2012-05-01 06:59:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\UltraISO
[2012-05-01 06:59:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\EZB Systems
[2012-05-01 06:59:54 | 000,000,000 | ---D | C] -- C:\Program Files\UltraISO
[2012-04-29 16:29:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DZIECIAKI_PSUJE\Menu Start\Programy\Counter-Strike 1.6
[2012-04-24 19:56:08 | 000,000,000 | R--D | C] -- C:\Documents and Settings\DZIECIAKI_PSUJE\Pulpit\Nowe
[2012-04-19 19:55:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DZIECIAKI_PSUJE\Dane aplikacji\TS3Client
[2012-04-19 19:54:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\TeamSpeak 3 Client
[2012-04-19 19:54:39 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client
[2012-04-19 19:20:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DZIECIAKI_PSUJE\Dane aplikacji\Avnex
[2012-04-19 19:19:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DZIECIAKI_PSUJE\Application Data
[2012-04-19 19:19:11 | 000,017,792 | ---- | C] (Avnex) -- C:\WINDOWS\System32\drivers\vcsvad.sys
[2012-04-19 05:57:38 | 000,113,072 | ---- | C] (Power Software Ltd) -- C:\WINDOWS\System32\drivers\scdemu.sys
[2012-04-14 22:25:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012-04-14 22:25:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Skype
[2012-04-09 21:17:02 | 000,032,874 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\V0260Cfg.exe
[2012-04-09 21:17:02 | 000,020,564 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\V0260Srv.exe
[2012-04-09 21:17:02 | 000,020,480 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\V0260Ext.crl
[2012-04-09 21:17:01 | 000,178,913 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\V0260Vid.sys
[2012-04-09 21:17:01 | 000,094,208 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\V0260Ext.ax
[2012-04-09 21:17:01 | 000,036,864 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\V0260Pin.dll
[2012-04-09 21:17:01 | 000,036,864 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\CtCamMgr.dll
[2012-04-09 21:17:01 | 000,028,672 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\V0260Hwx.dll
[2012-04-09 21:17:01 | 000,024,872 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\V0260Cmd.sys
[2012-04-09 21:17:01 | 000,024,576 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\CtCamPin.crl
[2012-04-09 21:17:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\CtDrvInstall
[2012-04-04 19:47:03 | 000,000,000 | ---D | C] -- C:\Program Files\ExpressFiles
[2012-04-04 19:40:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DZIECIAKI_PSUJE\Ustawienia lokalne\Dane aplikacji\Akamai
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2012-06-01 14:07:55 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\DZIECIAKI_PSUJE\Pulpit\uvireufb.exe
[2012-06-01 11:29:55 | 000,139,448 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2012-06-01 11:29:47 | 000,282,472 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2012-06-01 11:20:17 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\DZIECIAKI_PSUJE\Pulpit\Skype.lnk
[2012-06-01 11:11:03 | 000,527,712 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2012-06-01 11:11:03 | 000,465,916 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012-06-01 11:11:03 | 000,102,268 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2012-06-01 11:11:03 | 000,080,748 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012-06-01 11:06:49 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\Express Files Updater.job
[2012-06-01 11:06:40 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012-06-01 11:06:39 | 3757,232,128 | -HS- | M] () -- C:\hiberfil.sys
[2012-05-31 20:26:16 | 000,282,296 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.ex0
[2012-05-31 17:13:07 | 000,298,048 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-05-31 17:01:55 | 000,000,808 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes Anti-Malware.lnk
[2012-05-31 15:14:13 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012-05-31 15:03:01 | 000,072,748 | ---- | M] (Jordan Russell) -- C:\WINDOWS\unins000.exe
[2012-05-31 15:03:01 | 000,000,668 | ---- | M] () -- C:\WINDOWS\unins000.dat
[2012-05-30 14:47:13 | 000,002,657 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012-05-28 17:44:30 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\DZIECIAKI_PSUJE\Moje dokumenty\ts3_clientui-win32-1329301801-2012-05-28 17_44_30.109375.dmp
[2012-05-24 18:15:23 | 000,286,180 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2012-05-24 18:15:23 | 000,286,180 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2012-05-24 18:15:23 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
[2012-05-21 16:53:21 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012-05-18 17:13:06 | 000,000,151 | ---- | M] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2012-05-18 17:13:04 | 000,591,938 | ---- | M] () -- C:\Documents and Settings\DZIECIAKI_PSUJE\Moje dokumenty\qt_temp.Vf3828.png
[2012-05-18 17:10:02 | 001,042,533 | ---- | M] () -- C:\Documents and Settings\DZIECIAKI_PSUJE\Moje dokumenty\qt_temp.GY3828.png
[2012-05-13 21:26:46 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2012-05-13 21:26:44 | 000,000,355 | RHS- | M] () -- C:\boot.ini
[2012-05-13 13:54:05 | 000,399,616 | RHS- | M] () -- C:\HVNTU
[2012-05-12 16:06:23 | 000,049,664 | ---- | M] () -- C:\Documents and Settings\DZIECIAKI_PSUJE\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-05-12 15:40:39 | 000,000,736 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk
[2012-05-08 17:45:53 | 000,001,751 | -H-- | M] () -- C:\Documents and Settings\DZIECIAKI_PSUJE\Pulpit\vReveal.settings.xml
[2012-05-02 02:46:28 | 004,472,832 | ---- | M] (Google Inc.) -- C:\WINDOWS\System32\GPhotos.scr
[2012-04-19 05:57:38 | 000,113,072 | ---- | M] (Power Software Ltd) -- C:\WINDOWS\System32\drivers\scdemu.sys
[2012-04-10 20:17:43 | 000,000,590 | ---- | M] () -- C:\Documents and Settings\DZIECIAKI_PSUJE\Pulpit\Opera.lnk
[2012-04-04 23:31:44 | 000,138,056 | ---- | M] () -- C:\Documents and Settings\DZIECIAKI_PSUJE\Dane aplikacji\PnkBstrK.sys
[2012-04-04 23:31:17 | 002,434,856 | ---- | M] () -- C:\WINDOWS\System32\pbsvc_bc2.exe
[2012-04-04 23:09:58 | 000,000,211 | -H-- | M] () -- C:\Boot.BAK
[2012-04-04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-06-01 14:07:55 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\DZIECIAKI_PSUJE\Pulpit\uvireufb.exe
[2012-05-31 17:01:55 | 000,000,808 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes Anti-Malware.lnk
[2012-05-31 15:03:01 | 000,000,668 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2012-05-29 17:18:17 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Reader 9.lnk
[2012-05-28 17:44:30 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\DZIECIAKI_PSUJE\Moje dokumenty\ts3_clientui-win32-1329301801-2012-05-28 17_44_30.109375.dmp
[2012-05-18 17:12:46 | 000,591,938 | ---- | C] () -- C:\Documents and Settings\DZIECIAKI_PSUJE\Moje dokumenty\qt_temp.Vf3828.png
[2012-05-18 17:09:40 | 001,042,533 | ---- | C] () -- C:\Documents and Settings\DZIECIAKI_PSUJE\Moje dokumenty\qt_temp.GY3828.png
[2012-05-13 21:26:46 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2012-05-13 21:26:44 | 000,383,786 | RHS- | C] () -- C:\bootmgr
[2012-05-13 21:26:44 | 000,000,211 | -H-- | C] () -- C:\Boot.BAK
[2012-05-13 13:54:05 | 000,399,616 | RHS- | C] () -- C:\HVNTU
[2012-05-12 15:40:39 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Mozilla Firefox.lnk
[2012-05-12 15:40:39 | 000,000,736 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk
[2012-05-08 17:45:53 | 000,001,751 | -H-- | C] () -- C:\Documents and Settings\DZIECIAKI_PSUJE\Pulpit\vReveal.settings.xml
[2012-04-14 22:25:30 | 000,002,267 | ---- | C] () -- C:\Documents and Settings\DZIECIAKI_PSUJE\Pulpit\Skype.lnk
[2012-04-10 20:17:43 | 000,000,590 | ---- | C] () -- C:\Documents and Settings\DZIECIAKI_PSUJE\Pulpit\Opera.lnk
[2012-04-09 21:17:02 | 000,004,352 | ---- | C] () -- C:\WINDOWS\VF0260.uns
[2012-04-09 21:17:01 | 000,197,522 | ---- | C] () -- C:\WINDOWS\System32\V0260530.set
[2012-04-04 19:47:09 | 000,000,290 | ---- | C] () -- C:\WINDOWS\tasks\Express Files Updater.job
[2012-04-03 19:37:37 | 002,434,856 | ---- | C] () -- C:\WINDOWS\System32\pbsvc_bc2.exe
[2012-03-10 15:41:13 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2012-03-06 20:59:27 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2012-02-05 20:37:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\setup.INI
[2012-02-03 16:47:50 | 000,138,056 | ---- | C] () -- C:\Documents and Settings\DZIECIAKI_PSUJE\Dane aplikacji\PnkBstrK.sys
[2012-02-03 16:47:22 | 000,840,264 | ---- | C] () -- C:\WINDOWS\System32\pbsvc.exe
[2012-02-02 12:53:10 | 000,000,575 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2012-01-02 15:13:01 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\LauncherAccess.dt
[2011-12-21 22:37:25 | 002,130,002 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2011-11-07 23:38:25 | 000,795,360 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2011-11-03 17:47:45 | 000,000,075 | ---- | C] () -- C:\WINDOWS\System32\nvUnsupRes.dat
[2011-10-26 19:17:14 | 000,258,048 | ---- | C] () -- C:\WINDOWS\System32\libFLAC.dll
[2011-10-23 21:16:25 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2011-10-23 21:16:23 | 000,049,664 | ---- | C] () -- C:\Documents and Settings\DZIECIAKI_PSUJE\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-10-11 14:01:13 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\iFT33C2.dll
[2011-10-11 14:01:13 | 000,026,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\Mac606.sys
[2011-10-11 14:01:12 | 000,064,048 | ---- | C] () -- C:\WINDOWS\System32\Hidhlp.dll
[2011-10-10 15:01:31 | 000,076,888 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2011-10-10 15:01:30 | 000,139,448 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2011-10-10 15:01:25 | 000,282,472 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2011-10-10 02:40:13 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011-10-10 02:39:10 | 000,298,048 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011-10-09 19:38:02 | 000,254,000 | R--- | C] ( ) -- C:\WINDOWS\System32\Audio3D.dll
[2011-10-09 19:38:02 | 000,254,000 | R--- | C] ( ) -- C:\WINDOWS\System32\A3D.dll
[2011-10-09 19:17:58 | 000,286,180 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011-10-09 19:17:58 | 000,286,180 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011-10-09 19:17:58 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2011-10-09 19:17:37 | 002,116,894 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2011-10-09 19:05:11 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2011-10-09 19:01:33 | 000,217,088 | ---- | C] () -- C:\WINDOWS\NVGfxOgl.dll
[2011-10-09 00:50:27 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011-10-09 00:45:30 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2011-10-09 00:48:21 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2012-04-04 23:09:58 | 000,000,211 | -H-- | M] () -- C:\Boot.BAK
[2012-05-13 21:26:44 | 000,000,355 | RHS- | M] () -- C:\boot.ini
[2001-07-22 00:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2010-11-20 14:40:07 | 000,383,786 | RHS- | M] () -- C:\bootmgr
[2012-05-13 21:26:46 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2011-10-09 00:48:21 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2012-06-01 11:06:39 | 3757,232,128 | -HS- | M] () -- C:\hiberfil.sys
[2012-05-13 13:54:05 | 000,399,616 | RHS- | M] () -- C:\HVNTU
[2011-10-09 00:48:21 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2011-10-09 00:48:21 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004-08-03 22:38:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2004-08-03 22:59:54 | 000,250,624 | RHS- | M] () -- C:\ntldr
[2012-06-01 11:06:33 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[2012-05-29 21:40:32 | 000,080,530 | ---- | M] () -- C:\TDSSKiller.2.7.38.0_29.05.2012_21.34.45_log.txt
[2012-03-11 00:49:07 | 000,000,295 | ---- | M] () -- C:\user.js

[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys
[2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2001-08-17 23:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2001-08-17 23:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2011-02-08 03:16:22 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\system32\dllcache\cdrom.sys
[2011-02-08 03:16:22 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004-08-03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtUninstallKB952011$\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2004-08-04 00:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2004-08-04 00:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2004-08-03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys
[2004-08-03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\winlogon.exe
[2012-04-04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 938 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\Temp:24721E3C

< End of report >[/spoiler]

Gość
komentarz
komentarz

Prosze mi przedstawic log z Kasperskieo.

[code]C:\TDSSKiller.2.7.38.0_29.05.2012_21.34.45_log.txt[/code]

Dzani1125
komentarz
komentarz

Prosze:

21:34:45.0843 3832 TDSS rootkit removing tool 2.7.38.0 May 25 2012 17:35:31
21:34:45.0968 3832 ============================================================
21:34:45.0968 3832 Current date / time: 2012/05/29 21:34:45.0968
21:34:45.0968 3832 SystemInfo:
21:34:45.0968 3832
21:34:45.0968 3832 OS Version: 5.1.2600 ServicePack: 3.0
21:34:45.0968 3832 Product type: Workstation
21:34:45.0968 3832 ComputerName: KUCHARSKI
21:34:45.0968 3832 UserName: DZIECIAKI_PSUJE
21:34:45.0968 3832 Windows directory: C:\WINDOWS
21:34:45.0968 3832 System windows directory: C:\WINDOWS
21:34:45.0968 3832 Processor architecture: Intel x86
21:34:45.0968 3832 Number of processors: 2
21:34:45.0968 3832 Page size: 0x1000
21:34:45.0968 3832 Boot type: Normal boot
21:34:45.0968 3832 ============================================================
21:34:47.0093 3832 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
21:34:47.0093 3832 ============================================================
21:34:47.0093 3832 \Device\Harddisk0\DR0:
21:34:47.0093 3832 MBR partitions:
21:34:47.0093 3832 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x30D409B2
21:34:47.0109 3832 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x30D40A30, BlocksNum 0x439C10D0
21:34:47.0109 3832 ============================================================
21:34:47.0156 3832 C: <-> \Device\Harddisk0\DR0\Partition0
21:34:47.0265 3832 E: <-> \Device\Harddisk0\DR0\Partition1
21:34:47.0265 3832 ============================================================
21:34:47.0265 3832 Initialize success
21:34:47.0265 3832 ============================================================
21:40:06.0125 1316 ============================================================
21:40:06.0125 1316 Scan started
21:40:06.0125 1316 Mode: Manual;
21:40:06.0125 1316 ============================================================
21:40:07.0890 1316 Aavmker4 (473f97edc5a5312f3665ab2921196c0c) C:\WINDOWS\system32\drivers\Aavmker4.sys
21:40:07.0890 1316 Aavmker4 - ok
21:40:07.0890 1316 Abiosdsk - ok
21:40:07.0890 1316 abp480n5 - ok
21:40:07.0937 1316 ACPI (a966410ecf83b81f3b0b8e07a71957d4) C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:40:07.0937 1316 ACPI - ok
21:40:07.0984 1316 ACPIEC (66a42b7db194e24b973bbcce840a0f3f) C:\WINDOWS\system32\drivers\ACPIEC.sys
21:40:07.0984 1316 ACPIEC - ok
21:40:07.0984 1316 adpu160m - ok
21:40:08.0031 1316 aec (841f385c6cfaf66b58fbd898722bb4f0) C:\WINDOWS\system32\drivers\aec.sys
21:40:08.0031 1316 aec - ok
21:40:08.0078 1316 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
21:40:08.0078 1316 AFD - ok
21:40:08.0078 1316 Aha154x - ok
21:40:08.0093 1316 aic78u2 - ok
21:40:08.0093 1316 aic78xx - ok
21:40:08.0109 1316 Alerter (f79b5c5b0a77a134c5671992335d1409) C:\WINDOWS\system32\alrsvc.dll
21:40:08.0109 1316 Alerter - ok
21:40:08.0125 1316 ALG (9d12991bc6b6c5c0fbab4c06e7073df1) C:\WINDOWS\System32\alg.exe
21:40:08.0125 1316 ALG - ok
21:40:08.0125 1316 AliIde - ok
21:40:08.0140 1316 amsint - ok
21:40:08.0156 1316 AppMgmt (8d60b308d061da209cc271d9b480468c) C:\WINDOWS\System32\appmgmts.dll
21:40:08.0156 1316 AppMgmt - ok
21:40:08.0156 1316 asc - ok
21:40:08.0171 1316 asc3350p - ok
21:40:08.0171 1316 asc3550 - ok
21:40:08.0265 1316 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
21:40:08.0296 1316 aspnet_state - ok
21:40:08.0312 1316 aswFsBlk (0ae43c6c411254049279c2ee55630f95) C:\WINDOWS\system32\drivers\aswFsBlk.sys
21:40:08.0312 1316 aswFsBlk - ok
21:40:08.0359 1316 aswMon2 (8c30b7ddd2f1d8d138ebe40345af2b11) C:\WINDOWS\system32\drivers\aswMon2.sys
21:40:08.0359 1316 aswMon2 - ok
21:40:08.0359 1316 aswRdr (da12626fd9a67f4e917e2f2fbe1e1764) C:\WINDOWS\system32\drivers\aswRdr.sys
21:40:08.0359 1316 aswRdr - ok
21:40:08.0390 1316 aswSnx (dcb199b967375753b5019ec15f008f53) C:\WINDOWS\system32\drivers\aswSnx.sys
21:40:08.0390 1316 aswSnx - ok
21:40:08.0421 1316 aswSP (b32873e5a1443c0a1e322266e203bf10) C:\WINDOWS\system32\drivers\aswSP.sys
21:40:08.0421 1316 aswSP - ok
21:40:08.0421 1316 aswTdi (6ff544175a9180c5d88534d3d9c9a9f7) C:\WINDOWS\system32\drivers\aswTdi.sys
21:40:08.0421 1316 aswTdi - ok
21:40:08.0437 1316 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:40:08.0437 1316 AsyncMac - ok
21:40:08.0453 1316 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
21:40:08.0453 1316 atapi - ok
21:40:08.0453 1316 Atdisk - ok
21:40:08.0453 1316 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:40:08.0453 1316 Atmarpc - ok
21:40:08.0468 1316 AudioSrv (18bff5eba35f2562c5aa03eb9c6ba29e) C:\WINDOWS\System32\audiosrv.dll
21:40:08.0468 1316 AudioSrv - ok
21:40:08.0500 1316 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
21:40:08.0515 1316 audstub - ok
21:40:08.0671 1316 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
21:40:08.0671 1316 avast! Antivirus - ok
21:40:08.0703 1316 b57w2k (76fae47e2e2897159f0df06679673d3c) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
21:40:08.0718 1316 b57w2k - ok
21:40:08.0765 1316 BCUService (2025c7707d8b298e0b3fd4767db72bf1) C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe
21:40:08.0765 1316 BCUService - ok
21:40:08.0796 1316 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
21:40:08.0796 1316 Beep - ok
21:40:08.0843 1316 BITS (a6bfd910074b02c8794fc65f39cc6b28) C:\WINDOWS\system32\qmgr.dll
21:40:08.0953 1316 BITS - ok
21:40:08.0984 1316 Browser (210830d2497fef78694076179af8c795) C:\WINDOWS\System32\browser.dll
21:40:08.0984 1316 Browser - ok
21:40:09.0015 1316 Cardex (04e1c782cf14b7282ebc633b0fd3ed16) C:\WINDOWS\system32\drivers\TBPANEL.SYS
21:40:09.0015 1316 Cardex - ok
21:40:09.0031 1316 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
21:40:09.0031 1316 cbidf2k - ok
21:40:09.0046 1316 CCDECODE (6163ed60b684bab19d3352ab22fc48b2) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
21:40:09.0046 1316 CCDECODE - ok
21:40:09.0046 1316 cd20xrnt - ok
21:40:09.0062 1316 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
21:40:09.0062 1316 Cdaudio - ok
21:40:09.0078 1316 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
21:40:09.0078 1316 Cdfs - ok
21:40:09.0109 1316 Cdrom (7b53584d94e9d8716b2de91d5f1cb42d) C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:40:09.0109 1316 Cdrom - ok
21:40:09.0109 1316 Changer - ok
21:40:09.0125 1316 CiSvc (b4e0a9b9064aa79ae188c0d953543520) C:\WINDOWS\system32\cisvc.exe
21:40:09.0140 1316 CiSvc - ok
21:40:09.0156 1316 ClipSrv (1b11121083c32ea9a55abe547a23ff71) C:\WINDOWS\system32\clipsrv.exe
21:40:09.0156 1316 ClipSrv - ok
21:40:09.0250 1316 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:40:09.0265 1316 clr_optimization_v2.0.50727_32 - ok
21:40:09.0265 1316 CmdIde - ok
21:40:09.0265 1316 COMSysApp - ok
21:40:09.0265 1316 Cpqarray - ok
21:40:09.0296 1316 CryptSvc (91723cd7c96c5854149f9cae820a90dd) C:\WINDOWS\System32\cryptsvc.dll
21:40:09.0296 1316 CryptSvc - ok
21:40:09.0312 1316 dac2w2k - ok
21:40:09.0312 1316 dac960nt - ok
21:40:09.0359 1316 DcomLaunch (a37311d9d628c1042a2836731787f0f3) C:\WINDOWS\system32\rpcss.dll
21:40:09.0359 1316 DcomLaunch - ok
21:40:09.0375 1316 Dhcp (94b49f2d487a7d4a79b3e96b6d5685b0) C:\WINDOWS\System32\dhcpcsvc.dll
21:40:09.0375 1316 Dhcp - ok
21:40:09.0390 1316 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
21:40:09.0390 1316 Disk - ok
21:40:09.0390 1316 dmadmin - ok
21:40:09.0421 1316 dmboot (3b809ffad55dcebdb156d5ca1bd3da65) C:\WINDOWS\system32\drivers\dmboot.sys
21:40:09.0437 1316 dmboot - ok
21:40:09.0437 1316 dmio (27725b6501201c3080ba73048bce389a) C:\WINDOWS\system32\drivers\dmio.sys
21:40:09.0437 1316 dmio - ok
21:40:09.0453 1316 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
21:40:09.0468 1316 dmload - ok
21:40:09.0468 1316 dmserver (4adbb7593ec0115f7622c335b427c3da) C:\WINDOWS\System32\dmserver.dll
21:40:09.0468 1316 dmserver - ok
21:40:09.0515 1316 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
21:40:09.0515 1316 DMusic - ok
21:40:09.0531 1316 Dnscache (082be13166a3354f25f78e0b2601012b) C:\WINDOWS\System32\dnsrslvr.dll
21:40:09.0546 1316 Dnscache - ok
21:40:09.0546 1316 dpti2o - ok
21:40:09.0546 1316 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
21:40:09.0546 1316 drmkaud - ok
21:40:09.0546 1316 ERSvc (efd32591f9e29c00a5814df3f6d46683) C:\WINDOWS\System32\ersvc.dll
21:40:09.0546 1316 ERSvc - ok
21:40:09.0578 1316 Eventlog (02a467e27af55f7064c5b251e587315f) C:\WINDOWS\system32\services.exe
21:40:09.0578 1316 Eventlog - ok
21:40:09.0609 1316 EventSystem (6aff804839c85859e0247164fbe5f5bb) C:\WINDOWS\system32\es.dll
21:40:09.0609 1316 EventSystem - ok
21:40:09.0625 1316 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys
21:40:09.0625 1316 Fastfat - ok
21:40:09.0640 1316 FastUserSwitchingCompatibility (55aae86c7c2cadf6972acd1d76c24a98) C:\WINDOWS\System32\shsvcs.dll
21:40:09.0656 1316 FastUserSwitchingCompatibility - ok
21:40:09.0656 1316 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\drivers\Fdc.sys
21:40:09.0656 1316 Fdc - ok
21:40:09.0671 1316 Fips (c5fb298257c0a6514ea17835e774ea0a) C:\WINDOWS\system32\drivers\Fips.sys
21:40:09.0671 1316 Fips - ok
21:40:09.0671 1316 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\drivers\Flpydisk.sys
21:40:09.0687 1316 Flpydisk - ok
21:40:09.0718 1316 FltMgr (157754f0df355a9e0a6f54721914f9c6) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
21:40:09.0718 1316 FltMgr - ok
21:40:09.0875 1316 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
21:40:09.0875 1316 FontCache3.0.0.0 - ok
21:40:09.0875 1316 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:40:09.0875 1316 Fs_Rec - ok
21:40:09.0890 1316 Ftdisk (ed6d921d8ab423138fb35beee6d6a6cb) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:40:09.0890 1316 Ftdisk - ok
21:40:09.0906 1316 giveio (77ebf3e9386daa51551af429052d88d0) C:\WINDOWS\system32\giveio.sys
21:40:09.0906 1316 giveio - ok
21:40:09.0937 1316 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:40:09.0937 1316 Gpc - ok
21:40:10.0046 1316 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
21:40:10.0046 1316 gusvc - ok
21:40:10.0062 1316 HDAudBus (3fcc124b6e08ee0e9351f717dd136939) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
21:40:10.0078 1316 HDAudBus - ok
21:40:10.0109 1316 helpsvc (e1552a082e8c0fbb70b758f170b3aff8) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
21:40:10.0109 1316 helpsvc - ok
21:40:10.0140 1316 HidServ (7d00fec9b6de9776b3d0ead70bd71968) C:\WINDOWS\System32\hidserv.dll
21:40:10.0140 1316 HidServ - ok
21:40:10.0187 1316 HidUsb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:40:10.0187 1316 HidUsb - ok
21:40:10.0218 1316 HMuFtI7S300 (561bd01bd7db4f8db587515af42d0849) C:\WINDOWS\system32\DRIVERS\HMuFtI7S300.sys
21:40:10.0218 1316 HMuFtI7S300 - ok
21:40:10.0234 1316 hpn - ok
21:40:10.0265 1316 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
21:40:10.0265 1316 HTTP - ok
21:40:10.0296 1316 HTTPFilter (2d303caf3c6dcfb246e74550dbed5880) C:\WINDOWS\System32\w3ssl.dll
21:40:10.0312 1316 HTTPFilter - ok
21:40:10.0312 1316 i2omgmt - ok
21:40:10.0312 1316 i2omp - ok
21:40:10.0328 1316 i8042prt (2656fdfe0a7916c3a16f374454c55dd9) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
21:40:10.0328 1316 i8042prt - ok
21:40:10.0390 1316 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
21:40:10.0406 1316 IDriverT - ok
21:40:10.0468 1316 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:40:10.0484 1316 idsvc - ok
21:40:10.0500 1316 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys
21:40:10.0500 1316 Imapi - ok
21:40:10.0531 1316 ImapiService (bc74431e59fb0badf3e9162bd8d37b00) C:\WINDOWS\system32\imapi.exe
21:40:10.0546 1316 ImapiService - ok
21:40:10.0546 1316 ini910u - ok
21:40:10.0562 1316 IntelIde - ok
21:40:10.0593 1316 intelppm (78a353438791c6d04c64013a5abec6bd) C:\WINDOWS\system32\DRIVERS\intelppm.sys
21:40:10.0593 1316 intelppm - ok
21:40:10.0687 1316 Ip6Fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
21:40:10.0687 1316 Ip6Fw - ok
21:40:10.0796 1316 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:40:10.0796 1316 IpFilterDriver - ok
21:40:10.0890 1316 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:40:10.0890 1316 IpInIp - ok
21:40:10.0906 1316 IpNat (b5a8e215ac29d24d60b4d1250ef05ace) C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:40:10.0906 1316 IpNat - ok
21:40:10.0937 1316 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:40:10.0937 1316 IPSec - ok
21:40:11.0000 1316 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
21:40:11.0000 1316 IRENUM - ok
21:40:11.0046 1316 isapnp (01a9e68528f4f34e5702123d27c67bd4) C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:40:11.0046 1316 isapnp - ok
21:40:11.0156 1316 ISODrive (2f03ceb28307983f3b36216d35ffa5aa) C:\Program Files\UltraISO\drivers\ISODrive.sys
21:40:11.0156 1316 ISODrive - ok
21:40:11.0281 1316 JavaQuickStarterService (9aa67569d5257462e230767510b0c815) C:\Program Files\Java\jre6\bin\jqs.exe
21:40:11.0281 1316 JavaQuickStarterService - ok
21:40:11.0312 1316 Kbdclass (cc13db862f929ae33f64c3bedc01cd31) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:40:11.0312 1316 Kbdclass - ok
21:40:11.0328 1316 kbdhid (831be9197bdace6bdcac1bfdbe1c380f) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
21:40:11.0328 1316 kbdhid - ok
21:40:11.0359 1316 kmixer (d93cad07c5683db066b0b2d2d3790ead) C:\WINDOWS\system32\drivers\kmixer.sys
21:40:11.0359 1316 kmixer - ok
21:40:11.0390 1316 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
21:40:11.0390 1316 KSecDD - ok
21:40:11.0406 1316 L1c (62f96e23a70ce0197017ffd990513c27) C:\WINDOWS\system32\DRIVERS\l1c51x86.sys
21:40:11.0406 1316 L1c - ok
21:40:11.0468 1316 lanmanserver (061a4bb67c324ac8c176e0d77923b212) C:\WINDOWS\System32\srvsvc.dll
21:40:11.0468 1316 lanmanserver - ok
21:40:11.0500 1316 lanmanworkstation (fa17019da45c5d6464776a639a5a9abb) C:\WINDOWS\System32\wkssvc.dll
21:40:11.0531 1316 lanmanworkstation - ok
21:40:11.0531 1316 lbrtfdc - ok
21:40:11.0562 1316 LmHosts (94136b41f35666254de29006dccc30fc) C:\WINDOWS\System32\lmhsvc.dll
21:40:11.0562 1316 LmHosts - ok
21:40:11.0625 1316 MatSvc (ddf15a42e27e8efe27b18fd403151a86) C:\Program Files\Microsoft Fix it Center\Matsvc.exe
21:40:11.0640 1316 MatSvc - ok
21:40:11.0656 1316 Messenger (1d0ebf9edae8a61cbf56ed1ff8489fac) C:\WINDOWS\System32\msgsvc.dll
21:40:11.0656 1316 Messenger - ok
21:40:11.0671 1316 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
21:40:11.0671 1316 mnmdd - ok
21:40:11.0703 1316 mnmsrvc (db082aafd0859e28744e6629b64e0a91) C:\WINDOWS\system32\mnmsrvc.exe
21:40:11.0703 1316 mnmsrvc - ok
21:40:11.0812 1316 Modem (15f33d12d604d0198ce5561f102cd9c5) C:\WINDOWS\system32\drivers\Modem.sys
21:40:11.0812 1316 Modem - ok
21:40:11.0843 1316 Mouclass (69c12b99ae8b6b99ec314e9b99833728) C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:40:11.0843 1316 Mouclass - ok
21:40:11.0875 1316 mouhid (ecec1e6cd558ab80f944f31326e9d3b5) C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:40:11.0875 1316 mouhid - ok
21:40:11.0906 1316 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
21:40:11.0906 1316 MountMgr - ok
21:40:11.0937 1316 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
21:40:11.0937 1316 MozillaMaintenance - ok
21:40:11.0937 1316 mraid35x - ok
21:40:11.0953 1316 MRxDAV (46edcc8f2db2f322c24f48785cb46366) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:40:11.0953 1316 MRxDAV - ok
21:40:11.0968 1316 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:40:11.0984 1316 MRxSmb - ok
21:40:12.0000 1316 MSDTC (fb68f196b215782333fa1467cbafc8b0) C:\WINDOWS\system32\msdtc.exe
21:40:12.0015 1316 MSDTC - ok
21:40:12.0031 1316 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
21:40:12.0031 1316 Msfs - ok
21:40:12.0031 1316 MSICDSetup - ok
21:40:12.0078 1316 MSILiveVirtualCamera (2f51c135ac2b81f5242c20a47c307cbe) C:\WINDOWS\system32\DRIVERS\MSILiveVirtualCamera.sys
21:40:12.0078 1316 MSILiveVirtualCamera - ok
21:40:12.0093 1316 MSIServer - ok
21:40:12.0125 1316 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:40:12.0125 1316 MSKSSRV - ok
21:40:12.0140 1316 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:40:12.0140 1316 MSPCLOCK - ok
21:40:12.0187 1316 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
21:40:12.0218 1316 MSPQM - ok
21:40:12.0234 1316 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:40:12.0234 1316 mssmbios - ok
21:40:12.0250 1316 MSTEE (bf13612142995096ab084f2db7f40f77) C:\WINDOWS\system32\drivers\MSTEE.sys
21:40:12.0250 1316 MSTEE - ok
21:40:12.0265 1316 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
21:40:12.0265 1316 Mup - ok
21:40:12.0281 1316 NABTSFEC (5c8dc6429c43dc6177c1fa5b76290d1a) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
21:40:12.0281 1316 NABTSFEC - ok
21:40:12.0296 1316 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
21:40:12.0296 1316 NDIS - ok
21:40:12.0312 1316 NdisIP (520ce427a8b298f54112857bcf6bde15) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
21:40:12.0312 1316 NdisIP - ok
21:40:12.0343 1316 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:40:12.0343 1316 NdisTapi - ok
21:40:12.0359 1316 Ndisuio (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:40:12.0359 1316 Ndisuio - ok
21:40:12.0359 1316 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:40:12.0359 1316 NdisWan - ok
21:40:12.0390 1316 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
21:40:12.0390 1316 NDProxy - ok
21:40:12.0390 1316 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
21:40:12.0390 1316 NetBIOS - ok
21:40:12.0406 1316 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
21:40:12.0406 1316 NetBT - ok
21:40:12.0453 1316 NetDDE (8de3841527161abdfae5c44ab570f8e1) C:\WINDOWS\system32\netdde.exe
21:40:12.0453 1316 NetDDE - ok
21:40:12.0453 1316 NetDDEdsdm (8de3841527161abdfae5c44ab570f8e1) C:\WINDOWS\system32\netdde.exe
21:40:12.0453 1316 NetDDEdsdm - ok
21:40:12.0468 1316 Netlogon (f485fefc8cc4fd29243d800be5d275d1) C:\WINDOWS\system32\lsass.exe
21:40:12.0468 1316 Netlogon - ok
21:40:12.0484 1316 Netman (3e7b6583269bc118720d0020b03cc71e) C:\WINDOWS\System32\netman.dll
21:40:12.0484 1316 Netman - ok
21:40:12.0656 1316 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:40:12.0671 1316 NetTcpPortSharing - ok
21:40:12.0687 1316 Nla (9d1f13706fb5f02d0e8795fb2d03971d) C:\WINDOWS\System32\mswsock.dll
21:40:12.0703 1316 Nla - ok
21:40:12.0703 1316 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
21:40:12.0703 1316 Npfs - ok
21:40:12.0765 1316 Ntfs (b78be402c3f63dd55521f73876951cdd) C:\WINDOWS\system32\drivers\Ntfs.sys
21:40:12.0781 1316 Ntfs - ok
21:40:12.0781 1316 NtLmSsp (f485fefc8cc4fd29243d800be5d275d1) C:\WINDOWS\system32\lsass.exe
21:40:12.0781 1316 NtLmSsp - ok
21:40:12.0828 1316 NtmsSvc (c8ce1566b0537c3f5f7ae1ca458a6697) C:\WINDOWS\system32\ntmssvc.dll
21:40:12.0828 1316 NtmsSvc - ok
21:40:12.0859 1316 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
21:40:12.0875 1316 Null - ok
21:40:13.0250 1316 nv (4b54dcd6adee535df80f07c59ddd8f14) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
21:40:13.0390 1316 nv - ok
21:40:14.0890 1316 NVHDA (6a839ac21ecde8945d52007152f2695e) C:\WINDOWS\system32\drivers\nvhda32.sys
21:40:14.0890 1316 NVHDA - ok
21:40:14.0921 1316 NVSvc (0573c75a2895d973ea6ef2495620ba49) C:\WINDOWS\system32\nvsvc32.exe
21:40:14.0937 1316 NVSvc - ok
21:40:15.0187 1316 nvUpdatusService (9c84945feee40ea42d3bca5c22250d47) C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
21:40:15.0218 1316 nvUpdatusService - ok
21:40:16.0671 1316 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:40:16.0671 1316 NwlnkFlt - ok
21:40:16.0687 1316 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:40:16.0687 1316 NwlnkFwd - ok
21:40:16.0843 1316 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:40:16.0843 1316 ose - ok
21:40:17.0046 1316 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:40:17.0109 1316 osppsvc - ok
21:40:18.0640 1316 Parport (2ff48d8fdc815a8492fb2bd81e6999c2) C:\WINDOWS\system32\DRIVERS\parport.sys
21:40:18.0640 1316 Parport - ok
21:40:18.0718 1316 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
21:40:18.0718 1316 PartMgr - ok
21:40:18.0750 1316 ParVdm (453ec2c2a20a1382f564541918520eeb) C:\WINDOWS\system32\drivers\ParVdm.sys
21:40:18.0750 1316 ParVdm - ok
21:40:18.0781 1316 PCI (5fd05c92ec56f696eaa50b68cef1b84a) C:\WINDOWS\system32\DRIVERS\pci.sys
21:40:18.0781 1316 PCI - ok
21:40:18.0781 1316 PCIDump - ok
21:40:18.0781 1316 PCIIde (548cf2d6369eae441a4c6baa75bc4f0a) C:\WINDOWS\system32\DRIVERS\pciide.sys
21:40:18.0781 1316 PCIIde - ok
21:40:18.0828 1316 Pcmcia (2849812217ecec059cb45f80eb6e52d4) C:\WINDOWS\system32\drivers\Pcmcia.sys
21:40:18.0828 1316 Pcmcia - ok
21:40:18.0828 1316 PDCOMP - ok
21:40:18.0828 1316 PDFRAME - ok
21:40:18.0828 1316 PDRELI - ok
21:40:18.0828 1316 PDRFRAME - ok
21:40:18.0843 1316 perc2 - ok
21:40:18.0843 1316 perc2hib - ok
21:40:18.0859 1316 PlugPlay (02a467e27af55f7064c5b251e587315f) C:\WINDOWS\system32\services.exe
21:40:18.0859 1316 PlugPlay - ok
21:40:18.0906 1316 PnkBstrA (205e1b699fd3f2f9b036eea2ec30c620) C:\WINDOWS\system32\PnkBstrA.exe
21:40:18.0906 1316 PnkBstrA - ok
21:40:18.0937 1316 PnkBstrB (a0be870ec5c21503e67f8203cdd513ed) C:\WINDOWS\system32\PnkBstrB.exe
21:40:18.0953 1316 PnkBstrB - ok
21:40:18.0968 1316 PnkBstrK (02df407ff9a5c724be0ca0387847f7f1) C:\WINDOWS\system32\drivers\PnkBstrK.sys
21:40:18.0968 1316 PnkBstrK - ok
21:40:18.0968 1316 PolicyAgent (f485fefc8cc4fd29243d800be5d275d1) C:\WINDOWS\system32\lsass.exe
21:40:18.0984 1316 PolicyAgent - ok
21:40:18.0984 1316 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:40:19.0000 1316 PptpMiniport - ok
21:40:19.0000 1316 ProtectedStorage (f485fefc8cc4fd29243d800be5d275d1) C:\WINDOWS\system32\lsass.exe
21:40:19.0000 1316 ProtectedStorage - ok
21:40:19.0000 1316 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys
21:40:19.0000 1316 PSched - ok
21:40:19.0000 1316 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:40:19.0000 1316 Ptilink - ok
21:40:19.0015 1316 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
21:40:19.0031 1316 PxHelp20 - ok
21:40:19.0031 1316 ql1080 - ok
21:40:19.0031 1316 Ql10wnt - ok
21:40:19.0031 1316 ql12160 - ok
21:40:19.0031 1316 ql1240 - ok
21:40:19.0031 1316 ql1280 - ok
21:40:19.0062 1316 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:40:19.0062 1316 RasAcd - ok
21:40:19.0078 1316 RasAuto (5ed5af86ee8cc13f6392b37a81af5d5b) C:\WINDOWS\System32\rasauto.dll
21:40:19.0093 1316 RasAuto - ok
21:40:19.0109 1316 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:40:19.0109 1316 Rasl2tp - ok
21:40:19.0125 1316 RasMan (ff59ec9427760470de7ffca75738ecb8) C:\WINDOWS\System32\rasmans.dll
21:40:19.0140 1316 RasMan - ok
21:40:19.0140 1316 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:40:19.0140 1316 RasPppoe - ok
21:40:19.0140 1316 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
21:40:19.0140 1316 Raspti - ok
21:40:19.0156 1316 Rdbss (29d66245adba878fff574cd66abd2884) C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:40:19.0171 1316 Rdbss - ok
21:40:19.0171 1316 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:40:19.0171 1316 RDPCDD - ok
21:40:19.0203 1316 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
21:40:19.0203 1316 rdpdr - ok
21:40:19.0234 1316 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
21:40:19.0234 1316 RDPWD - ok
21:40:19.0281 1316 RDSessMgr (ee93399bc7cd84624ab7890dd7d8b296) C:\WINDOWS\system32\sessmgr.exe
21:40:19.0281 1316 RDSessMgr - ok
21:40:19.0296 1316 redbook (bddcece9acdad26841c987d10376f6f7) C:\WINDOWS\system32\DRIVERS\redbook.sys
21:40:19.0296 1316 redbook - ok
21:40:19.0328 1316 RemoteAccess (6a9cb0c18b634b187b8b5a32b0fc2773) C:\WINDOWS\System32\mprdim.dll
21:40:19.0328 1316 RemoteAccess - ok
21:40:19.0390 1316 RemoteRegistry (a19bfed61736127db5b8b815afb35190) C:\WINDOWS\system32\regsvc.dll
21:40:19.0406 1316 RemoteRegistry - ok
21:40:19.0421 1316 RpcLocator (6be739f700580f23740efa1d1b57c0a5) C:\WINDOWS\system32\locator.exe
21:40:19.0421 1316 RpcLocator - ok
21:40:19.0484 1316 RpcSs (a37311d9d628c1042a2836731787f0f3) C:\WINDOWS\system32\rpcss.dll
21:40:19.0484 1316 RpcSs - ok
21:40:19.0515 1316 RSVP (9acee3313020a01235336c2a483afd1a) C:\WINDOWS\system32\rsvp.exe
21:40:19.0531 1316 RSVP - ok
21:40:19.0531 1316 SamSs (f485fefc8cc4fd29243d800be5d275d1) C:\WINDOWS\system32\lsass.exe
21:40:19.0531 1316 SamSs - ok
21:40:19.0546 1316 SCardSvr (8df7262f72c3ab75486d21ba78b9f749) C:\WINDOWS\System32\SCardSvr.exe
21:40:19.0562 1316 SCardSvr - ok
21:40:19.0593 1316 SCDEmu (bb68443901ff680c799e8f4a464ece39) C:\WINDOWS\system32\drivers\SCDEmu.sys
21:40:19.0593 1316 SCDEmu - ok
21:40:19.0609 1316 Schedule (e5f1c9ead4c6617acd40ca90882cc7d4) C:\WINDOWS\system32\schedsvc.dll
21:40:19.0609 1316 Schedule - ok
21:40:19.0640 1316 Secdrv (d26e26ea516450af9d072635c60387f4) C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:40:19.0640 1316 Secdrv - ok
21:40:19.0687 1316 seclogon (60255ac385a08aaf4897ab4a42483500) C:\WINDOWS\System32\seclogon.dll
21:40:19.0703 1316 seclogon - ok
21:40:19.0703 1316 SENS (1398df553e701c7948188a7d4e347a18) C:\WINDOWS\system32\sens.dll
21:40:19.0703 1316 SENS - ok
21:40:19.0718 1316 serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys
21:40:19.0718 1316 serenum - ok
21:40:19.0718 1316 Serial (859bc6f8c3d58cfda9181e9926c7ddb9) C:\WINDOWS\system32\DRIVERS\serial.sys
21:40:19.0718 1316 Serial - ok
21:40:19.0734 1316 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys
21:40:19.0734 1316 Sfloppy - ok
21:40:19.0765 1316 SharedAccess (ddc87adf808d192a5212cc8a1e7f8e87) C:\WINDOWS\System32\ipnathlp.dll
21:40:19.0781 1316 SharedAccess - ok
21:40:19.0796 1316 ShellHWDetection (55aae86c7c2cadf6972acd1d76c24a98) C:\WINDOWS\System32\shsvcs.dll
21:40:19.0796 1316 ShellHWDetection - ok
21:40:19.0796 1316 Simbad - ok
21:40:19.0937 1316 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files\Skype\Updater\Updater.exe
21:40:19.0937 1316 SkypeUpdate - ok
21:40:19.0953 1316 SLIP (5caeed86821fa2c6139e32e9e05ccdc9) C:\WINDOWS\system32\DRIVERS\SLIP.sys
21:40:19.0953 1316 SLIP - ok
21:40:19.0953 1316 Sparrow - ok
21:40:20.0000 1316 speedfan (3fa2e254bfbce52b3c6f1bf23aab6911) C:\WINDOWS\system32\speedfan.sys
21:40:20.0015 1316 speedfan - ok
21:40:20.0031 1316 splitter (8e186b8f23295d1e42c573b82b80d548) C:\WINDOWS\system32\drivers\splitter.sys
21:40:20.0031 1316 splitter - ok
21:40:20.0062 1316 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
21:40:20.0062 1316 Spooler - ok
21:40:20.0093 1316 sptd (0022cfff1a41e5ce3a764050a7ddf22a) C:\WINDOWS\System32\Drivers\sptd.sys
21:40:20.0109 1316 sptd - ok
21:40:20.0109 1316 sr (6145ca23bccda679a772ec0af42d6eb5) C:\WINDOWS\system32\DRIVERS\sr.sys
21:40:20.0125 1316 sr - ok
21:40:20.0125 1316 srservice (f309d9894fca821e3c2f557a8032d47a) C:\WINDOWS\system32\srsvc.dll
21:40:20.0140 1316 srservice - ok
21:40:20.0156 1316 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
21:40:20.0156 1316 Srv - ok
21:40:20.0203 1316 SSDPSRV (bb754c4be0b18f0faf01a7ebde7025c4) C:\WINDOWS\System32\ssdpsrv.dll
21:40:20.0218 1316 SSDPSRV - ok
21:40:20.0234 1316 ss_bus (5a1d0ca8a5f1e7b4ec50b9d76c001f0e) C:\WINDOWS\system32\DRIVERS\ss_bus.sys
21:40:20.0234 1316 ss_bus - ok
21:40:20.0234 1316 ss_mdfl (f0a85580e36a3a85059037d39a9cf079) C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys
21:40:20.0234 1316 ss_mdfl - ok
21:40:20.0265 1316 ss_mdm (84c3dbfd1bfa4adc0a950b3d5506cb00) C:\WINDOWS\system32\DRIVERS\ss_mdm.sys
21:40:20.0265 1316 ss_mdm - ok
21:40:20.0281 1316 StarOpen (306521935042fc0a6988d528643619b3) C:\WINDOWS\system32\drivers\StarOpen.sys
21:40:20.0281 1316 StarOpen - ok
21:40:20.0343 1316 StarWindServiceAE (e5c796b621f6fba8616511063d7f0ffe) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
21:40:20.0343 1316 StarWindServiceAE - ok
21:40:20.0390 1316 stisvc (c6718154a50fe6c55e382cdbdedce7a7) C:\WINDOWS\system32\wiaservc.dll
21:40:20.0406 1316 stisvc - ok
21:40:20.0421 1316 streamip (284c57df5dc7abca656bc2b96a667afb) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
21:40:20.0421 1316 streamip - ok
21:40:20.0437 1316 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
21:40:20.0437 1316 swenum - ok
21:40:20.0468 1316 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
21:40:20.0468 1316 swmidi - ok
21:40:20.0484 1316 SwPrv - ok
21:40:20.0484 1316 symc810 - ok
21:40:20.0484 1316 symc8xx - ok
21:40:20.0484 1316 sym_hi - ok
21:40:20.0484 1316 sym_u3 - ok
21:40:20.0500 1316 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
21:40:20.0500 1316 sysaudio - ok
21:40:20.0531 1316 SysmonLog (5893b3b5b966233cae426b2fedc34ddf) C:\WINDOWS\system32\smlogsvc.exe
21:40:20.0546 1316 SysmonLog - ok
21:40:20.0593 1316 TapiSrv (0a695b77564d8e9333e846b526f95ab2) C:\WINDOWS\System32\tapisrv.dll
21:40:20.0593 1316 TapiSrv - ok
21:40:20.0609 1316 TBPanel (04e1c782cf14b7282ebc633b0fd3ed16) C:\WINDOWS\system32\drivers\TBPanel.sys
21:40:20.0609 1316 TBPanel - ok
21:40:20.0671 1316 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:40:20.0671 1316 Tcpip - ok
21:40:20.0703 1316 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
21:40:20.0703 1316 TDPIPE - ok
21:40:20.0703 1316 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
21:40:20.0718 1316 TDTCP - ok
21:40:20.0718 1316 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
21:40:20.0718 1316 TermDD - ok
21:40:20.0750 1316 TermService (2c28157229925280916b3041ccc5fe4b) C:\WINDOWS\System32\termsrv.dll
21:40:20.0750 1316 TermService - ok
21:40:20.0796 1316 Themes (55aae86c7c2cadf6972acd1d76c24a98) C:\WINDOWS\System32\shsvcs.dll
21:40:20.0796 1316 Themes - ok
21:40:20.0843 1316 TlntSvr (cac717418ccdf09110f406108017bfa6) C:\WINDOWS\system32\tlntsvr.exe
21:40:20.0843 1316 TlntSvr - ok
21:40:20.0843 1316 TosIde - ok
21:40:20.0875 1316 TrkWks (facbc230aa93401d2fe88976e7cb7369) C:\WINDOWS\system32\trkwks.dll
21:40:20.0875 1316 TrkWks - ok
21:40:20.0906 1316 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys
21:40:20.0906 1316 Udfs - ok
21:40:20.0906 1316 ultra - ok
21:40:21.0031 1316 UnlockerDriver5 (bb879dcfd22926efbeb3298129898cbb) C:\Program Files\Unlocker\UnlockerDriver5.sys
21:40:21.0046 1316 UnlockerDriver5 - ok
21:40:21.0062 1316 Update (aff2e5045961bbc0a602bb6f95eb1345) C:\WINDOWS\system32\DRIVERS\update.sys
21:40:21.0062 1316 Update - ok
21:40:21.0093 1316 upnphost (387d2a06c8e7cccea8e9a350c8fe6781) C:\WINDOWS\System32\upnphost.dll
21:40:21.0093 1316 upnphost - ok
21:40:21.0125 1316 UPS (576a2c38cf3904f2ca1107f922288435) C:\WINDOWS\System32\ups.exe
21:40:21.0125 1316 UPS - ok
21:40:21.0140 1316 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:40:21.0140 1316 usbccgp - ok
21:40:21.0171 1316 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:40:21.0187 1316 usbehci - ok
21:40:21.0187 1316 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:40:21.0187 1316 usbhub - ok
21:40:21.0218 1316 usbscan (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS\system32\DRIVERS\usbscan.sys
21:40:21.0218 1316 usbscan - ok
21:40:21.0265 1316 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:40:21.0265 1316 USBSTOR - ok
21:40:21.0281 1316 usbuhci (f8fd1400092e23c8f2f31406ef06167b) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
21:40:21.0281 1316 usbuhci - ok
21:40:21.0312 1316 V0260VID (c90055bd2bb41443462ea715e0876b8d) C:\WINDOWS\system32\DRIVERS\V0260Vid.sys
21:40:21.0312 1316 V0260VID - ok
21:40:21.0328 1316 VCSVADHWSer (b2abab4ca46bad182e27763dc19c780f) C:\WINDOWS\system32\DRIVERS\vcsvad.sys
21:40:21.0328 1316 VCSVADHWSer - ok
21:40:21.0328 1316 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
21:40:21.0328 1316 VgaSave - ok
21:40:21.0437 1316 VIAHdAudAddService (3082f6f16f90ebcc85bf2a3d9880f3c5) C:\WINDOWS\system32\drivers\viahduaa.sys
21:40:21.0468 1316 VIAHdAudAddService - ok
21:40:22.0906 1316 ViaIde - ok
21:40:22.0937 1316 VolSnap (ecd173739b8ec10a814cc18653df5a36) C:\WINDOWS\system32\drivers\VolSnap.sys
21:40:22.0937 1316 VolSnap - ok
21:40:22.0984 1316 VSS (fec1e19b91972105044960b23c442949) C:\WINDOWS\System32\vssvc.exe
21:40:22.0984 1316 VSS - ok
21:40:23.0031 1316 W32Time (000a0d516a2e20441e77aea44e46b19b) C:\WINDOWS\system32\w32time.dll
21:40:23.0031 1316 W32Time - ok
21:40:23.0078 1316 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:40:23.0078 1316 Wanarp - ok
21:40:23.0078 1316 WDICA - ok
21:40:23.0109 1316 wdmaud (2797f33ebf50466020c430ee4f037933) C:\WINDOWS\system32\drivers\wdmaud.sys
21:40:23.0109 1316 wdmaud - ok
21:40:23.0140 1316 WebClient (f796befe565c59a30a4c61b640557276) C:\WINDOWS\System32\webclnt.dll
21:40:23.0156 1316 WebClient - ok
21:40:23.0312 1316 winmgmt (482435b2a2de8e06c83c3b1eb3237c2c) C:\WINDOWS\system32\wbem\WMIsvc.dll
21:40:23.0312 1316 winmgmt - ok
21:40:23.0343 1316 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
21:40:23.0343 1316 WmdmPmSN - ok
21:40:23.0390 1316 Wmi (afce55c392a9676bd24a287d5ed1c777) C:\WINDOWS\System32\advapi32.dll
21:40:23.0390 1316 Wmi - ok
21:40:23.0437 1316 WmiApSrv (45e43704611d7c2202a180ff87e63550) C:\WINDOWS\system32\wbem\wmiapsrv.exe
21:40:23.0437 1316 WmiApSrv - ok
21:40:23.0468 1316 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
21:40:23.0468 1316 WpdUsb - ok
21:40:23.0515 1316 wscsvc (390d0951271908c46eecf89893876424) C:\WINDOWS\system32\wscsvc.dll
21:40:23.0531 1316 wscsvc - ok
21:40:23.0562 1316 WSTCODEC (d5842484f05e12121c511aa93f6439ec) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
21:40:23.0562 1316 WSTCODEC - ok
21:40:23.0593 1316 wuauserv (40c600488ff127953aa2f1835e5fd433) C:\WINDOWS\system32\wuauserv.dll
21:40:23.0640 1316 wuauserv - ok
21:40:23.0656 1316 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
21:40:23.0656 1316 WudfPf - ok
21:40:23.0671 1316 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
21:40:23.0687 1316 WudfRd - ok
21:40:23.0718 1316 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
21:40:23.0734 1316 WudfSvc - ok
21:40:23.0781 1316 WZCSVC (98a8014dbe72349f73462262cf493574) C:\WINDOWS\System32\wzcsvc.dll
21:40:23.0796 1316 WZCSVC - ok
21:40:23.0828 1316 xmlprov (e3c9ef5bcc9eb171bd81051cd19bded7) C:\WINDOWS\System32\xmlprov.dll
21:40:23.0875 1316 xmlprov - ok
21:40:23.0890 1316 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
21:40:24.0250 1316 \Device\Harddisk0\DR0 - ok
21:40:24.0250 1316 Boot (0x1200) (c1df6a8a6d95dcf5c97888fe0c99cd1c) \Device\Harddisk0\DR0\Partition0
21:40:24.0250 1316 \Device\Harddisk0\DR0\Partition0 - ok
21:40:24.0265 1316 Boot (0x1200) (c7b43b1765ba91cf6440fd5f5e8e6b62) \Device\Harddisk0\DR0\Partition1
21:40:24.0265 1316 \Device\Harddisk0\DR0\Partition1 - ok
21:40:24.0265 1316 ============================================================
21:40:24.0265 1316 Scan finished
21:40:24.0265 1316 ============================================================
21:40:24.0281 2712 Detected object count: 0
21:40:24.0281 2712 Actual detected object count: 0
21:40:32.0140 3604 Deinitialize success

Aha i przeprowadziłem skan programem Malwarebytes Anti-Malware i znalazł mi "c:\windows\assembly\gac\desktop.ini (Trojan.0access)" usunałem to i przeprowadziłem ponowny pełny skan całego systemu avastem i nie znalazł żadnego zagrożenia i jeszcze jedno ten log z GMERA trwa dosyć długo już czekam około 1:30 godz

Gość
komentarz
komentarz

[quote]Aha i przeprowadziłem skan programem Malwarebytes Anti-Malware i znalazł mi "c:\windows\assembly\gac\desktop.ini (Trojan.0access)" usunałem to i przeprowadziłem ponowny pełny skan całego systemu avastem i nie znalazł żadnego zagrożenia i jeszcze jedno ten log z GMERA trwa dosyć długo już czekam około 1:30 godz [/quote]

Miałeś zrobić log z Gmera. Widzę że był tu i pewnie jeszce jest rootkit. Czekam na log z Gmera.

Dzani1125
komentarz
komentarz

Tak tylko ten log który przeprowadzam GMEREM trwa już około 2 godzin bo mam dysk o pojemności 1000GB

Gość
komentarz
komentarz

ale c masz mniejsze. niech robi poczekam. chyba ze sie zawiesi, wtedy daj znac

Dzani1125
komentarz
komentarz

Ale już zaznaczyłem C i E także ja też moge poczekać jak już skończy to Ci podeśle, a co ci da log z tego Gmera bo ja sie zabardzo na tym nie znam :D

Czekałem jakieś 3 godziny i sie zacieło ale zapisałem masz ten log:


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwAddBootEntry [0xB41BEDF8]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwAllocateVirtualMemory [0xB424BA5A]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwAssignProcessToJobObject [0xB41BF85E]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwClose [0xB41EBD5D]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateEvent [0xB41C42E4]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateEventPair [0xB41C4330]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateIoCompletion [0xB41C4422]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateKey [0xB41EB711]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateMutant [0xB41C4252]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateSection [0xB41C4374]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateSemaphore [0xB41C429A]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateTimer [0xB41C43DC]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDeleteBootEntry [0xB41BEE44]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDeleteKey [0xB41EC423]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDeleteValueKey [0xB41EC6D9]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDuplicateObject [0xB41C19A8]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwEnumerateKey [0xB41EC28E]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwEnumerateValueKey [0xB41EC0F9]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwFreeVirtualMemory [0xB424BB34]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwLoadDriver [0xB41BEAD6]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwModifyBootEntry [0xB41BEE90]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwNotifyChangeKey [0xB41C1D1C]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwNotifyChangeMultipleKeys [0xB41BFB02]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenEvent [0xB41C430E]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenEventPair [0xB41C4352]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenIoCompletion [0xB41C4446]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenKey [0xB41EBA6D]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenMutant [0xB41C4278]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenProcess [0xB41C1518]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenSection [0xB41C43AE]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenSemaphore [0xB41C42C2]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenThread [0xB41C174C]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenTimer [0xB41C4400]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwProtectVirtualMemory [0xB424BCA0]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwQueryKey [0xB41EBF74]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwQueryObject [0xB41BF9CE]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwQueryValueKey [0xB41EBDC6]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwRenameKey [0xB4255B68]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwRestoreKey [0xB41EAD84]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetBootEntryOrder [0xB41BEEDC]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetBootOptions [0xB41BEF28]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetSystemInformation [0xB41BEB46]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetSystemPowerState [0xB41BECEA]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetValueKey [0xB41EC52A]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwShutdownSystem [0xB41BEC92]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSystemDebugControl [0xB41BED5A]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwTerminateProcess [0xB424BD60]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwVdmControl [0xB41BEF74]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwWriteVirtualMemory [0xB424BBE0]

INT 0x62 ? 8A894CB8
INT 0x63 ? 8A67CCB8
INT 0x82 ? 8A894CB8
INT 0x83 ? 8A67CCB8
INT 0xA4 ? 8A67CCB8
INT 0xB4 ? 8A894CB8
INT 0xB4 ? 8A894CB8
INT 0xB4 ? 8A67CCB8
INT 0xB4 ? 8A894CB8

Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0xB4261D92]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwCallbackReturn + 2D68 80504604 4 Bytes [D6, EA, 1B, B4]
PAGE ntkrnlpa.exe!ZwReplyWaitReceivePortEx + 5EC 805A64A8 4 Bytes CALL B41C019F \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
PAGE ntkrnlpa.exe!ObMakeTemporaryObject 805BC556 5 Bytes JMP B425EC8C \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ObInsertObject 805C2FDA 5 Bytes JMP B426074C \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ZwCreateProcessEx 805D117A 7 Bytes JMP B4261D96 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
.sptd1 C:\WINDOWS\system32\drivers\sptd.sys entry point in ".sptd1" section [0xB7F83B2E]
.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB6C53380, 0x8D6CD5, 0xE8000020]
.text USBPORT.SYS!DllUnload B6C0F62C 5 Bytes JMP 8A67C1C8
.text ag8k2j22.SYS!A0DB34FC6FE35D429A28ADDE5467D4D7 B6B997C0 48 Bytes [AE, 97, 6E, 25, 78, 8B, DC, ...]
INIT ag8k2j22.SYS!A0DB34FC6FE35D429A28ADDE5467D4D7 + 8880 B6BA2040 32 Bytes [00, 00, 00, 00, 00, 00, 00, ...]
INIT ag8k2j22.SYS!A0DB34FC6FE35D429A28ADDE5467D4D7 + 8FF4 B6BA27B4 3 Bytes [00, 00, 00]
INIT ag8k2j22.SYS!A0DB34FC6FE35D429A28ADDE5467D4D7 + 9011 B6BA27D1 3 Bytes [2B, BA, B6]
INIT ag8k2j22.SYS!A0DB34FC6FE35D429A28ADDE5467D4D7 + 9015 B6BA27D5 3 Bytes [2B, BA, B6]
INIT ...
? C:\WINDOWS\System32\Drivers\ag8k2j22.SYS suspicious PE modification
.text win32k.sys!EngFreeUserMem + 674 BF809992 5 Bytes JMP B41C3180 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngFreeUserMem + 35D0 BF80C8EE 5 Bytes JMP B41C307C \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngDeleteSurface + 45 BF813986 5 Bytes JMP B41C3036 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!BRUSHOBJ_pvAllocRbrush + 11F0 BF81C7C9 5 Bytes JMP B41C2724 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngSetLastError + 79A8 BF824339 5 Bytes JMP B41C1F84 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngCreateBitmap + F9C BF828CA3 5 Bytes JMP B41C32EA \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngUnmapFontFileFD + 2C50 BF8316EE 1 Byte [E9]
.text win32k.sys!EngUnmapFontFileFD + 2C50 BF8316EE 5 Bytes JMP B41C34F2 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngUnmapFontFileFD + B68E BF83A12C 5 Bytes JMP B41C2F3C \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!FONTOBJ_pxoGetXform + C2CF BF851A23 5 Bytes JMP B41C1E66 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!XLATEOBJ_iXlate + F17 BF85BF4A 2 Bytes JMP B41C27E6 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!XLATEOBJ_iXlate + F1A BF85BF4D 2 Bytes [96, F4] {XCHG ESI, EAX; HLT }
.text win32k.sys!XLATEOBJ_iXlate + 3581 BF85E5B4 5 Bytes JMP B41C2384 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!XLATEOBJ_iXlate + 360C BF85E63F 5 Bytes JMP B41C2562 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngCreatePalette + 88 BF85F8B2 5 Bytes JMP B41C1E4E \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngCreatePalette + 5457 BF864C81 5 Bytes JMP B41C30BA \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngGetCurrentCodePage + 4128 BF873FD0 5 Bytes JMP B41C251C \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngGetLastError + 1606 BF891282 5 Bytes JMP B41C27FE \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngGradientFill + 26EE BF89482D 5 Bytes JMP B41C3232 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngStretchBltROP + 583 BF895305 5 Bytes JMP B41C3450 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngCopyBits + 3857 BF89C6AB 5 Bytes JMP B41C270C \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngCopyBits + 4DEC BF89DC40 5 Bytes JMP B41C1FF4 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngEraseSurface + A9D8 BF8C21B0 5 Bytes JMP B41C2104 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngFillPath + 1517 BF8CA612 5 Bytes JMP B41C21AC \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngFillPath + 1797 BF8CA892 5 Bytes JMP B41C22E4 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngDeleteSemaphore + 3B3E BF8EC2F7 5 Bytes JMP B41C1D52 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngDeleteSemaphore + CB2F BF8F52E8 5 Bytes JMP B41C273C \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngCreateClip + 19DF BF913433 5 Bytes JMP B41C1F22 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngCreateClip + 25B3 BF914007 5 Bytes JMP B41C20B0 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngCreateClip + 4F2C BF916980 5 Bytes JMP B41C267C \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngPlgBlt + 18FC BF9463F2 5 Bytes JMP B41C33A8 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.reloc C:\WINDOWS\system32\drivers\PnkBstrK.sys section is executable [0xB0AAF000, 0x18F38, 0xE0000060]

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe[204] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 000801F8
.text C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe[204] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe[204] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 000803FC
.text C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe[204] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe[204] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 00301014
.text C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe[204] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 00300804
.text C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe[204] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 00300A08
.text C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe[204] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 00300C0C
.text C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe[204] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 00300E10
.text C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe[204] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 003001F8
.text C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe[204] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 003003FC
.text C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe[204] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 00300600
.text C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe[204] USER32.dll!SetWinEventHook 77D5E3D3 5 Bytes JMP 003101F8
.text C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe[204] USER32.dll!UnhookWinEvent 77D5E544 5 Bytes JMP 003103FC
.text C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe[204] USER32.dll!SetWindowsHookExW 77D5E621 5 Bytes JMP 00310804
.text C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe[204] USER32.dll!UnhookWindowsHookEx 77D5F29F 5 Bytes JMP 00310A08
.text C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe[204] USER32.dll!SetWindowsHookExA 77D602B2 5 Bytes JMP 00310600
.text C:\WINDOWS\system32\ctfmon.exe[256] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 000A01F8
.text C:\WINDOWS\system32\ctfmon.exe[256] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\ctfmon.exe[256] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 000A03FC
.text C:\WINDOWS\system32\ctfmon.exe[256] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\ctfmon.exe[256] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 00371014
.text C:\WINDOWS\system32\ctfmon.exe[256] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 00370804
.text C:\WINDOWS\system32\ctfmon.exe[256] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 00370A08
.text C:\WINDOWS\system32\ctfmon.exe[256] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 00370C0C
.text C:\WINDOWS\system32\ctfmon.exe[256] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 00370E10
.text C:\WINDOWS\system32\ctfmon.exe[256] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 003701F8
.text C:\WINDOWS\system32\ctfmon.exe[256] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 003703FC
.text C:\WINDOWS\system32\ctfmon.exe[256] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 00370600
.text C:\WINDOWS\system32\ctfmon.exe[256] USER32.dll!SetWinEventHook 77D5E3D3 5 Bytes JMP 003801F8
.text C:\WINDOWS\system32\ctfmon.exe[256] USER32.dll!UnhookWinEvent 77D5E544 5 Bytes JMP 003803FC
.text C:\WINDOWS\system32\ctfmon.exe[256] USER32.dll!SetWindowsHookExW 77D5E621 5 Bytes JMP 00380804
.text C:\WINDOWS\system32\ctfmon.exe[256] USER32.dll!UnhookWindowsHookEx 77D5F29F 5 Bytes JMP 00380A08
.text C:\WINDOWS\system32\ctfmon.exe[256] USER32.dll!SetWindowsHookExA 77D602B2 5 Bytes JMP 00380600
.text C:\Program Files\Vtune\TBPanel.exe[356] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 001501F8
.text C:\Program Files\Vtune\TBPanel.exe[356] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\Program Files\Vtune\TBPanel.exe[356] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 001503FC
.text C:\Program Files\Vtune\TBPanel.exe[356] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Vtune\TBPanel.exe[356] USER32.dll!SetWinEventHook 77D5E3D3 5 Bytes JMP 003D01F8
.text C:\Program Files\Vtune\TBPanel.exe[356] USER32.dll!UnhookWinEvent 77D5E544 5 Bytes JMP 003D03FC
.text C:\Program Files\Vtune\TBPanel.exe[356] USER32.dll!SetWindowsHookExW 77D5E621 5 Bytes JMP 003D0804
.text C:\Program Files\Vtune\TBPanel.exe[356] USER32.dll!UnhookWindowsHookEx 77D5F29F 5 Bytes JMP 003D0A08
.text C:\Program Files\Vtune\TBPanel.exe[356] USER32.dll!SetWindowsHookExA 77D602B2 5 Bytes JMP 003D0600
.text C:\Program Files\Vtune\TBPanel.exe[356] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 003E1014
.text C:\Program Files\Vtune\TBPanel.exe[356] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 003E0804
.text C:\Program Files\Vtune\TBPanel.exe[356] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 003E0A08
.text C:\Program Files\Vtune\TBPanel.exe[356] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 003E0C0C
.text C:\Program Files\Vtune\TBPanel.exe[356] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 003E0E10
.text C:\Program Files\Vtune\TBPanel.exe[356] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 003E01F8
.text C:\Program Files\Vtune\TBPanel.exe[356] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 003E03FC
.text C:\Program Files\Vtune\TBPanel.exe[356] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 003E0600
.text C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe[364] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 001501F8
.text C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe[364] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe[364] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 001503FC
.text C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe[364] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe[364] USER32.dll!SetWinEventHook 77D5E3D3 5 Bytes JMP 003D01F8
.text C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe[364] USER32.dll!UnhookWinEvent 77D5E544 5 Bytes JMP 003D03FC
.text C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe[364] USER32.dll!SetWindowsHookExW 77D5E621 5 Bytes JMP 003D0804
.text C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe[364] USER32.dll!UnhookWindowsHookEx 77D5F29F 5 Bytes JMP 003D0A08
.text C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe[364] USER32.dll!SetWindowsHookExA 77D602B2 5 Bytes JMP 003D0600
.text C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe[364] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 003E1014
.text C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe[364] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 003E0804
.text C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe[364] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 003E0A08
.text C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe[364] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 003E0C0C
.text C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe[364] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 003E0E10
.text C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe[364] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 003E01F8
.text C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe[364] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 003E03FC
.text C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe[364] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 003E0600
.text C:\WINDOWS\system32\rundll32.exe[400] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 000901F8
.text C:\WINDOWS\system32\rundll32.exe[400] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\rundll32.exe[400] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 000903FC
.text C:\WINDOWS\system32\rundll32.exe[400] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\rundll32.exe[400] USER32.dll!SetWinEventHook 77D5E3D3 5 Bytes JMP 002F01F8
.text C:\WINDOWS\system32\rundll32.exe[400] USER32.dll!UnhookWinEvent 77D5E544 5 Bytes JMP 002F03FC
.text C:\WINDOWS\system32\rundll32.exe[400] USER32.dll!SetWindowsHookExW 77D5E621 5 Bytes JMP 002F0804
.text C:\WINDOWS\system32\rundll32.exe[400] USER32.dll!UnhookWindowsHookEx 77D5F29F 5 Bytes JMP 002F0A08
.text C:\WINDOWS\system32\rundll32.exe[400] USER32.dll!SetWindowsHookExA 77D602B2 5 Bytes JMP 002F0600
.text C:\WINDOWS\system32\rundll32.exe[400] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 00301014
.text C:\WINDOWS\system32\rundll32.exe[400] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 00300804
.text C:\WINDOWS\system32\rundll32.exe[400] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 00300A08
.text C:\WINDOWS\system32\rundll32.exe[400] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 00300C0C
.text C:\WINDOWS\system32\rundll32.exe[400] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 00300E10
.text C:\WINDOWS\system32\rundll32.exe[400] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 003001F8
.text C:\WINDOWS\system32\rundll32.exe[400] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 003003FC
.text C:\WINDOWS\system32\rundll32.exe[400] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 00300600
.text C:\WINDOWS\System32\smss.exe[848] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\csrss.exe[896] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\csrss.exe[896] KERNEL32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\winlogon.exe[924] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 000701F8
.text C:\WINDOWS\system32\winlogon.exe[924] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\winlogon.exe[924] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 000703FC
.text C:\WINDOWS\system32\winlogon.exe[924] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\winlogon.exe[924] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 002F1014
.text C:\WINDOWS\system32\winlogon.exe[924] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 002F0804
.text C:\WINDOWS\system32\winlogon.exe[924] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 002F0A08
.text C:\WINDOWS\system32\winlogon.exe[924] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 002F0C0C
.text C:\WINDOWS\system32\winlogon.exe[924] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 002F0E10
.text C:\WINDOWS\system32\winlogon.exe[924] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 002F01F8
.text C:\WINDOWS\system32\winlogon.exe[924] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 002F03FC
.text C:\WINDOWS\system32\winlogon.exe[924] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 002F0600
.text C:\WINDOWS\system32\winlogon.exe[924] USER32.dll!SetWinEventHook 77D5E3D3 5 Bytes JMP 003001F8
.text C:\WINDOWS\system32\winlogon.exe[924] USER32.dll!UnhookWinEvent 77D5E544 5 Bytes JMP 003003FC
.text C:\WINDOWS\system32\winlogon.exe[924] USER32.dll!SetWindowsHookExW 77D5E621 5 Bytes JMP 00300804
.text C:\WINDOWS\system32\winlogon.exe[924] USER32.dll!UnhookWindowsHookEx 77D5F29F 5 Bytes JMP 00300A08
.text C:\WINDOWS\system32\winlogon.exe[924] USER32.dll!SetWindowsHookExA 77D602B2 5 Bytes JMP 00300600
.text C:\WINDOWS\system32\services.exe[968] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 000901F8
.text C:\WINDOWS\system32\services.exe[968] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\services.exe[968] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 000903FC
.text C:\WINDOWS\system32\services.exe[968] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\services.exe[968] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 002F1014
.text C:\WINDOWS\system32\services.exe[968] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 002F0804
.text C:\WINDOWS\system32\services.exe[968] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 002F0A08
.text C:\WINDOWS\system32\services.exe[968] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 002F0C0C
.text C:\WINDOWS\system32\services.exe[968] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 002F0E10
.text C:\WINDOWS\system32\services.exe[968] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 002F01F8
.text C:\WINDOWS\system32\services.exe[968] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 002F03FC
.text C:\WINDOWS\system32\services.exe[968] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 002F0600
.text C:\WINDOWS\system32\services.exe[968] USER32.dll!SetWinEventHook 77D5E3D3 5 Bytes JMP 003001F8
.text C:\WINDOWS\system32\services.exe[968] USER32.dll!UnhookWinEvent 77D5E544 5 Bytes JMP 003003FC
.text C:\WINDOWS\system32\services.exe[968] USER32.dll!SetWindowsHookExW 77D5E621 5 Bytes JMP 00300804
.text C:\WINDOWS\system32\services.exe[968] USER32.dll!UnhookWindowsHookEx 77D5F29F 5 Bytes JMP 00300A08
.text C:\WINDOWS\system32\services.exe[968] USER32.dll!SetWindowsHookExA 77D602B2 5 Bytes JMP 00300600
.text C:\WINDOWS\system32\lsass.exe[980] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 000901F8
.text C:\WINDOWS\system32\lsass.exe[980] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\lsass.exe[980] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 000903FC
.text C:\WINDOWS\system32\lsass.exe[980] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\lsass.exe[980] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 002F1014
.text C:\WINDOWS\system32\lsass.exe[980] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 002F0804
.text C:\WINDOWS\system32\lsass.exe[980] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 002F0A08
.text C:\WINDOWS\system32\lsass.exe[980] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 002F0C0C
.text C:\WINDOWS\system32\lsass.exe[980] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 002F0E10
.text C:\WINDOWS\system32\lsass.exe[980] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 002F01F8
.text C:\WINDOWS\system32\lsass.exe[980] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 002F03FC
.text C:\WINDOWS\system32\lsass.exe[980] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 002F0600
.text C:\WINDOWS\system32\lsass.exe[980] USER32.dll!SetWinEventHook 77D5E3D3 5 Bytes JMP 003001F8
.text C:\WINDOWS\system32\lsass.exe[980] USER32.dll!UnhookWinEvent 77D5E544 5 Bytes JMP 003003FC
.text C:\WINDOWS\system32\lsass.exe[980] USER32.dll!SetWindowsHookExW 77D5E621 5 Bytes JMP 00300804
.text C:\WINDOWS\system32\lsass.exe[980] USER32.dll!UnhookWindowsHookEx 77D5F29F 5 Bytes JMP 00300A08
.text C:\WINDOWS\system32\lsass.exe[980] USER32.dll!SetWindowsHookExA 77D602B2 5 Bytes JMP 00300600
.text C:\WINDOWS\Explorer.EXE[984] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 000901F8
.text C:\WINDOWS\Explorer.EXE[984] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\Explorer.EXE[984] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 000903FC
.text C:\WINDOWS\Explorer.EXE[984] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\Explorer.EXE[984] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 00371014
.text C:\WINDOWS\Explorer.EXE[984] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 00370804
.text C:\WINDOWS\Explorer.EXE[984] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 00370A08
.text C:\WINDOWS\Explorer.EXE[984] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 00370C0C
.text C:\WINDOWS\Explorer.EXE[984] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 00370E10
.text C:\WINDOWS\Explorer.EXE[984] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 003701F8
.text C:\WINDOWS\Explorer.EXE[984] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 003703FC
.text C:\WINDOWS\Explorer.EXE[984] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 00370600
.text C:\WINDOWS\Explorer.EXE[984] USER32.dll!SetWinEventHook 77D5E3D3 5 Bytes JMP 003801F8
.text C:\WINDOWS\Explorer.EXE[984] USER32.dll!UnhookWinEvent 77D5E544 5 Bytes JMP 003803FC
.text C:\WINDOWS\Explorer.EXE[984] USER32.dll!SetWindowsHookExW 77D5E621 5 Bytes JMP 00380804
.text C:\WINDOWS\Explorer.EXE[984] USER32.dll!UnhookWindowsHookEx 77D5F29F 5 Bytes JMP 00380A08
.text C:\WINDOWS\Explorer.EXE[984] USER32.dll!SetWindowsHookExA 77D602B2 5 Bytes JMP 00380600
.text C:\WINDOWS\system32\svchost.exe[1148] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 000901F8
.text C:\WINDOWS\system32\svchost.exe[1148] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1148] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 000903FC
.text C:\WINDOWS\system32\svchost.exe[1148] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1148] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 002F1014
.text C:\WINDOWS\system32\svchost.exe[1148] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 002F0804
.text C:\WINDOWS\system32\svchost.exe[1148] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 002F0A08
.text C:\WINDOWS\system32\svchost.exe[1148] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 002F0C0C
.text C:\WINDOWS\system32\svchost.exe[1148] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 002F0E10
.text C:\WINDOWS\system32\svchost.exe[1148] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 002F01F8
.text C:\WINDOWS\system32\svchost.exe[1148] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 002F03FC
.text C:\WINDOWS\system32\svchost.exe[1148] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 002F0600
.text C:\WINDOWS\system32\svchost.exe[1148] USER32.dll!SetWinEventHook 77D5E3D3 5 Bytes JMP 003001F8
.text C:\WINDOWS\system32\svchost.exe[1148] USER32.dll!UnhookWinEvent 77D5E544 5 Bytes JMP 003003FC
.text C:\WINDOWS\system32\svchost.exe[1148] USER32.dll!SetWindowsHookExW 77D5E621 5 Bytes JMP 00300804
.text C:\WINDOWS\system32\svchost.exe[1148] USER32.dll!UnhookWindowsHookEx 77D5F29F 5 Bytes JMP 00300A08
.text C:\WINDOWS\system32\svchost.exe[1148] USER32.dll!SetWindowsHookExA 77D602B2 5 Bytes JMP 00300600
.text C:\WINDOWS\system32\svchost.exe[1236] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 000901F8
.text C:\WINDOWS\system32\svchost.exe[1236] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1236] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 000903FC
.text C:\WINDOWS\system32\svchost.exe[1236] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1236] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 002F1014
.text C:\WINDOWS\system32\svchost.exe[1236] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 002F0804
.text C:\WINDOWS\system32\svchost.exe[1236] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 002F0A08
.text C:\WINDOWS\system32\svchost.exe[1236] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 002F0C0C
.text C:\WINDOWS\system32\svchost.exe[1236] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 002F0E10
.text C:\WINDOWS\system32\svchost.exe[1236] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 002F01F8
.text C:\WINDOWS\system32\svchost.exe[1236] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 002F03FC
.text C:\WINDOWS\system32\svchost.exe[1236] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 002F0600
.text C:\WINDOWS\system32\svchost.exe[1236] USER32.dll!SetWinEventHook 77D5E3D3 5 Bytes JMP 003001F8
.text C:\WINDOWS\system32\svchost.exe[1236] USER32.dll!UnhookWinEvent 77D5E544 5 Bytes JMP 003003FC
.text C:\WINDOWS\system32\svchost.exe[1236] USER32.dll!SetWindowsHookExW 77D5E621 5 Bytes JMP 00300804
.text C:\WINDOWS\system32\svchost.exe[1236] USER32.dll!UnhookWindowsHookEx 77D5F29F 5 Bytes JMP 00300A08
.text C:\WINDOWS\system32\svchost.exe[1236] USER32.dll!SetWindowsHookExA 77D602B2 5 Bytes JMP 00300600
.text C:\WINDOWS\system32\svchost.exe[1292] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 000901F8
.text C:\WINDOWS\system32\svchost.exe[1292] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1292] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 000903FC
.text C:\WINDOWS\system32\svchost.exe[1292] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1292] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 002F1014
.text C:\WINDOWS\system32\svchost.exe[1292] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 002F0804
.text C:\WINDOWS\system32\svchost.exe[1292] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 002F0A08
.text C:\WINDOWS\system32\svchost.exe[1292] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 002F0C0C
.text C:\WINDOWS\system32\svchost.exe[1292] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 002F0E10
.text C:\WINDOWS\system32\svchost.exe[1292] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 002F01F8
.text C:\WINDOWS\system32\svchost.exe[1292] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 002F03FC
.text C:\WINDOWS\system32\svchost.exe[1292] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 002F0600
.text C:\WINDOWS\system32\svchost.exe[1292] USER32.dll!SetWinEventHook 77D5E3D3 5 Bytes JMP 003001F8
.text C:\WINDOWS\system32\svchost.exe[1292] USER32.dll!UnhookWinEvent 77D5E544 5 Bytes JMP 003003FC
.text C:\WINDOWS\system32\svchost.exe[1292] USER32.dll!SetWindowsHookExW 77D5E621 5 Bytes JMP 00300804
.text C:\WINDOWS\system32\svchost.exe[1292] USER32.dll!UnhookWindowsHookEx 77D5F29F 5 Bytes JMP 00300A08
.text C:\WINDOWS\system32\svchost.exe[1292] USER32.dll!SetWindowsHookExA 77D602B2 5 Bytes JMP 00300600
.text C:\WINDOWS\System32\svchost.exe[1332] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 000901F8
.text C:\WINDOWS\System32\svchost.exe[1332] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\System32\svchost.exe[1332] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 000903FC
.text C:\WINDOWS\System32\svchost.exe[1332] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\System32\svchost.exe[1332] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 002F1014
.text C:\WINDOWS\System32\svchost.exe[1332] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 002F0804
.text C:\WINDOWS\System32\svchost.exe[1332] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 002F0A08
.text C:\WINDOWS\System32\svchost.exe[1332] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 002F0C0C
.text C:\WINDOWS\System32\svchost.exe[1332] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 002F0E10
.text C:\WINDOWS\System32\svchost.exe[1332] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 002F01F8
.text C:\WINDOWS\System32\svchost.exe[1332] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 002F03FC
.text C:\WINDOWS\System32\svchost.exe[1332] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 002F0600
.text C:\WINDOWS\System32\svchost.exe[1332] USER32.dll!SetWinEventHook 77D5E3D3 5 Bytes JMP 003001F8
.text C:\WINDOWS\System32\svchost.exe[1332] USER32.dll!UnhookWinEvent 77D5E544 5 Bytes JMP 003003FC
.text C:\WINDOWS\System32\svchost.exe[1332] USER32.dll!SetWindowsHookExW 77D5E621 5 Bytes JMP 00300804
.text C:\WINDOWS\System32\svchost.exe[1332] USER32.dll!UnhookWindowsHookEx 77D5F29F 5 Bytes JMP 00300A08
.text C:\WINDOWS\System32\svchost.exe[1332] USER32.dll!SetWindowsHookExA 77D602B2 5 Bytes JMP 00300600
.text C:\WINDOWS\system32\svchost.exe[1372] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 000901F8
.text C:\WINDOWS\system32\svchost.exe[1372] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1372] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 000903FC
.text C:\WINDOWS\system32\svchost.exe[1372] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1372] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 002F1014
.text C:\WINDOWS\system32\svchost.exe[1372] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 002F0804
.text C:\WINDOWS\system32\svchost.exe[1372] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 002F0A08
.text C:\WINDOWS\system32\svchost.exe[1372] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 002F0C0C
.text C:\WINDOWS\system32\svchost.exe[1372] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 002F0E10
.text C:\WINDOWS\system32\svchost.exe[1372] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 002F01F8
.text C:\WINDOWS\system32\svchost.exe[1372] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 002F03FC
.text C:\WINDOWS\system32\svchost.exe[1372] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 002F0600
.text C:\WINDOWS\system32\svchost.exe[1372] USER32.dll!SetWinEventHook 77D5E3D3 5 Bytes JMP 003001F8
.text C:\WINDOWS\system32\svchost.exe[1372] USER32.dll!UnhookWinEvent 77D5E544 5 Bytes JMP 003003FC
.text C:\WINDOWS\system32\svchost.exe[1372] USER32.dll!SetWindowsHookExW 77D5E621 5 Bytes JMP 00300804
.text C:\WINDOWS\system32\svchost.exe[1372] USER32.dll!UnhookWindowsHookEx 77D5F29F 5 Bytes JMP 00300A08
.text C:\WINDOWS\system32\svchost.exe[1372] USER32.dll!SetWindowsHookExA 77D602B2 5 Bytes JMP 00300600
.text C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe[1384] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 001501F8
.text C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe[1384] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe[1384] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 001503FC
.text C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe[1384] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe[1384] USER32.dll!SetWinEventHook 77D5E3D3 5 Bytes JMP 003D01F8
.text C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe[1384] USER32.dll!UnhookWinEvent 77D5E544 5 Bytes JMP 003D03FC
.text C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe[1384] USER32.dll!SetWindowsHookExW 77D5E621 5 Bytes JMP 003D0804
.text C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe[1384] USER32.dll!UnhookWindowsHookEx 77D5F29F 5 Bytes JMP 003D0A08
.text C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe[1384] USER32.dll!SetWindowsHookExA 77D602B2 5 Bytes JMP 003D0600
.text C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe[1384] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 003E1014
.text C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe[1384] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 003E0804
.text C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe[1384] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 003E0A08
.text C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe[1384] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 003E0C0C
.text C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe[1384] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 003E0E10
.text C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe[1384] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 003E01F8
.text C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe[1384] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 003E03FC
.text C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe[1384] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 003E0600
.text C:\WINDOWS\system32\svchost.exe[1424] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 000901F8
.text C:\WINDOWS\system32\svchost.exe[1424] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1424] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 000903FC
.text C:\WINDOWS\system32\svchost.exe[1424] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1424] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 002F1014
.text C:\WINDOWS\system32\svchost.exe[1424] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 002F0804
.text C:\WINDOWS\system32\svchost.exe[1424] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 002F0A08
.text C:\WINDOWS\system32\svchost.exe[1424] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 002F0C0C
.text C:\WINDOWS\system32\svchost.exe[1424] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 002F0E10
.text C:\WINDOWS\system32\svchost.exe[1424] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 002F01F8
.text C:\WINDOWS\system32\svchost.exe[1424] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 002F03FC
.text C:\WINDOWS\system32\svchost.exe[1424] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 002F0600
.text C:\WINDOWS\system32\svchost.exe[1424] USER32.dll!SetWinEventHook 77D5E3D3 5 Bytes JMP 003001F8
.text C:\WINDOWS\system32\svchost.exe[1424] USER32.dll!UnhookWinEvent 77D5E544 5 Bytes JMP 003003FC
.text C:\WINDOWS\system32\svchost.exe[1424] USER32.dll!SetWindowsHookExW 77D5E621 5 Bytes JMP 00300804
.text C:\WINDOWS\system32\svchost.exe[1424] USER32.dll!UnhookWindowsHookEx 77D5F29F 5 Bytes JMP 00300A08
.text C:\WINDOWS\system32\svchost.exe[1424] USER32.dll!SetWindowsHookExA 77D602B2 5 Bytes JMP 00300600
.text C:\WINDOWS\system32\RunDLL32.exe[1492] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 000901F8
.text C:\WINDOWS\system32\RunDLL32.exe[1492] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\RunDLL32.exe[1492] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 000903FC
.text C:\WINDOWS\system32\RunDLL32.exe[1492] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\RunDLL32.exe[1492] USER32.dll!SetWinEventHook 77D5E3D3 5 Bytes JMP 002F01F8
.text C:\WINDOWS\system32\RunDLL32.exe[1492] USER32.dll!UnhookWinEvent 77D5E544 5 Bytes JMP 002F03FC
.text C:\WINDOWS\system32\RunDLL32.exe[1492] USER32.dll!SetWindowsHookExW 77D5E621 5 Bytes JMP 002F0804
.text C:\WINDOWS\system32\RunDLL32.exe[1492] USER32.dll!UnhookWindowsHookEx 77D5F29F 5 Bytes JMP 002F0A08
.text C:\WINDOWS\system32\RunDLL32.exe[1492] USER32.dll!SetWindowsHookExA 77D602B2 5 Bytes JMP 002F0600
.text C:\WINDOWS\system32\RunDLL32.exe[1492] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 00301014
.text C:\WINDOWS\system32\RunDLL32.exe[1492] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 00300804
.text C:\WINDOWS\system32\RunDLL32.exe[1492] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 00300A08
.text C:\WINDOWS\system32\RunDLL32.exe[1492] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 00300C0C
.text C:\WINDOWS\system32\RunDLL32.exe[1492] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 00300E10
.text C:\WINDOWS\system32\RunDLL32.exe[1492] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 003001F8
.text C:\WINDOWS\system32\RunDLL32.exe[1492] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 003003FC
.text C:\WINDOWS\system32\RunDLL32.exe[1492] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 00300600
.text C:\PROGRA~1\Icon7\iConfig\capturesound.exe[1504] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 001501F8
.text C:\PROGRA~1\Icon7\iConfig\capturesound.exe[1504] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\PROGRA~1\Icon7\iConfig\capturesound.exe[1504] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 001503FC
.text C:\PROGRA~1\Icon7\iConfig\capturesound.exe[1504] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\PROGRA~1\Icon7\iConfig\capturesound.exe[1504] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 003D1014
.text C:\PROGRA~1\Icon7\iConfig\capturesound.exe[1504] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 003D0804
.text C:\PROGRA~1\Icon7\iConfig\capturesound.exe[1504] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 003D0A08
.text C:\PROGRA~1\Icon7\iConfig\capturesound.exe[1504] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 003D0C0C
.text C:\PROGRA~1\Icon7\iConfig\capturesound.exe[1504] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 003D0E10
.text C:\PROGRA~1\Icon7\iConfig\capturesound.exe[1504] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 003D01F8
.text C:\PROGRA~1\Icon7\iConfig\capturesound.exe[1504] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 003D03FC
.text C:\PROGRA~1\Icon7\iConfig\capturesound.exe[1504] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 003D0600
.text C:\PROGRA~1\Icon7\iConfig\capturesound.exe[1504] USER32.dll!SetWinEventHook 77D5E3D3 5 Bytes JMP 003E01F8
.text C:\PROGRA~1\Icon7\iConfig\capturesound.exe[1504] USER32.dll!UnhookWinEvent 77D5E544 5 Bytes JMP 003E03FC
.text C:\PROGRA~1\Icon7\iConfig\capturesound.exe[1504] USER32.dll!SetWindowsHookExW 77D5E621 5 Bytes JMP 003E0804
.text C:\PROGRA~1\Icon7\iConfig\capturesound.exe[1504] USER32.dll!UnhookWindowsHookEx 77D5F29F 5 Bytes JMP 003E0A08
.text C:\PROGRA~1\Icon7\iConfig\capturesound.exe[1504] USER32.dll!SetWindowsHookExA 77D602B2 5 Bytes JMP 003E0600
.text C:\WINDOWS\system32\svchost.exe[1536] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 000901F8
.text C:\WINDOWS\system32\svchost.exe[1536] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1536] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 000903FC
.text C:\WINDOWS\system32\svchost.exe[1536] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1536] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 00301014
.text C:\WINDOWS\system32\svchost.exe[1536] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 00300804
.text C:\WINDOWS\system32\svchost.exe[1536] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 00300A08
.text C:\WINDOWS\system32\svchost.exe[1536] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 00300C0C
.text C:\WINDOWS\system32\svchost.exe[1536] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 00300E10
.text C:\WINDOWS\system32\svchost.exe[1536] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 003001F8
.text C:\WINDOWS\system32\svchost.exe[1536] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 003003FC
.text C:\WINDOWS\system32\svchost.exe[1536] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 00300600
.text C:\WINDOWS\system32\svchost.exe[1536] USER32.dll!SetWinEventHook 77D5E3D3 5 Bytes JMP 003101F8
.text C:\WINDOWS\system32\svchost.exe[1536] USER32.dll!UnhookWinEvent 77D5E544 5 Bytes JMP 003103FC
.text C:\WINDOWS\system32\svchost.exe[1536] USER32.dll!SetWindowsHookExW 77D5E621 5 Bytes JMP 00310804
.text C:\WINDOWS\system32\svchost.exe[1536] USER32.dll!UnhookWindowsHookEx 77D5F29F 5 Bytes JMP 00310A08
.text C:\WINDOWS\system32\svchost.exe[1536] USER32.dll!SetWindowsHookExA 77D602B2 5 Bytes JMP 00310600
.text C:\Program Files\AVAST Software\Avast\avastUI.exe[1600] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\Program Files\AVAST Software\Avast\avastUI.exe[1600] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Documents and Settings\DZIECIAKI_PSUJE\Pulpit\uvireufb.exe[1676] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 001501F8
.text C:\Documents and Settings\DZIECIAKI_PSUJE\Pulpit\uvireufb.exe[1676] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\Documents and Settings\DZIECIAKI_PSUJE\Pulpit\uvireufb.exe[1676] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 001503FC
.text C:\Documents and Settings\DZIECIAKI_PSUJE\Pulpit\uvireufb.exe[1676] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Documents and Settings\DZIECIAKI_PSUJE\Pulpit\uvireufb.exe[1676] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 009B1014
.text C:\Documents and Settings\DZIECIAKI_PSUJE\Pulpit\uvireufb.exe[1676] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 009B0804
.text C:\Documents and Settings\DZIECIAKI_PSUJE\Pulpit\uvireufb.exe[1676] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 009B0A08
.text C:\Documents and Settings\DZIECIAKI_PSUJE\Pulpit\uvireufb.exe[1676] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 009B0C0C
.text C:\Documents and Settings\DZIECIAKI_PSUJE\Pulpit\uvireufb.exe[1676] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 009B0E10
.text C:\Documents and Settings\DZIECIAKI_PSUJE\Pulpit\uvireufb.exe[1676] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 009B01F8
.text C:\Documents and Settings\DZIECIAKI_PSUJE\Pulpit\uvireufb.exe[1676] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 009B03FC
.text C:\Documents and Settings\DZIECIAKI_PSUJE\Pulpit\uvireufb.exe[1676] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 009B0600
.text C:\Documents and Settings\DZIECIAKI_PSUJE\Pulpit\uvireufb.exe[1676] USER32.dll!SetWinEventHook 77D5E3D3 5 Bytes JMP 009C01F8
.text C:\Documents and Settings\DZIECIAKI_PSUJE\Pulpit\uvireufb.exe[1676] USER32.dll!UnhookWinEvent 77D5E544 5 Bytes JMP 009C03FC
.text C:\Documents and Settings\DZIECIAKI_PSUJE\Pulpit\uvireufb.exe[1676] USER32.dll!SetWindowsHookExW 77D5E621 5 Bytes JMP 009C0804
.text C:\Documents and Settings\DZIECIAKI_PSUJE\Pulpit\uvireufb.exe[1676] USER32.dll!UnhookWindowsHookEx 77D5F29F 5 Bytes JMP 009C0A08
.text C:\Documents and Settings\DZIECIAKI_PSUJE\Pulpit\uvireufb.exe[1676] USER32.dll!SetWindowsHookExA 77D602B2 5 Bytes JMP 009C0600
.text C:\Program Files\AVAST Software\Avast\AvastSvc.exe[1744] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\Program Files\AVAST Software\Avast\AvastSvc.exe[1744] kernel32.dll!SetUnhandledExceptionFilter 7C84495D 4 Bytes [C2, 04, 00, 90] {RET 0x4; NOP }
.text C:\Program Files\AVAST Software\Avast\AvastSvc.exe[1744] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\spoolsv.exe[1784] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 000901F8
.text C:\WINDOWS\system32\spoolsv.exe[1784] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\spoolsv.exe[1784] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 000903FC
.text C:\WINDOWS\system32\spoolsv.exe[1784] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\spoolsv.exe[1784] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 002F1014
.text C:\WINDOWS\system32\spoolsv.exe[1784] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 002F0804
.text C:\WINDOWS\system32\spoolsv.exe[1784] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 002F0A08
.text C:\WINDOWS\system32\spoolsv.exe[1784] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 002F0C0C
.text C:\WINDOWS\system32\spoolsv.exe[1784] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 002F0E10
.text C:\WINDOWS\system32\spoolsv.exe[1784] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 002F01F8
.text C:\WINDOWS\system32\spoolsv.exe[1784] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 002F03FC
.text C:\WINDOWS\system32\spoolsv.exe[1784] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 002F0600
.text C:\WINDOWS\system32\spoolsv.exe[1784] USER32.dll!SetWinEventHook 77D5E3D3 5 Bytes JMP 003001F8
.text C:\WINDOWS\system32\spoolsv.exe[1784] USER32.dll!UnhookWinEvent 77D5E544 5 Bytes JMP 003003FC
.text C:\WINDOWS\system32\spoolsv.exe[1784] USER32.dll!SetWindowsHookExW 77D5E621 5 Bytes JMP 00300804
.text C:\WINDOWS\system32\spoolsv.exe[1784] USER32.dll!UnhookWindowsHookEx 77D5F29F 5 Bytes JMP 00300A08
.text C:\WINDOWS\system32\spoolsv.exe[1784] USER32.dll!SetWindowsHookExA 77D602B2 5 Bytes JMP 00300600
.text C:\WINDOWS\system32\svchost.exe[1864] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 000901F8
.text C:\WINDOWS\system32\svchost.exe[1864] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1864] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 000903FC
.text C:\WINDOWS\system32\svchost.exe[1864] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1864] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 002F1014
.text C:\WINDOWS\system32\svchost.exe[1864] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 002F0804
.text C:\WINDOWS\system32\svchost.exe[1864] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 002F0A08
.text C:\WINDOWS\system32\svchost.exe[1864] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 002F0C0C
.text C:\WINDOWS\system32\svchost.exe[1864] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 002F0E10
.text C:\WINDOWS\system32\svchost.exe[1864] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 002F01F8
.text C:\WINDOWS\system32\svchost.exe[1864] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 002F03FC
.text C:\WINDOWS\system32\svchost.exe[1864] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 002F0600
.text C:\WINDOWS\system32\svchost.exe[1864] USER32.dll!SetWinEventHook 77D5E3D3 5 Bytes JMP 003001F8
.text C:\WINDOWS\system32\svchost.exe[1864] USER32.dll!UnhookWinEvent 77D5E544 5 Bytes JMP 003003FC
.text C:\WINDOWS\system32\svchost.exe[1864] USER32.dll!SetWindowsHookExW 77D5E621 5 Bytes JMP 00300804
.text C:\WINDOWS\system32\svchost.exe[1864] USER32.dll!UnhookWindowsHookEx 77D5F29F 5 Bytes JMP 00300A08
.text C:\WINDOWS\system32\svchost.exe[1864] USER32.dll!SetWindowsHookExA 77D602B2 5 Bytes JMP 00300600
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2316] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 000901F8
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2316] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2316] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 000903FC
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2316] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2316] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 002F1014
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2316] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 002F0804
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2316] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 002F0A08
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2316] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 002F0C0C
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2316] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 002F0E10
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2316] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 002F01F8
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2316] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 002F03FC
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2316] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 002F0600
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2316] USER32.dll!SetWinEventHook 77D5E3D3 5 Bytes JMP 003001F8
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2316] USER32.dll!UnhookWinEvent 77D5E544 5 Bytes JMP 003003FC
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2316] USER32.dll!SetWindowsHookExW 77D5E621 5 Bytes JMP 00300804
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2316] USER32.dll!UnhookWindowsHookEx 77D5F29F 5 Bytes JMP 00300A08
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2316] USER32.dll!SetWindowsHookExA 77D602B2 5 Bytes JMP 00300600
.text C:\WINDOWS\System32\alg.exe[2716] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 000901F8
.text C:\WINDOWS\System32\alg.exe[2716] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\System32\alg.exe[2716] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 000903FC
.text C:\WINDOWS\System32\alg.exe[2716] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\System32\alg.exe[2716] USER32.dll!SetWinEventHook 77D5E3D3 5 Bytes JMP 002F01F8
.text C:\WINDOWS\System32\alg.exe[2716] USER32.dll!UnhookWinEvent 77D5E544 5 Bytes JMP 002F03FC
.text C:\WINDOWS\System32\alg.exe[2716] USER32.dll!SetWindowsHookExW 77D5E621 5 Bytes JMP 002F0804
.text C:\WINDOWS\System32\alg.exe[2716] USER32.dll!UnhookWindowsHookEx 77D5F29F 5 Bytes JMP 002F0A08
.text C:\WINDOWS\System32\alg.exe[2716] USER32.dll!SetWindowsHookExA 77D602B2 5 Bytes JMP 002F0600
.text C:\WINDOWS\System32\alg.exe[2716] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 00301014
.text C:\WINDOWS\System32\alg.exe[2716] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 00300804
.text C:\WINDOWS\System32\alg.exe[2716] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 00300A08
.text C:\WINDOWS\System32\alg.exe[2716] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 00300C0C
.text C:\WINDOWS\System32\alg.exe[2716] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 00300E10
.text C:\WINDOWS\System32\alg.exe[2716] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 003001F8
.text C:\WINDOWS\System32\alg.exe[2716] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 003003FC
.text C:\WINDOWS\System32\alg.exe[2716] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 00300600
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2792] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 000501F8
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2792] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2792] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 000503FC
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2792] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2792] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 01071014
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2792] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 01070804
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2792] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 01070A08
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2792] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 01070C0C
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2792] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 01070E10
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2792] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 010701F8
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2792] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 010703FC
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2792] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 01070600
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2792] USER32.dll!SetWinEventHook 77D5E3D3 5 Bytes JMP 010801F8
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2792] USER32.dll!UnhookWinEvent 77D5E544 5 Bytes JMP 010803FC
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2792] USER32.dll!SetWindowsHookExW 77D5E621 5 Bytes JMP 01080804
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2792] USER32.dll!UnhookWindowsHookEx 77D5F29F 5 Bytes JMP 01080A08
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2792] USER32.dll!SetWindowsHookExA 77D602B2 5 Bytes JMP 01080600
.text C:\WINDOWS\system32\nvsvc32.exe[2896] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 001501F8
.text C:\WINDOWS\system32\nvsvc32.exe[2896] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\nvsvc32.exe[2896] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 001503FC
.text C:\WINDOWS\system32\nvsvc32.exe[2896] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\nvsvc32.exe[2896] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 003D1014
.text C:\WINDOWS\system32\nvsvc32.exe[2896] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 003D0804
.text C:\WINDOWS\system32\nvsvc32.exe[2896] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 003D0A08
.text C:\WINDOWS\system32\nvsvc32.exe[2896] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 003D0C0C
.text C:\WINDOWS\system32\nvsvc32.exe[2896] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 003D0E10
.text C:\WINDOWS\system32\nvsvc32.exe[2896] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 003D01F8
.text C:\WINDOWS\system32\nvsvc32.exe[2896] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 003D03FC
.text C:\WINDOWS\system32\nvsvc32.exe[2896] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 003D0600
.text C:\WINDOWS\system32\nvsvc32.exe[2896] USER32.dll!SetWinEventHook 77D5E3D3 5 Bytes JMP 003E01F8
.text C:\WINDOWS\system32\nvsvc32.exe[2896] USER32.dll!UnhookWinEvent 77D5E544 5 Bytes JMP 003E03FC
.text C:\WINDOWS\system32\nvsvc32.exe[2896] USER32.dll!SetWindowsHookExW 77D5E621 5 Bytes JMP 003E0804
.text C:\WINDOWS\system32\nvsvc32.exe[2896] USER32.dll!UnhookWindowsHookEx 77D5F29F 5 Bytes JMP 003E0A08
.text C:\WINDOWS\system32\nvsvc32.exe[2896] USER32.dll!SetWindowsHookExA 77D602B2 5 Bytes JMP 003E0600
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[3596] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 001501F8
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[3596] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[3596] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 001503FC
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[3596] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[3596] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 003D1014
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[3596] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 003D0804
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[3596] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 003D0A08
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[3596] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 003D0C0C
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[3596] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 003D0E10
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[3596] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 003D01F8
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[3596] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 003D03FC
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[3596] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 003D0600
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[3596] USER32.dll!SetWinEventHook 77D5E3D3 5 Bytes JMP 003E01F8
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[3596] USER32.dll!UnhookWinEvent 77D5E544 5 Bytes JMP 003E03FC
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[3596] USER32.dll!SetWindowsHookExW 77D5E621 5 Bytes JMP 003E0804
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[3596] USER32.dll!UnhookWindowsHookEx 77D5F29F 5 Bytes JMP 003E0A08
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[3596] USER32.dll!SetWindowsHookExA 77D602B2 5 Bytes JMP 003E0600
.text C:\WINDOWS\system32\PnkBstrA.exe[3732] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 001401F8
.text C:\WINDOWS\system32\PnkBstrA.exe[3732] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\PnkBstrA.exe[3732] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 001403FC
.text C:\WINDOWS\system32\PnkBstrA.exe[3732] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\PnkBstrA.exe[3732] USER32.dll!SetWinEventHook 77D5E3D3 5 Bytes JMP 003C01F8
.text C:\WINDOWS\system32\PnkBstrA.exe[3732] USER32.dll!UnhookWinEvent 77D5E544 5 Bytes JMP 003C03FC
.text C:\WINDOWS\system32\PnkBstrA.exe[3732] USER32.dll!SetWindowsHookExW 77D5E621 5 Bytes JMP 003C0804
.text C:\WINDOWS\system32\PnkBstrA.exe[3732] USER32.dll!UnhookWindowsHookEx 77D5F29F 5 Bytes JMP 003C0A08
.text C:\WINDOWS\system32\PnkBstrA.exe[3732] USER32.dll!SetWindowsHookExA 77D602B2 5 Bytes JMP 003C0600
.text C:\WINDOWS\system32\PnkBstrA.exe[3732] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 003D1014
.text C:\WINDOWS\system32\PnkBstrA.exe[3732] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 003D0804
.text C:\WINDOWS\system32\PnkBstrA.exe[3732] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 003D0A08
.text C:\WINDOWS\system32\PnkBstrA.exe[3732] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 003D0C0C
.text C:\WINDOWS\system32\PnkBstrA.exe[3732] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 003D0E10
.text C:\WINDOWS\system32\PnkBstrA.exe[3732] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 003D01F8
.text C:\WINDOWS\system32\PnkBstrA.exe[3732] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 003D03FC
.text C:\WINDOWS\system32\PnkBstrA.exe[3732] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 003D0600
.text C:\Program Files\Opera\opera.exe[3836] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 001501F8
.text C:\Program Files\Opera\opera.exe[3836] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\Program Files\Opera\opera.exe[3836] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 001503FC
.text C:\Program Files\Opera\opera.exe[3836] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Opera\opera.exe[3836] USER32.dll!SetWinEventHook 77D5E3D3 5 Bytes JMP 003D01F8
.text C:\Program Files\Opera\opera.exe[3836] USER32.dll!UnhookWinEvent 77D5E544 5 Bytes JMP 003D03FC
.text C:\Program Files\Opera\opera.exe[3836] USER32.dll!SetWindowsHookExW 77D5E621 5 Bytes JMP 003D0804
.text C:\Program Files\Opera\opera.exe[3836] USER32.dll!UnhookWindowsHookEx 77D5F29F 5 Bytes JMP 003D0A08
.text C:\Program Files\Opera\opera.exe[3836] USER32.dll!SetWindowsHookExA 77D602B2 5 Bytes JMP 003D0600
.text C:\Program Files\Opera\opera.exe[3836] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 003E1014
.text C:\Program Files\Opera\opera.exe[3836] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 003E0804
.text C:\Program Files\Opera\opera.exe[3836] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 003E0A08
.text C:\Program Files\Opera\opera.exe[3836] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 003E0C0C
.text C:\Program Files\Opera\opera.exe[3836] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 003E0E10
.text C:\Program Files\Opera\opera.exe[3836] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 003E01F8
.text C:\Program Files\Opera\opera.exe[3836] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 003E03FC
.text C:\Program Files\Opera\opera.exe[3836] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 003E0600
.text C:\WINDOWS\system32\PnkBstrB.exe[3928] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 001401F8
.text C:\WINDOWS\system32\PnkBstrB.exe[3928] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\PnkBstrB.exe[3928] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 001403FC
.text C:\WINDOWS\system32\PnkBstrB.exe[3928] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\PnkBstrB.exe[3928] USER32.dll!SetWinEventHook 77D5E3D3 5 Bytes JMP 003C01F8
.text C:\WINDOWS\system32\PnkBstrB.exe[3928] USER32.dll!UnhookWinEvent 77D5E544 5 Bytes JMP 003C03FC
.text C:\WINDOWS\system32\PnkBstrB.exe[3928] USER32.dll!SetWindowsHookExW 77D5E621 5 Bytes JMP 003C0804
.text C:\WINDOWS\system32\PnkBstrB.exe[3928] USER32.dll!UnhookWindowsHookEx 77D5F29F 5 Bytes JMP 003C0A08
.text C:\WINDOWS\system32\PnkBstrB.exe[3928] USER32.dll!SetWindowsHookExA 77D602B2 5 Bytes JMP 003C0600
.text C:\WINDOWS\system32\PnkBstrB.exe[3928] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 003D1014
.text C:\WINDOWS\system32\PnkBstrB.exe[3928] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 003D0804
.text C:\WINDOWS\system32\PnkBstrB.exe[3928] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 003D0A08
.text C:\WINDOWS\system32\PnkBstrB.exe[3928] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 003D0C0C
.text C:\WINDOWS\system32\PnkBstrB.exe[3928] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 003D0E10
.text C:\WINDOWS\system32\PnkBstrB.exe[3928] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 003D01F8
.text C:\WINDOWS\system32\PnkBstrB.exe[3928] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 003D03FC
.text C:\WINDOWS\system32\PnkBstrB.exe[3928] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 003D0600

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT \WINDOWS\system32\DRIVERS\PCIIDEX.SYS[HAL.dll!WRITE_PORT_ULONG] [B7E8F232] sptd.sys (SCSI Pass Through Direct Host/Duplex Secure Ltd.)
IAT \WINDOWS\system32\DRIVERS\PCIIDEX.SYS[HAL.dll!READ_PORT_UCHAR] [B7E8E730] sptd.sys (SCSI Pass Through Direct Host/Duplex Secure Ltd.)
IAT \WINDOWS\system32\DRIVERS\PCIIDEX.SYS[HAL.dll!WRITE_PORT_UCHAR] [B7E8EF12] sptd.sys (SCSI Pass Through Direct Host/Duplex Secure Ltd.)
IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [B7E8E730] sptd.sys (SCSI Pass Through Direct Host/Duplex Secure Ltd.)
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [B7E8E914] sptd.sys (SCSI Pass Through Direct Host/Duplex Secure Ltd.)
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [B7E8E856] sptd.sys (SCSI Pass Through Direct Host/Duplex Secure Ltd.)
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [B7E8F0F0] sptd.sys (SCSI Pass Through Direct Host/Duplex Secure Ltd.)
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [B7E8EF12] sptd.sys (SCSI Pass Through Direct Host/Duplex Secure Ltd.)
IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [B7EA2EB0] sptd.sys (SCSI Pass Through Direct Host/Duplex Secure Ltd.)

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\WINDOWS\system32\services.exe[968] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 00620002
IAT C:\WINDOWS\system32\services.exe[968] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] 00620000
IAT C:\Program Files\AVAST Software\Avast\avastUI.exe[1600] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [64C8F6A0] C:\Program Files\AVAST Software\Avast\aswCmnBS.dll (Common functions/AVAST Software)
IAT C:\Program Files\AVAST Software\Avast\AvastSvc.exe[1744] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [64C8F6A0] C:\Program Files\AVAST Software\Avast\aswCmnBS.dll (Common functions/AVAST Software)

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software)
Device \FileSystem\Ntfs \Ntfs 8A8921E8

AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

Device \Driver\usbuhci \Device\USBPDO-0 8A67B1E8
Device \Driver\usbuhci \Device\USBPDO-1 8A67B1E8
Device \Driver\usbuhci \Device\USBPDO-2 8A67B1E8
Device \Driver\usbuhci \Device\USBPDO-3 8A67B1E8
Device \Driver\usbehci \Device\USBPDO-4 8A5B31E8

AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

Device \Driver\PCI_PNP2398 \Device\00000049 sptd.sys (SCSI Pass Through Direct Host/Duplex Secure Ltd.)
Device \Driver\PCI_PNP2398 \Device\00000049 sptd.sys (SCSI Pass Through Direct Host/Duplex Secure Ltd.)
Device \Driver\Cdrom \Device\CdRom0 8A5AD1E8
Device \Driver\atapi \Device\Ide\IdePort0 8A8941E8
Device \Driver\atapi \Device\Ide\IdePort1 8A8941E8
Device \Driver\atapi \Device\Ide\IdePort2 8A8941E8
Device \Driver\atapi \Device\Ide\IdePort3 8A8941E8
Device \Driver\atapi \Device\Ide\IdeDeviceP3T1L0-10 8A8941E8
Device \Driver\atapi \Device\Ide\IdeDeviceP3T0L0-8 8A8941E8
Device \Driver\Cdrom \Device\CdRom1 8A5AD1E8
Device \Driver\NetBT \Device\NetBt_Wins_Export 89F2E1E8
Device \Driver\NetBT \Device\NetbiosSmb 89F2E1E8

AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

Device \Driver\NetBT \Device\NetBT_Tcpip_{AE34ABA8-AC2F-4BFB-8E20-AE3701260DF0} 89F2E1E8

AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

Device \Driver\usbuhci \Device\USBFDO-0 8A67B1E8
Device \Driver\usbuhci \Device\USBFDO-1 8A67B1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 89F2A1E8
Device \Driver\usbuhci \Device\USBFDO-2 8A67B1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector 89F2A1E8
Device \Driver\usbuhci \Device\USBFDO-3 8A67B1E8
Device \Driver\usbehci \Device\USBFDO-4 8A5B31E8
Device \Driver\ag8k2j22 \Device\Scsi\ag8k2j221Port4Path0Target0Lun0 8A6521E8
Device \Driver\ag8k2j22 \Device\Scsi\ag8k2j221 8A6521E8
Device \FileSystem\Cdfs \Cdfs 8A2A3430

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 120\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x49 0xA7 0x46 0x7D ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x12 0xFD 0x39 0x1B ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0x9D 0x56 0xA6 0x16 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x59 0xAF 0xA7 0x8B ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 120\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 1
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x49 0xA7 0x46 0x7D ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x12 0xFD 0x39 0x1B ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0x9D 0x56 0xA6 0x16 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x59 0xAF 0xA7 0x8B ...

---- EOF - GMER 1.0.15 ----

Co jeszcze mi poradzisz ?

Gość
komentarz
komentarz

Start > uruchom > wpisz CMD . Enter

w oknie konsoli wklej komende

[b]netsh winsock reset[/b]

klik w Enter > restart

2. Pobierz AdwCleaner i zastosuj opcję [b]Delete[/b]
http://general-changelog-team.fr/outils/289-adwcleaner

3. Zrób nowy skan OTL i przedstaw raport. Logi zamieszczaj na http://wklej.to/

Dzani1125
komentarz
komentarz (edytowane)

[url="http://wklej.to/BB2sR"]Tutaj log z [/url] AdwCleanera [url="http://wklej.to/BB2sR"] http://wklej.to/BB2sR[/url]

Gość
komentarz
komentarz

A gdzie log z OTL?

Dzani1125
komentarz
komentarz

A tutaj masz z tego OTL http://wklej.to/3Gfn3

Aha i chciałem Ci jeszcze powiedzieć że jak naciskam PPM i mam rozmieść ikony według to mam taką opcje zaznaczoną jak "Pokaż ikony pulpitu" jak to odznacze to znikają wszystkie foldery.

Gość
komentarz
komentarz

Uruchom OTL i w oknie własne opcje skanowania/skrypt wklej:

[code]:OTL
O2 - BHO: (no name) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (MyAshampoo Toolbar) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\prxtbMyA0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (free-downloads.net Toolbar) - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\prxtbfre0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-854245398-73586283-839522115-1003\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O2 - BHO: (free-downloads.net Toolbar) - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\prxtbfre0.dll (Conduit Ltd.)

:Commands
[emptytemp][/code]

Kliknij w [b]Wykonaj skrypt.[/b]

Dzani1125
komentarz
komentarz

Ok, już to zrobiłem

Co dalej ?

Gość
komentarz
komentarz

Start > uruchom > regedit

znajdź klucz [HKEY_CURRENT_USER\Software\Microsoft\Windows\Shell]

PPM na wartość [b]Shell > Eksportuj > [/b]zapisz jako [b]Shell.reg[/b]

potem PPM na plik Shell.reg > Edytuj

przeklej zawartość notatnika do posta

Dzani1125
komentarz
komentarz

Okey masz tutaj w linku http://wklej.to/0UAEM

Gość
komentarz
komentarz

Utwórz nowe konto z uprawnieniami administratora , zaloguj sie na nie i sprawdaż jak zachowują sie ikony i widok folderów.

Dzani1125
komentarz
komentarz

Już to zrobiłem i zachowują się normalnie, ale chciałbym bardziej na tym koncie co mam siedzieć a nie na tamtym :(

Już nic więcej nie poradzisz co by tu zrobić ?

Gość
komentarz
komentarz (edytowane)

[quote]Już nic więcej nie poradzisz co by tu zrobić ?[/quote]


Jak sie nazywa nowe konto?

Dzani1125
komentarz
komentarz

Nowe konto nazywa sie Dawid a stare Dzani na tym co teraz siedze

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.