x-kom hosting

menadżer zadań/rejestr nie uruchamiają się

mac_iek13
utworzono
utworzono (edytowane)

menadżer zadań/rejestr nie uruchamiają się wyskakuje błąd że administrator je wyłączył.
skanowałem avg i znalazł jakieś wirusy/infekcje wszystko usunąłem, lecz problem dalej występuje.
oto log z OTL:
[log]OTL logfile created on: 2012-08-21 22:14:23 - Run 2
OTL by OldTimer - Version 3.2.58.1 Folder = C:\Documents and Settings\BRATEK\Moje dokumenty\Downloads
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

511,53 Mb Total Physical Memory | 105,30 Mb Available Physical Memory | 20,59% Memory free
1,22 Gb Paging File | 0,55 Gb Available in Paging File | 44,83% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 14,65 Gb Total Space | 4,50 Gb Free Space | 30,71% Space Free | Partition Type: NTFS
Drive D: | 29,29 Gb Total Space | 21,89 Gb Free Space | 74,73% Space Free | Partition Type: NTFS
Drive E: | 30,59 Gb Total Space | 19,65 Gb Free Space | 64,23% Space Free | Partition Type: NTFS
Drive H: | 654,81 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: DOM | User Name: BRATEK | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2012-08-21 22:03:29 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\BRATEK\Moje dokumenty\Downloads\OTL.exe
PRC - [2012-08-14 06:31:01 | 001,229,848 | ---- | M] (Google Inc.) -- C:\Documents and Settings\BRATEK\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
PRC - [2012-01-31 15:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2012-01-17 20:03:24 | 002,339,168 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\AVG\AVG10\avgtray.exe
PRC - [2011-09-09 03:10:56 | 001,082,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\AVG\AVG10\avgnsx.exe
PRC - [2011-08-18 01:33:26 | 000,659,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\AVG\AVG10\avgrsx.exe
PRC - [2011-05-23 14:13:04 | 000,657,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\AVG\AVG10\avgchsvx.exe
PRC - [2011-03-28 03:00:52 | 000,351,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\AVG\AVG10\avgcsrvx.exe
PRC - [2011-03-09 19:24:44 | 002,708,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\AVG\AVG10\avgfws.exe
PRC - [2011-02-10 07:55:18 | 001,148,256 | ---- | M] () -- C:\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011-02-08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\AVG\AVG10\avgwdsvc.exe
PRC - [2011-02-08 05:32:42 | 000,750,432 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\AVG\AVG10\avgam.exe
PRC - [2009-03-15 11:41:49 | 000,139,264 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\system32\UAService7.exe
PRC - [2006-11-12 12:48:46 | 000,157,592 | ---- | M] (DT Soft Ltd.) -- C:\Program Files\DAEMON Tools\daemon.exe
PRC - [2006-05-25 01:20:50 | 000,593,920 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe
PRC - [2006-05-10 10:48:08 | 000,094,208 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.exe
PRC - [2005-06-11 01:53:32 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2005-02-23 04:33:35 | 000,352,256 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
PRC - [2005-02-22 22:05:00 | 000,339,968 | ---- | M] (ATI Technologies, Inc.) -- C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
PRC - [2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2004-08-04 00:44:28 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2004-08-04 00:44:28 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2004-08-04 00:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2004-08-04 00:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004-08-04 00:44:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2004-08-04 00:44:20 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2004-08-04 00:44:18 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2003-06-20 00:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
PRC - [2003-05-05 09:57:30 | 000,143,360 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
PRC - [2002-09-20 17:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2012-08-21 22:03:29 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\BRATEK\Moje dokumenty\Downloads\OTL.exe
MOD - [2012-08-20 21:39:54 | 001,859,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Documents and Settings\BRATEK\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins\avgxpl.dll
MOD - [2012-08-20 21:39:54 | 001,752,928 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Documents and Settings\BRATEK\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins\avgnpss.dll
MOD - [2012-08-14 06:31:01 | 001,229,848 | ---- | M] (Google Inc.) -- C:\Documents and Settings\BRATEK\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
MOD - [2012-08-14 06:30:59 | 000,442,392 | ---- | M] () -- C:\Documents and Settings\BRATEK\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1180.79\ppgooglenaclpluginchrome.dll
MOD - [2012-08-14 06:30:58 | 012,235,288 | ---- | M] () -- C:\Documents and Settings\BRATEK\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1180.79\PepperFlash\pepflashplayer.dll
MOD - [2012-08-14 06:30:57 | 003,997,720 | ---- | M] () -- C:\Documents and Settings\BRATEK\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1180.79\pdf.dll
MOD - [2012-08-14 06:29:38 | 009,962,520 | ---- | M] (The ICU Project) -- C:\Documents and Settings\BRATEK\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1180.79\icudt.dll
MOD - [2012-08-14 06:29:31 | 037,958,680 | ---- | M] (Google Inc.) -- C:\Documents and Settings\BRATEK\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1180.79\chrome.dll
MOD - [2012-08-14 06:29:28 | 000,144,424 | ---- | M] () -- C:\Documents and Settings\BRATEK\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1180.79\avutil-51.dll
MOD - [2012-08-14 06:29:27 | 000,266,792 | ---- | M] () -- C:\Documents and Settings\BRATEK\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1180.79\avformat-54.dll
MOD - [2012-08-14 06:29:26 | 002,480,680 | ---- | M] () -- C:\Documents and Settings\BRATEK\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1180.79\avcodec-54.dll
MOD - [2012-06-15 15:08:50 | 005,481,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\AVG\AVG10\avgcorex.dll
MOD - [2012-01-31 15:03:34 | 002,034,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\AVG\AVG10\avgwd.dll
MOD - [2012-01-31 15:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
MOD - [2012-01-17 20:03:24 | 002,339,168 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\AVG\AVG10\avgtray.exe
MOD - [2012-01-17 20:02:54 | 001,854,304 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\AVG\AVG10\avgcslx.dll
MOD - [2011-12-19 18:50:50 | 001,128,800 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\AVG\AVG10\avgcfgx.dll
MOD - [2011-09-09 03:10:56 | 001,082,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\AVG\AVG10\avgnsx.exe
MOD - [2011-08-18 01:33:26 | 000,659,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\AVG\AVG10\avgrsx.exe
MOD - [2011-08-18 01:33:20 | 001,859,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\AVG\AVG10\avgxpl.dll
MOD - [2011-08-18 01:32:52 | 000,334,688 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\AVG\AVG10\avgclitx.dll
MOD - [2011-05-27 19:07:26 | 000,609,632 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\AVG\AVG10\avgsched.dll
MOD - [2011-05-27 19:07:20 | 000,544,096 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\AVG\AVG10\avgchjwx.dll
MOD - [2011-05-23 14:13:04 | 000,657,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\AVG\AVG10\avgchsvx.exe
MOD - [2011-04-18 17:39:44 | 000,246,624 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\AVG\AVG10\avglngx.dll
MOD - [2011-04-12 01:30:42 | 002,897,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\AVG\AVG10\avguires.dll
MOD - [2011-03-28 03:00:52 | 000,450,912 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\AVG\AVG10\avgcclix.dll
MOD - [2011-03-28 03:00:52 | 000,351,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\AVG\AVG10\avgcsrvx.exe
MOD - [2011-03-09 19:24:44 | 002,708,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\AVG\AVG10\avgfws.exe
MOD - [2011-02-21 05:52:26 | 000,796,512 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\AVG\AVG10\avglogx.dll
MOD - [2011-02-10 07:55:18 | 002,547,040 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\AVG\AVG10\avgidpsdkx.dll
MOD - [2011-02-10 07:55:18 | 001,148,256 | ---- | M] () -- C:\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
MOD - [2011-02-08 05:33:44 | 000,460,600 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\AVG\AVG10\avgwdwsc.dll
MOD - [2011-02-08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\AVG\AVG10\avgwdsvc.exe
MOD - [2011-02-08 05:33:08 | 000,620,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\AVG\AVG10\avgsrmx.dll
MOD - [2011-02-08 05:33:08 | 000,207,200 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\AVG\AVG10\avgse.dll
MOD - [2011-02-08 05:33:06 | 001,045,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\AVG\AVG10\avgmtrapx.dll
MOD - [2011-02-08 05:33:02 | 000,476,000 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\AVG\AVG10\avgamnot.dll
MOD - [2011-02-08 05:32:44 | 000,867,168 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\AVG\AVG10\avgcertx.dll
MOD - [2011-02-08 05:32:44 | 000,246,112 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\AVG\AVG10\avgchclx.dll
MOD - [2011-02-08 05:32:42 | 001,781,088 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\AVG\AVG10\avgaspmx.dll
MOD - [2011-02-08 05:32:42 | 000,750,432 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\AVG\AVG10\avgam.exe
MOD - [2011-02-08 05:32:42 | 000,601,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\AVG\AVG10\avgameh.dll
MOD - [2010-11-23 12:52:48 | 000,333,152 | ---- | M] (Winco Sistemas) -- C:\AVG\AVG10\imsdk32.dll
MOD - [2009-07-12 00:02:02 | 003,780,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll
MOD - [2009-07-12 00:02:02 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
MOD - [2009-07-12 00:02:00 | 000,569,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
MOD - [2009-03-15 11:41:49 | 000,139,264 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\system32\UAService7.exe
MOD - [2009-03-15 11:41:49 | 000,098,304 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\system32\CmdLineExt.dll
MOD - [2007-11-07 11:29:33 | 000,723,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsasrv.dll
MOD - [2007-07-30 20:19:42 | 001,712,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuaueng.dll
MOD - [2007-06-19 15:32:56 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2007-04-25 16:23:30 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schannel.dll
MOD - [2006-12-02 01:25:56 | 001,093,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll
MOD - [2006-12-01 23:56:00 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll
MOD - [2006-12-01 23:54:34 | 000,548,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll
MOD - [2006-12-01 23:54:32 | 000,626,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll
MOD - [2006-11-27 16:55:46 | 000,433,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\riched20.dll
MOD - [2006-11-12 12:48:46 | 000,157,592 | ---- | M] (DT Soft Ltd.) -- C:\Program Files\DAEMON Tools\daemon.exe
MOD - [2006-11-12 12:46:51 | 000,752,024 | ---- | M] (DT Soft Ltd.) -- C:\Program Files\DAEMON Tools\daemon.dll
MOD - [2006-11-02 15:11:16 | 000,012,800 | ---- | M] (DT Soft Ltd.) -- C:\Program Files\DAEMON Tools\Plugins\Images\nrgmount.dll
MOD - [2006-10-29 20:38:32 | 000,021,504 | ---- | M] (DT Soft Ltd.) -- C:\Program Files\DAEMON Tools\Plugins\Images\mdsmount.dll
MOD - [2006-10-23 17:19:37 | 001,494,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shdocvw.dll
MOD - [2006-10-23 17:19:37 | 001,022,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browseui.dll
MOD - [2006-10-23 17:19:37 | 000,661,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wininet.dll
MOD - [2006-10-23 17:19:37 | 000,614,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\urlmon.dll
MOD - [2006-10-23 17:19:37 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2006-10-20 03:39:31 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sxs.dll
MOD - [2006-09-10 20:23:05 | 000,009,216 | ---- | M] (DT Soft Ltd.) -- C:\Program Files\DAEMON Tools\Plugins\Images\cuemount.dll
MOD - [2006-08-25 17:51:15 | 000,617,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comctl32.dll
MOD - [2006-08-25 17:51:13 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
MOD - [2006-08-17 14:30:06 | 000,332,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netapi32.dll
MOD - [2006-08-17 14:30:06 | 000,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wkssvc.dll
MOD - [2006-07-14 07:34:00 | 000,007,680 | ---- | M] () -- C:\Program Files\DAEMON Tools\Plugins\Images\bw5mount.dll
MOD - [2006-07-13 15:36:26 | 008,482,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2006-07-05 12:56:45 | 001,012,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2006-06-26 19:45:40 | 000,148,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dnsapi.dll
MOD - [2006-06-26 19:45:40 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasadhlp.dll
MOD - [2006-06-22 12:54:46 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasmans.dll
MOD - [2006-05-25 01:45:08 | 000,212,992 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\KhalShared\KHALITCH.dll
MOD - [2006-05-25 01:45:04 | 000,245,760 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\KhalShared\KHALMW.dll
MOD - [2006-05-25 01:44:58 | 000,323,584 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\KhalShared\KHALHPP.dll
MOD - [2006-05-25 01:44:48 | 000,352,256 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\KhalShared\KHALAPI.DLL
MOD - [2006-05-25 01:20:50 | 000,593,920 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe
MOD - [2006-05-25 01:19:54 | 000,831,488 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\SetPoint\Macros\MacroCore.dll
MOD - [2006-05-25 01:17:30 | 000,011,776 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\SetPoint\IMHook.dll
MOD - [2006-05-25 01:14:04 | 000,044,544 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\SetPoint\lgscroll.dll
MOD - [2006-05-25 01:13:22 | 000,069,632 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\SetPoint\kgame.dll
MOD - [2006-05-25 01:13:08 | 000,057,344 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\SetPoint\gamehook.dll
MOD - [2006-05-25 01:13:06 | 000,025,088 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\SetPoint\SetPointCOM.DLL
MOD - [2006-05-25 01:12:38 | 000,053,248 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\KemXML.dll
MOD - [2006-05-25 01:12:28 | 000,155,648 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\kemutb.dll
MOD - [2006-05-25 01:12:20 | 000,110,592 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\KemWnd.dll
MOD - [2006-05-25 01:12:06 | 000,126,976 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\KemUtil.dll
MOD - [2006-05-19 15:26:53 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dhcpcsvc.dll
MOD - [2006-05-19 15:26:53 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iphlpapi.dll
MOD - [2006-05-10 10:48:08 | 000,094,208 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.exe
MOD - [2006-03-01 21:44:19 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mtxclu.dll
MOD - [2006-01-08 01:49:33 | 000,007,168 | ---- | M] (GENERIC) -- C:\Program Files\DAEMON Tools\Plugins\Images\ccdmount.dll
MOD - [2005-10-21 00:30:53 | 001,092,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\esent.dll
MOD - [2005-09-01 04:28:38 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\linkinfo.dll
MOD - [2005-08-23 05:40:06 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\umpnpmgr.dll
MOD - [2005-08-22 20:36:16 | 000,197,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netman.dll
MOD - [2005-07-26 06:42:36 | 001,284,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2005-07-26 06:42:36 | 000,397,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcss.dll
MOD - [2005-07-26 06:42:34 | 001,267,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comsvcs.dll
MOD - [2005-07-26 06:42:34 | 000,243,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\es.dll
MOD - [2005-07-26 06:42:33 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2005-07-26 06:42:33 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\colbact.dll
MOD - [2005-07-08 18:29:17 | 000,249,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapisrv.dll
MOD - [2005-06-29 03:52:57 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mscms.dll
MOD - [2005-06-15 19:51:00 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kerberos.dll
MOD - [2005-06-11 01:53:32 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
MOD - [2005-05-04 14:45:32 | 002,890,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msi.dll
MOD - [2005-03-02 20:18:38 | 000,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2005-03-02 20:18:38 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\authz.dll
MOD - [2005-02-25 23:38:00 | 000,167,936 | ---- | M] (Padus®, Inc.) -- C:\Program Files\DAEMON Tools\pfctoc.dll
MOD - [2005-02-23 04:33:44 | 000,039,936 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\system32\ati2edxx.dll
MOD - [2005-02-23 04:33:40 | 000,061,440 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.dll
MOD - [2005-02-23 04:33:35 | 000,352,256 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
MOD - [2005-02-22 22:05:00 | 000,339,968 | ---- | M] (ATI Technologies, Inc.) -- C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
MOD - [2005-02-22 22:05:00 | 000,258,048 | ---- | M] (ATI Technologies, Inc.) -- C:\Program Files\ATI Technologies\ATI Control Panel\atipdsxx.dll
MOD - [2005-02-22 22:05:00 | 000,155,648 | ---- | M] (ATI Technologies, Inc.) -- C:\Program Files\ATI Technologies\ATI Control Panel\atrpuixx.plk
MOD - [2005-02-22 22:05:00 | 000,073,728 | ---- | M] (ATI Technologies, Inc.) -- C:\Program Files\ATI Technologies\ATI Control Panel\atipdxxx.dll
MOD - [2005-01-28 02:38:00 | 000,007,680 | ---- | M] (GENERIC) -- C:\Program Files\DAEMON Tools\Plugins\Images\pdimount.dll
MOD - [2004-12-26 20:34:38 | 000,121,344 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2004-12-17 09:00:00 | 000,005,120 | ---- | M] (WinZip Computing, Inc.) -- C:\Program Files\WinZip\WZSHLSTB.DLL
MOD - [2004-12-07 21:34:12 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srvsvc.dll
MOD - [2004-08-04 01:44:32 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdmaud.drv
MOD - [2004-08-04 00:54:52 | 000,359,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsvc.dll
MOD - [2004-08-04 00:54:52 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsapi.dll
MOD - [2004-08-04 00:54:52 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cnbjmon.dll
MOD - [2004-08-04 00:54:52 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hid.dll
MOD - [2004-08-04 00:54:52 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pjlmon.dll
MOD - [2004-08-04 00:44:32 | 000,266,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\h323.tsp
MOD - [2004-08-04 00:44:32 | 000,207,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\unimdm.tsp
MOD - [2004-08-04 00:44:32 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2004-08-04 00:44:32 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ndptsp.tsp
MOD - [2004-08-04 00:44:32 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kmddsp.tsp
MOD - [2004-08-04 00:44:32 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hidphone.tsp
MOD - [2004-08-04 00:44:32 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipconf.tsp
MOD - [2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
MOD - [2004-08-04 00:44:28 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
MOD - [2004-08-04 00:44:28 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
MOD - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe
MOD - [2004-08-04 00:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
MOD - [2004-08-04 00:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
MOD - [2004-08-04 00:44:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
MOD - [2004-08-04 00:44:16 | 000,437,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvsd.dll
MOD - [2004-08-04 00:44:16 | 000,378,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcdlg.dll
MOD - [2004-08-04 00:44:16 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winhttp.dll
MOD - [2004-08-04 00:44:16 | 000,333,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wiaservc.dll
MOD - [2004-08-04 00:44:16 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winmm.dll
MOD - [2004-08-04 00:44:16 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wintrust.dll
MOD - [2004-08-04 00:44:16 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll
MOD - [2004-08-04 00:44:16 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmisvc.dll
MOD - [2004-08-04 00:44:16 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32spl.dll
MOD - [2004-08-04 00:44:16 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winscard.dll
MOD - [2004-08-04 00:44:16 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiutils.dll
MOD - [2004-08-04 00:44:16 | 000,093,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wlnotify.dll
MOD - [2004-08-04 00:44:16 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2_32.dll
MOD - [2004-08-04 00:44:16 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscsvc.dll
MOD - [2004-08-04 00:44:16 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winsta.dll
MOD - [2004-08-04 00:44:16 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winipsec.dll
MOD - [2004-08-04 00:44:16 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wsock32.dll
MOD - [2004-08-04 00:44:16 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wshtcpip.dll
MOD - [2004-08-04 00:44:16 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2help.dll
MOD - [2004-08-04 00:44:16 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wtsapi32.dll
MOD - [2004-08-04 00:44:16 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winrnr.dll
MOD - [2004-08-04 00:44:16 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauserv.dll
MOD - [2004-08-04 00:44:14 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2004-08-04 00:44:14 | 000,530,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemcore.dll
MOD - [2004-08-04 00:44:14 | 000,430,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\vssapi.dll
MOD - [2004-08-04 00:44:14 | 000,406,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usp10.dll
MOD - [2004-08-04 00:44:14 | 000,388,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\themeui.dll
MOD - [2004-08-04 00:44:14 | 000,296,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\termsrv.dll
MOD - [2004-08-04 00:44:14 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\webcheck.dll
MOD - [2004-08-04 00:44:14 | 000,273,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemess.dll
MOD - [2004-08-04 00:44:14 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2004-08-04 00:44:14 | 000,214,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemcomn.dll
MOD - [2004-08-04 00:44:14 | 000,182,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapi32.dll
MOD - [2004-08-04 00:44:14 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\w32time.dll
MOD - [2004-08-04 00:44:14 | 000,132,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\upnp.dll
MOD - [2004-08-04 00:44:14 | 000,090,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\trkwks.dll
MOD - [2004-08-04 00:44:14 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdigest.dll
MOD - [2004-08-04 00:44:14 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tcpmon.dll
MOD - [2004-08-04 00:44:14 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemsvc.dll
MOD - [2004-08-04 00:44:14 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemprox.dll
MOD - [2004-08-04 00:44:14 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2004-08-04 00:44:14 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usbmon.dll
MOD - [2004-08-04 00:44:14 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uniplat.dll
MOD - [2004-08-04 00:44:12 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srsvc.dll
MOD - [2004-08-04 00:44:12 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shsvcs.dll
MOD - [2004-08-04 00:44:12 | 000,122,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\stobject.dll
MOD - [2004-08-04 00:44:12 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolss.dll
MOD - [2004-08-04 00:44:12 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2004-08-04 00:44:12 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shimeng.dll
MOD - [2004-08-04 00:44:12 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ssdpapi.dll
MOD - [2004-08-04 00:44:12 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shfolder.dll
MOD - [2004-08-04 00:44:12 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\snmpapi.dll
MOD - [2004-08-04 00:44:10 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2004-08-04 00:44:10 | 000,675,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasdlg.dll
MOD - [2004-08-04 00:44:10 | 000,581,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2004-08-04 00:44:10 | 000,427,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samsrv.dll
MOD - [2004-08-04 00:44:10 | 000,382,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\qmgr.dll
MOD - [2004-08-04 00:44:10 | 000,324,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scesrv.dll
MOD - [2004-08-04 00:44:10 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasapi32.dll
MOD - [2004-08-04 00:44:10 | 000,206,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasppp.dll
MOD - [2004-08-04 00:44:10 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schedsvc.dll
MOD - [2004-08-04 00:44:10 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scecli.dll
MOD - [2004-08-04 00:44:10 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\repdrvfs.dll
MOD - [2004-08-04 00:44:10 | 000,140,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc_os.dll
MOD - [2004-08-04 00:44:10 | 000,112,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rastls.dll
MOD - [2004-08-04 00:44:10 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psbase.dll
MOD - [2004-08-04 00:44:10 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\raschap.dll
MOD - [2004-08-04 00:44:10 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll
MOD - [2004-08-04 00:44:10 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasman.dll
MOD - [2004-08-04 00:44:10 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\resutils.dll
MOD - [2004-08-04 00:44:10 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rastapi.dll
MOD - [2004-08-04 00:44:10 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2004-08-04 00:44:10 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\regapi.dll
MOD - [2004-08-04 00:44:10 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rtutils.dll
MOD - [2004-08-04 00:44:10 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sens.dll
MOD - [2004-08-04 00:44:10 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pstorsvc.dll
MOD - [2004-08-04 00:44:10 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\profmap.dll
MOD - [2004-08-04 00:44:10 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2004-08-04 00:44:10 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\seclogon.dll
MOD - [2004-08-04 00:44:10 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\powrprof.dll
MOD - [2004-08-04 00:44:10 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sensapi.dll
MOD - [2004-08-04 00:44:10 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc.dll
MOD - [2004-08-04 00:44:08 | 001,714,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netshell.dll
MOD - [2004-08-04 00:44:08 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netcfgx.dll
MOD - [2004-08-04 00:44:08 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2004-08-04 00:44:08 | 000,407,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netlogon.dll
MOD - [2004-08-04 00:44:08 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oakley.dll
MOD - [2004-08-04 00:44:08 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbc32.dll
MOD - [2004-08-04 00:44:08 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui1.dll
MOD - [2004-08-04 00:44:08 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntshrui.dll
MOD - [2004-08-04 00:44:08 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll
MOD - [2004-08-04 00:44:08 | 000,091,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mydocs.dll
MOD - [2004-08-04 00:44:08 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2004-08-04 00:44:08 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui0.dll
MOD - [2004-08-04 00:44:08 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdsapi.dll
MOD - [2004-08-04 00:44:08 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\ncprov.dll
MOD - [2004-08-04 00:44:08 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlanman.dll
MOD - [2004-08-04 00:44:08 | 000,038,912 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
MOD - [2004-08-04 00:44:08 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ncobjapi.dll
MOD - [2004-08-04 00:44:08 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\nddeapi.dll
MOD - [2004-08-04 00:44:08 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netrap.dll
MOD - [2004-08-04 00:44:08 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlsapi.dll
MOD - [2004-08-04 00:44:06 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msgina.dll
MOD - [2004-08-04 00:44:06 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll
MOD - [2004-08-04 00:44:06 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2004-08-04 00:44:06 | 000,246,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mswsock.dll
MOD - [2004-08-04 00:44:06 | 000,195,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msutb.dll
MOD - [2004-08-04 00:44:06 | 000,129,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msv1_0.dll
MOD - [2004-08-04 00:44:06 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvfw32.dll
MOD - [2004-08-04 00:44:06 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mstlsapi.dll
MOD - [2004-08-04 00:44:06 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mspatcha.dll
MOD - [2004-08-04 00:44:06 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msidle.dll
MOD - [2004-08-04 00:44:06 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msimg32.dll
MOD - [2004-08-04 00:44:04 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll
MOD - [2004-08-04 00:44:04 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mprapi.dll
MOD - [2004-08-04 00:44:04 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.dll
MOD - [2004-08-04 00:44:04 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mpr.dll
MOD - [2004-08-04 00:44:04 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msasn1.dll
MOD - [2004-08-04 00:44:04 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2004-08-04 00:44:02 | 001,028,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42.dll
MOD - [2004-08-04 00:44:02 | 000,343,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\localspl.dll
MOD - [2004-08-04 00:44:02 | 000,331,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipnathlp.dll
MOD - [2004-08-04 00:44:02 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipsecsvc.dll
MOD - [2004-08-04 00:44:02 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetpp.dll
MOD - [2004-08-04 00:44:02 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lpk.dll
MOD - [2004-08-04 00:44:02 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\midimap.dll
MOD - [2004-08-04 00:44:00 | 000,346,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hnetcfg.dll
MOD - [2004-08-04 00:44:00 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imagehlp.dll
MOD - [2004-08-04 00:44:00 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2004-08-04 00:44:00 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\icaapi.dll
MOD - [2004-08-04 00:43:58 | 000,472,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\fastprox.dll
MOD - [2004-08-04 00:43:58 | 000,304,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\duser.dll
MOD - [2004-08-04 00:43:58 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\esscli.dll
MOD - [2004-08-04 00:43:58 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2004-08-04 00:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eventlog.dll
MOD - [2004-08-04 00:43:58 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ersvc.dll
MOD - [2004-08-04 00:43:56 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2004-08-04 00:43:56 | 000,601,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\crypt32.dll
MOD - [2004-08-04 00:43:56 | 000,520,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptui.dll
MOD - [2004-08-04 00:43:56 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscui.dll
MOD - [2004-08-04 00:43:56 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2004-08-04 00:43:56 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dinput8.dll
MOD - [2004-08-04 00:43:56 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\credui.dll
MOD - [2004-08-04 00:43:56 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscdll.dll
MOD - [2004-08-04 00:43:56 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptnet.dll
MOD - [2004-08-04 00:43:56 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptsvc.dll
MOD - [2004-08-04 00:43:56 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\devenum.dll
MOD - [2004-08-04 00:43:56 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptdll.dll
MOD - [2004-08-04 00:43:56 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\davclnt.dll
MOD - [2004-08-04 00:43:56 | 000,024,064 | ---- | M] (Microsoft Corp.) -- C:\WINDOWS\system32\dmserver.dll
MOD - [2004-08-04 00:43:56 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drprov.dll
MOD - [2004-08-04 00:43:54 | 000,197,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\certcli.dll
MOD - [2004-08-04 00:43:54 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll
MOD - [2004-08-04 00:43:54 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browser.dll
MOD - [2004-08-04 00:43:54 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cabinet.dll
MOD - [2004-08-04 00:43:54 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\atl.dll
MOD - [2004-08-04 00:43:54 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clusapi.dll
MOD - [2004-08-04 00:43:54 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\audiosrv.dll
MOD - [2004-08-04 00:43:54 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\batmeter.dll
MOD - [2004-08-04 00:43:52 | 001,852,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\AcGenral.dll
MOD - [2004-08-04 00:43:52 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2004-08-04 00:43:52 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\activeds.dll
MOD - [2004-08-04 00:43:52 | 000,143,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\adsldpc.dll
MOD - [2004-08-04 00:43:52 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\actxprxy.dll
MOD - [2004-08-04 00:43:48 | 000,716,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2004-08-04 00:43:42 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wmi.dll
MOD - [2004-08-04 00:43:30 | 002,953,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\xpsp2res.dll
MOD - [2004-08-04 00:43:14 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcint.dll
MOD - [2004-08-04 00:43:08 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msprivs.dll
MOD - [2004-08-04 00:42:42 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cfgmgr32.dll
MOD - [2004-08-04 00:42:40 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browselc.dll
MOD - [2004-08-04 00:42:34 | 001,712,128 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\GdiPlus.dll
MOD - [2004-08-03 23:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2004-08-03 22:31:44 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsaenh.dll
MOD - [2004-08-03 22:31:44 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dssenh.dll
MOD - [2003-06-20 00:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
MOD - [2003-06-19 02:31:48 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
MOD - [2003-06-19 02:31:48 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mdimon.dll
MOD - [2003-05-05 09:57:30 | 000,143,360 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
MOD - [2002-11-06 21:00:38 | 000,040,820 | ---- | M] (SoundMAX) -- C:\WINDOWS\system32\Syncor11.dll
MOD - [2002-09-20 17:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
MOD - [2001-10-30 14:00:00 | 000,163,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleacc.dll
MOD - [2001-10-30 14:00:00 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42loc.dll
MOD - [2001-10-30 14:00:00 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.drv


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2012-01-31 15:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011-03-09 19:24:44 | 002,708,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\AVG\AVG10\avgfws.exe -- (avgfws)
SRV - [2011-02-08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2009-03-15 11:41:49 | 000,139,264 | ---- | M] (Sony DADC Austria AG.) [Auto | Running] -- C:\WINDOWS\system32\UAService7.exe -- (UserAccess7)
SRV - [2007-12-23 14:50:54 | 000,069,120 | ---- | M] (BOONTY) [On_Demand | Stopped] -- C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe -- (Boonty Games)
SRV - [2002-09-20 17:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\noskrnl.sys -- (noskrnl.sys)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_jubusenum.sys -- (huawei_enumerator)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_jucdcacm.sys -- (huawei_cdcacm)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\ewfiltertdidriver.sys -- (filtertdidriver)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\adiusbaw.sys -- (adiusbaw)
DRV - File not found [Kernel | Auto | Stopped] -- System32\Drivers\adildr.sys -- (ADILOADER)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (ab4ehqnb)
DRV - [2012-05-16 15:18:51 | 000,006,432 | ---- | M] (Sony DADC Austria AG.) [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\BRATEK\Ustawienia lokalne\Temp\sony_ssm.sys -- (sony_ssm.sys)
DRV - [2011-05-27 19:05:44 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011-04-05 00:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011-03-16 16:03:20 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011-03-01 14:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011-02-22 08:13:02 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV - [2011-02-10 07:53:54 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011-02-10 07:53:52 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011-01-07 06:41:46 | 000,248,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010-07-12 04:33:54 | 000,030,432 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwfd)
DRV - [2010-07-12 04:33:54 | 000,030,432 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwdx)
DRV - [2007-01-10 22:44:59 | 000,639,224 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2006-05-25 01:53:06 | 000,003,712 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE)
DRV - [2006-05-10 10:56:54 | 000,027,264 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidKE.Sys -- (LHidKe)
DRV - [2006-05-10 10:56:50 | 000,071,680 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE)
DRV - [2006-05-10 10:56:26 | 000,036,736 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidUsbK.sys -- (LHidUsbK)
DRV - [2006-05-10 10:56:18 | 000,056,064 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042mou.Sys -- (L8042mou)
DRV - [2006-05-10 10:56:08 | 000,013,568 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2005-02-23 04:36:03 | 000,986,624 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004-08-04 01:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2004-03-08 13:55:50 | 000,013,567 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)
DRV - [2003-07-02 05:42:00 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\VIAAGP1.SYS -- (viaagp1)
DRV - [2001-08-17 22:02:32 | 000,008,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hidgame.sys -- (hidgame)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-448539723-2049760794-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.google.pl/"]http://www.google.pl/[/url]
IE - HKU\S-1-5-21-448539723-2049760794-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[color=#E56717]========== FireFox ==========[/color]

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Program Files\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2571: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1739: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\BRATEK\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\BRATEK\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\AVG\AVG10\Firefox4\ [2012-08-20 21:25:29 | 000,000,000 | ---D | M]


[color=#E56717]========== Chrome ==========[/color]

CHR - homepage: [url="http://www.google.pl/"]http://www.google.pl/[/url]
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: [url="http://www.google.pl/"]http://www.google.pl/[/url]
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\BRATEK\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1180.79\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\BRATEK\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1180.79\gcswf32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\BRATEK\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1180.79\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\BRATEK\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1180.79\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Acrobat 5.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\BRATEK\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: DivX\u00AE Content Upload Plugin (Enabled) = C:\Program Files\DivX\DivX Content Uploader\npUpload.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll
CHR - plugin: DivX\u00AE Web Player (Enabled) = C:\Program Files\DivX\DivX Web Player\npdivx32.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
CHR - Extension: AVG Safe Search = C:\Documents and Settings\BRATEK\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\

O1 HOSTS File: ([2012-08-21 21:52:15 | 000,000,789 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx ()
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O3 - HKU\S-1-5-21-448539723-2049760794-682003330-1003\..\Toolbar\WebBrowser: (no name) - {71B6ACF7-4F0F-4FD8-BB69-6D1A4D271CB7} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AVG_TRAY] C:\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DAEMON Tools] C:\Program Files\DAEMON Tools\daemon.exe (DT Soft Ltd.)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [Logitech Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech Inc.)
O4 - HKLM..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe (Analog Devices, Inc.)
O4 - HKU\S-1-5-21-448539723-2049760794-682003330-1003..\Run: [AutoConnect] C:\Program Files\AutoConnect\AutoConnect.exe File not found
O4 - HKU\S-1-5-21-448539723-2049760794-682003330-1003..\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe.bin (Gadu-Gadu S.A.)
O4 - HKU\S-1-5-21-448539723-2049760794-682003330-1003..\Run: [HW_OPENEYE_OUC_blueconnect] "C:\Program Files\blueconnect\UpdateDog\ouc.exe" File not found
O4 - HKU\S-1-5-21-448539723-2049760794-682003330-1003..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart File not found
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing, Inc.)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-448539723-2049760794-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = FF 00 00 00 [binary data]
O7 - HKU\S-1-5-21-448539723-2049760794-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowRun = 1
O7 - HKU\S-1-5-21-448539723-2049760794-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: msconfig.exe = msconfig.exe
O7 - HKU\S-1-5-21-448539723-2049760794-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (Intertrust Technologies, Inc.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [url="http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab"]http://fpdownload.ma...ash/swflash.cab[/url] (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6317981E-E0FC-4B5D-A5C6-15AED91DD230}: DhcpNameServer = 10.0.0.2
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\BRATEK\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\BRATEK\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005-03-25 01:30:57 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2002-11-17 12:35:56 | 000,000,139 | R--- | M] () - H:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{1cca3ecd-f52b-11dc-b163-0011d8078e6c}\Shell - "" = AutoRun
O33 - MountPoints2\{1cca3ecd-f52b-11dc-b163-0011d8078e6c}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{1cca3ecf-f52b-11dc-b163-0011d8078e6c}\Shell - "" = AutoRun
O33 - MountPoints2\{1cca3ecf-f52b-11dc-b163-0011d8078e6c}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{354eb479-f8d6-11dc-b16c-0011d8078e6c}\Shell - "" = AutoRun
O33 - MountPoints2\{354eb479-f8d6-11dc-b16c-0011d8078e6c}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{373e1ac7-1117-11e1-9698-0011d8078e6c}\Shell - "" = AutoRun
O33 - MountPoints2\{373e1ac7-1117-11e1-9698-0011d8078e6c}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{545df433-11c4-11e1-969a-0011d8078e6c}\Shell - "" = AutoRun
O33 - MountPoints2\{545df433-11c4-11e1-969a-0011d8078e6c}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{545df435-11c4-11e1-969a-0011d8078e6c}\Shell - "" = AutoRun
O33 - MountPoints2\{545df435-11c4-11e1-969a-0011d8078e6c}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL
O33 - MountPoints2\{74bcd690-5404-11e0-9574-0011d8078e6c}\Shell - "" = AutoRun
O33 - MountPoints2\{74bcd690-5404-11e0-9574-0011d8078e6c}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{a97807e0-987e-11dd-b289-0011d8078e6c}\Shell - "" = AutoRun
O33 - MountPoints2\{a97807e0-987e-11dd-b289-0011d8078e6c}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\AVG\AVG10\avgchsvx.exe /sync)
O34 - HKLM BootExecute: (C:\AVG\AVG10\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found


SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2012-08-25 08:22:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BRATEK\Moje dokumenty\Downloads
[2012-08-25 08:19:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BRATEK\Menu Start\Programy\Google Chrome
[2012-08-25 08:18:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BRATEK\Ustawienia lokalne\Dane aplikacji\Google
[2012-08-21 20:14:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BRATEK\DoctorWeb
[2012-08-20 21:22:18 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012-08-20 21:09:41 | 000,000,000 | -H-D | C] -- C:\$AVG
[2012-08-20 21:05:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BRATEK\Dane aplikacji\AVG10
[2012-08-20 21:02:50 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files
[2012-08-20 21:02:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\AVG 2011
[2012-08-20 21:00:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG10
[2012-08-20 21:00:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\AVG
[2012-08-20 20:58:42 | 000,000,000 | ---D | C] -- C:\AVG
[2012-08-20 20:53:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\MFAData
[2012-08-12 01:21:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BRATEK\Pulpit\Bambi 2
[2012-08-04 23:49:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Nicolas Games
[2012-08-04 23:27:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BRATEK\Moje dokumenty\18 WoS Across America
[2012-08-04 23:26:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\18 Wheels of Steel Across America
[2012-07-30 22:38:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BRATEK\Pulpit\mi
[2012-07-24 18:57:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BRATEK\Pulpit\(PC Games) FIFA 2002 full game
[2012-07-24 18:56:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BRATEK\Pulpit\heroes 3
[2012-07-14 22:49:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BRATEK\Dane aplikacji\DivX
[2012-07-14 22:49:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BRATEK\Dane aplikacji\Media Player Classic
[2012-07-14 22:44:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\K-Lite Codec Pack
[2012-07-14 22:44:09 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
[2012-07-14 22:44:03 | 000,118,784 | ---- | C] (fccHandler) -- C:\WINDOWS\System32\ac3acm.acm
[2012-07-14 22:43:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BRATEK\Dane aplikacji\Real
[2012-07-14 22:43:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Real
[2012-07-14 22:43:51 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack
[2012-07-14 22:40:48 | 000,000,000 | R--D | C] -- C:\Documents and Settings\BRATEK\Moje dokumenty\Moje wideo
[2012-07-14 22:38:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\MarBit
[2012-07-09 19:54:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BRATEK\Moje dokumenty\GTA3 User Files
[2012-07-09 19:29:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BRATEK\Pulpit\gry
[2012-07-09 14:09:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BRATEK\Moje dokumenty\tapety
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2012-08-25 08:28:01 | 000,001,136 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-448539723-2049760794-682003330-1003UA.job
[2012-08-25 08:28:01 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-448539723-2049760794-682003330-1003Core.job
[2012-08-25 08:19:53 | 000,002,323 | ---- | M] () -- C:\Documents and Settings\BRATEK\Pulpit\Google Chrome.lnk
[2012-08-23 08:58:40 | 000,000,192 | ---- | M] () -- C:\WINDOWS\winamp.ini
[2012-08-23 08:42:22 | 000,051,712 | ---- | M] () -- C:\Documents and Settings\BRATEK\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-08-23 08:41:25 | 000,000,148 | ---- | M] () -- C:\Documents and Settings\BRATEK\Video .lnk
[2012-08-23 08:41:25 | 000,000,148 | ---- | M] () -- C:\Documents and Settings\BRATEK\Pictures .lnk
[2012-08-23 08:41:25 | 000,000,148 | ---- | M] () -- C:\Documents and Settings\BRATEK\Passwords .lnk
[2012-08-23 08:41:25 | 000,000,148 | ---- | M] () -- C:\Documents and Settings\BRATEK\New Folder .lnk
[2012-08-23 08:41:25 | 000,000,148 | ---- | M] () -- C:\Documents and Settings\BRATEK\Music .lnk
[2012-08-23 08:41:25 | 000,000,148 | ---- | M] () -- C:\Documents and Settings\BRATEK\Documents .lnk
[2012-08-23 08:37:51 | 005,088,651 | ---- | M] () -- C:\Documents and Settings\BRATEK\Pulpit\Tom Boxer Morena feat. J Warner - Deep In Love -Original Club Edit-__.mp3
[2012-08-21 21:52:15 | 000,000,789 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012-08-21 20:38:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012-08-21 20:05:07 | 104,567,825 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012-08-21 20:05:02 | 091,982,296 | ---- | M] () -- C:\Documents and Settings\BRATEK\Pulpit\launch.exe
[2012-08-20 22:05:22 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\BRATEK\klextlock.dat
[2012-08-20 21:25:31 | 000,000,594 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\AVG 2011.lnk
[2012-08-20 21:18:16 | 000,625,911 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavifw.avm
[2012-08-20 21:00:38 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012-08-20 20:55:41 | 000,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012-07-16 04:50:26 | 000,001,122 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Buy DivX for Windows.lnk
[2012-07-14 22:44:24 | 000,000,946 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Media Player Classic.lnk
[2012-07-14 22:40:56 | 000,001,445 | ---- | M] () -- C:\Documents and Settings\BRATEK\Pulpit\DivX Movies.lnk
[2012-07-14 22:40:54 | 000,000,839 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\DivX Player.lnk
[2012-07-14 22:40:47 | 000,000,812 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\DivX Converter.lnk
[2012-07-14 22:38:50 | 000,000,725 | ---- | M] () -- C:\Documents and Settings\BRATEK\Pulpit\ALLPlayer V3.1.lnk
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-08-25 08:19:53 | 000,002,323 | ---- | C] () -- C:\Documents and Settings\BRATEK\Pulpit\Google Chrome.lnk
[2012-08-25 08:18:17 | 000,001,136 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-448539723-2049760794-682003330-1003UA.job
[2012-08-25 08:18:16 | 000,001,084 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-448539723-2049760794-682003330-1003Core.job
[2012-08-21 20:05:07 | 104,567,825 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012-08-21 20:02:21 | 091,982,296 | ---- | C] () -- C:\Documents and Settings\BRATEK\Pulpit\launch.exe
[2012-08-20 21:18:16 | 000,625,911 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\iavifw.avm
[2012-08-20 21:02:15 | 000,000,594 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\AVG 2011.lnk
[2012-08-12 01:33:18 | 714,907,648 | ---- | C] () -- C:\Documents and Settings\BRATEK\Pulpit\Shrek forever after.2010.PL.DUBB.MD.DVDRip.XviD-REViVE.avi
[2012-08-12 01:16:31 | 005,253,581 | ---- | C] () -- C:\Documents and Settings\BRATEK\Pulpit\D Bomb - Mysle (Summer Mix Radio Edit) - www.mp3i.info.mp3
[2012-08-12 01:15:51 | 005,446,425 | ---- | C] () -- C:\Documents and Settings\BRATEK\Pulpit\dla rodziców-Ultra.mp3
[2012-08-12 01:14:11 | 003,510,272 | ---- | C] () -- C:\Documents and Settings\BRATEK\Pulpit\- Gosia Andrzejewicz - Nieśmiały chłopak.mp3
[2012-07-30 22:39:40 | 003,036,549 | ---- | C] () -- C:\Documents and Settings\BRATEK\Pulpit\tomasz niecik - cztery osiemnastki 2010.mp3
[2012-07-30 22:39:34 | 005,088,651 | ---- | C] () -- C:\Documents and Settings\BRATEK\Pulpit\Tom Boxer Morena feat. J Warner - Deep In Love -Original Club Edit-__.mp3
[2012-07-24 13:28:33 | 003,410,676 | ---- | C] () -- C:\Documents and Settings\BRATEK\Pulpit\boys - dlaczego ty mi w głowie zawróciłaś(4).mp3
[2012-07-16 04:50:26 | 000,001,122 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Buy DivX for Windows.lnk
[2012-07-14 22:44:24 | 000,000,946 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Media Player Classic.lnk
[2012-07-14 22:44:00 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2012-07-14 22:43:59 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2012-07-14 22:40:54 | 000,000,839 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\DivX Player.lnk
[2012-07-14 22:40:48 | 000,001,445 | ---- | C] () -- C:\Documents and Settings\BRATEK\Pulpit\DivX Movies.lnk
[2012-07-14 22:40:47 | 000,000,812 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\DivX Converter.lnk
[2012-07-14 22:38:50 | 000,000,725 | ---- | C] () -- C:\Documents and Settings\BRATEK\Pulpit\ALLPlayer V3.1.lnk
[2012-07-09 13:46:26 | 000,065,304 | ---- | C] () -- C:\WINDOWS\_detmp.1
[2012-03-10 16:17:48 | 000,000,288 | ---- | C] () -- C:\Documents and Settings\BRATEK\Dane aplikacji\Taxi4.MCS
[2011-11-16 22:34:54 | 000,000,148 | ---- | C] () -- C:\Documents and Settings\BRATEK\Video .lnk
[2011-11-16 22:34:54 | 000,000,148 | ---- | C] () -- C:\Documents and Settings\BRATEK\Pictures .lnk
[2011-11-16 22:34:54 | 000,000,148 | ---- | C] () -- C:\Documents and Settings\BRATEK\Music .lnk
[2011-11-16 22:34:53 | 000,000,148 | ---- | C] () -- C:\Documents and Settings\BRATEK\Passwords .lnk
[2011-11-16 22:34:53 | 000,000,148 | ---- | C] () -- C:\Documents and Settings\BRATEK\New Folder .lnk
[2011-11-16 22:34:53 | 000,000,148 | ---- | C] () -- C:\Documents and Settings\BRATEK\Documents .lnk
[2011-02-18 11:20:13 | 000,000,246 | ---- | C] () -- C:\Documents and Settings\BRATEK\EggSucker.cfg
[2011-02-18 11:20:13 | 000,000,150 | ---- | C] () -- C:\Documents and Settings\BRATEK\EggsuckerV20.cfg
[2010-10-17 17:49:24 | 000,000,643 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2005-05-06 18:45:03 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\BRATEK\klextlock.dat
[2005-03-24 19:53:37 | 000,051,712 | ---- | C] () -- C:\Documents and Settings\BRATEK\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[color=#E56717]========== LOP Check ==========[/color]

[2012-08-20 21:04:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG10
[2007-12-23 14:50:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BOONTY
[2012-08-20 21:02:50 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files
[2011-11-18 13:44:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DatacardService
[2005-04-03 15:30:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Kazaa Lite
[2012-08-20 20:59:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MFAData
[2012-08-04 23:56:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2009-09-28 19:34:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BRATEK\Dane aplikacji\Artifex Mundi
[2012-08-20 21:05:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BRATEK\Dane aplikacji\AVG10
[2011-02-25 03:05:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BRATEK\Dane aplikacji\Awem
[2006-07-15 23:42:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BRATEK\Dane aplikacji\Bakoma
[2011-11-17 14:31:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BRATEK\Dane aplikacji\blueconnect
[2006-09-20 18:02:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BRATEK\Dane aplikacji\Folder przesyłania Share-to-Web
[2010-06-01 19:56:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BRATEK\Dane aplikacji\InterTrust
[2011-03-21 23:46:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BRATEK\Dane aplikacji\iPlus
[2006-12-31 19:05:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BRATEK\Dane aplikacji\OLYMPUS

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2005-03-25 01:30:57 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2005-03-25 01:24:55 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2001-10-30 14:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2005-03-25 01:30:57 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2005-05-18 18:57:31 | 000,000,157 | ---- | M] () -- C:\error.txt
[2005-03-25 01:30:57 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2005-09-24 13:24:22 | 000,000,054 | ---- | M] () -- C:\log.txt
[2005-03-25 01:30:57 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004-08-03 22:38:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2004-08-03 22:59:54 | 000,250,624 | RHS- | M] () -- C:\ntldr
[2012-08-21 20:38:50 | 805,306,368 | -HS- | M] () -- C:\pagefile.sys
[2006-07-16 19:17:39 | 000,000,219 | ---- | M] () -- C:\UnInstall.dat

[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2001-10-30 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2001-10-30 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2004-08-03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2004-08-04 00:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2004-08-04 00:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2004-08-03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys
[2004-08-03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\winlogon.exe

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:38091CBB

< End of report >[/log]

a to log z RSIT:
[log]Logfile of random's system information tool 1.09 (written by random/random)
Run by BRATEK at 2012-08-21 22:34:36
Microsoft Windows XP Professional Dodatek Service Pack 2
System drive C: has 5 GB (31%) free of 15 GB
Total RAM: 512 MB (34% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:35:05, on 2012-08-21
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\AVG\AVG10\avgchsvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\AVG\AVG10\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\AVG\AVG10\avgfws.exe
C:\AVG\AVG10\avgwdsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\AVG\AVG10\avgam.exe
C:\AVG\AVG10\avgnsx.exe
C:\AVG\AVG10\avgcsrvx.exe
C:\AVG\AVG10\avgrsx.exe
C:\AVG\AVG10\avgcsrvx.exe
C:\Documents and Settings\BRATEK\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\BRATEK\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\BRATEK\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\BRATEK\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\BRATEK\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\BRATEK\Moje dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\BRATEK.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\AVG\AVG10\avgssie.dll
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [AVG_TRAY] C:\AVG\AVG10\avgtray.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [AutoConnect] C:\Program Files\AutoConnect\AutoConnect.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe.bin" /tray
O4 - HKCU\..\Run: [HW_OPENEYE_OUC_blueconnect] "C:\Program Files\blueconnect\UpdateDog\ouc.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\BRATEK\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech SetPoint.lnk = ?
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\AVG\AVG10\avgpp.dll
O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Zapora AVG (avgfws) - AVG Technologies CZ, s.r.o. - C:\AVG\AVG10\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\AVG\AVG10\avgwdsvc.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe

--
End of file - 5919 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-448539723-2049760794-682003330-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-448539723-2049760794-682003330-1003UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-04-16 37808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\AVG\AVG10\avgssie.dll [2011-09-09 2276704]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Smapp"=C:\Program Files\Analog Devices\SoundMAX\SMTray.exe [2003-05-05 143360]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-02-22 339968]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2006-12-31 77824]
"Logitech Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2006-05-10 94208]
""= []
"AVG_TRAY"=C:\AVG\AVG10\avgtray.exe [2012-01-17 2339168]
"DAEMON Tools"=C:\Program Files\DAEMON Tools\daemon.exe [2006-11-12 157592]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AutoConnect"=C:\Program Files\AutoConnect\AutoConnect.exe []
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
"OM_Monitor"=C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart []
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208]
"Gadu-Gadu"=C:\Program Files\Gadu-Gadu\gg.exe.bin [2012-08-23 1849032]
"HW_OPENEYE_OUC_blueconnect"=C:\Program Files\blueconnect\UpdateDog\ouc.exe []
"Google Update"=C:\Documents and Settings\BRATEK\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [2012-08-25 116648]

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2005-02-23 61440]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0xFF000000
"DisallowRun"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Gadu-Gadu\gg.exe"="C:\Program Files\Gadu-Gadu\gg.exe:*:Disabled:Gadu-Gadu - program glowny"
"C:\Program Files\Kazaa Lite Rewolucja\kazaalite.kpp"="C:\Program Files\Kazaa Lite Rewolucja\kazaalite.kpp:*:Enabled:kazaalite"
"D:\quake 3\quake3.exe"="D:\quake 3\quake3.exe:*:Enabled:quake3"
"D:\WYSCIGI\Speed.exe"="D:\WYSCIGI\Speed.exe:*:Enabled:Speed"
"D:\Serious Sam 2\Bin\Sam2.exe"="D:\Serious Sam 2\Bin\Sam2.exe:*:Disabled:Sam2"
"E:\net\eMule\emule.exe"="E:\net\eMule\emule.exe:*:Enabled:eMule"
"D:\Quake3\quake3.exe"="D:\Quake3\quake3.exe:*:Enabled:quake3"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\_install.exe"="C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\_install.exe:*:Disabled:_install"
"C:\Program Files\City Interactive\Overspeed\LASR.exe"="C:\Program Files\City Interactive\Overspeed\LASR.exe:*:Disabled:Overspeed"
"C:\Program Files\Counter-Strike 1.6\hl.exe"="C:\Program Files\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"E:\AUDIO_TS\MSOCache\net\eMule\emule.exe"="E:\AUDIO_TS\MSOCache\net\eMule\emule.exe:*:Disabled:eMule"
"D:\Counter-Strike 1.6\hl.exe"="D:\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher"
"C:\WINDOWS\noskrnl.exe"="C:\WINDOWS\noskrnl.exe:*:Enabled:enable"
"C:\AVG\AVG10\avgmfapx.exe"="C:\AVG\AVG10\avgmfapx.exe:*:Enabled:Instalator AVG"
"C:\AVG\AVG10\avgdiagex.exe"="C:\AVG\AVG10\avgdiagex.exe:*:Enabled:Diagnostyka AVG 2011"
"C:\AVG\AVG10\avgnsx.exe"="C:\AVG\AVG10\avgnsx.exe:*:Enabled:Ochrona Sieci"
"C:\AVG\AVG10\avgam.exe"="C:\AVG\AVG10\avgam.exe:*:Enabled:Menedżer alarmów systemu AVG"
"C:\AVG\AVG10\avgemcx.exe"="C:\AVG\AVG10\avgemcx.exe:*:Enabled:Uniwersalny skaner poczty e-mail"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"MIDI1"=SYNCOR11.DLL
"VIDC.AP41"=APmpg4v1.dll
"vidc.DIV3"=DivXc32.dll
"vidc.DIV4"=DivXc32f.dll
"msacm.divxa32"=DivXa32.acm
"VIDC.MJPG"=pvmjpg21.dll
"VIDC.MKVC"=KMVIDC32.DLL
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"VIDC.XVID"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.wmv3"=wmv9vcm.dll

======File associations======

.scr - open - "%1" /S "%3"

======List of files/folders created in the last 1 month======

2012-08-21 22:34:38 ----D---- C:\Program Files\trend micro
2012-08-21 22:34:36 ----D---- C:\rsit
2012-08-20 21:22:18 ----SHD---- C:\Config.Msi
2012-08-20 21:09:41 ----HD---- C:\$AVG
2012-08-20 21:05:32 ----D---- C:\Documents and Settings\BRATEK\Dane aplikacji\AVG10
2012-08-20 21:02:50 ----HD---- C:\Documents and Settings\All Users\Dane aplikacji\Common Files
2012-08-20 21:00:15 ----D---- C:\WINDOWS\system32\drivers\AVG
2012-08-20 21:00:15 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\AVG10
2012-08-20 20:58:42 ----D---- C:\AVG
2012-08-20 20:53:55 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\MFAData

======List of files/folders modified in the last 1 month======

2012-08-25 08:18:17 ----SD---- C:\WINDOWS\Tasks
2012-08-23 08:58:40 ----AC---- C:\WINDOWS\winamp.ini
2012-08-21 22:34:38 ----D---- C:\Program Files
2012-08-21 22:21:31 ----D---- C:\WINDOWS\Temp
2012-08-21 21:54:10 ----D---- C:\WINDOWS\system32\drivers
2012-08-21 21:52:15 ----D---- C:\WINDOWS\system32\drivers\etc
2012-08-21 20:40:34 ----D---- C:\WINDOWS\system32\CatRoot2
2012-08-21 20:40:16 ----D---- C:\WINDOWS\system32
2012-08-21 20:39:09 ----D---- C:\WINDOWS
2012-08-21 20:38:53 ----D---- C:\WINDOWS\Minidump
2012-08-21 20:11:38 ----SHD---- C:\System Volume Information
2012-08-21 20:11:38 ----D---- C:\WINDOWS\system32\Restore
2012-08-21 19:58:26 ----HD---- C:\WINDOWS\inf
2012-08-20 22:38:20 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-08-20 22:08:13 ----D---- C:\Program Files\WinRAR
2012-08-20 22:08:13 ----D---- C:\Program Files\Windows NT
2012-08-20 22:08:12 ----D---- C:\Program Files\Windows Media Player
2012-08-20 22:08:12 ----D---- C:\Program Files\QuickTime
2012-08-20 22:08:12 ----D---- C:\Program Files\Outlook Express
2012-08-20 22:08:12 ----D---- C:\Program Files\NetMeeting
2012-08-20 22:08:11 ----D---- C:\Program Files\Movie Maker
2012-08-20 22:00:41 ----D---- C:\Program Files\Messenger
2012-08-20 22:00:10 ----D---- C:\Program Files\Kazaa Lite Rewolucja
2012-08-20 21:59:42 ----D---- C:\Program Files\Internet Explorer
2012-08-20 21:59:39 ----D---- C:\Program Files\Gadu-Gadu
2012-08-20 21:59:09 ----D---- C:\Program Files\DivX_311alpha
2012-08-20 21:58:40 ----D---- C:\Program Files\DirectShow Pack
2012-08-20 21:58:40 ----D---- C:\Program Files\DAEMON Tools
2012-08-20 21:55:10 ----D---- C:\My Shared Folder
2012-08-20 21:31:31 ----SHD---- C:\WINDOWS\Installer
2012-08-20 21:31:21 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-08-20 20:58:32 ----D---- C:\WINDOWS\WinSxS
2012-08-04 23:56:16 ----AD---- C:\Documents and Settings\All Users\Dane aplikacji\TEMP

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSEH;AVGIDSEH; C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys [2011-02-22 22992]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx86.sys [2011-03-16 32592]
R0 PxHelp20;PxHelp20; C:\WINDOWS\system32\DRIVERS\PxHelp20.sys [2007-01-13 20640]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2007-01-10 639224]
R0 uagp35;Filtr AGPv3.5 firmy Microsoft; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2004-08-04 44672]
R0 viaagp1;VIA AGP Filter; C:\WINDOWS\system32\DRIVERS\viaagp1.sys [2003-07-02 27904]
R1 AmdK7;Sterownik procesora AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2004-08-04 41472]
R1 Avgldx86;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx86.sys [2011-01-07 248656]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx86.sys [2011-03-01 34896]
R1 Avgtdix;AVG TDI Driver; C:\WINDOWS\system32\DRIVERS\avgtdix.sys [2011-04-05 297168]
R1 cdrbsdrv;cdrbsdrv; C:\WINDOWS\system32\drivers\cdrbsdrv.sys [2004-03-08 13567]
R2 LBeepKE;LBeepKE; C:\WINDOWS\System32\Drivers\LBeepKE.sys [2006-05-25 3712]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-02-23 986624]
R3 Avgfwdx;Avgfwdx; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2010-07-12 30432]
R3 AVGIDSDriver;AVGIDSDriver; C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys [2011-05-27 134480]
R3 AVGIDSFilter;AVGIDSFilter; C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys [2011-02-10 24144]
R3 AVGIDSShim;AVGIDSShim; C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys [2011-02-10 27216]
R3 FETNDIS;Sterownik NT karty VIA PCI 10/100Mb Fast Ethernet; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 hidgame;Włącznik Microsoft HID do portu joysticka; C:\WINDOWS\system32\DRIVERS\hidgame.sys [2001-08-17 8576]
R3 HidUsb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2006-05-10 13568]
R3 mouhid;Sterownik myszy HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-26 12160]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-07-15 578368]
R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S2 ADILOADER;General Purpose USB Driver (adildr.sys); C:\WINDOWS\System32\Drivers\adildr.sys []
S3 ab4ehqnb;ab4ehqnb; C:\WINDOWS\system32\drivers\ab4ehqnb.sys []
S3 adiusbaw;USB ADSL WAN Adapter; C:\WINDOWS\system32\DRIVERS\adiusbaw.sys []
S3 Avgfwfd;AVG network filter service; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2010-07-12 30432]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys []
S3 filtertdidriver;filtertdidriver; C:\WINDOWS\system32\drivers\ewfiltertdidriver.sys []
S3 huawei_cdcacm;huawei_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_jucdcacm.sys []
S3 huawei_enumerator;huawei_enumerator; C:\WINDOWS\system32\DRIVERS\ew_jubusenum.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys []
S3 L8042mou;Logitech SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2006-05-10 56064]
S3 LHidKe;Logitech SetPoint HID Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidKE.Sys [2006-05-10 27264]
S3 LHidUsbK;Logitech SetPoint USB Receiver device driver; C:\WINDOWS\System32\Drivers\LHidUsbK.Sys [2006-05-10 36736]
S3 LMouKE;Logitech SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2006-05-10 71680]
S3 noskrnl.sys;noskrnl.sys; \??\C:\WINDOWS\system32\noskrnl.sys []
S3 sony_ssm.sys;sony_ssm.sys; \??\C:\DOCUME~1\BRATEK\USTAWI~1\Temp\sony_ssm.sys []
S3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
S3 usbscan;Sterownik skanera USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-02-23 352256]
R2 avgfws;Zapora AVG; C:\AVG\AVG10\avgfws.exe [2011-03-09 2708024]
R2 AVGIDSAgent;AVGIDSAgent; C:\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2012-01-31 7391072]
R2 avgwd;AVG WatchDog; C:\AVG\AVG10\avgwdsvc.exe [2011-02-08 269520]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R2 UserAccess7;SecuROM User Access Service (V7); C:\WINDOWS\system32\UAService7.exe [2009-03-15 139264]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2005-02-22 516096]
S3 Boonty Games;Boonty Games; C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe [2007-12-23 69120]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

-----------------EOF-----------------
[/log]

Gość
komentarz
komentarz

objawy jak sality.
Wyskanuj tym:

www.fixitpc.pl/picasso/download/malware/sk.zip

wirusolog
komentarz
komentarz

[quote name='Conor29134' timestamp='1345646470' post='1565194']
objawy jak sality.
Wyskanuj tym:

www.fixitpc.pl/picasso/download/malware/sk.zip
[/quote]
Czemu tak uważasz? Ja w tych logach nie widzę wirusa SALITY ani jego pobocznych zniszczeń. Jest tu jednak infekcja z pendrive:

[quote]
[2011-11-16 22:34:54 | 000,000,148 | ---- | C] () -- C:\Documents and Settings\BRATEK\Video .lnk
[2011-11-16 22:34:54 | 000,000,148 | ---- | C] () -- C:\Documents and Settings\BRATEK\Pictures .lnk
[2011-11-16 22:34:54 | 000,000,148 | ---- | C] () -- C:\Documents and Settings\BRATEK\Music .lnk
[2011-11-16 22:34:53 | 000,000,148 | ---- | C] () -- C:\Documents and Settings\BRATEK\Passwords .lnk
[2011-11-16 22:34:53 | 000,000,148 | ---- | C] () -- C:\Documents and Settings\BRATEK\New Folder .lnk
[2011-11-16 22:34:53 | 000,000,148 | ---- | C] () -- C:\Documents and Settings\BRATEK\Documents .lnk[/quote]
Która też poblokowała różne rzeczy w systemie, w tym Menadżer Zadań / Edytor Rejestru oraz msconfig:

[quote]
O7 - HKU\S-1-5-21-448539723-2049760794-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowRun = 1
O7 - HKU\S-1-5-21-448539723-2049760794-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: msconfig.exe = msconfig.exe
O7 - HKU\S-1-5-21-448539723-2049760794-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1[/quote]

Zanim przejdziemy do usuwania OTLem chcę mieć cały obraz sytuacji. Podłącz wszystkie urządzenia przenośne ([b]pendrive / komórki / mp3 / dyski przenośne[/b]) i użyj [url="http://www.hotfix.pl/uzytkowanie-programu-usbfix-a310.htm"][b][u]USBFix[/u][/b][/url] z opcji [b]LISTING[/b].
Pokaż raport który wyskoczy.

  • Dobra wypowiedź 1
Gość
komentarz
komentarz

Szczerze.
Nie zaglądałem w loga strzelałem tylko po objawach

razor (wczoraj, 15:46):
Nie znasz się to się nie wypowiadaj

To troche nie kulturalne z twojej strony skoro jesteś taki znafca to mogłeś sprawdzić sam.

http://www.forumpc.pl/index.php?showtopic=255986


Nie znam się ?:

http://www.forumpc.pl/index.php?showtopic=253279

Nawet w loga nie musiałem zaglądać

To nie jedyne forum i że mało się tu wypowiadam nie znaczy o mojej wiedzy.

wirusolog
komentarz
komentarz (edytowane)

[quote]
Nie zaglądałem w loga strzelałem tylko po objawach[/quote]
Jeżeli strzelasz to możesz sobie odpuścić ten dział. Tutaj są potrzebne twardy dowody a nie wróżenie z fusów. Sality to nie jeden wirus który blokuję Edytor Rejestru i Menedżer Zadań. Są setki innych, w tym właśnie infekcja skrótowa z pendrivów. Następnym razem sprawdzaj logi a nie celuj.

mac_iek13
komentarz
komentarz (edytowane)

[quote name='wirusolog' timestamp='1345721786' post='1565839']
Czemu tak uważasz? Ja w tych logach nie widzę wirusa SALITY ani jego pobocznych zniszczeń. Jest tu jednak infekcja z pendrive:


Która też poblokowała różne rzeczy w systemie, w tym Menadżer Zadań / Edytor Rejestru oraz msconfig:



Zanim przejdziemy do usuwania OTLem chcę mieć cały obraz sytuacji. Podłącz wszystkie urządzenia przenośne ([b]pendrive / komórki / mp3 / dyski przenośne[/b]) i użyj [url="http://www.hotfix.pl/uzytkowanie-programu-usbfix-a310.htm"][b][u]USBFix[/u][/b][/url] z opcji [b]LISTING[/b].
Pokaż raport który wyskoczy.
[/quote]

a dało by radę bez tego podłączania mp3 komórki itd. pozbyć się problemu?

wirusolog
komentarz
komentarz (edytowane)

A co? Podłączyć nie możesz, czy Ci się nie chcę?
Infekcje z komputera usuniemy, ale wszystko to co zostało podpięte pod komputer jest zainfekowane, uważam, że również z Twoich rzeczy.

mac_iek13
komentarz
komentarz (edytowane)

to nie jest mój pc więc będzie trudno, ale z tego co wiem problem ten wystąpił po instalowaniu gier z płyt cd/dvd a [b]pendrive / komórki / mp3 / dyski przenośne [/b]nie były podłączane

wirusolog
komentarz
komentarz (edytowane)

[b]1.[/b] Uruchom OTL i w oknie [b]Własne opcje skanowania/Skrypt[/b] wklej następujący tekst:

[quote]:OTL
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [url="http://fpdownload.ma...ash/swflash.cab"]http://fpdownload.ma...ash/swflash.cab[/url] (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O7 - HKU\S-1-5-21-448539723-2049760794-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowRun = 1
O7 - HKU\S-1-5-21-448539723-2049760794-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: msconfig.exe = msconfig.exe
O7 - HKU\S-1-5-21-448539723-2049760794-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O4 - HKU\S-1-5-21-448539723-2049760794-682003330-1003..\Run: [HW_OPENEYE_OUC_blueconnect] "C:\Program Files\blueconnect\UpdateDog\ouc.exe" File not found
O4 - HKU\S-1-5-21-448539723-2049760794-682003330-1003..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart File not found
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O3 - HKU\S-1-5-21-448539723-2049760794-682003330-1003\..\Toolbar\WebBrowser: (no name) - {71B6ACF7-4F0F-4FD8-BB69-6D1A4D271CB7} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found

:Services
noskrnl.sys
hwdatacard
huawei_enumerator
huawei_cdcacm
filtertdidriver
ew_hwusbdev
adiusbaw
ADILOADER

:Files
C:\WINDOWS\tasks\*.job
C:\Documents and Settings\BRATEK\*.lnk
C:\Documents and Settings\BRATEK\klextlock.dat
C:\WINDOWS\_detmp.1

:Reg
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"SuperHidden"=dword:00000001
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"Hidden"=dword:00000001
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"ShowSuperHidden"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]
"CheckedValue"=dword:00000001
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden]
@=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf]
@="@SYS:DoesNotExist"

:Commands
[emptytemp][/quote]
Kliknij w [b]Wykonaj skrypt[/b]. Zatwierdź restart komputera.

[b]2.[/b] Użyj [url="http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner"][color=#1072E0][b]AdwCleaner[/b][/color][/url] z opcji [b]Delete[/b]. Pokaż raport który się wyświetli w notatniku po restarcie albo znajdziesz go: [b]C:\Clean.txt[/b]

[b]3.[/b] Uruchom USBFix i użyj opcji [b]Research[/b]. Pokaż powstały raport.

[b]4.[/b] Po wykonaniu tych czynnośći tworzysz ponownie logi z OTL. Ale przed wciśnięciem [b]Skanuj[/b] zahaczykuj: [b]Rejestr - skan dodatkowy - Użyj filtrowania[/b]. Potem wciskasz przycisk [b]Skanuj[/b].

Końcowo przedstawiasz logi z:[list]
[*]Raport z usuwania OTL'em
[*]Raport z czyszczenia AdwCleanerem
[*]Raport z szukania USBFixem
[*]Nowe logi z OTL ([b]OTL.txt + Extras.txt[/b])
[/list]

  • Dobra wypowiedź 1
mac_iek13
komentarz
komentarz

a jeszcze gdzie znajdę te USBFix ??

wirusolog
komentarz
komentarz

http://eldesaparecido.com/tools/UsbFix.exe

mac_iek13
komentarz
komentarz

wykonałem prawie wszystko oprócz tego USBFix ponieważ uruchamiam i pojawia się ikona przy zegarze ale nic się nie dzieje, poza tym sprawdzałem i regedit/msconfig działają już dzięki wielkie. mam nadzieję że to już wszystko.
a to logi
z wykonania skryptu
[log]All processes killed
========== OTL ==========
Starting removal of ActiveX control {D27CDB6E-AE6D-11CF-96B8-444553540000}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ not found.
File oft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab not found.
Starting removal of ActiveX control Microsoft XML Parser for Java
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.
Registry value HKEY_USERS\S-1-5-21-448539723-2049760794-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\DisallowRun not found.
Registry key HKEY_USERS\S-1-5-21-448539723-2049760794-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun not found.
Registry value HKEY_USERS\S-1-5-21-448539723-2049760794-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableTaskMgr not found.
Registry value HKEY_USERS\S-1-5-21-448539723-2049760794-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Run\\HW_OPENEYE_OUC_blueconnect not found.
Registry value HKEY_USERS\S-1-5-21-448539723-2049760794-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Run\\OM_Monitor not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck not found.
Registry value HKEY_USERS\S-1-5-21-448539723-2049760794-682003330-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{71B6ACF7-4F0F-4FD8-BB69-6D1A4D271CB7} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{71B6ACF7-4F0F-4FD8-BB69-6D1A4D271CB7}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=\ not found.
========== SERVICES/DRIVERS ==========
Error: No service named noskrnl.sys was found to stop!
Service\Driver key noskrnl.sys not found.
Error: No service named hwdatacard was found to stop!
Service\Driver key hwdatacard not found.
Error: No service named huawei_enumerator was found to stop!
Service\Driver key huawei_enumerator not found.
Error: No service named huawei_cdcacm was found to stop!
Service\Driver key huawei_cdcacm not found.
Error: No service named filtertdidriver was found to stop!
Service\Driver key filtertdidriver not found.
Error: No service named ew_hwusbdev was found to stop!
Service\Driver key ew_hwusbdev not found.
Error: No service named adiusbaw was found to stop!
Service\Driver key adiusbaw not found.
Error: No service named ADILOADER was found to stop!
Service\Driver key ADILOADER not found.
========== FILES ==========
File\Folder C:\WINDOWS\tasks\*.job not found.
File\Folder C:\Documents and Settings\BRATEK\*.lnk not found.
File\Folder C:\Documents and Settings\BRATEK\klextlock.dat not found.
File\Folder C:\WINDOWS\_detmp.1 not found.
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\ deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\\"SuperHidden"|dword:00000001 /E : value set successfully!
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\\"Hidden"|dword:00000001 /E : value set successfully!
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\\"ShowSuperHidden"|dword:00000001 /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\\"CheckedValue"|dword:00000001 /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden\ deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden\\@|"" /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf\\@|"@SYS:DoesNotExist" /E : value set successfully!
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator

User: All Users

User: BRATEK
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Google Chrome cache emptied: 6301700 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32768 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3784689 bytes
RecycleBin emptied: 199912 bytes

Total Files Cleaned = 10,00 mb


OTL by OldTimer - Version 3.2.58.1 log created on 08252012_192815

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
[/log]

log z AdwCleaner
[log]# AdwCleaner v1.801 - Logfile created 08/25/2012 at 19:37:42
# Updated 14/08/2012 by Xplode
# Operating system : Microsoft Windows XP Dodatek Service Pack 2 (32 bits)
# User : BRATEK - DOM
# Boot Mode : Normal
# Running from : C:\Documents and Settings\BRATEK\Moje dokumenty\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Registre - GUID] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v6.0.2900.2180

[OK] Registry is clean.

*************************

AdwCleaner[S1].txt - [586 octets] - [25/08/2012 19:37:42]

########## EOF - C:\AdwCleaner[S1].txt - [713 octets] ##########
[/log]

nowe logi z OTLa
[log]OTL logfile created on: 2012-08-25 19:49:13 - Run 3
OTL by OldTimer - Version 3.2.58.1 Folder = C:\Documents and Settings\BRATEK\Moje dokumenty\Downloads
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

511,53 Mb Total Physical Memory | 85,44 Mb Available Physical Memory | 16,70% Memory free
1,22 Gb Paging File | 0,76 Gb Available in Paging File | 62,57% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 14,65 Gb Total Space | 5,80 Gb Free Space | 39,60% Space Free | Partition Type: NTFS
Drive D: | 29,29 Gb Total Space | 21,89 Gb Free Space | 74,73% Space Free | Partition Type: NTFS
Drive E: | 30,59 Gb Total Space | 19,56 Gb Free Space | 63,94% Space Free | Partition Type: NTFS
Drive H: | 654,81 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: DOM | User Name: BRATEK | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2012-08-21 22:03:29 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\BRATEK\Moje dokumenty\Downloads\OTL.exe
PRC - [2012-08-15 11:05:56 | 000,574,669 | ---- | M] () -- C:\UsbFix\Go.exe
PRC - [2012-08-14 06:31:01 | 001,229,848 | ---- | M] (Google Inc.) -- C:\Documents and Settings\BRATEK\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
PRC - [2012-01-31 15:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2012-01-17 20:03:24 | 002,339,168 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\AVG\AVG10\avgtray.exe
PRC - [2011-09-09 03:10:56 | 001,082,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\AVG\AVG10\avgnsx.exe
PRC - [2011-08-18 01:33:26 | 000,659,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\AVG\AVG10\avgrsx.exe
PRC - [2011-05-23 14:13:04 | 000,657,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\AVG\AVG10\avgchsvx.exe
PRC - [2011-03-28 03:00:52 | 000,351,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\AVG\AVG10\avgcsrvx.exe
PRC - [2011-03-09 19:24:44 | 002,708,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\AVG\AVG10\avgfws.exe
PRC - [2011-02-10 07:55:18 | 001,148,256 | ---- | M] () -- C:\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011-02-08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\AVG\AVG10\avgwdsvc.exe
PRC - [2011-02-08 05:32:42 | 000,750,432 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\AVG\AVG10\avgam.exe
PRC - [2009-03-15 11:41:49 | 000,139,264 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\system32\UAService7.exe
PRC - [2006-05-25 01:20:50 | 000,593,920 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe
PRC - [2006-05-10 10:48:08 | 000,094,208 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.exe
PRC - [2004-08-04 00:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2003-05-05 09:57:30 | 000,143,360 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
PRC - [2002-09-20 17:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2012-08-15 11:05:56 | 000,574,669 | ---- | M] () -- C:\UsbFix\Go.exe
MOD - [2012-08-14 06:30:59 | 000,442,392 | ---- | M] () -- C:\Documents and Settings\BRATEK\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1180.79\ppgooglenaclpluginchrome.dll
MOD - [2012-08-14 06:30:58 | 012,235,288 | ---- | M] () -- C:\Documents and Settings\BRATEK\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1180.79\PepperFlash\pepflashplayer.dll
MOD - [2012-08-14 06:30:57 | 003,997,720 | ---- | M] () -- C:\Documents and Settings\BRATEK\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1180.79\pdf.dll
MOD - [2012-08-14 06:29:28 | 000,144,424 | ---- | M] () -- C:\Documents and Settings\BRATEK\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1180.79\avutil-51.dll
MOD - [2012-08-14 06:29:27 | 000,266,792 | ---- | M] () -- C:\Documents and Settings\BRATEK\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1180.79\avformat-54.dll
MOD - [2012-08-14 06:29:26 | 002,480,680 | ---- | M] () -- C:\Documents and Settings\BRATEK\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1180.79\avcodec-54.dll
MOD - [2011-02-10 07:55:18 | 001,148,256 | ---- | M] () -- C:\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
MOD - [2004-12-26 20:34:38 | 000,121,344 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2004-08-04 00:44:04 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2001-04-16 16:39:02 | 000,037,808 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2012-01-31 15:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011-03-09 19:24:44 | 002,708,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\AVG\AVG10\avgfws.exe -- (avgfws)
SRV - [2011-02-08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2009-03-15 11:41:49 | 000,139,264 | ---- | M] (Sony DADC Austria AG.) [Auto | Running] -- C:\WINDOWS\system32\UAService7.exe -- (UserAccess7)
SRV - [2007-12-23 14:50:54 | 000,069,120 | ---- | M] (BOONTY) [On_Demand | Stopped] -- C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe -- (Boonty Games)
SRV - [2002-09-20 17:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\BRATEK\USTAWI~1\Temp\sony_ssm.sys -- (sony_ssm.sys)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (ar6d62g7)
DRV - [2011-05-27 19:05:44 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011-04-05 00:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011-03-16 16:03:20 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011-03-01 14:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011-02-22 08:13:02 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV - [2011-02-10 07:53:54 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011-02-10 07:53:52 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011-01-07 06:41:46 | 000,248,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010-07-12 04:33:54 | 000,030,432 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwfd)
DRV - [2010-07-12 04:33:54 | 000,030,432 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwdx)
DRV - [2007-01-10 22:44:59 | 000,639,224 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2006-05-25 01:53:06 | 000,003,712 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE)
DRV - [2006-05-10 10:56:54 | 000,027,264 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidKE.Sys -- (LHidKe)
DRV - [2006-05-10 10:56:50 | 000,071,680 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE)
DRV - [2006-05-10 10:56:26 | 000,036,736 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidUsbK.sys -- (LHidUsbK)
DRV - [2006-05-10 10:56:18 | 000,056,064 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042mou.Sys -- (L8042mou)
DRV - [2006-05-10 10:56:08 | 000,013,568 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2005-02-23 04:36:03 | 000,986,624 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004-08-04 01:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2004-03-08 13:55:50 | 000,013,567 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)
DRV - [2003-07-02 05:42:00 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\VIAAGP1.SYS -- (viaagp1)
DRV - [2001-08-17 22:02:32 | 000,008,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hidgame.sys -- (hidgame)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[color=#E56717]========== FireFox ==========[/color]

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Program Files\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2571: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1739: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\BRATEK\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\BRATEK\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\AVG\AVG10\Firefox4\ [2012-08-20 21:25:29 | 000,000,000 | ---D | M]


[color=#E56717]========== Chrome ==========[/color]

CHR - homepage: http://www.google.pl/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.pl/
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\BRATEK\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1180.79\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\BRATEK\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1180.79\gcswf32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\BRATEK\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1180.79\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\BRATEK\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1180.79\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Acrobat 5.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\BRATEK\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: DivX\u00AE Content Upload Plugin (Enabled) = C:\Program Files\DivX\DivX Content Uploader\npUpload.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll
CHR - plugin: DivX\u00AE Web Player (Enabled) = C:\Program Files\DivX\DivX Web Player\npdivx32.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
CHR - Extension: AVG Safe Search = C:\Documents and Settings\BRATEK\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\

O1 HOSTS File: ([2012-08-21 21:52:15 | 000,000,789 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx ()
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [AVG_TRAY] C:\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Logitech Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech Inc.)
O4 - HKLM..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe (Analog Devices, Inc.)
O4 - HKCU..\Run: [AutoConnect] C:\Program Files\AutoConnect\AutoConnect.exe File not found
O4 - HKCU..\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe.bin (Gadu-Gadu S.A.)
O4 - HKLM..\RunOnce: [] File not found
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech Inc.)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = FF 00 00 00 [binary data]
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (Intertrust Technologies, Inc.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6317981E-E0FC-4B5D-A5C6-15AED91DD230}: DhcpNameServer = 10.0.0.2
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\BRATEK\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\BRATEK\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005-03-25 01:30:57 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2002-11-17 12:35:56 | 000,000,139 | R--- | M] () - H:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\AVG\AVG10\avgchsvx.exe /sync)
O34 - HKLM BootExecute: (C:\AVG\AVG10\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012-08-25 19:22:03 | 000,000,000 | ---D | C] -- C:\_OTL
[2012-08-25 19:20:12 | 000,000,000 | ---D | C] -- C:\UsbFix
[2012-08-25 08:22:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BRATEK\Moje dokumenty\Downloads
[2012-08-25 08:19:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BRATEK\Menu Start\Programy\Google Chrome
[2012-08-25 08:18:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BRATEK\Ustawienia lokalne\Dane aplikacji\Google
[2012-08-22 21:26:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2012-08-21 22:34:38 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012-08-21 22:34:36 | 000,000,000 | ---D | C] -- C:\rsit
[2012-08-21 20:14:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BRATEK\DoctorWeb
[2012-08-20 21:09:41 | 000,000,000 | -H-D | C] -- C:\$AVG
[2012-08-20 21:05:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BRATEK\Dane aplikacji\AVG10
[2012-08-20 21:02:50 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files
[2012-08-20 21:02:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\AVG 2011
[2012-08-20 21:00:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG10
[2012-08-20 21:00:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\AVG
[2012-08-20 20:58:42 | 000,000,000 | ---D | C] -- C:\AVG
[2012-08-20 20:53:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\MFAData
[2012-08-12 01:21:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BRATEK\Pulpit\Bambi 2
[2012-08-04 23:49:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Nicolas Games
[2012-08-04 23:27:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BRATEK\Moje dokumenty\18 WoS Across America
[2012-08-04 23:26:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\18 Wheels of Steel Across America
[2012-07-30 22:38:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BRATEK\Pulpit\mi

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012-08-25 19:39:36 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012-08-25 19:26:44 | 104,853,765 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012-08-25 19:18:02 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012-08-25 08:19:53 | 000,002,323 | ---- | M] () -- C:\Documents and Settings\BRATEK\Pulpit\Google Chrome.lnk
[2012-08-23 08:58:40 | 000,000,192 | ---- | M] () -- C:\WINDOWS\winamp.ini
[2012-08-23 08:42:22 | 000,051,712 | ---- | M] () -- C:\Documents and Settings\BRATEK\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-08-23 08:37:51 | 005,088,651 | ---- | M] () -- C:\Documents and Settings\BRATEK\Pulpit\Tom Boxer Morena feat. J Warner - Deep In Love -Original Club Edit-__.mp3
[2012-08-22 21:27:59 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2012-08-22 21:27:59 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2012-08-22 21:27:59 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2012-08-21 21:52:15 | 000,000,789 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012-08-20 21:25:31 | 000,000,594 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\AVG 2011.lnk
[2012-08-20 21:18:16 | 000,625,911 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavifw.avm
[2012-08-20 20:55:41 | 000,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-08-25 19:26:44 | 104,853,765 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012-08-25 08:19:53 | 000,002,323 | ---- | C] () -- C:\Documents and Settings\BRATEK\Pulpit\Google Chrome.lnk
[2012-08-22 21:25:49 | 000,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2012-08-22 21:25:49 | 000,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2012-08-20 21:18:16 | 000,625,911 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\iavifw.avm
[2012-08-20 21:02:15 | 000,000,594 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\AVG 2011.lnk
[2012-08-12 01:33:18 | 714,907,648 | ---- | C] () -- C:\Documents and Settings\BRATEK\Pulpit\Shrek forever after.2010.PL.DUBB.MD.DVDRip.XviD-REViVE.avi
[2012-08-12 01:16:31 | 005,253,581 | ---- | C] () -- C:\Documents and Settings\BRATEK\Pulpit\D Bomb - Mysle (Summer Mix Radio Edit) - www.mp3i.info.mp3
[2012-08-12 01:15:51 | 005,446,425 | ---- | C] () -- C:\Documents and Settings\BRATEK\Pulpit\dla rodziców-Ultra.mp3
[2012-08-12 01:14:11 | 003,510,272 | ---- | C] () -- C:\Documents and Settings\BRATEK\Pulpit\- Gosia Andrzejewicz - Nieśmiały chłopak.mp3
[2012-07-30 22:39:40 | 003,036,549 | ---- | C] () -- C:\Documents and Settings\BRATEK\Pulpit\tomasz niecik - cztery osiemnastki 2010.mp3
[2012-07-30 22:39:34 | 005,088,651 | ---- | C] () -- C:\Documents and Settings\BRATEK\Pulpit\Tom Boxer Morena feat. J Warner - Deep In Love -Original Club Edit-__.mp3
[2012-07-14 22:44:00 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2012-07-14 22:43:59 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2012-03-10 16:17:48 | 000,000,288 | ---- | C] () -- C:\Documents and Settings\BRATEK\Dane aplikacji\Taxi4.MCS
[2011-02-18 11:20:13 | 000,000,246 | ---- | C] () -- C:\Documents and Settings\BRATEK\EggSucker.cfg
[2011-02-18 11:20:13 | 000,000,150 | ---- | C] () -- C:\Documents and Settings\BRATEK\EggsuckerV20.cfg
[2010-10-17 17:49:24 | 000,000,643 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2005-03-24 19:53:37 | 000,051,712 | ---- | C] () -- C:\Documents and Settings\BRATEK\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:38091CBB

< End of report >
[/log]

extras
[log]OTL Extras logfile created on: 2012-08-25 19:49:13 - Run 3
OTL by OldTimer - Version 3.2.58.1 Folder = C:\Documents and Settings\BRATEK\Moje dokumenty\Downloads
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

511,53 Mb Total Physical Memory | 85,44 Mb Available Physical Memory | 16,70% Memory free
1,22 Gb Paging File | 0,76 Gb Available in Paging File | 62,57% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 14,65 Gb Total Space | 5,80 Gb Free Space | 39,60% Space Free | Partition Type: NTFS
Drive D: | 29,29 Gb Total Space | 21,89 Gb Free Space | 74,73% Space Free | Partition Type: NTFS
Drive E: | 30,59 Gb Total Space | 19,56 Gb Free Space | 63,94% Space Free | Partition Type: NTFS
Drive H: | 654,81 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: DOM | User Name: BRATEK | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
.scr [@ = scrfile] -- "%1" /S "%3"

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML.TYIQHA3NI2B43ON3SJRSSSHF7A] -- C:\Documents and Settings\BRATEK\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe (Google Inc.)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S "%3"
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "D:\winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "D:\winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "D:\winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"UacDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallDisableNotify" = 0
"FirewallOverride" = 0
"UacDisableNotify" = 0
"UpdatesDisableNotify" = 0

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Gadu-Gadu\gg.exe" = C:\Program Files\Gadu-Gadu\gg.exe:*:Disabled:Gadu-Gadu - program glowny
"C:\Program Files\Kazaa Lite Rewolucja\kazaalite.kpp" = C:\Program Files\Kazaa Lite Rewolucja\kazaalite.kpp:*:Enabled:kazaalite -- ()
"D:\quake 3\quake3.exe" = D:\quake 3\quake3.exe:*:Enabled:quake3
"D:\WYSCIGI\Speed.exe" = D:\WYSCIGI\Speed.exe:*:Enabled:Speed
"D:\Serious Sam 2\Bin\Sam2.exe" = D:\Serious Sam 2\Bin\Sam2.exe:*:Disabled:Sam2
"E:\net\eMule\emule.exe" = E:\net\eMule\emule.exe:*:Enabled:eMule
"D:\Quake3\quake3.exe" = D:\Quake3\quake3.exe:*:Enabled:quake3
"C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
"C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\_install.exe" = C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\_install.exe:*:Disabled:_install
"C:\Program Files\City Interactive\Overspeed\LASR.exe" = C:\Program Files\City Interactive\Overspeed\LASR.exe:*:Disabled:Overspeed -- (Invictus Games Ltd.)
"C:\Program Files\Counter-Strike 1.6\hl.exe" = C:\Program Files\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher
"C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam
"E:\AUDIO_TS\MSOCache\net\eMule\emule.exe" = E:\AUDIO_TS\MSOCache\net\eMule\emule.exe:*:Disabled:eMule
"D:\Counter-Strike 1.6\hl.exe" = D:\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)
"C:\WINDOWS\noskrnl.exe" = C:\WINDOWS\noskrnl.exe:*:Enabled:enable
"C:\AVG\AVG10\avgmfapx.exe" = C:\AVG\AVG10\avgmfapx.exe:*:Enabled:Instalator AVG -- (AVG Technologies CZ, s.r.o.)
"C:\AVG\AVG10\avgdiagex.exe" = C:\AVG\AVG10\avgdiagex.exe:*:Enabled:Diagnostyka AVG 2011 -- (AVG Technologies CZ, s.r.o.)
"C:\AVG\AVG10\avgnsx.exe" = C:\AVG\AVG10\avgnsx.exe:*:Enabled:Ochrona Sieci -- (AVG Technologies CZ, s.r.o.)
"C:\AVG\AVG10\avgam.exe" = C:\AVG\AVG10\avgam.exe:*:Enabled:Menedżer alarmów systemu AVG -- (AVG Technologies CZ, s.r.o.)
"C:\AVG\AVG10\avgemcx.exe" = C:\AVG\AVG10\avgemcx.exe:*:Enabled:Uniwersalny skaner poczty e-mail -- (AVG Technologies CZ, s.r.o.)


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}" = Logitech SetPoint
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}" = SAGEM F@st 800-840
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{92B94569-6683-4617-8C54-EB27A1B51B30}" = GTA III
"{AC76BA86-7AD7-1038-7B44-CEA000000001}" = Adobe Reader 6.0.2 CE
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{C8FC7066-4457-4365-9BDF-4E439BF703C8}" = AVG 2011
"{D26D1A53-D8A2-4004-BC98-0642B4EEAAB2}" = Colin McRae Rally 3
"{E533E637-FB3E-4F28-8B18-449CC9AB7235}" = AVG 2011
"{EE7B9A8D-19F0-450D-8E94-3E391E6044CD}" = KhalSetup
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"18 Wheels of Steel Across America" = 18 Wheels of Steel Across America
"Adobe Acrobat 5.0" = Adobe Acrobat 4.0, 5.0
"Adobe Photoshop 5.0" = Adobe Photoshop 5.0
"All ATI Software" = Narzędzie Software Uninstall Utility firmy ATI
"ALLPlayer V2.1" = ALLPlayer V2.1
"ALLPlayer V3.1_is1" = ALLPlayer V3.X
"AngelPotion Video Codec V1" = AngelPotion Video Codec V1
"AnswerWorks" = AnswerWorks Runtime
"ATI Display Driver" = ATI Display Driver
"AVG" = AVG 2011
"Corel Applications" = Corel Applications
"Counter-Strike 1.6" = Counter-Strike 1.6
"Crystalix_is1" = Crystalix
"DirectShowPack" = DirectShow Pack (remove only)
"DivX 5.0.2 Pro Bundle" = DivX 5.0.2 Pro Bundle
"DivX Content Uploader" = DivX Content Uploader
"eMule" = eMule
"ffdshow" = ffdshow (remove only)
"Gadu-Gadu" = Gadu-Gadu 7.6
"GameSpy Arcade" = GameSpy Arcade
"Kazaa Lite Rewolucja_is1" = Kazaa Lite Rewolucja 2.6
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 1.63
"LEGO Racers" = LEGO Racers
"OS_is1" = Overspeed: High Performance Street Racing
"Poszukiwacze zaginionego kurczaka_is1" = Poszukiwacze zaginionego kurczaka
"QuickTime" = QuickTime
"Racer" = Racer
"Reksio_i_Kretes_w_Akcji._Polish" = Reksio i Kretes w Akcji
"Shockwave" = Shockwave
"Turtle Odyssey 1.00" = Turtle Odyssey 1.00
"Usbfix" = UsbFix By El Desaparecido
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Winamp" = Winamp (remove only)
"WinRAR archiver" = WinRAR archiver
"WinZip" = WinZip

[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2012-08-11 19:13:18 | Computer Name = DOM | Source = SecurityCenter | ID = 1802
Description = Usługa Centrum zabezpieczeń systemu Windows nie może ustanowić kwerend
zdarzeń z WMI, aby monitorować zaporę i program antywirusowy innej firmy.

Error - 2012-08-12 04:45:57 | Computer Name = DOM | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd winamp.exe, wersja 5.0.0.8, moduł powodujący
błąd gen_ff.dll, wersja 0.0.0.0, adres błędu 0x0002222d.

Error - 2012-08-17 03:46:57 | Computer Name = DOM | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd winamp.exe, wersja 5.0.0.8, moduł powodujący
błąd gen_ff.dll, wersja 0.0.0.0, adres błędu 0x0002222d.

Error - 2012-08-23 02:45:46 | Computer Name = DOM | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca winamp.exe, wersja 5.0.0.8, moduł zawieszenia
hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

Error - 2012-08-23 02:47:31 | Computer Name = DOM | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd ashavast.exe, wersja 4.6.665.0, moduł powodujący
błąd unknown, wersja 0.0.0.0, adres błędu 0x00000000.

Error - 2012-08-23 02:48:00 | Computer Name = DOM | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd ashavast.exe, wersja 4.6.665.0, moduł powodujący
błąd unknown, wersja 0.0.0.0, adres błędu 0x00000000.

Error - 2012-08-23 02:59:19 | Computer Name = DOM | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd ashsimpl.exe, wersja 4.6.665.0, moduł powodujący
błąd unknown, wersja 0.0.0.0, adres błędu 0x00000000.

Error - 2012-08-25 02:16:26 | Computer Name = DOM | Source = crypt32 | ID = 131083
Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej
aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>,
wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji
bieżącego zegara systemowego lub sygnatury czasowej.

Error - 2012-08-25 02:16:26 | Computer Name = DOM | Source = crypt32 | ID = 131083
Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej
aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>,
wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji
bieżącego zegara systemowego lub sygnatury czasowej.

Error - 2012-08-25 13:23:56 | Computer Name = DOM | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca OTL.exe, wersja 3.2.58.1, moduł zawieszenia
hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

[ System Events ]
Error - 2012-08-22 14:40:37 | Computer Name = DOM | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi General Purpose USB Driver (adildr.sys)
z powodu następującego błędu: %%2

Error - 2012-08-22 15:26:06 | Computer Name = DOM | Source = System Error | ID = 1003
Description = Kod błędu 1000007e, parametr 1 c0000005, parametr 2 ebc23015, parametr
3 f8988a6c, parametr 4 f8988768.

Error - 2012-08-22 15:26:14 | Computer Name = DOM | Source = System Error | ID = 1003
Description = Kod błędu 1000007e, parametr 1 c0000005, parametr 2 eca1a015, parametr
3 f8984a6c, parametr 4 f8984768.

Error - 2012-08-25 13:18:03 | Computer Name = DOM | Source = Dhcp | ID = 1002
Description = Adres IP połączenia 0.0.0.0 dla karty sieciowej o adresie 0011D8078E6C
został zabroniony przez serwer DHCP 0.0.0.0 (Serwer DHCP wysłał komunikat DHCPNACK).

Error - 2012-08-25 13:18:49 | Computer Name = DOM | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi General Purpose USB Driver (adildr.sys)
z powodu następującego błędu: %%2

Error - 2012-08-25 13:22:05 | Computer Name = DOM | Source = Service Control Manager | ID = 7034
Description = Usługa Ati HotKey Poller niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1.

Error - 2012-08-25 13:22:08 | Computer Name = DOM | Source = Service Control Manager | ID = 7034
Description = Usługa SoundMAX Agent Service niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1.

Error - 2012-08-25 13:22:08 | Computer Name = DOM | Source = Service Control Manager | ID = 7034
Description = Usługa SecuROM User Access Service (V7) niespodziewanie zakończyła
pracę. Wystąpiło to razy: 1.

Error - 2012-08-25 13:22:12 | Computer Name = DOM | Source = PlugPlayManager | ID = 11
Description = Urządzenie Root\LEGACY_FILTERTDIDRIVER\0000 zniknęło z systemu bez
uprzedniego przygotowania go do usunięcia.

Error - 2012-08-25 13:22:12 | Computer Name = DOM | Source = PlugPlayManager | ID = 11
Description = Urządzenie Root\LEGACY_NOSKRNL.SYS\0000 zniknęło z systemu bez uprzedniego
przygotowania go do usunięcia.


< End of report >
[/log]

wirusolog
komentarz
komentarz (edytowane)

Infekcja pomyślnie usunięta, tym, że skrypt został wykonywany dwa razy i został wklejony po drugiej operacji.
Przechodzimy do kroków finalizujących.
[hr]

[b]1.[/b] Uruchom OTL i w oknie [b]Własne opcje skanowania/Skrypt[/b] wklej następujący tekst:

[quote]:OTL
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\BRATEK\USTAWI~1\Temp\sony_ssm.sys -- (sony_ssm.sys)
O4 - HKLM..\RunOnce: [] File not found[/quote]
Klik w [b]Wykonaj Skrypt[/b]. Tym razem restartu nie będzie. Raportu też nie musisz pokazywać

[b]2.[/b] Sprzątanie po narzędziach:
[list]
[*]Uruchom OTL i wciśnij [b]Sprzątanie[/b]. Zgódź się na restart systemu
[*]Uruchom AdwCleaner i wciśnij [b]Uninstall[/b].
[*]Uruchom USBFix i wciśnij [b]Uninstall[/b].[/list]

[b]3.[/b] Wyzeruj stan w folderach System Volume Information: PPM na Mój Komputer => Właściwości => Przywracanie systemu => [b]odhaczykuj[/b] ,,Wyłącz Przywracanie systemu na wszystkich dyskach"
[img]http://iv.pl/images/62558709259312512906.png[/img]

[b]4.[/b] Najważniejsze aktualizacje:
[quote]Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
"Gadu-Gadu" = Gadu-Gadu 7.6[/quote]
[list]
[*]Załataj krytyczne luki w systemie: [url=http://www.microsoft.com/pl-pl/download/details.aspx?id=24][b][color=blue][u]Windows XP SP 3[/url][/b][/color][/u] + [url=http://windows.microsoft.com/pl-PL/internet-explorer/downloads/ie-8][b][color=blue][u]IE 8[/url][/b][/color][/u]
[*]Gadu-Gadu 7.7 to stary i niebezpieczny program. Nie wspomne też o 10-tce która jest ociężała dla systemu. Alternatywe którą polecma to: [url=http://download.wtw.im/][b][color=blue][u]WTW[/url][/b][/color][/u][/list]

mac_iek13
komentarz
komentarz

kurcze jeszcze jeden problem wystąpił otóż napęd dvd przesłało działać, nie chce wysunąć się tacka tak jak by była zablokowana
wysunie się z 1cm i nie chce dalej iść, a jak jeszcze raz nacisnę to się chowa normalnie.

wirusolog
komentarz
komentarz

Problem nie jest związany z Software oraz czynnościami które tutaj wykonywaliśmy. Odwiedź te linki: [url=http://forum.dobreprogramy.pl/nie-wysuwa-sie-tacka-napedzie-t495828.html][b]LINK 1[/url][/b] / [url=http://www.elektroda.pl/rtvforum/topic863490.html][b]LINK 2[/url][/b].
Ewentualnie niech jakiś @Moderator przeniesie temat do innego działu, tutaj moja ,,działka" się kończy.

mac_iek13
komentarz
komentarz

ok, jeszcze raz wielkie dzięki za pomoc ;)

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.