burzecg utworzono 26 listopada 2012 utworzono 26 listopada 2012 Witam zainstalowałem win 7 około tydzień temu i dziś po włączeniu komputera wszystkie programy, których skróty mam na pulpicie zaczęły się włączać w niekontrolowany sposób. To samo działo się z kilkoma plikami pdf i zdjęciami, które również mam na pulpicie. Po kliknięciu przycisku start w polu wyszukiwania programów nieustannie pojawiał się ciąg liter. Restart systemu nie pomógł, więc uruchomiłem komputer w trybie awaryjnym i zrobiłem przywracanie systemu. Na razie jest ok ale prosiłbym o sprawdzenie logów. Log OTL [log] OTL logfile created on: 2012-11-26 19:46:23 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\GRZESIEK\Downloads Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,25 Gb Total Physical Memory | 2,21 Gb Available Physical Memory | 68,03% Memory free 6,50 Gb Paging File | 5,36 Gb Available in Paging File | 82,52% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 97,56 Gb Total Space | 25,46 Gb Free Space | 26,10% Space Free | Partition Type: NTFS Drive D: | 292,97 Gb Total Space | 22,92 Gb Free Space | 7,82% Space Free | Partition Type: NTFS Drive E: | 540,89 Gb Total Space | 192,93 Gb Free Space | 35,67% Space Free | Partition Type: NTFS Computer Name: KOMP | User Name: GRZESIEK | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2012-11-26 19:43:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\GRZESIEK\Downloads\OTL.exe PRC - [2012-11-20 22:55:38 | 000,269,824 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxupdate.exe PRC - [2012-11-19 21:39:13 | 000,968,592 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe PRC - [2012-10-31 22:15:08 | 001,242,136 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe PRC - [2012-10-30 22:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2012-10-30 22:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2012-07-26 03:21:03 | 000,196,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exe PRC - [2012-06-02 22:19:33 | 000,053,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuauclt.exe PRC - [2012-02-11 05:37:49 | 000,317,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe PRC - [2011-11-17 05:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe PRC - [2011-05-04 04:28:31 | 000,427,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe PRC - [2011-02-25 05:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010-11-20 12:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe PRC - [2010-11-20 12:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe PRC - [2010-11-20 12:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2010-11-20 12:17:16 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe PRC - [2009-12-23 21:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe PRC - [2009-08-18 01:36:36 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe PRC - [2009-08-18 01:36:08 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe PRC - [2009-07-14 01:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe PRC - [2009-07-14 01:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 01:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 01:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 01:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 01:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 01:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 01:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 01:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 01:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 01:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 01:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 01:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 01:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe PRC - [2009-07-14 01:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe PRC - [2009-07-14 01:14:19 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe PRC - [2009-07-14 01:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe PRC - [2009-06-10 21:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2012-11-26 19:43:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\GRZESIEK\Downloads\OTL.exe MOD - [2012-11-23 14:39:25 | 000,043,272 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\defs\12112600\uiext.dll MOD - [2012-11-19 21:39:13 | 000,968,592 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe MOD - [2012-11-19 18:35:40 | 003,780,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4bf5400abf9d60b7\mfc90u.dll MOD - [2012-10-31 22:15:08 | 001,242,136 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe MOD - [2012-10-31 22:15:05 | 000,460,312 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.64\ppgooglenaclpluginchrome.dll MOD - [2012-10-31 22:15:04 | 012,455,448 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.64\PepperFlash\pepflashplayer.dll MOD - [2012-10-31 22:15:02 | 004,007,448 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.64\pdf.dll MOD - [2012-10-31 22:13:47 | 000,587,288 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.64\libglesv2.dll MOD - [2012-10-31 22:13:46 | 000,123,928 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.64\libegl.dll MOD - [2012-10-31 22:13:44 | 009,962,520 | ---- | M] (The ICU Project) -- C:\Program Files\Google\Chrome\Application\23.0.1271.64\icudt.dll MOD - [2012-10-31 22:13:37 | 041,741,848 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\23.0.1271.64\chrome.dll MOD - [2012-10-31 22:13:35 | 000,156,712 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.64\avutil-51.dll MOD - [2012-10-31 22:13:34 | 000,274,984 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.64\avformat-54.dll MOD - [2012-10-31 22:13:32 | 002,168,360 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.64\avcodec-54.dll MOD - [2012-10-30 22:51:26 | 000,242,056 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\1045\uiLangRes.dll MOD - [2012-10-30 22:51:26 | 000,095,784 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\1045\Base.dll MOD - [2012-10-30 22:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe MOD - [2012-10-30 22:50:53 | 000,236,888 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll MOD - [2012-10-30 22:50:51 | 006,439,048 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\CommonRes.dll MOD - [2012-10-30 22:50:47 | 000,476,360 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\aswSqLt.dll MOD - [2012-10-30 22:50:47 | 000,027,296 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\aswUtil.dll MOD - [2012-10-30 22:50:44 | 000,220,944 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\aswLog.dll MOD - [2012-10-30 22:50:44 | 000,217,848 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\aswProperty.dll MOD - [2012-10-30 22:50:44 | 000,126,160 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\aswJsFlt.dll MOD - [2012-10-30 22:50:44 | 000,051,000 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\aswEngLdr.dll MOD - [2012-10-30 22:50:41 | 002,162,488 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\aswAra.dll MOD - [2012-10-30 22:50:41 | 000,682,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\aswAux.dll MOD - [2012-10-30 22:50:41 | 000,347,616 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\aswCmnBS.dll MOD - [2012-10-30 22:50:41 | 000,191,568 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\aswCmnIS.dll MOD - [2012-10-30 22:50:41 | 000,191,080 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\aswData.dll MOD - [2012-10-30 22:50:41 | 000,099,416 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\aswCmnOS.dll MOD - [2012-10-30 22:50:38 | 000,153,976 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\ashTask.dll MOD - [2012-10-30 22:50:38 | 000,121,528 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\ashShell.dll MOD - [2012-10-30 22:50:38 | 000,061,800 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\ashTaskEx.dll MOD - [2012-10-30 22:50:36 | 000,441,352 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\ashBase.dll MOD - [2012-10-30 22:50:30 | 000,368,752 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\Aavm4h.dll MOD - [2012-10-30 22:50:30 | 000,120,504 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AavmRpch.dll MOD - [2012-10-09 17:40:31 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll MOD - [2012-10-03 16:42:26 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nlaapi.dll MOD - [2012-08-24 16:57:48 | 000,981,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll MOD - [2012-08-24 16:57:48 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wintrust.dll MOD - [2012-08-24 16:57:46 | 001,231,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll MOD - [2012-08-24 16:57:46 | 000,132,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll MOD - [2012-08-24 16:57:37 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll MOD - [2012-08-24 16:56:32 | 002,073,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll MOD - [2012-08-24 16:56:32 | 000,163,328 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\ieproxy.dll MOD - [2012-08-24 16:56:31 | 011,020,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll MOD - [2012-08-20 17:40:01 | 000,868,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll MOD - [2012-08-20 17:40:01 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll MOD - [2012-06-09 04:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll MOD - [2012-06-06 05:05:52 | 001,390,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml6.dll MOD - [2012-06-02 22:19:33 | 000,053,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuauclt.exe MOD - [2012-06-02 22:19:33 | 000,045,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll MOD - [2012-06-02 22:12:32 | 002,422,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll MOD - [2012-06-02 04:36:29 | 001,159,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\crypt32.dll MOD - [2012-06-02 04:36:29 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptnet.dll MOD - [2012-04-21 04:21:01 | 001,625,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll MOD - [2012-04-07 11:26:29 | 002,342,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msi.dll MOD - [2012-03-01 05:33:23 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imagehlp.dll MOD - [2012-01-04 08:58:41 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntshrui.dll MOD - [2011-12-30 05:27:56 | 000,478,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl MOD - [2011-12-16 07:52:58 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll MOD - [2011-11-17 05:38:39 | 001,288,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll MOD - [2011-11-17 05:35:02 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\webio.dll MOD - [2011-11-17 05:34:55 | 000,100,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll MOD - [2011-11-17 05:34:52 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll MOD - [2011-08-27 04:26:27 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll MOD - [2011-08-27 04:26:27 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleacc.dll MOD - [2011-06-16 04:33:18 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll MOD - [2011-03-03 05:38:01 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dnsapi.dll MOD - [2011-02-25 05:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe MOD - [2011-01-17 05:47:13 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll MOD - [2010-11-20 12:21:39 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll MOD - [2010-11-20 12:21:39 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wtsapi32.dll MOD - [2010-11-20 12:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ws2_32.dll MOD - [2010-11-20 12:21:38 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WPDShServiceObj.dll MOD - [2010-11-20 12:21:36 | 001,010,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll MOD - [2010-11-20 12:21:36 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winhttp.dll MOD - [2010-11-20 12:21:36 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll MOD - [2010-11-20 12:21:36 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winmm.dll MOD - [2010-11-20 12:21:36 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winsta.dll MOD - [2010-11-20 12:21:36 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wkscli.dll MOD - [2010-11-20 12:21:35 | 001,063,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\werconcpl.dll MOD - [2010-11-20 12:21:35 | 000,381,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wer.dll MOD - [2010-11-20 12:21:34 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll MOD - [2010-11-20 12:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll MOD - [2010-11-20 12:21:33 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll MOD - [2010-11-20 12:21:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll MOD - [2010-11-20 12:21:30 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\thumbcache.dll MOD - [2010-11-20 12:21:28 | 000,505,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll MOD - [2010-11-20 12:21:27 | 002,146,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll MOD - [2010-11-20 12:21:27 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sxs.dll MOD - [2010-11-20 12:21:27 | 000,363,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\StructuredQuery.dll MOD - [2010-11-20 12:21:26 | 000,228,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\stobject.dll MOD - [2010-11-20 12:21:26 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srvcli.dll MOD - [2010-11-20 12:21:25 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll MOD - [2010-11-20 12:21:25 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sqmapi.dll MOD - [2010-11-20 12:21:24 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll MOD - [2010-11-20 12:21:23 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SndVolSSO.dll MOD - [2010-11-20 12:21:19 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll MOD - [2010-11-20 12:21:15 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll MOD - [2010-11-20 12:21:14 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll MOD - [2010-11-20 12:21:06 | 000,646,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchFolder.dll MOD - [2010-11-20 12:21:04 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll MOD - [2010-11-20 12:21:03 | 000,653,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll MOD - [2010-11-20 12:21:03 | 000,473,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\riched20.dll MOD - [2010-11-20 12:21:03 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RpcRtRemote.dll MOD - [2010-11-20 12:21:03 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll MOD - [2010-11-20 12:21:00 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\QUTIL.DLL MOD - [2010-11-20 12:20:57 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll MOD - [2010-11-20 12:20:57 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL MOD - [2010-11-20 12:20:57 | 000,165,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\provsvc.dll MOD - [2010-11-20 12:20:56 | 000,395,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\prnfldr.dll MOD - [2010-11-20 12:20:55 | 001,750,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll MOD - [2010-11-20 12:20:55 | 000,547,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll MOD - [2010-11-20 12:20:49 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll MOD - [2010-11-20 12:20:49 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll MOD - [2010-11-20 12:20:29 | 002,494,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netshell.dll MOD - [2010-11-20 12:20:29 | 001,661,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\networkexplorer.dll MOD - [2010-11-20 12:20:29 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll MOD - [2010-11-20 12:20:27 | 000,801,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll MOD - [2010-11-20 12:19:56 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mswsock.dll MOD - [2010-11-20 12:19:54 | 000,167,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msutb.dll MOD - [2010-11-20 12:19:47 | 000,592,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll MOD - [2010-11-20 12:19:46 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdmo.dll MOD - [2010-11-20 12:19:45 | 000,481,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll MOD - [2010-11-20 12:19:45 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msasn1.dll MOD - [2010-11-20 12:19:39 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll MOD - [2010-11-20 12:19:33 | 003,207,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mf.dll MOD - [2010-11-20 12:19:23 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IPHLPAPI.DLL MOD - [2010-11-20 12:19:22 | 000,118,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll MOD - [2010-11-20 12:19:21 | 000,392,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll MOD - [2010-11-20 12:19:10 | 000,312,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hgcpl.dll MOD - [2010-11-20 12:19:10 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\HotStartUserAgent.dll MOD - [2010-11-20 12:19:05 | 002,576,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll MOD - [2010-11-20 12:19:05 | 000,304,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll MOD - [2010-11-20 12:19:03 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL MOD - [2010-11-20 12:19:03 | 000,206,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\framedynos.dll MOD - [2010-11-20 12:19:01 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll MOD - [2010-11-20 12:19:01 | 000,488,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\evr.dll MOD - [2010-11-20 12:18:38 | 000,128,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll MOD - [2010-11-20 12:18:36 | 000,508,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll MOD - [2010-11-20 12:18:36 | 000,399,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DXP.dll MOD - [2010-11-20 12:18:35 | 001,371,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmcore.dll MOD - [2010-11-20 12:18:35 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll MOD - [2010-11-20 12:18:27 | 000,854,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dbghelp.dll MOD - [2010-11-20 12:18:25 | 001,828,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll MOD - [2010-11-20 12:18:25 | 001,003,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptui.dll MOD - [2010-11-20 12:18:25 | 000,418,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscui.dll MOD - [2010-11-20 12:18:25 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll MOD - [2010-11-20 12:18:25 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscobj.dll MOD - [2010-11-20 12:18:25 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscapi.dll MOD - [2010-11-20 12:18:25 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscdll.dll MOD - [2010-11-20 12:18:24 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\credssp.dll MOD - [2010-11-20 12:18:23 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll MOD - [2010-11-20 12:18:23 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll MOD - [2010-11-20 12:18:12 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll MOD - [2010-11-20 12:18:09 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cabinet.dll MOD - [2010-11-20 12:18:06 | 000,740,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\batmeter.dll MOD - [2010-11-20 12:18:05 | 001,792,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authui.dll MOD - [2010-11-20 12:18:05 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll MOD - [2010-11-20 12:18:03 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll MOD - [2010-11-20 12:18:02 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll MOD - [2010-11-20 12:18:01 | 000,744,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ActionCenter.dll MOD - [2010-11-20 12:18:01 | 000,309,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\actxprxy.dll MOD - [2010-11-20 12:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe MOD - [2010-11-20 12:16:50 | 000,692,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl MOD - [2010-11-20 12:16:50 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv MOD - [2010-11-20 12:16:50 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wdmaud.drv MOD - [2010-11-20 11:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll MOD - [2010-11-05 01:53:44 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcr90.dll MOD - [2010-11-05 01:53:43 | 000,569,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcp90.dll MOD - [2010-05-26 10:41:02 | 002,106,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll MOD - [2010-05-26 10:41:02 | 001,998,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll MOD - [2009-08-18 01:31:32 | 002,469,888 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\System32\atidxx32.dll MOD - [2009-08-18 01:20:38 | 003,105,280 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\System32\atiumdag.dll MOD - [2009-08-18 01:05:32 | 002,868,736 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\System32\atiumdva.dll MOD - [2009-07-14 01:17:54 | 000,249,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bcryptprimitives.dll MOD - [2009-07-14 01:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rsaenh.dll MOD - [2009-07-14 01:16:21 | 000,284,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WWanAPI.dll MOD - [2009-07-14 01:16:21 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wwapi.dll MOD - [2009-07-14 01:16:20 | 000,308,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wpc.dll MOD - [2009-07-14 01:16:20 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscinterop.dll MOD - [2009-07-14 01:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wsock32.dll MOD - [2009-07-14 01:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wship6.dll MOD - [2009-07-14 01:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WSHTCPIP.DLL MOD - [2009-07-14 01:16:19 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll MOD - [2009-07-14 01:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winrnr.dll MOD - [2009-07-14 01:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winnsi.dll MOD - [2009-07-14 01:16:19 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanutil.dll MOD - [2009-07-14 01:16:18 | 000,262,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll MOD - [2009-07-14 01:16:18 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wercplsupport.dll MOD - [2009-07-14 01:16:17 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll MOD - [2009-07-14 01:16:17 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll MOD - [2009-07-14 01:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll MOD - [2009-07-14 01:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll MOD - [2009-07-14 01:16:16 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll MOD - [2009-07-14 01:16:16 | 000,239,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uDWM.dll MOD - [2009-07-14 01:16:15 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Syncreg.dll MOD - [2009-07-14 01:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll MOD - [2009-07-14 01:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\slc.dll MOD - [2009-07-14 01:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll MOD - [2009-07-14 01:16:13 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sbdrop.dll MOD - [2009-07-14 01:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll MOD - [2009-07-14 01:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SensApi.dll MOD - [2009-07-14 01:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasapi32.dll MOD - [2009-07-14 01:16:12 | 000,159,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll MOD - [2009-07-14 01:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\powrprof.dll MOD - [2009-07-14 01:16:12 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PlaySndSrv.dll MOD - [2009-07-14 01:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasman.dll MOD - [2009-07-14 01:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pnrpnsp.dll MOD - [2009-07-14 01:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll MOD - [2009-07-14 01:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasadhlp.dll MOD - [2009-07-14 01:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll MOD - [2009-07-14 01:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll MOD - [2009-07-14 01:16:11 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\npmproxy.dll MOD - [2009-07-14 01:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll MOD - [2009-07-14 01:16:03 | 001,537,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0000.dll MOD - [2009-07-14 01:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netprofm.dll MOD - [2009-07-14 01:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NapiNSP.dll MOD - [2009-07-14 01:15:48 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll MOD - [2009-07-14 01:15:46 | 002,134,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msmpeg2vdec.dll MOD - [2009-07-14 01:15:45 | 000,157,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll MOD - [2009-07-14 01:15:44 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msiltcfg.dll MOD - [2009-07-14 01:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msimg32.dll MOD - [2009-07-14 01:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll MOD - [2009-07-14 01:15:43 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll MOD - [2009-07-14 01:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msacm32.dll MOD - [2009-07-14 01:15:41 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll MOD - [2009-07-14 01:15:41 | 000,054,784 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MpOAV.dll MOD - [2009-07-14 01:15:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\midimap.dll MOD - [2009-07-14 01:15:39 | 000,352,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll MOD - [2009-07-14 01:15:36 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll MOD - [2009-07-14 01:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\linkinfo.dll MOD - [2009-07-14 01:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ksuser.dll MOD - [2009-07-14 01:15:27 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IconCodecService.dll MOD - [2009-07-14 01:15:24 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hcproviders.dll MOD - [2009-07-14 01:15:24 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hid.dll MOD - [2009-07-14 01:15:22 | 000,848,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FXSST.dll MOD - [2009-07-14 01:15:22 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gpapi.dll MOD - [2009-07-14 01:15:21 | 000,462,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FirewallAPI.dll MOD - [2009-07-14 01:15:21 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FXSAPI.dll MOD - [2009-07-14 01:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\es.dll MOD - [2009-07-14 01:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\EhStorShell.dll MOD - [2009-07-14 01:15:14 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehSSO.dll MOD - [2009-07-14 01:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dui70.dll MOD - [2009-07-14 01:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll MOD - [2009-07-14 01:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\duser.dll MOD - [2009-07-14 01:15:13 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxva2.dll MOD - [2009-07-14 01:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll MOD - [2009-07-14 01:15:13 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dsrole.dll MOD - [2009-07-14 01:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll MOD - [2009-07-14 01:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc.dll MOD - [2009-07-14 01:15:11 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devrtl.dll MOD - [2009-07-14 01:15:11 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dimsjob.dll MOD - [2009-07-14 01:15:10 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devenum.dll MOD - [2009-07-14 01:15:08 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d8thk.dll MOD - [2009-07-14 01:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptsp.dll MOD - [2009-07-14 01:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll MOD - [2009-07-14 01:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll MOD - [2009-07-14 01:14:59 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll MOD - [2009-07-14 01:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\avrt.dll MOD - [2009-07-14 01:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll MOD - [2009-07-14 01:14:53 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AltTab.dll MOD - [2009-07-14 01:14:19 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe MOD - [2009-07-14 01:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx MOD - [2009-07-14 01:14:10 | 000,064,000 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm MOD - [2009-07-14 01:14:10 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msgsm32.acm MOD - [2009-07-14 01:14:10 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msadp32.acm MOD - [2009-07-14 01:14:10 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imaadp32.acm MOD - [2009-07-14 01:14:10 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msg711.acm MOD - [2009-07-14 01:14:09 | 001,140,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscui.cpl MOD - [2009-07-14 01:14:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msacm32.drv MOD - [2009-07-14 01:05:30 | 000,925,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FXSRESM.dll MOD - [2008-09-24 18:41:12 | 000,839,680 | ---- | M] ([url="http://www.mp3dev.org/"]http://www.mp3dev.org/[/url]) -- C:\Windows\System32\lameACM.acm MOD - [2007-09-21 00:52:46 | 000,118,784 | ---- | M] (fccHandler) -- C:\Windows\System32\ac3acm.acm [color=#E56717]========== Services (SafeList) ==========[/color] SRV - [2012-11-20 22:55:38 | 000,371,200 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\SearchIndexer.dll -- (SearchIndexer) SRV - [2012-11-20 21:31:26 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2012-11-09 11:21:16 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-10-30 22:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2012-01-05 15:42:34 | 000,075,624 | ---- | M] (Alcohol Soft Development Team) [Auto | Stopped] -- C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe -- (AxAutoMntSrv) SRV - [2009-12-23 21:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) SRV - [2009-08-18 01:36:08 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2009-07-14 01:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009-07-14 01:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009-07-14 01:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub) DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc) DRV - File not found [Kernel | On_Demand | Unknown] -- -- (ap2jswzk) DRV - [2012-11-19 23:21:51 | 000,477,240 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd) DRV - [2012-10-30 22:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2012-10-30 22:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2012-10-30 22:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2012-10-30 22:51:57 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2012-10-30 22:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2012-10-15 16:59:28 | 000,044,784 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr) DRV - [2012-06-05 05:45:06 | 000,204,432 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService) DRV - [2010-11-20 12:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus) DRV - [2010-11-20 12:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt) DRV - [2010-11-20 12:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc) DRV - [2010-11-20 10:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010-11-20 10:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV - [2010-11-20 09:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2010-11-20 09:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap) DRV - [2010-08-12 11:07:48 | 000,298,216 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmf6232.sys -- (NVNET) DRV - [2010-04-08 18:32:36 | 000,215,656 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32) DRV - [2009-08-18 02:48:06 | 004,994,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2009-07-13 22:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC"]http://www.bing.com/...ms}&FORM=IE8SRC[/url] IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = [url="http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3220468"]http://search.condui...&ctid=CT3220468[/url] IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2315185559-3209966675-3063021273-1000\..\URLSearchHook: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - No CLSID value found IE - HKU\S-1-5-21-2315185559-3209966675-3063021273-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = [url="http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3220468"]http://search.condui...&ctid=CT3220468[/url] IE - HKU\S-1-5-21-2315185559-3209966675-3063021273-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) [2012-11-19 21:39:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\GRZESIEK\AppData\Roaming\mozilla\Firefox\extensions [2012-11-19 21:39:43 | 000,000,000 | ---D | M] (uTorrentControl_v2) -- C:\Users\GRZESIEK\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6} [color=#E56717]========== Chrome ==========[/color] CHR - homepage: [url="http://www.google.com"]http://www.google.com[/url] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter} CHR - homepage: [url="http://www.google.com"]http://www.google.com[/url] CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.64\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.64\pdf.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.89\npGoogleUpdate3.dll CHR - Extension: Dysk Google = C:\Users\GRZESIEK\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = C:\Users\GRZESIEK\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Adblock Plus = C:\Users\GRZESIEK\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.3.1_0\ CHR - Extension: Szukaj w Google = C:\Users\GRZESIEK\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: avast! WebRep = C:\Users\GRZESIEK\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\ CHR - Extension: Gmail = C:\Users\GRZESIEK\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009-06-10 21:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software) O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKU\S-1-5-21-2315185559-3209966675-3063021273-1000..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team) O4 - HKU\S-1-5-21-2315185559-3209966675-3063021273-1000..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4E335B46-0960-4073-BA89-65B3C9800B78}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-06-10 21:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2011-02-07 17:33:52 | 000,000,000 | RHSD | M] - D:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2011-02-07 17:33:52 | 000,000,000 | RHSD | M] - E:\autorun.inf -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found NetSvcs: SearchIndexer - C:\Windows\System32\SearchIndexer.dll (Microsoft Corporation) NetSvcs: SearchIndexer - C:\Windows\System32\SearchIndexer.dll (Microsoft Corporation) NetSvcs: SearchIndexer - C:\Windows\System32\SearchIndexer.dll (Microsoft Corporation) NetSvcs: SearchIndexer - C:\Windows\System32\SearchIndexer.dll (Microsoft Corporation) MsConfig - StartUpReg: [b]Adobe ARM[/b] - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) MsConfig - StartUpReg: [b]Adobe Reader Speed Launcher[/b] - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) MsConfig - StartUpReg: [b]RTHDVCPL[/b] - hkey= - key= - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor) MsConfig - StartUpReg: [b]Steam[/b] - hkey= - key= - C:\Program Files\Steam\Steam.exe (Valve Corporation) MsConfig - State: "startup" - 2 SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2012-11-22 18:16:27 | 000,000,000 | ---D | C] -- C:\ProgramData\LightScribe [2012-11-22 18:15:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LightScribe [2012-11-22 17:58:32 | 000,000,000 | ---D | C] -- C:\Users\GRZESIEK\Documents\Nero [2012-11-22 17:57:32 | 000,000,000 | ---D | C] -- C:\Users\GRZESIEK\AppData\Roaming\Nero [2012-11-22 17:57:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero [2012-11-22 17:54:02 | 000,000,000 | ---D | C] -- C:\Users\GRZESIEK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nero [2012-11-22 17:54:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero [2012-11-22 17:54:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero [2012-11-22 17:54:00 | 000,000,000 | ---D | C] -- C:\Program Files\Nero [2012-11-21 22:24:25 | 000,000,000 | ---D | C] -- C:\Users\GRZESIEK\AppData\Local\Chromium [2012-11-21 21:12:20 | 000,000,000 | ---D | C] -- C:\Users\GRZESIEK\Documents\Rockstar Games [2012-11-21 21:10:34 | 000,000,000 | ---D | C] -- C:\Program Files\Rockstar Games [2012-11-21 21:09:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games [2012-11-21 20:50:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Rockstar Games [2012-11-21 20:13:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack [2012-11-21 20:13:06 | 000,839,680 | ---- | C] ([url="http://www.mp3dev.org/"]http://www.mp3dev.org/[/url]) -- C:\Windows\System32\lameACM.acm [2012-11-21 20:13:05 | 000,217,088 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\yv12vfw.dll [2012-11-21 20:13:05 | 000,118,784 | ---- | C] (fccHandler) -- C:\Windows\System32\ac3acm.acm [2012-11-21 20:13:01 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack [2012-11-21 20:04:47 | 000,000,000 | ---D | C] -- C:\Users\GRZESIEK\AppData\Roaming\Macromedia [2012-11-20 22:43:46 | 000,000,000 | ---D | C] -- C:\Windows\System32\update [2012-11-20 21:29:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam [2012-11-20 21:29:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [2012-11-20 21:29:33 | 000,000,000 | ---D | C] -- C:\Program Files\Steam [2012-11-20 21:13:15 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2012-11-20 19:59:15 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview [2012-11-20 19:57:51 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders [2012-11-20 19:53:54 | 000,093,696 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\fms.dll [2012-11-20 19:19:52 | 000,000,000 | ---D | C] -- C:\Users\GRZESIEK\AppData\Local\SKIDROW [2012-11-19 23:47:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call of Duty Black Ops 2 [2012-11-19 23:37:39 | 000,000,000 | ---D | C] -- C:\Gry [2012-11-19 23:37:23 | 000,000,000 | ---D | C] -- C:\Users\GRZESIEK\AppData\Local\Programs [2012-11-19 23:27:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120% [2012-11-19 23:16:25 | 000,000,000 | ---D | C] -- C:\Program Files\Alcohol Soft [2012-11-19 23:15:08 | 000,000,000 | ---D | C] -- C:\Users\GRZESIEK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2012-11-19 23:15:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2012-11-19 23:15:03 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR [2012-11-19 22:03:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2012-11-19 22:02:24 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works [2012-11-19 22:02:11 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio [2012-11-19 22:02:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2012-11-19 22:01:57 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2012-11-19 22:01:57 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [2012-11-19 22:00:31 | 000,000,000 | ---D | C] -- C:\Users\GRZESIEK\AppData\Local\Microsoft Help [2012-11-19 22:00:28 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2012-11-19 22:00:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help [2012-11-19 21:59:15 | 000,000,000 | RH-D | C] -- C:\MSOCache [2012-11-19 21:51:14 | 000,000,000 | ---D | C] -- C:\ProgramData\HP [2012-11-19 21:51:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP [2012-11-19 21:50:58 | 000,000,000 | ---D | C] -- C:\Program Files\HP [2012-11-19 21:50:48 | 000,000,000 | ---D | C] -- C:\Users\GRZESIEK\AppData\Local\HP [2012-11-19 21:49:55 | 000,000,000 | ---D | C] -- C:\Users\GRZESIEK\AppData\Local\Adobe [2012-11-19 21:49:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2012-11-19 21:48:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2012-11-19 21:48:24 | 003,414,528 | ---- | C] (Karol Winnicki) -- C:\Users\GRZESIEK\Desktop\BESTplayer.exe [2012-11-19 21:47:18 | 000,000,000 | ---D | C] -- C:\Users\GRZESIEK\AppData\Local\TomTom [2012-11-19 21:47:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom [2012-11-19 21:47:15 | 000,000,000 | ---D | C] -- C:\Program Files\TomTom International B.V [2012-11-19 21:47:10 | 000,000,000 | ---D | C] -- C:\Program Files\MyTomTom 3 [2012-11-19 21:45:28 | 000,000,000 | ---D | C] -- C:\Users\GRZESIEK\AppData\Roaming\Adobe [2012-11-19 21:45:21 | 000,000,000 | ---D | C] -- C:\Users\GRZESIEK\AppData\Roaming\NapiProjekt [2012-11-19 21:45:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NapiProjekt [2012-11-19 21:45:16 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed [2012-11-19 21:45:07 | 000,000,000 | ---D | C] -- C:\Program Files\NapiProjekt [2012-11-19 21:39:45 | 000,000,000 | ---D | C] -- C:\Users\GRZESIEK\AppData\Local\CRE [2012-11-19 21:39:40 | 000,000,000 | ---D | C] -- C:\Users\GRZESIEK\AppData\Roaming\Mozilla [2012-11-19 21:39:39 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit [2012-11-19 21:39:37 | 000,000,000 | ---D | C] -- C:\Users\GRZESIEK\AppData\Local\Conduit [2012-11-19 21:39:13 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent [2012-11-19 21:37:42 | 000,000,000 | ---D | C] -- C:\Users\GRZESIEK\AppData\Roaming\uTorrent [2012-11-19 20:58:56 | 000,000,000 | ---D | C] -- C:\Users\GRZESIEK\AppData\Roaming\BESTplayer [2012-11-19 20:50:11 | 000,477,240 | ---- | C] (Duplex Secure Ltd.) -- C:\Windows\System32\drivers\sptd.sys [2012-11-19 20:24:00 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM [2012-11-19 20:23:35 | 000,357,720 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32H.dll [2012-11-19 20:23:35 | 000,170,840 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32H.dll [2012-11-19 20:23:35 | 000,076,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32H.dll [2012-11-19 20:23:35 | 000,064,856 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32H.dll [2012-11-19 20:23:34 | 007,161,696 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEP32H.dll [2012-11-19 20:23:34 | 000,351,072 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EED32H.dll [2012-11-19 20:23:34 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RH3DHT32.dll [2012-11-19 20:23:34 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RH3DAA32.dll [2012-11-19 20:23:34 | 000,105,824 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEL32H.dll [2012-11-19 20:23:34 | 000,091,488 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEA32H.dll [2012-11-19 20:23:34 | 000,061,792 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEG32H.dll [2012-11-19 20:23:33 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll [2012-11-19 20:23:33 | 001,725,784 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll [2012-11-19 20:23:33 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll [2012-11-19 20:23:33 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll [2012-11-19 20:23:33 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll [2012-11-19 20:23:33 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll [2012-11-19 20:23:32 | 000,214,368 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFNHK.dll [2012-11-19 20:23:32 | 000,074,080 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFCOM.dll [2012-11-19 20:23:32 | 000,068,960 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFAPO.dll [2012-11-19 20:23:31 | 000,359,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll [2012-11-19 20:23:31 | 000,170,840 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll [2012-11-19 20:23:31 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll [2012-11-19 20:23:31 | 000,064,856 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll [2012-11-19 20:23:30 | 007,783,768 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll [2012-11-19 20:23:30 | 007,161,696 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEP32A.dll [2012-11-19 20:23:30 | 001,185,112 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek2.dll [2012-11-19 20:23:30 | 000,351,072 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EED32A.dll [2012-11-19 20:23:30 | 000,350,552 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll [2012-11-19 20:23:30 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll [2012-11-19 20:23:30 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll [2012-11-19 20:23:30 | 000,105,824 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEL32A.dll [2012-11-19 20:23:30 | 000,091,488 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEA32A.dll [2012-11-19 20:23:30 | 000,061,792 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEG32A.dll [2012-11-19 20:23:29 | 001,836,376 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll [2012-11-19 20:23:29 | 000,709,976 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPOShell.dll [2012-11-19 20:23:29 | 000,357,712 | ---- | C] (Knowles Acoustics ) -- C:\Windows\System32\KAAPORT.dll [2012-11-19 20:23:29 | 000,259,928 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll [2012-11-19 20:23:29 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll [2012-11-19 20:23:29 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll [2012-11-19 20:23:28 | 002,193,472 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll [2012-11-19 20:23:28 | 000,601,704 | ---- | C] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll [2012-11-19 20:23:28 | 000,421,744 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PLFX32.dll [2012-11-19 20:23:28 | 000,398,192 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PGFX32.dll [2012-11-19 20:23:28 | 000,335,216 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PREC32.dll [2012-11-19 20:23:27 | 001,509,480 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll [2012-11-19 20:23:27 | 001,292,904 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll [2012-11-19 20:23:27 | 001,220,200 | ---- | C] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll [2012-11-19 20:23:27 | 000,654,952 | ---- | C] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll [2012-11-19 20:23:27 | 000,631,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSSymmetryDLL.dll [2012-11-19 20:23:27 | 000,458,344 | ---- | C] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll [2012-11-19 20:23:27 | 000,389,736 | ---- | C] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll [2012-11-19 20:23:27 | 000,375,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll [2012-11-19 20:23:27 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPONS.dll [2012-11-19 20:23:27 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll [2012-11-19 20:23:27 | 000,218,216 | ---- | C] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll [2012-11-19 20:23:27 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information [2012-11-19 20:23:27 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2012-11-19 20:23:23 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp [2012-11-19 20:23:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield [2012-11-19 19:53:03 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect [2012-11-19 19:53:03 | 000,000,000 | ---D | C] -- C:\Users\GRZESIEK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Detektor Winampa [2012-11-19 19:52:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine [2012-11-19 19:52:46 | 000,000,000 | ---D | C] -- C:\Users\GRZESIEK\AppData\Roaming\Winamp [2012-11-19 19:52:46 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp [2012-11-19 19:52:46 | 000,000,000 | ---D | C] -- C:\Users\GRZESIEK\AppData\Roaming\OpenCandy [2012-11-19 19:03:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012-11-19 19:03:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2012-11-19 19:02:00 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation [2012-11-19 18:58:25 | 000,000,000 | ---D | C] -- C:\Users\GRZESIEK\AppData\Roaming\Skype [2012-11-19 18:58:18 | 000,000,000 | R--D | C] -- C:\Program Files\Skype [2012-11-19 18:58:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2012-11-19 18:49:48 | 000,000,000 | ---D | C] -- C:\Users\GRZESIEK\AppData\Local\Google [2012-11-19 18:49:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2012-11-19 18:48:18 | 000,000,000 | ---D | C] -- C:\Program Files\Google [2012-11-19 18:45:04 | 000,044,784 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys [2012-11-19 18:44:00 | 000,738,504 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys [2012-11-19 18:43:55 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr [2012-11-19 18:40:07 | 000,000,000 | ---D | C] -- C:\Users\GRZESIEK\Desktop\praca [2012-11-19 18:40:02 | 000,000,000 | ---D | C] -- C:\Users\GRZESIEK\Desktop\Paktofonika_Przewodnik_krytyki_politycznej_Maciej_Pisuk [2012-11-19 18:40:01 | 000,000,000 | ---D | C] -- C:\Users\GRZESIEK\Desktop\mieszkani [2012-11-19 18:36:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus [2012-11-19 18:36:00 | 000,361,032 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys [2012-11-19 18:36:00 | 000,021,256 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys [2012-11-19 18:35:59 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys [2012-11-19 18:35:58 | 000,054,232 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys [2012-11-19 18:35:55 | 000,058,680 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys [2012-11-19 18:35:17 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2012-11-19 18:35:14 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe [2012-11-19 18:35:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software [2012-11-19 18:35:12 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software [2012-11-19 18:30:57 | 000,000,000 | R--D | C] -- C:\Users\GRZESIEK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2012-11-19 18:30:57 | 000,000,000 | R--D | C] -- C:\Users\GRZESIEK\Searches [2012-11-19 18:30:57 | 000,000,000 | R--D | C] -- C:\Users\GRZESIEK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2012-11-19 18:30:47 | 000,000,000 | ---D | C] -- C:\Users\GRZESIEK\AppData\Roaming\Identities [2012-11-19 18:30:45 | 000,000,000 | R--D | C] -- C:\Users\GRZESIEK\Contacts [2012-11-19 18:30:37 | 000,000,000 | ---D | C] -- C:\Users\GRZESIEK\AppData\Local\VirtualStore [2012-11-19 18:30:36 | 000,000,000 | --SD | C] -- C:\Users\GRZESIEK\AppData\Roaming\Microsoft [2012-11-19 18:30:36 | 000,000,000 | R--D | C] -- C:\Users\GRZESIEK\Videos [2012-11-19 18:30:36 | 000,000,000 | R--D | C] -- C:\Users\GRZESIEK\Saved Games [2012-11-19 18:30:36 | 000,000,000 | R--D | C] -- C:\Users\GRZESIEK\Pictures [2012-11-19 18:30:36 | 000,000,000 | R--D | C] -- C:\Users\GRZESIEK\Music [2012-11-19 18:30:36 | 000,000,000 | R--D | C] -- C:\Users\GRZESIEK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2012-11-19 18:30:36 | 000,000,000 | R--D | C] -- C:\Users\GRZESIEK\Links [2012-11-19 18:30:36 | 000,000,000 | R--D | C] -- C:\Users\GRZESIEK\Favorites [2012-11-19 18:30:36 | 000,000,000 | R--D | C] -- C:\Users\GRZESIEK\Downloads [2012-11-19 18:30:36 | 000,000,000 | R--D | C] -- C:\Users\GRZESIEK\Documents [2012-11-19 18:30:36 | 000,000,000 | R--D | C] -- C:\Users\GRZESIEK\Desktop [2012-11-19 18:30:36 | 000,000,000 | R--D | C] -- C:\Users\GRZESIEK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2012-11-19 18:30:36 | 000,000,000 | -HSD | C] -- C:\Users\GRZESIEK\Ustawienia lokalne [2012-11-19 18:30:36 | 000,000,000 | -HSD | C] -- C:\Users\GRZESIEK\AppData\Local\Temporary Internet Files [2012-11-19 18:30:36 | 000,000,000 | -HSD | C] -- C:\Users\GRZESIEK\Szablony [2012-11-19 18:30:36 | 000,000,000 | -HSD | C] -- C:\Users\GRZESIEK\SendTo [2012-11-19 18:30:36 | 000,000,000 | -HSD | C] -- C:\Users\GRZESIEK\Recent [2012-11-19 18:30:36 | 000,000,000 | -HSD | C] -- C:\Users\GRZESIEK\PrintHood [2012-11-19 18:30:36 | 000,000,000 | -HSD | C] -- C:\Users\GRZESIEK\NetHood [2012-11-19 18:30:36 | 000,000,000 | -HSD | C] -- C:\Users\GRZESIEK\Documents\Moje wideo [2012-11-19 18:30:36 | 000,000,000 | -HSD | C] -- C:\Users\GRZESIEK\Documents\Moje obrazy [2012-11-19 18:30:36 | 000,000,000 | -HSD | C] -- C:\Users\GRZESIEK\Moje dokumenty [2012-11-19 18:30:36 | 000,000,000 | -HSD | C] -- C:\Users\GRZESIEK\Documents\Moja muzyka [2012-11-19 18:30:36 | 000,000,000 | -HSD | C] -- C:\Users\GRZESIEK\Menu Start [2012-11-19 18:30:36 | 000,000,000 | -HSD | C] -- C:\Users\GRZESIEK\AppData\Local\Historia [2012-11-19 18:30:36 | 000,000,000 | -HSD | C] -- C:\Users\GRZESIEK\Dane aplikacji [2012-11-19 18:30:36 | 000,000,000 | -HSD | C] -- C:\Users\GRZESIEK\AppData\Local\Dane aplikacji [2012-11-19 18:30:36 | 000,000,000 | -HSD | C] -- C:\Users\GRZESIEK\Cookies [2012-11-19 18:30:36 | 000,000,000 | -H-D | C] -- C:\Users\GRZESIEK\AppData [2012-11-19 18:30:36 | 000,000,000 | ---D | C] -- C:\Users\GRZESIEK\AppData\Local\Temp [2012-11-19 18:30:36 | 000,000,000 | ---D | C] -- C:\Users\GRZESIEK\AppData\Local\Microsoft [2012-11-19 18:30:36 | 000,000,000 | ---D | C] -- C:\Users\GRZESIEK\AppData\Roaming\Media Center Programs [2012-11-19 18:29:52 | 000,000,000 | -HSD | C] -- C:\ProgramData\Ulubione [2012-11-19 18:29:52 | 000,000,000 | -HSD | C] -- C:\ProgramData\Szablony [2012-11-19 18:29:52 | 000,000,000 | -HSD | C] -- C:\Recovery [2012-11-19 18:29:52 | 000,000,000 | -HSD | C] -- C:\ProgramData\Pulpit [2012-11-19 18:29:52 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje wideo [2012-11-19 18:29:52 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje obrazy [2012-11-19 18:29:52 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moja muzyka [2012-11-19 18:29:52 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Start [2012-11-19 18:29:52 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty [2012-11-19 18:29:52 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dane aplikacji [2012-11-19 18:24:34 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2012-11-19 18:21:54 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2012-11-19 18:21:38 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2012-11-19 18:20:56 | 000,000,000 | ---D | C] -- C:\Windows\Panther [2012-11-19 18:20:42 | 000,000,000 | -HSD | C] -- C:\Boot [2012-11-19 18:20:30 | 000,000,000 | ---D | C] -- C:\Windows\System32\OEM [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2012-11-26 19:48:33 | 001,310,720 | -HS- | M] () -- C:\Users\GRZESIEK\ntuser.dat [2012-11-26 19:22:43 | 000,010,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-11-26 19:22:42 | 000,010,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-11-26 19:20:00 | 001,523,412 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2012-11-26 19:20:00 | 000,687,590 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2012-11-26 19:20:00 | 000,606,992 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012-11-26 19:20:00 | 000,131,176 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2012-11-26 19:20:00 | 000,103,370 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012-11-26 18:45:36 | 000,000,124 | ---- | M] () -- C:\Users\GRZESIEK\Documents\ax_files.xml [2012-11-26 18:13:11 | 000,002,050 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2012-11-26 18:13:11 | 000,001,036 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-11-26 18:13:10 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt [2012-11-26 18:13:04 | 000,524,288 | -HS- | M] () -- C:\Users\GRZESIEK\ntuser.dat{73958187-37fc-11e2-a308-c890f14fe84b}.TMContainer00000000000000000002.regtrans-ms [2012-11-26 18:13:04 | 000,524,288 | -HS- | M] () -- C:\Users\GRZESIEK\ntuser.dat{73958187-37fc-11e2-a308-c890f14fe84b}.TMContainer00000000000000000001.regtrans-ms [2012-11-26 18:13:04 | 000,065,536 | -HS- | M] () -- C:\Users\GRZESIEK\ntuser.dat{73958187-37fc-11e2-a308-c890f14fe84b}.TM.blf [2012-11-26 18:12:55 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2012-11-26 18:12:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-11-26 18:12:35 | 2616,057,856 | -HS- | M] () -- C:\hiberfil.sys [2012-11-22 17:58:00 | 000,001,040 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-11-22 17:56:45 | 000,001,203 | ---- | M] () -- C:\Users\Public\Desktop\Nero Launcher.lnk [2012-11-21 22:03:50 | 000,001,105 | ---- | M] () -- C:\Users\GRZESIEK\Desktop\PlayMaxPayne3 — skrót.lnk [2012-11-21 20:21:15 | 000,084,576 | ---- | M] () -- C:\Users\GRZESIEK\AppData\Local\GDIPFONTCACHEV1.DAT [2012-11-21 20:15:52 | 000,343,472 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012-11-20 22:43:46 | 000,000,008 | ---- | M] () -- C:\Windows\System32\SearchEngine.dat [2012-11-20 21:29:36 | 000,000,875 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk [2012-11-20 21:13:54 | 000,001,984 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2012-11-19 23:47:15 | 000,000,784 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty Black Ops 2.lnk [2012-11-19 23:32:39 | 000,001,142 | ---- | M] () -- C:\Users\Public\Desktop\Alcohol 120%.lnk [2012-11-19 23:21:51 | 000,477,240 | ---- | M] (Duplex Secure Ltd.) -- C:\Windows\System32\drivers\sptd.sys [2012-11-19 21:51:10 | 000,002,236 | ---- | M] () -- C:\Users\Public\Desktop\HP Deskjet 2050 J510 series.lnk [2012-11-19 21:51:10 | 000,001,189 | ---- | M] () -- C:\Users\Public\Desktop\HP Deskjet 2050 J510 series Scan.lnk [2012-11-19 21:39:13 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk [2012-11-19 19:03:49 | 000,002,505 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2012-11-19 18:49:41 | 000,002,239 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2012-11-19 18:31:07 | 000,524,288 | -HS- | M] () -- C:\Users\GRZESIEK\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms [2012-11-19 18:31:07 | 000,524,288 | -HS- | M] () -- C:\Users\GRZESIEK\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms [2012-11-19 18:31:07 | 000,065,536 | -HS- | M] () -- C:\Users\GRZESIEK\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf [2012-11-19 18:30:36 | 000,000,020 | -HS- | M] () -- C:\Users\GRZESIEK\ntuser.ini [2012-11-19 18:30:29 | 000,171,136 | RHS- | M] () -- C:\W7LDR [2012-11-19 18:26:10 | 000,067,908 | ---- | M] () -- C:\Windows\System32\license.rtf [2012-11-19 18:24:12 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf [2012-11-19 18:24:09 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin [2012-11-19 18:20:44 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2012-11-19 18:07:28 | 000,046,523 | ---- | M] () -- C:\Users\GRZESIEK\Desktop\20455.jpg [2012-11-19 18:06:32 | 000,070,939 | ---- | M] () -- C:\Users\GRZESIEK\Desktop\60545818.jpg [2012-11-17 23:23:12 | 000,303,282 | ---- | M] () -- C:\Users\GRZESIEK\Desktop\muza.m3u [2012-10-30 22:51:58 | 000,738,504 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys [2012-10-30 22:51:58 | 000,361,032 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys [2012-10-30 22:51:58 | 000,054,232 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys [2012-10-30 22:51:57 | 000,058,680 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys [2012-10-30 22:51:56 | 000,021,256 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys [2012-10-30 22:51:07 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2012-10-30 22:50:59 | 000,227,648 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe [2012-10-28 02:43:52 | 002,383,637 | ---- | M] () -- C:\Users\GRZESIEK\Desktop\DSC09972.JPG [2012-10-15 16:59:28 | 000,044,784 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys [2012-09-29 13:40:08 | 000,938,000 | ---- | M] () -- C:\Users\GRZESIEK\Desktop\Adolf Hitler - Mein Kampf [polskie-torrenty.pl].pdf [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-11-26 18:13:04 | 000,524,288 | -HS- | C] () -- C:\Users\GRZESIEK\ntuser.dat{73958187-37fc-11e2-a308-c890f14fe84b}.TMContainer00000000000000000002.regtrans-ms [2012-11-26 18:13:04 | 000,524,288 | -HS- | C] () -- C:\Users\GRZESIEK\ntuser.dat{73958187-37fc-11e2-a308-c890f14fe84b}.TMContainer00000000000000000001.regtrans-ms [2012-11-26 18:13:04 | 000,065,536 | -HS- | C] () -- C:\Users\GRZESIEK\ntuser.dat{73958187-37fc-11e2-a308-c890f14fe84b}.TM.blf [2012-11-22 17:56:45 | 000,001,203 | ---- | C] () -- C:\Users\Public\Desktop\Nero Launcher.lnk [2012-11-21 22:03:50 | 000,001,105 | ---- | C] () -- C:\Users\GRZESIEK\Desktop\PlayMaxPayne3 — skrót.lnk [2012-11-21 20:13:08 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll [2012-11-21 20:13:07 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2012-11-21 20:13:06 | 000,000,414 | ---- | C] () -- C:\Windows\System32\lame_acm.xml [2012-11-21 20:13:05 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2012-11-21 20:13:05 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2012-11-21 20:13:03 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2012-11-21 20:13:03 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest [2012-11-21 20:01:11 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf [2012-11-21 20:00:09 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf [2012-11-20 22:43:46 | 000,000,008 | ---- | C] () -- C:\Windows\System32\SearchEngine.dat [2012-11-20 21:29:36 | 000,000,875 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk [2012-11-20 21:13:24 | 000,001,984 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2012-11-20 21:13:23 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk [2012-11-20 19:55:16 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe [2012-11-20 19:55:03 | 000,146,852 | ---- | C] () -- C:\Windows\System32\systemsf.ebd [2012-11-20 19:54:56 | 000,419,880 | ---- | C] () -- C:\Windows\System32\locale.nls [2012-11-20 19:53:38 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2012-11-20 19:53:37 | 000,053,600 | ---- | C] () -- C:\Windows\System32\dosx.exe [2012-11-20 19:53:35 | 000,010,429 | ---- | C] () -- C:\Windows\System32\ScavengeSpace.xml [2012-11-20 19:53:22 | 000,105,559 | ---- | C] () -- C:\Windows\System32\RacRules.xml [2012-11-19 23:47:15 | 000,000,784 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty Black Ops 2.lnk [2012-11-19 23:31:59 | 000,000,124 | ---- | C] () -- C:\Users\GRZESIEK\Documents\ax_files.xml [2012-11-19 23:27:43 | 000,001,142 | ---- | C] () -- C:\Users\Public\Desktop\Alcohol 120%.lnk [2012-11-19 21:51:10 | 000,002,236 | ---- | C] () -- C:\Users\Public\Desktop\HP Deskjet 2050 J510 series.lnk [2012-11-19 21:51:10 | 000,001,189 | ---- | C] () -- C:\Users\Public\Desktop\HP Deskjet 2050 J510 series Scan.lnk [2012-11-19 21:39:13 | 000,000,917 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk [2012-11-19 20:23:30 | 000,293,889 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT [2012-11-19 19:02:01 | 000,011,164 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin [2012-11-19 18:58:19 | 000,002,505 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk [2012-11-19 18:52:58 | 000,084,576 | ---- | C] () -- C:\Users\GRZESIEK\AppData\Local\GDIPFONTCACHEV1.DAT [2012-11-19 18:49:41 | 000,002,239 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2012-11-19 18:48:29 | 000,001,040 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-11-19 18:48:27 | 000,001,036 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-11-19 18:40:01 | 000,272,644 | ---- | C] () -- C:\Users\GRZESIEK\Desktop\Your-TV-Licence.pdf [2012-11-19 18:40:00 | 011,796,214 | ---- | C] () -- C:\Users\GRZESIEK\Desktop\Video0057.mp4 [2012-11-19 18:40:00 | 004,899,423 | ---- | C] () -- C:\Users\GRZESIEK\Desktop\Richard Dawkins - Wspinaczka na szczyt nieprawdopodobieństwa.pdf [2012-11-19 18:40:00 | 003,372,341 | ---- | C] () -- C:\Users\GRZESIEK\Desktop\Richard Dawkins - Bóg urojony.pdf [2012-11-19 18:40:00 | 002,383,637 | ---- | C] () -- C:\Users\GRZESIEK\Desktop\DSC09972.JPG [2012-11-19 18:40:00 | 000,938,000 | ---- | C] () -- C:\Users\GRZESIEK\Desktop\Adolf Hitler - Mein Kampf [polskie-torrenty.pl].pdf [2012-11-19 18:40:00 | 000,303,282 | ---- | C] () -- C:\Users\GRZESIEK\Desktop\muza.m3u [2012-11-19 18:40:00 | 000,070,939 | ---- | C] () -- C:\Users\GRZESIEK\Desktop\60545818.jpg [2012-11-19 18:40:00 | 000,046,523 | ---- | C] () -- C:\Users\GRZESIEK\Desktop\20455.jpg [2012-11-19 18:36:32 | 001,523,412 | ---- | C] () -- C:\Windows\System32\PerfStringBackup.INI [2012-11-19 18:36:01 | 000,002,050 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2012-11-19 18:30:58 | 000,001,425 | ---- | C] () -- C:\Users\GRZESIEK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2012-11-19 18:30:36 | 001,310,720 | -HS- | C] () -- C:\Users\GRZESIEK\ntuser.dat [2012-11-19 18:30:36 | 000,524,288 | -HS- | C] () -- C:\Users\GRZESIEK\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms [2012-11-19 18:30:36 | 000,524,288 | -HS- | C] () -- C:\Users\GRZESIEK\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms [2012-11-19 18:30:36 | 000,065,536 | -HS- | C] () -- C:\Users\GRZESIEK\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf [2012-11-19 18:30:36 | 000,000,020 | -HS- | C] () -- C:\Users\GRZESIEK\ntuser.ini [2012-11-19 18:30:29 | 000,171,136 | RHS- | C] () -- C:\W7LDR [2012-11-19 18:26:05 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [2012-11-19 18:25:53 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [2012-11-19 18:24:12 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf [2012-11-19 18:24:09 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2012-11-19 18:21:38 | 2616,057,856 | -HS- | C] () -- C:\hiberfil.sys [2012-11-19 18:20:44 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK [2012-11-19 18:20:43 | 000,383,786 | RHS- | C] () -- C:\bootmgr [color=#E56717]========== ZeroAccess Check ==========[/color] [2009-07-14 04:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 04:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 12:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 01:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2012-11-19 20:59:02 | 000,000,000 | ---D | M] -- C:\Users\GRZESIEK\AppData\Roaming\BESTplayer [2012-11-21 20:04:46 | 000,000,000 | ---D | M] -- C:\Users\GRZESIEK\AppData\Roaming\NapiProjekt [2012-11-19 19:52:49 | 000,000,000 | ---D | M] -- C:\Users\GRZESIEK\AppData\Roaming\OpenCandy [2012-11-26 19:51:39 | 000,000,000 | ---D | M] -- C:\Users\GRZESIEK\AppData\Roaming\uTorrent [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2009-06-10 21:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2010-11-20 12:40:07 | 000,383,786 | RHS- | M] () -- C:\bootmgr [2012-11-19 18:20:44 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2009-06-10 21:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys [2012-11-19 19:41:39 | 000,000,010 | ---- | M] () -- C:\csb.log [2012-11-26 18:12:35 | 2616,057,856 | -HS- | M] () -- C:\hiberfil.sys [2012-11-26 18:12:36 | 3488,079,872 | -HS- | M] () -- C:\pagefile.sys [2012-11-19 18:30:29 | 000,171,136 | RHS- | M] () -- C:\W7LDR [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2009-07-14 01:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys [2009-07-14 01:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys [2009-07-14 01:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys [2009-07-14 01:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009-07-14 01:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys [2009-07-14 01:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys [2009-07-14 01:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys [2009-07-14 01:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2009-07-13 23:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=505506526A9D467307B3C393DEDAF858 -- C:\Windows\System32\drivers\beep.sys [2009-07-13 23:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=505506526A9D467307B3C393DEDAF858 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_c3f6f77668f0ddcc\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2009-07-13 23:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys [2010-11-20 08:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys [2010-11-20 08:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys [2010-11-20 08:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2012-08-22 17:05:16 | 000,712,048 | ---- | M] (Microsoft Corporation) MD5=15B74B6283CEBCCE3054C1001CA01B5E -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_aa0491cf93ad1c31\ndis.sys [2009-07-14 01:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys [2012-08-22 17:16:46 | 000,712,048 | ---- | M] (Microsoft Corporation) MD5=8C9C922D71F1CD4DEF73F186416B7896 -- C:\Windows\System32\drivers\ndis.sys [2012-08-22 17:16:46 | 000,712,048 | ---- | M] (Microsoft Corporation) MD5=8C9C922D71F1CD4DEF73F186416B7896 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_a9bdfee47a5cd154\ndis.sys [2010-11-20 12:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_a9ce95b27a512623\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2009-10-28 06:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\SoftwareDistribution\Download\b23c9e49177e4877c3c32ef3b38f35ad\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe [2009-10-28 05:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\SoftwareDistribution\Download\b23c9e49177e4877c3c32ef3b38f35ad\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe [2010-11-20 12:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe [2010-11-20 12:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe [2009-07-14 01:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe < End of report > [/log] Log OTL 2 [log] OTL Extras logfile created on: 2012-11-26 19:46:23 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\GRZESIEK\Downloads Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,25 Gb Total Physical Memory | 2,21 Gb Available Physical Memory | 68,03% Memory free 6,50 Gb Paging File | 5,36 Gb Available in Paging File | 82,52% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 97,56 Gb Total Space | 25,46 Gb Free Space | 26,10% Space Free | Partition Type: NTFS Drive D: | 292,97 Gb Total Space | 22,92 Gb Free Space | 7,82% Space Free | Partition Type: NTFS Drive E: | 540,89 Gb Total Space | 192,93 Gb Free Space | 35,67% Space Free | Partition Type: NTFS Computer Name: KOMP | User Name: GRZESIEK | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) [HKEY_USERS\S-1-5-21-2315185559-3209966675-3063021273-1000\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [napiprojekt] -- "C:\Program Files\NapiProjekt\napisy.exe" "%1" () Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0175BED1-3C63-4941-883E-C1B15B65355C}" = rport=137 | protocol=17 | dir=out | app=system | "{06E2048A-86D4-47A5-BE77-ADFC86048028}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{12F9B489-0AAD-46D5-B6AE-0085FB5A40A4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{1B4AF17A-BC79-4AFC-A931-BBA2AC3EE7D7}" = lport=137 | protocol=17 | dir=in | app=system | "{2E409C32-2F13-4968-B28A-7B52DBD70815}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{3511CB9C-ADAF-4368-BDED-52A1F5C572A4}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{58A080C7-BED6-40EA-8D0E-77547607F3A8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{5B027152-D163-46CF-A043-D2C8C8509F41}" = lport=445 | protocol=6 | dir=in | app=system | "{5FF93EBE-AE82-435B-AE85-1A4A343D6A7B}" = lport=2869 | protocol=6 | dir=in | app=system | "{61226F37-A065-4C2C-983D-F7F412D796E2}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{62EC45CC-211A-4F27-B4BC-C61094B601C7}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{673DBF66-D701-43D0-8DEE-5003A9710D4F}" = rport=445 | protocol=6 | dir=out | app=system | "{69362450-0951-4090-AF4E-E8C3449F8012}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{7C46B5E8-DE42-4729-AE98-9031BB3BC8C6}" = lport=139 | protocol=6 | dir=in | app=system | "{8C53B76F-657A-4D04-9925-1B8140B8596D}" = lport=10243 | protocol=6 | dir=in | app=system | "{974586D1-A0C0-487E-9681-7C62BD372FED}" = lport=138 | protocol=17 | dir=in | app=system | "{ABF0D1D5-1D37-4F27-9FA2-04454EDD47DC}" = rport=138 | protocol=17 | dir=out | app=system | "{AD44F997-9C2B-48BD-812A-68124410D5B8}" = rport=139 | protocol=6 | dir=out | app=system | "{BAAE4AB3-D215-4017-A5E1-5BAF44FEC0E4}" = rport=10243 | protocol=6 | dir=out | app=system | "{C4A145D0-DB7A-43DD-8601-FC9D81D253A2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{E723AD91-906F-4B04-ADE2-0E609190485A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0615A626-9CBB-4365-96B4-76BA06861D53}" = protocol=6 | dir=in | app=c:\program files\alwil software\avast5\avastui.exe | "{088A6739-4085-437F-BD88-133984B024A1}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{0B082862-171A-4EC4-9633-83B3572241BD}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{119B6B9C-5AF3-4EFA-812C-277F69C19AC3}" = protocol=17 | dir=in | app=c:\program files\alwil software\avast5\avastui.exe | "{12D52A31-46ED-4A03-B5B3-A6A77B1E847E}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 2050 j510 series\bin\usbsetup.exe | "{17FB81AB-6BAB-4B36-A8BF-71793410230C}" = protocol=17 | dir=in | app=c:\gry\max payne 3\playmaxpayne3.exe | "{183575C1-2040-4E36-B338-9CDEFCBF5D3C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{20ED8D2C-FD44-4D65-871C-D6788F49DADA}" = protocol=6 | dir=in | app=c:\gry\max payne 3\playmaxpayne3.exe | "{26A63F62-FFD9-4A6A-A9B4-C1B4D9D531E1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{28664DEF-E5C2-4368-BFE7-D89920BC2595}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{2991672E-E73E-4E92-82AA-EA05DCF31D33}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{3E6EDE65-55F0-48D7-ADF0-6A2D8F045B29}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{5E35724D-DB74-479E-BE76-4A2BEC751771}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{6BCD6012-D51E-4988-AF2F-6D28C11FACB0}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{947326F7-661C-4332-8068-7E52ECCB098A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{9FA05223-15A5-469C-B83B-13A82AA44289}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{AC2D8A2C-B314-4626-B256-FF08C1FAAB03}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 2050 j510 series\bin\usbsetup.exe | "{ACB6209F-07D3-4E84-9D50-7AC4B712035B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{B7BC581C-C2FB-46BB-BEEC-71B87F7034B9}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{BFEE657B-E112-4D67-8EF8-1B3E76852966}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{D7A49634-82EE-44C6-AC71-19EC89547B4F}" = protocol=6 | dir=out | app=system | "{DE79C4C0-0187-4653-846B-1646B7432D21}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{EB4DBCAC-6E10-49E5-A839-F18BCAE5B83E}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{ED34935C-C0BE-4EEB-9654-B78C050B612F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{F1E25ED5-5DF6-425A-8D69-BED2FAC0E20F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "TCP Query User{1E15EA6C-B8BC-4370-9DEE-216D9C7D55CC}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe | "UDP Query User{2458EC55-DEA4-4D90-9681-FF8DD1DD372B}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{1AA94747-3BF6-4237-9E1A-7B3067738FE1}" = Max Payne 3 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{4412F224-3849-4461-A3E9-DEEF8D252790}" = Visual Studio C++ 10.0 Runtime "{47D6F3E4-D158-4E47-84C4-0D6452DB2488}_is1" = Call of Duty Black Ops 2 "{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 "{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}" = HP Deskjet 2050 J510 series Pomoc "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1045-7B44-A95000000001}" = Adobe Reader 9.5.2 - Polish "{DD2469BA-DDE0-4296-A021-501559DD96C0}" = HP Deskjet 2050 J510 series Podstawowe oprogramowanie urządzenia "{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0 "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Alcohol 120%" = Alcohol 120% "avast" = avast! Free Antivirus "ENTERPRISE" = Microsoft Office Enterprise 2007 "Google Chrome" = Google Chrome "KLiteCodecPack_is1" = K-Lite Codec Pack 5.4.4 (Full) "MyTomTom" = MyTomTom 3.2.0.802 "NapiProjekt_is1" = NapiProjekt (2.1.0.2287) "NMMS12" = Nero 12 Full Repack "NVIDIA Drivers" = NVIDIA Drivers "Rockstar Games Social Club" = Rockstar Games Social Club "uTorrent" = µTorrent "Winamp" = Winamp "WinRAR archiver" = Archiwizator WinRAR [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-2315185559-3209966675-3063021273-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Winamp Detect" = Detektor Winampa [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2012-11-25 12:12:09 | Computer Name = Komp | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: t6sp.dll, wersja: 1.0.0.1, sygnatura czasowa: 0x509a7621 Nazwa modułu powodującego błąd: t6sp.dll, wersja: 1.0.0.1, sygnatura czasowa: 0x509a7621 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00439780 Identyfikator procesu powodującego błąd: 0x13d70 Godzina uruchomienia aplikacji powodującej błąd: 0x01cdcb209e32b640 Ścieżka aplikacji powodującej błąd: C:\Gry\Call of Duty Black Ops 2\t6sp.dll Ścieżka modułu powodującego błąd: C:\Gry\Call of Duty Black Ops 2\t6sp.dll Identyfikator raportu: dcd66e30-371a-11e2-903e-6cf049d77513 Error - 2012-11-25 12:12:12 | Computer Name = Komp | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: t6sp.dll, wersja: 1.0.0.1, sygnatura czasowa: 0x509a7621 Nazwa modułu powodującego błąd: t6sp.dll, wersja: 1.0.0.1, sygnatura czasowa: 0x509a7621 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0024ef4d Identyfikator procesu powodującego błąd: 0x13d70 Godzina uruchomienia aplikacji powodującej błąd: 0x01cdcb209e32b640 Ścieżka aplikacji powodującej błąd: C:\Gry\Call of Duty Black Ops 2\t6sp.dll Ścieżka modułu powodującego błąd: C:\Gry\Call of Duty Black Ops 2\t6sp.dll Identyfikator raportu: de7a0c10-371a-11e2-903e-6cf049d77513 Error - 2012-11-25 12:12:36 | Computer Name = Komp | Source = Application Hang | ID = 1002 Description = Program t6sp.dll w wersji 1.0.0.1 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 39094 Godzina rozpoczęcia: 01cdcb27a772e3e0 Godzina zakończenia: 28 Ścieżka aplikacji: C:\Gry\Call of Duty Black Ops 2\t6sp.dll Identyfikator raportu: ea6e9fe1-371a-11e2-903e-6cf049d77513 Error - 2012-11-25 14:06:53 | Computer Name = Komp | Source = Application Hang | ID = 1002 Description = Program t6sp.dll w wersji 1.0.0.1 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 39644 Godzina rozpoczęcia: 01cdcb27a62fe460 Godzina zakończenia: 60000 Ścieżka aplikacji: C:\Gry\Call of Duty Black Ops 2\t6sp.dll Identyfikator raportu: Error - 2012-11-25 15:12:23 | Computer Name = Komp | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: t6sp.dll, wersja: 1.0.0.1, sygnatura czasowa: 0x509a7621 Nazwa modułu powodującego błąd: steamclient.dll_unloaded, wersja: 0.0.0.0, sygnatura czasowa: 0x50a2aa1c Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x6c81b620 Identyfikator procesu powodującego błąd: 0x3c4 Godzina uruchomienia aplikacji powodującej błąd: 0x01cdcb40044562b0 Ścieżka aplikacji powodującej błąd: C:\Gry\Call of Duty Black Ops 2\t6sp.dll Ścieżka modułu powodującego błąd: steamclient.dll Identyfikator raportu: 0a224f80-3734-11e2-b8ee-6cf049d77513 Error - 2012-11-25 15:12:24 | Computer Name = Komp | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: t6sp.dll, wersja: 1.0.0.1, sygnatura czasowa: 0x509a7621 Nazwa modułu powodującego błąd: t6sp.dll, wersja: 1.0.0.1, sygnatura czasowa: 0x509a7621 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00439780 Identyfikator procesu powodującego błąd: 0x3c4 Godzina uruchomienia aplikacji powodującej błąd: 0x01cdcb40044562b0 Ścieżka aplikacji powodującej błąd: C:\Gry\Call of Duty Black Ops 2\t6sp.dll Ścieżka modułu powodującego błąd: C:\Gry\Call of Duty Black Ops 2\t6sp.dll Identyfikator raportu: 0abf6a40-3734-11e2-b8ee-6cf049d77513 Error - 2012-11-25 15:12:30 | Computer Name = Komp | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: t6sp.dll, wersja: 1.0.0.1, sygnatura czasowa: 0x509a7621 Nazwa modułu powodującego błąd: t6sp.dll, wersja: 1.0.0.1, sygnatura czasowa: 0x509a7621 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0024ef4d Identyfikator procesu powodującego błąd: 0x3c4 Godzina uruchomienia aplikacji powodującej błąd: 0x01cdcb40044562b0 Ścieżka aplikacji powodującej błąd: C:\Gry\Call of Duty Black Ops 2\t6sp.dll Ścieżka modułu powodującego błąd: C:\Gry\Call of Duty Black Ops 2\t6sp.dll Identyfikator raportu: 0e2a79e0-3734-11e2-b8ee-6cf049d77513 Error - 2012-11-25 15:35:24 | Computer Name = Komp | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: t6sp.dll, wersja: 1.0.0.1, sygnatura czasowa: 0x509a7621 Nazwa modułu powodującego błąd: steamclient.dll_unloaded, wersja: 0.0.0.0, sygnatura czasowa: 0x50a2aa1c Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x6c87b620 Identyfikator procesu powodującego błąd: 0x17a8 Godzina uruchomienia aplikacji powodującej błąd: 0x01cdcb40d68fe380 Ścieżka aplikacji powodującej błąd: C:\Gry\Call of Duty Black Ops 2\t6sp.dll Ścieżka modułu powodującego błąd: steamclient.dll Identyfikator raportu: 416ebed0-3737-11e2-b8ee-6cf049d77513 Error - 2012-11-25 15:35:26 | Computer Name = Komp | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: t6sp.dll, wersja: 1.0.0.1, sygnatura czasowa: 0x509a7621 Nazwa modułu powodującego błąd: t6sp.dll, wersja: 1.0.0.1, sygnatura czasowa: 0x509a7621 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00439780 Identyfikator procesu powodującego błąd: 0x17a8 Godzina uruchomienia aplikacji powodującej błąd: 0x01cdcb40d68fe380 Ścieżka aplikacji powodującej błąd: C:\Gry\Call of Duty Black Ops 2\t6sp.dll Ścieżka modułu powodującego błąd: C:\Gry\Call of Duty Black Ops 2\t6sp.dll Identyfikator raportu: 42cf0a50-3737-11e2-b8ee-6cf049d77513 Error - 2012-11-25 15:35:30 | Computer Name = Komp | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: t6sp.dll, wersja: 1.0.0.1, sygnatura czasowa: 0x509a7621 Nazwa modułu powodującego błąd: t6sp.dll, wersja: 1.0.0.1, sygnatura czasowa: 0x509a7621 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0024ef4d Identyfikator procesu powodującego błąd: 0x17a8 Godzina uruchomienia aplikacji powodującej błąd: 0x01cdcb40d68fe380 Ścieżka aplikacji powodującej błąd: C:\Gry\Call of Duty Black Ops 2\t6sp.dll Ścieżka modułu powodującego błąd: C:\Gry\Call of Duty Black Ops 2\t6sp.dll Identyfikator raportu: 450ca610-3737-11e2-b8ee-6cf049d77513 [ System Events ] Error - 2012-11-26 15:07:41 | Computer Name = Komp | Source = DCOM | ID = 10005 Description = Error - 2012-11-26 15:07:43 | Computer Name = Komp | Source = Service Control Manager | ID = 7001 Description = Usługa Usługa listy sieci zależy od usługi Rozpoznawanie lokalizacji w sieci, której nie można uruchomić z powodu następującego błędu: %%1068 Error - 2012-11-26 15:07:43 | Computer Name = Komp | Source = Service Control Manager | ID = 7001 Description = Usługa Usługa listy sieci zależy od usługi Rozpoznawanie lokalizacji w sieci, której nie można uruchomić z powodu następującego błędu: %%1068 Error - 2012-11-26 15:07:43 | Computer Name = Komp | Source = Service Control Manager | ID = 7001 Description = Usługa Usługa listy sieci zależy od usługi Rozpoznawanie lokalizacji w sieci, której nie można uruchomić z powodu następującego błędu: %%1068 Error - 2012-11-26 15:07:43 | Computer Name = Komp | Source = Service Control Manager | ID = 7001 Description = Usługa Usługa listy sieci zależy od usługi Rozpoznawanie lokalizacji w sieci, której nie można uruchomić z powodu następującego błędu: %%1068 Error - 2012-11-26 15:07:43 | Computer Name = Komp | Source = Service Control Manager | ID = 7001 Description = Usługa Usługa listy sieci zależy od usługi Rozpoznawanie lokalizacji w sieci, której nie można uruchomić z powodu następującego błędu: %%1068 Error - 2012-11-26 15:07:43 | Computer Name = Komp | Source = Service Control Manager | ID = 7001 Description = Usługa Usługa listy sieci zależy od usługi Rozpoznawanie lokalizacji w sieci, której nie można uruchomić z powodu następującego błędu: %%1068 Error - 2012-11-26 15:09:07 | Computer Name = Komp | Source = DCOM | ID = 10005 Description = Error - 2012-11-26 14:12:38 | Computer Name = Komp | Source = atikmdag | ID = 52236 Description = CPLIB :: General - Invalid Parameter Error - 2012-11-26 14:12:38 | Computer Name = Komp | Source = atikmdag | ID = 43029 Description = Display is not active < End of report > [/log] Log RSIT [log] Logfile of random's system information tool 1.09 (written by random/random) Run by GRZESIEK at 2012-11-26 20:08:59 Microsoft Windows 7 Ultimate Service Pack 1 System drive C: has 26 GB (26%) free of 100 GB Total RAM: 3326 MB (62% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:09:15, on 2012-11-26 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v8.00 (8.00.7601.17514) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files\uTorrent\uTorrent.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\GRZESIEK\Downloads\OTL.exe C:\Windows\notepad.exe C:\Windows\notepad.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\GRZESIEK\Downloads\RSIT.exe C:\Program Files\trend micro\GRZESIEK.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft....k/?LinkId=54896[/url] R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft....k/?LinkId=69157[/url] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft....k/?LinkId=69157[/url] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft....k/?LinkId=54896[/url] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft....k/?LinkId=54896[/url] R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft....k/?LinkId=69157[/url] R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA SIECIOWA') O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe O23 - Service: Usługa Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Usługa Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe -- End of file - 4520 bytes ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-30 75232] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-10-30 1227736] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-10-30 1227736] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "avast"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2012-10-30 4297136] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2012-11-19 968592] "AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2012-01-05 75624] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-11 919008] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-07-31 38872] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2012-06-11 10996368] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam] C:\Program Files\Steam\Steam.exe [2012-11-20 1353080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "vidc.cvid"=iccvid.dll "MSVideo8"=VfWWDM32.dll "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "aux2"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "VIDC.XVID"=xvidvfw.dll "VIDC.YV12"=yv12vfw.dll "msacm.ac3acm"=ac3acm.acm "msacm.lameacm"=lameACM.acm "VIDC.FFDS"=ff_vfw.dll ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2012-11-26 20:09:00 ----D---- C:\Program Files\trend micro 2012-11-26 20:08:59 ----D---- C:\rsit 2012-11-26 18:12:56 ----A---- C:\Windows\system32\igfxupdate.exe 2012-11-22 18:16:27 ----D---- C:\ProgramData\LightScribe 2012-11-22 18:15:02 ----D---- C:\Program Files\Common Files\LightScribe 2012-11-22 17:57:32 ----D---- C:\Users\GRZESIEK\AppData\Roaming\Nero 2012-11-22 17:57:31 ----D---- C:\ProgramData\Nero 2012-11-22 17:54:02 ----D---- C:\Program Files\Common Files\Nero 2012-11-22 17:54:00 ----D---- C:\Program Files\Nero 2012-11-21 21:10:34 ----D---- C:\Program Files\Rockstar Games 2012-11-21 21:09:48 ----A---- C:\Windows\system32\XAudio2_7.dll 2012-11-21 21:09:48 ----A---- C:\Windows\system32\XAudio2_6.dll 2012-11-21 21:09:48 ----A---- C:\Windows\system32\XAPOFX1_5.dll 2012-11-21 21:09:48 ----A---- C:\Windows\system32\XAPOFX1_4.dll 2012-11-21 21:09:48 ----A---- C:\Windows\system32\xactengine3_7.dll 2012-11-21 21:09:48 ----A---- C:\Windows\system32\D3DX9_43.dll 2012-11-21 21:09:48 ----A---- C:\Windows\system32\d3dx11_43.dll 2012-11-21 21:09:48 ----A---- C:\Windows\system32\d3dx10_43.dll 2012-11-21 21:09:48 ----A---- C:\Windows\system32\d3dcsx_43.dll 2012-11-21 21:09:48 ----A---- C:\Windows\system32\D3DCompiler_43.dll 2012-11-21 21:09:47 ----A---- C:\Windows\system32\XAudio2_5.dll 2012-11-21 21:09:47 ----A---- C:\Windows\system32\xactengine3_6.dll 2012-11-21 21:09:47 ----A---- C:\Windows\system32\xactengine3_5.dll 2012-11-21 21:09:47 ----A---- C:\Windows\system32\X3DAudio1_7.dll 2012-11-21 21:09:47 ----A---- C:\Windows\system32\d3dx11_42.dll 2012-11-21 21:09:47 ----A---- C:\Windows\system32\d3dx10_42.dll 2012-11-21 21:09:47 ----A---- C:\Windows\system32\d3dx10_41.dll 2012-11-21 21:09:47 ----A---- C:\Windows\system32\d3dcsx_42.dll 2012-11-21 21:09:47 ----A---- C:\Windows\system32\D3DCompiler_42.dll 2012-11-21 21:09:47 ----A---- C:\Windows\system32\D3DCompiler_41.dll 2012-11-21 21:09:46 ----A---- C:\Windows\system32\XAudio2_4.dll 2012-11-21 21:09:46 ----A---- C:\Windows\system32\XAudio2_3.dll 2012-11-21 21:09:46 ----A---- C:\Windows\system32\XAudio2_2.dll 2012-11-21 21:09:46 ----A---- C:\Windows\system32\XAudio2_1.dll 2012-11-21 21:09:46 ----A---- C:\Windows\system32\XAPOFX1_3.dll 2012-11-21 21:09:46 ----A---- C:\Windows\system32\XAPOFX1_2.dll 2012-11-21 21:09:46 ----A---- C:\Windows\system32\XAPOFX1_1.dll 2012-11-21 21:09:46 ----A---- C:\Windows\system32\XAPOFX1_0.dll 2012-11-21 21:09:46 ----A---- C:\Windows\system32\xactengine3_4.dll 2012-11-21 21:09:46 ----A---- C:\Windows\system32\xactengine3_3.dll 2012-11-21 21:09:46 ----A---- C:\Windows\system32\xactengine3_2.dll 2012-11-21 21:09:46 ----A---- C:\Windows\system32\xactengine3_1.dll 2012-11-21 21:09:46 ----A---- C:\Windows\system32\X3DAudio1_6.dll 2012-11-21 21:09:46 ----A---- C:\Windows\system32\X3DAudio1_5.dll 2012-11-21 21:09:46 ----A---- C:\Windows\system32\X3DAudio1_4.dll 2012-11-21 21:09:46 ----A---- C:\Windows\system32\D3DX9_41.dll 2012-11-21 21:09:46 ----A---- C:\Windows\system32\D3DX9_40.dll 2012-11-21 21:09:46 ----A---- C:\Windows\system32\D3DX9_39.dll 2012-11-21 21:09:46 ----A---- C:\Windows\system32\d3dx10_40.dll 2012-11-21 21:09:46 ----A---- C:\Windows\system32\d3dx10_39.dll 2012-11-21 21:09:46 ----A---- C:\Windows\system32\D3DCompiler_40.dll 2012-11-21 21:09:46 ----A---- C:\Windows\system32\D3DCompiler_39.dll 2012-11-21 21:09:45 ----A---- C:\Windows\system32\XAudio2_0.dll 2012-11-21 21:09:45 ----A---- C:\Windows\system32\xactengine3_0.dll 2012-11-21 21:09:45 ----A---- C:\Windows\system32\xactengine2_9.dll 2012-11-21 21:09:45 ----A---- C:\Windows\system32\xactengine2_10.dll 2012-11-21 21:09:45 ----A---- C:\Windows\system32\X3DAudio1_3.dll 2012-11-21 21:09:45 ----A---- C:\Windows\system32\D3DX9_38.dll 2012-11-21 21:09:45 ----A---- C:\Windows\system32\D3DX9_37.dll 2012-11-21 21:09:45 ----A---- C:\Windows\system32\d3dx9_36.dll 2012-11-21 21:09:45 ----A---- C:\Windows\system32\d3dx10_38.dll 2012-11-21 21:09:45 ----A---- C:\Windows\system32\d3dx10_37.dll 2012-11-21 21:09:45 ----A---- C:\Windows\system32\d3dx10_36.dll 2012-11-21 21:09:45 ----A---- C:\Windows\system32\d3dx10_35.dll 2012-11-21 21:09:45 ----A---- C:\Windows\system32\D3DCompiler_38.dll 2012-11-21 21:09:45 ----A---- C:\Windows\system32\D3DCompiler_37.dll 2012-11-21 21:09:45 ----A---- C:\Windows\system32\D3DCompiler_36.dll 2012-11-21 21:09:45 ----A---- C:\Windows\system32\D3DCompiler_35.dll 2012-11-21 21:09:44 ----A---- C:\Windows\system32\xactengine2_8.dll 2012-11-21 21:09:44 ----A---- C:\Windows\system32\X3DAudio1_2.dll 2012-11-21 21:09:44 ----A---- C:\Windows\system32\d3dx9_35.dll 2012-11-21 21:09:44 ----A---- C:\Windows\system32\d3dx9_34.dll 2012-11-21 21:09:44 ----A---- C:\Windows\system32\d3dx10_34.dll 2012-11-21 21:09:44 ----A---- C:\Windows\system32\D3DCompiler_34.dll 2012-11-21 21:09:43 ----A---- C:\Windows\system32\xactengine2_7.dll 2012-11-21 21:09:43 ----A---- C:\Windows\system32\xactengine2_6.dll 2012-11-21 21:09:43 ----A---- C:\Windows\system32\xactengine2_5.dll 2012-11-21 21:09:43 ----A---- C:\Windows\system32\xactengine2_4.dll 2012-11-21 21:09:43 ----A---- C:\Windows\system32\x3daudio1_1.dll 2012-11-21 21:09:43 ----A---- C:\Windows\system32\d3dx9_33.dll 2012-11-21 21:09:43 ----A---- C:\Windows\system32\d3dx9_32.dll 2012-11-21 21:09:43 ----A---- C:\Windows\system32\d3dx10_33.dll 2012-11-21 21:09:43 ----A---- C:\Windows\system32\d3dx10.dll 2012-11-21 21:09:43 ----A---- C:\Windows\system32\D3DCompiler_33.dll 2012-11-21 21:09:42 ----A---- C:\Windows\system32\xinput1_2.dll 2012-11-21 21:09:42 ----A---- C:\Windows\system32\xinput1_1.dll 2012-11-21 21:09:42 ----A---- C:\Windows\system32\xactengine2_3.dll 2012-11-21 21:09:42 ----A---- C:\Windows\system32\xactengine2_2.dll 2012-11-21 21:09:42 ----A---- C:\Windows\system32\xactengine2_1.dll 2012-11-21 21:09:41 ----A---- C:\Windows\system32\d3dx9_30.dll 2012-11-21 21:09:40 ----A---- C:\Windows\system32\xactengine2_0.dll 2012-11-21 21:09:40 ----A---- C:\Windows\system32\x3daudio1_0.dll 2012-11-21 21:09:40 ----A---- C:\Windows\system32\d3dx9_29.dll 2012-11-21 21:09:40 ----A---- C:\Windows\system32\d3dx9_28.dll 2012-11-21 21:09:40 ----A---- C:\Windows\system32\d3dx9_27.dll 2012-11-21 21:09:40 ----A---- C:\Windows\system32\d3dx9_26.dll 2012-11-21 21:09:40 ----A---- C:\Windows\system32\d3dx9_25.dll 2012-11-21 21:09:40 ----A---- C:\Windows\system32\d3dx9_24.dll 2012-11-21 20:50:40 ----D---- C:\ProgramData\Rockstar Games 2012-11-21 20:13:08 ----A---- C:\Windows\system32\unrar.dll 2012-11-21 20:13:07 ----A---- C:\Windows\avisplitter.ini 2012-11-21 20:13:05 ----A---- C:\Windows\system32\yv12vfw.dll 2012-11-21 20:13:05 ----A---- C:\Windows\system32\xvidvfw.dll 2012-11-21 20:13:05 ----A---- C:\Windows\system32\xvidcore.dll 2012-11-21 20:13:03 ----A---- C:\Windows\system32\ff_vfw.dll 2012-11-21 20:13:01 ----D---- C:\Program Files\K-Lite Codec Pack 2012-11-21 20:04:47 ----D---- C:\Users\GRZESIEK\AppData\Roaming\Macromedia 2012-11-21 20:04:38 ----A---- C:\Windows\system32\MRT.exe 2012-11-21 20:01:05 ----A---- C:\Windows\system32\drivers\WdfLdr.sys 2012-11-21 20:01:04 ----A---- C:\Windows\system32\Wdfres.dll 2012-11-21 20:01:04 ----A---- C:\Windows\system32\drivers\Wdf01000.sys 2012-11-21 20:00:16 ----A---- C:\Windows\system32\drivers\WUDFRd.sys 2012-11-21 20:00:16 ----A---- C:\Windows\system32\drivers\WUDFPf.sys 2012-11-21 20:00:14 ----A---- C:\Windows\system32\WUDFSvc.dll 2012-11-21 20:00:14 ----A---- C:\Windows\system32\WUDFPlatform.dll 2012-11-21 20:00:09 ----A---- C:\Windows\system32\WUDFx.dll 2012-11-21 20:00:09 ----A---- C:\Windows\system32\WUDFHost.exe 2012-11-21 20:00:09 ----A---- C:\Windows\system32\WUDFCoinstaller.dll 2012-11-21 19:59:51 ----A---- C:\Windows\system32\wmi.dll 2012-11-21 19:59:51 ----A---- C:\Windows\system32\imagehlp.dll 2012-11-21 19:59:51 ----A---- C:\Windows\system32\drivers\fs_rec.sys 2012-11-21 19:58:54 ----A---- C:\Windows\system32\drivers\RNDISMP.sys 2012-11-21 19:58:54 ----A---- C:\Windows\system32\drivers\ndis.sys 2012-11-21 19:58:30 ----A---- C:\Windows\system32\OxpsConverter.exe 2012-11-21 19:58:24 ----A---- C:\Windows\system32\drivers\tcpip.sys 2012-11-21 19:58:23 ----A---- C:\Windows\system32\nlasvc.dll 2012-11-21 19:58:23 ----A---- C:\Windows\system32\nlaapi.dll 2012-11-21 19:58:23 ----A---- C:\Windows\system32\netevent.dll 2012-11-21 19:58:23 ----A---- C:\Windows\system32\netcorehc.dll 2012-11-21 19:58:23 ----A---- C:\Windows\system32\ncsi.dll 2012-11-21 19:58:23 ----A---- C:\Windows\system32\iphlpsvc.dll 2012-11-21 19:58:23 ----A---- C:\Windows\system32\drivers\tcpipreg.sys 2012-11-21 19:58:23 ----A---- C:\Windows\system32\drivers\netio.sys 2012-11-21 19:58:23 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS 2012-11-21 19:58:19 ----A---- C:\Windows\system32\qdvd.dll 2012-11-21 19:56:18 ----A---- C:\Windows\system32\tquery.dll 2012-11-21 19:56:18 ----A---- C:\Windows\system32\SearchProtocolHost.exe 2012-11-21 19:56:18 ----A---- C:\Windows\system32\SearchIndexer.exe 2012-11-21 19:56:18 ----A---- C:\Windows\system32\SearchFilterHost.exe 2012-11-21 19:56:18 ----A---- C:\Windows\system32\mssvp.dll 2012-11-21 19:56:18 ----A---- C:\Windows\system32\mssrch.dll 2012-11-21 19:56:18 ----A---- C:\Windows\system32\mssphtb.dll 2012-11-21 19:56:18 ----A---- C:\Windows\system32\mssph.dll 2012-11-21 19:56:18 ----A---- C:\Windows\system32\msscntrs.dll 2012-11-21 19:51:25 ----A---- C:\Windows\system32\schannel.dll 2012-11-21 19:51:25 ----A---- C:\Windows\system32\ncrypt.dll 2012-11-21 19:51:25 ----A---- C:\Windows\system32\lsasrv.dll 2012-11-21 19:51:25 ----A---- C:\Windows\system32\drivers\ksecpkg.sys 2012-11-21 19:51:25 ----A---- C:\Windows\system32\drivers\cng.sys 2012-11-21 19:51:24 ----A---- C:\Windows\system32\drivers\ksecdd.sys 2012-11-21 19:50:50 ----A---- C:\Windows\system32\dhcpcsvc6.dll 2012-11-21 19:50:50 ----A---- C:\Windows\system32\dhcpcore6.dll 2012-11-20 22:43:46 ----D---- C:\Windows\system32\update 2012-11-20 22:43:46 ----A---- C:\Windows\system32\SearchIndexer.dll 2012-11-20 22:43:46 ----A---- C:\Windows\system32\SearchEngine.dat 2012-11-20 21:29:34 ----D---- C:\Program Files\Common Files\Steam 2012-11-20 21:29:33 ----D---- C:\Program Files\Steam 2012-11-20 21:13:15 ----D---- C:\Program Files\Adobe 2012-11-20 19:59:15 ----D---- C:\Windows\system32\SPReview 2012-11-20 19:57:51 ----D---- C:\Windows\system32\EventProviders 2012-11-20 19:55:23 ----A---- C:\Windows\system32\dfshim.dll 2012-11-20 19:55:20 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll 2012-11-20 19:55:20 ----A---- C:\Windows\system32\mstscax.dll 2012-11-20 19:55:20 ----A---- C:\Windows\system32\LSCSHostPolicy.dll 2012-11-20 19:55:20 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys 2012-11-20 19:55:17 ----A---- C:\Windows\system32\mfc40u.dll 2012-11-20 19:55:17 ----A---- C:\Windows\system32\mfc40.dll 2012-11-20 19:55:17 ----A---- C:\Windows\system32\d3d10warp.dll 2012-11-20 19:55:16 ----A---- C:\Windows\system32\tssrvlic.dll 2012-11-20 19:55:16 ----A---- C:\Windows\system32\RDVGHelper.exe 2012-11-20 19:55:15 ----A---- C:\Windows\system32\sysmain.dll 2012-11-20 19:55:14 ----A---- C:\Windows\system32\secproc_isv.dll 2012-11-20 19:55:13 ----A---- C:\Windows\system32\secproc.dll 2012-11-20 19:55:13 ----A---- C:\Windows\system32\RMActivate_isv.exe 2012-11-20 19:55:12 ----A---- C:\Windows\system32\RMActivate.exe 2012-11-20 19:55:11 ----A---- C:\Windows\system32\spwizui.dll 2012-11-20 19:55:11 ----A---- C:\Windows\system32\mscoree.dll 2012-11-20 19:55:10 ----A---- C:\Windows\system32\mf.dll 2012-11-20 19:55:09 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll 2012-11-20 19:55:09 ----A---- C:\Windows\system32\CertEnroll.dll 2012-11-20 19:55:07 ----A---- C:\Windows\system32\wmp.dll 2012-11-20 19:55:07 ----A---- C:\Windows\system32\PresentationHostProxy.dll 2012-11-20 19:55:07 ----A---- C:\Windows\system32\PresentationHost.exe 2012-11-20 19:55:07 ----A---- C:\Windows\system32\esent.dll 2012-11-20 19:55:07 ----A---- C:\Windows\system32\drivers\msiscsi.sys 2012-11-20 19:55:06 ----A---- C:\Windows\system32\schedsvc.dll 2012-11-20 19:55:06 ----A---- C:\Windows\system32\drivers\hwpolicy.sys 2012-11-20 19:55:05 ----A---- C:\Windows\system32\RacEngn.dll 2012-11-20 19:55:04 ----A---- C:\Windows\system32\AuthFWSnapin.dll 2012-11-20 19:55:03 ----A---- C:\Windows\system32\rdpdd.dll 2012-11-20 19:55:03 ----A---- C:\Windows\system32\qmgr.dll 2012-11-20 19:55:02 ----A---- C:\Windows\system32\ExplorerFrame.dll 2012-11-20 19:55:01 ----A---- C:\Windows\system32\wevtsvc.dll 2012-11-20 19:55:01 ----A---- C:\Windows\system32\ole32.dll 2012-11-20 19:55:00 ----A---- C:\Windows\system32\vssapi.dll 2012-11-20 19:55:00 ----A---- C:\Windows\system32\SearchFolder.dll 2012-11-20 19:55:00 ----A---- C:\Windows\system32\d3d9.dll 2012-11-20 19:54:59 ----A---- C:\Windows\system32\IKEEXT.DLL 2012-11-20 19:54:58 ----A---- C:\Windows\system32\taskschd.dll 2012-11-20 19:54:57 ----A---- C:\Windows\system32\spreview.exe 2012-11-20 19:54:57 ----A---- C:\Windows\system32\spinstall.exe 2012-11-20 19:54:57 ----A---- C:\Windows\system32\PushPrinterConnections.exe 2012-11-20 19:54:57 ----A---- C:\Windows\system32\mstsc.exe 2012-11-20 19:54:56 ----A---- C:\Windows\system32\wer.dll 2012-11-20 19:54:56 ----A---- C:\Windows\system32\termsrv.dll 2012-11-20 19:54:56 ----A---- C:\Windows\system32\rpcrt4.dll 2012-11-20 19:54:56 ----A---- C:\Windows\system32\certcli.dll 2012-11-20 19:54:55 ----A---- C:\Windows\system32\odbc32.dll 2012-11-20 19:54:55 ----A---- C:\Windows\system32\gpsvc.dll 2012-11-20 19:54:55 ----A---- C:\Windows\system32\dwmcore.dll 2012-11-20 19:54:54 ----A---- C:\Windows\system32\wbengine.exe 2012-11-20 19:54:54 ----A---- C:\Windows\system32\scavengeui.dll 2012-11-20 19:54:54 ----A---- C:\Windows\system32\mstime.dll 2012-11-20 19:54:54 ----A---- C:\Windows\system32\MPSSVC.dll 2012-11-20 19:54:54 ----A---- C:\Windows\system32\diagperf.dll 2012-11-20 19:54:53 ----A---- C:\Windows\system32\WinSAT.exe 2012-11-20 19:54:53 ----A---- C:\Windows\system32\umrdp.dll 2012-11-20 19:54:53 ----A---- C:\Windows\system32\TSWorkspace.dll 2012-11-20 19:54:53 ----A---- C:\Windows\system32\tsmf.dll 2012-11-20 19:54:53 ----A---- C:\Windows\system32\dot3api.dll 2012-11-20 19:54:52 ----A---- C:\Windows\system32\winhttp.dll 2012-11-20 19:54:52 ----A---- C:\Windows\system32\setupapi.dll 2012-11-20 19:54:52 ----A---- C:\Windows\system32\iedkcs32.dll 2012-11-20 19:54:52 ----A---- C:\Windows\system32\drivers\nvstor.sys 2012-11-20 19:54:52 ----A---- C:\Windows\system32\apphelp.dll 2012-11-20 19:54:51 ----A---- C:\Windows\system32\VSSVC.exe 2012-11-20 19:54:51 ----A---- C:\Windows\system32\netlogon.dll 2012-11-20 19:54:51 ----A---- C:\Windows\system32\MSVidCtl.dll 2012-11-20 19:54:51 ----A---- C:\Windows\system32\dbgeng.dll 2012-11-20 19:54:51 ----A---- C:\Windows\system32\d3d11.dll 2012-11-20 19:54:50 ----A---- C:\Windows\system32\winlogon.exe 2012-11-20 19:54:50 ----A---- C:\Windows\system32\WindowsCodecs.dll 2012-11-20 19:54:50 ----A---- C:\Windows\system32\user32.dll 2012-11-20 19:54:50 ----A---- C:\Windows\system32\rdpshell.exe 2012-11-20 19:54:50 ----A---- C:\Windows\system32\netcfgx.dll 2012-11-20 19:54:49 ----A---- C:\Windows\system32\WsmSvc.dll 2012-11-20 19:54:49 ----A---- C:\Windows\system32\WMVDECOD.DLL 2012-11-20 19:54:49 ----A---- C:\Windows\system32\Query.dll 2012-11-20 19:54:49 ----A---- C:\Windows\system32\gpprefcl.dll 2012-11-20 19:54:48 ----A---- C:\Windows\system32\upnp.dll 2012-11-20 19:54:48 ----A---- C:\Windows\system32\mmcndmgr.dll 2012-11-20 19:54:48 ----A---- C:\Windows\system32\DShowRdpFilter.dll 2012-11-20 19:54:48 ----A---- C:\Windows\system32\drivers\nvraid.sys 2012-11-20 19:54:48 ----A---- C:\Windows\system32\advapi32.dll 2012-11-20 19:54:47 ----A---- C:\Windows\system32\netfxperf.dll 2012-11-20 19:54:47 ----A---- C:\Windows\system32\msv1_0.dll 2012-11-20 19:54:47 ----A---- C:\Windows\system32\lsm.exe 2012-11-20 19:54:47 ----A---- C:\Windows\system32\imapi2fs.dll 2012-11-20 19:54:47 ----A---- C:\Windows\system32\drivers\csc.sys 2012-11-20 19:54:46 ----A---- C:\Windows\system32\sppobjs.dll 2012-11-20 19:54:46 ----A---- C:\Windows\system32\msdrm.dll 2012-11-20 19:54:46 ----A---- C:\Windows\system32\authui.dll 2012-11-20 19:54:45 ----A---- C:\Windows\system32\SessEnv.dll 2012-11-20 19:54:45 ----A---- C:\Windows\system32\PortableDeviceApi.dll 2012-11-20 19:54:44 ----A---- C:\Windows\system32\usp10.dll 2012-11-20 19:54:44 ----A---- C:\Windows\system32\shlwapi.dll 2012-11-20 19:54:44 ----A---- C:\Windows\system32\mcbuilder.exe 2012-11-20 19:54:43 ----A---- C:\Windows\system32\xpsservices.dll 2012-11-20 19:54:43 ----A---- C:\Windows\system32\winload.exe 2012-11-20 19:54:43 ----A---- C:\Windows\system32\userenv.dll 2012-11-20 19:54:43 ----A---- C:\Windows\system32\drvstore.dll 2012-11-20 19:54:43 ----A---- C:\Windows\system32\certmgr.dll 2012-11-20 19:54:42 ----A---- C:\Windows\system32\WebClnt.dll 2012-11-20 19:54:42 ----A---- C:\Windows\system32\sppwinob.dll 2012-11-20 19:54:42 ----A---- C:\Windows\system32\comdlg32.dll 2012-11-20 19:54:42 ----A---- C:\Windows\system32\audiosrv.dll 2012-11-20 19:54:41 ----A---- C:\Windows\system32\rpcss.dll 2012-11-20 19:54:41 ----A---- C:\Windows\system32\cmd.exe 2012-11-20 19:54:41 ----A---- C:\Windows\system32\BFE.DLL 2012-11-20 19:54:40 ----A---- C:\Windows\system32\Wldap32.dll 2012-11-20 19:54:40 ----A---- C:\Windows\system32\rdpendp.dll 2012-11-20 19:54:40 ----A---- C:\Windows\system32\propsys.dll 2012-11-20 19:54:40 ----A---- C:\Windows\system32\mfds.dll 2012-11-20 19:54:40 ----A---- C:\Windows\system32\framedynos.dll 2012-11-20 19:54:40 ----A---- C:\Windows\system32\drivers\volsnap.sys 2012-11-20 19:54:39 ----A---- C:\Windows\system32\wmicmiplugin.dll 2012-11-20 19:54:39 ----A---- C:\Windows\system32\winresume.exe 2012-11-20 19:54:39 ----A---- C:\Windows\system32\samsrv.dll 2012-11-20 19:54:39 ----A---- C:\Windows\system32\cscsvc.dll 2012-11-20 19:54:38 ----A---- C:\Windows\system32\werconcpl.dll 2012-11-20 19:54:38 ----A---- C:\Windows\system32\rdpclip.exe 2012-11-20 19:54:38 ----A---- C:\Windows\system32\azroles.dll 2012-11-20 19:54:37 ----A---- C:\Windows\system32\themeui.dll 2012-11-20 19:54:37 ----A---- C:\Windows\system32\taskeng.exe 2012-11-20 19:54:37 ----A---- C:\Windows\system32\spp.dll 2012-11-20 19:54:37 ----A---- C:\Windows\system32\credui.dll 2012-11-20 19:54:37 ----A---- C:\Windows\system32\appmgr.dll 2012-11-20 19:54:36 ----A---- C:\Windows\system32\mswsock.dll 2012-11-20 19:54:36 ----A---- C:\Windows\system32\drivers\storport.sys 2012-11-20 19:54:36 ----A---- C:\Windows\system32\drivers\http.sys 2012-11-20 19:54:36 ----A---- C:\Windows\system32\dhcpcore.dll 2012-11-20 19:54:35 ----A---- C:\Windows\system32\taskcomp.dll 2012-11-20 19:54:35 ----A---- C:\Windows\system32\NaturalLanguage6.dll 2012-11-20 19:54:35 ----A---- C:\Windows\system32\mfreadwrite.dll 2012-11-20 19:54:35 ----A---- C:\Windows\system32\dxgi.dll 2012-11-20 19:54:35 ----A---- C:\Windows\system32\dbghelp.dll 2012-11-20 19:54:35 ----A---- C:\Windows\system32\basecsp.dll 2012-11-20 19:54:34 ----A---- C:\Windows\system32\rdpinit.exe 2012-11-20 19:54:34 ----A---- C:\Windows\system32\gdi32.dll 2012-11-20 19:54:34 ----A---- C:\Windows\system32\evr.dll 2012-11-20 19:54:34 ----A---- C:\Windows\system32\drivers\mrxdav.sys 2012-11-20 19:54:33 ----A---- C:\Windows\system32\WinSATAPI.dll 2012-11-20 19:54:33 ----A---- C:\Windows\system32\sqlsrv32.dll 2012-11-20 19:54:33 ----A---- C:\Windows\system32\QAGENTRT.DLL 2012-11-20 19:54:33 ----A---- C:\Windows\system32\drivers\1394ohci.sys 2012-11-20 19:54:33 ----A---- C:\Windows\system32\calc.exe 2012-11-20 19:54:32 ----A---- C:\Windows\system32\vpnike.dll 2012-11-20 19:54:32 ----A---- C:\Windows\system32\UIRibbon.dll 2012-11-20 19:54:32 ----A---- C:\Windows\system32\srvsvc.dll 2012-11-20 19:54:32 ----A---- C:\Windows\system32\lpksetup.exe 2012-11-20 19:54:32 ----A---- C:\Windows\system32\fveapi.dll 2012-11-20 19:54:32 ----A---- C:\Windows\system32\drivers\amdsata.sys 2012-11-20 19:54:31 ----A---- C:\Windows\system32\ws2_32.dll 2012-11-20 19:54:31 ----A---- C:\Windows\system32\tspubwmi.dll 2012-11-20 19:54:31 ----A---- C:\Windows\system32\sxs.dll 2012-11-20 19:54:31 ----A---- C:\Windows\system32\netshell.dll 2012-11-20 19:54:31 ----A---- C:\Windows\system32\ie4uinit.exe 2012-11-20 19:54:31 ----A---- C:\Windows\system32\drivers\fvevol.sys 2012-11-20 19:54:30 ----A---- C:\Windows\system32\stobject.dll 2012-11-20 19:54:30 ----A---- C:\Windows\system32\hgprint.dll 2012-11-20 19:54:30 ----A---- C:\Windows\system32\drivers\rdbss.sys 2012-11-20 19:54:30 ----A---- C:\Windows\system32\drivers\msdsm.sys 2012-11-20 19:54:30 ----A---- C:\Windows\system32\comctl32.dll 2012-11-20 19:54:29 ----A---- C:\Windows\system32\prncache.dll 2012-11-20 19:54:29 ----A---- C:\Windows\system32\printui.dll 2012-11-20 19:54:29 ----A---- C:\Windows\system32\inetpp.dll 2012-11-20 19:54:29 ----A---- C:\Windows\system32\dps.dll 2012-11-20 19:54:28 ----A---- C:\Windows\system32\WSDApi.dll 2012-11-20 19:54:28 ----A---- C:\Windows\system32\wmpeffects.dll 2012-11-20 19:54:28 ----A---- C:\Windows\system32\rpchttp.dll 2012-11-20 19:54:28 ----A---- C:\Windows\system32\net1.exe 2012-11-20 19:54:28 ----A---- C:\Windows\system32\ci.dll 2012-11-20 19:54:28 ----A---- C:\Windows\system32\aitagent.exe 2012-11-20 19:54:28 ----A---- C:\Windows\system32\aepdu.dll 2012-11-20 19:54:27 ----A---- C:\Windows\system32\FXSSVC.exe 2012-11-20 19:54:27 ----A---- C:\Windows\system32\drivers\vmbus.sys 2012-11-20 19:54:27 ----A---- C:\Windows\system32\drivers\pci.sys 2012-11-20 19:54:26 ----A---- C:\Windows\system32\WMVCORE.DLL 2012-11-20 19:54:26 ----A---- C:\Windows\system32\vds.exe 2012-11-20 19:54:26 ----A---- C:\Windows\system32\scansetting.dll 2012-11-20 19:54:26 ----A---- C:\Windows\system32\MMDevAPI.dll 2012-11-20 19:54:26 ----A---- C:\Windows\system32\davclnt.dll 2012-11-20 19:54:25 ----A---- C:\Windows\system32\wlangpui.dll 2012-11-20 19:54:25 ----A---- C:\Windows\system32\QSHVHOST.DLL 2012-11-20 19:54:25 ----A---- C:\Windows\system32\IPSECSVC.DLL 2012-11-20 19:54:25 ----A---- C:\Windows\system32\drivers\usbport.sys 2012-11-20 19:54:25 ----A---- C:\Windows\system32\consent.exe 2012-11-20 19:54:25 ----A---- C:\Windows\system32\aaclient.dll 2012-11-20 19:54:24 ----A---- C:\Windows\system32\wpdshext.dll 2012-11-20 19:54:24 ----A---- C:\Windows\system32\webservices.dll 2012-11-20 19:54:24 ----A---- C:\Windows\system32\t2embed.dll 2012-11-20 19:54:24 ----A---- C:\Windows\system32\scrptadm.dll 2012-11-20 19:54:24 ----A---- C:\Windows\system32\pnidui.dll 2012-11-20 19:54:24 ----A---- C:\Windows\system32\fde.dll 2012-11-20 19:54:24 ----A---- C:\Windows\system32\drivers\termdd.sys 2012-11-20 19:54:23 ----A---- C:\Windows\system32\wscapi.dll 2012-11-20 19:54:23 ----A---- C:\Windows\system32\vmicsvc.exe 2012-11-20 19:54:23 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll 2012-11-20 19:54:23 ----A---- C:\Windows\system32\tscfgwmi.dll 2012-11-20 19:54:23 ----A---- C:\Windows\system32\SyncCenter.dll 2012-11-20 19:54:23 ----A---- C:\Windows\system32\sdengin2.dll 2012-11-20 19:54:23 ----A---- C:\Windows\system32\netdiagfx.dll 2012-11-20 19:54:23 ----A---- C:\Windows\system32\drivers\sbp2port.sys 2012-11-20 19:54:23 ----A---- C:\Windows\system32\drivers\rdpdr.sys 2012-11-20 19:54:23 ----A---- C:\Windows\system32\drivers\amdxata.sys 2012-11-20 19:54:22 ----A---- C:\Windows\system32\WFS.exe 2012-11-20 19:54:21 ----A---- C:\Windows\system32\wisptis.exe 2012-11-20 19:54:21 ----A---- C:\Windows\system32\WinSCard.dll 2012-11-20 19:54:21 ----A---- C:\Windows\system32\pla.dll 2012-11-20 19:54:21 ----A---- C:\Windows\system32\msasn1.dll 2012-11-20 19:54:21 ----A---- C:\Windows\system32\mcmde.dll 2012-11-20 19:54:21 ----A---- C:\Windows\system32\cscobj.dll 2012-11-20 19:54:20 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL 2012-11-20 19:54:20 ----A---- C:\Windows\system32\drivers\vhdmp.sys 2012-11-20 19:54:19 ----A---- C:\Windows\system32\winsta.dll 2012-11-20 19:54:19 ----A---- C:\Windows\system32\drivers\msahci.sys 2012-11-20 19:54:18 ----A---- C:\Windows\system32\setupcl.exe 2012-11-20 19:54:18 ----A---- C:\Windows\system32\imapi2.dll 2012-11-20 19:54:18 ----A---- C:\Windows\system32\iepeers.dll 2012-11-20 19:54:17 ----A---- C:\Windows\system32\wiaservc.dll 2012-11-20 19:54:17 ----A---- C:\Windows\system32\DXPTaskRingtone.dll 2012-11-20 19:54:17 ----A---- C:\Windows\system32\aeinv.dll 2012-11-20 19:54:16 ----A---- C:\Windows\system32\gameux.dll 2012-11-20 19:54:15 ----A---- C:\Windows\system32\WMPEncEn.dll 2012-11-20 19:54:15 ----A---- C:\Windows\system32\winmm.dll 2012-11-20 19:54:15 ----A---- C:\Windows\system32\vaultsvc.dll 2012-11-20 19:54:15 ----A---- C:\Windows\system32\TabSvc.dll 2012-11-20 19:54:15 ----A---- C:\Windows\system32\shsvcs.dll 2012-11-20 19:54:15 ----A---- C:\Windows\system32\rasmans.dll 2012-11-20 19:54:15 ----A---- C:\Windows\system32\onex.dll 2012-11-20 19:54:15 ----A---- C:\Windows\system32\hbaapi.dll 2012-11-20 19:54:15 ----A---- C:\Windows\system32\dwmredir.dll 2012-11-20 19:54:15 ----A---- C:\Windows\system32\drivers\udfs.sys 2012-11-20 19:54:15 ----A---- C:\Windows\system32\drivers\acpi.sys 2012-11-20 19:54:15 ----A---- C:\Windows\system32\autofmt.exe 2012-11-20 19:54:14 ----A---- C:\Windows\system32\thumbcache.dll 2012-11-20 19:54:14 ----A---- C:\Windows\system32\samcli.dll 2012-11-20 19:54:14 ----A---- C:\Windows\system32\proquota.exe 2012-11-20 19:54:14 ----A---- C:\Windows\system32\netiohlp.dll 2012-11-20 19:54:14 ----A---- C:\Windows\system32\Narrator.exe 2012-11-20 19:54:14 ----A---- C:\Windows\system32\msutb.dll 2012-11-20 19:54:14 ----A---- C:\Windows\system32\IPHLPAPI.DLL 2012-11-20 19:54:14 ----A---- C:\Windows\system32\halmacpi.dll 2012-11-20 19:54:14 ----A---- C:\Windows\system32\hal.dll 2012-11-20 19:54:14 ----A---- C:\Windows\system32\bootres.dll 2012-11-20 19:54:14 ----A---- C:\Windows\system32\autoconv.exe 2012-11-20 19:54:14 ----A---- C:\Windows\system32\autochk.exe 2012-11-20 19:54:14 ----A---- C:\Windows\system32\AudioSes.dll 2012-11-20 19:54:14 ----A---- C:\Windows\system32\audiodg.exe 2012-11-20 19:54:13 ----A---- C:\Windows\system32\tcpipcfg.dll 2012-11-20 19:54:13 ----A---- C:\Windows\system32\srchadmin.dll 2012-11-20 19:54:13 ----A---- C:\Windows\system32\schtasks.exe 2012-11-20 19:54:13 ----A---- C:\Windows\system32\regapi.dll 2012-11-20 19:54:13 ----A---- C:\Windows\system32\powercpl.dll 2012-11-20 19:54:13 ----A---- C:\Windows\system32\msinfo32.exe 2012-11-20 19:54:13 ----A---- C:\Windows\system32\mimefilt.dll 2012-11-20 19:54:13 ----A---- C:\Windows\system32\ipsmsnap.dll 2012-11-20 19:54:13 ----A---- C:\Windows\system32\eapphost.dll 2012-11-20 19:54:12 ----A---- C:\Windows\system32\wcncsvc.dll 2012-11-20 19:54:12 ----A---- C:\Windows\system32\msihnd.dll 2012-11-20 19:54:12 ----A---- C:\Windows\system32\mscorier.dll 2012-11-20 19:54:12 ----A---- C:\Windows\system32\framedyn.dll 2012-11-20 19:54:12 ----A---- C:\Windows\system32\drivers\volmgr.sys 2012-11-20 19:54:11 ----A---- C:\Windows\system32\umpo.dll 2012-11-20 19:54:11 ----A---- C:\Windows\system32\QAGENT.DLL 2012-11-20 19:54:11 ----A---- C:\Windows\system32\netid.dll 2012-11-20 19:54:11 ----A---- C:\Windows\system32\DXP.dll 2012-11-20 19:54:11 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS 2012-11-20 19:54:11 ----A---- C:\Windows\system32\drivers\netbt.sys 2012-11-20 19:54:11 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll 2012-11-20 19:54:10 ----A---- C:\Windows\system32\wdc.dll 2012-11-20 19:54:10 ----A---- C:\Windows\system32\Vault.dll 2012-11-20 19:54:10 ----A---- C:\Windows\system32\untfs.dll 2012-11-20 19:54:10 ----A---- C:\Windows\system32\StructuredQuery.dll 2012-11-20 19:54:10 ----A---- C:\Windows\system32\scesrv.dll 2012-11-20 19:54:10 ----A---- C:\Windows\system32\rastls.dll 2012-11-20 19:54:10 ----A---- C:\Windows\system32\nci.dll 2012-11-20 19:54:10 ----A---- C:\Windows\system32\drivers\ataport.sys 2012-11-20 19:54:10 ----A---- C:\Windows\system32\actxprxy.dll 2012-11-20 19:54:09 ----A---- C:\Windows\system32\WMNetMgr.dll 2012-11-20 19:54:09 ----A---- C:\Windows\system32\wlanpref.dll 2012-11-20 19:54:09 ----A---- C:\Windows\system32\sppsvc.exe 2012-11-20 19:54:09 ----A---- C:\Windows\system32\sdclt.exe 2012-11-20 19:54:09 ----A---- C:\Windows\system32\RpcRtRemote.dll 2012-11-20 19:54:09 ----A---- C:\Windows\system32\ListSvc.dll 2012-11-20 19:54:09 ----A---- C:\Windows\system32\licmgr10.dll 2012-11-20 19:54:08 ----A---- C:\Windows\system32\taskmgr.exe 2012-11-20 19:54:08 ----A---- C:\Windows\system32\Robocopy.exe 2012-11-20 19:54:08 ----A---- C:\Windows\system32\DxpTaskSync.dll 2012-11-20 19:54:08 ----A---- C:\Windows\system32\Display.dll 2012-11-20 19:54:07 ----A---- C:\Windows\system32\XpsRasterService.dll 2012-11-20 19:54:07 ----A---- C:\Windows\system32\userinit.exe 2012-11-20 19:54:07 ----A---- C:\Windows\system32\sharemediacpl.dll 2012-11-20 19:54:07 ----A---- C:\Windows\system32\puiobj.dll 2012-11-20 19:54:07 ----A---- C:\Windows\system32\mtxclu.dll 2012-11-20 19:54:07 ----A---- C:\Windows\system32\msdri.dll 2012-11-20 19:54:07 ----A---- C:\Windows\system32\drivers\usbvideo.sys 2012-11-20 19:54:07 ----A---- C:\Windows\system32\drivers\mpio.sys 2012-11-20 19:54:07 ----A---- C:\Windows\system32\drivers\mountmgr.sys 2012-11-20 19:54:06 ----A---- C:\Windows\system32\termmgr.dll 2012-11-20 19:54:06 ----A---- C:\Windows\system32\eudcedit.exe 2012-11-20 19:54:06 ----A---- C:\Windows\system32\drivers\winhv.sys 2012-11-20 19:54:06 ----A---- C:\Windows\system32\drivers\usbehci.sys 2012-11-20 19:54:06 ----A---- C:\Windows\system32\drivers\scsiport.sys 2012-11-20 19:54:06 ----A---- C:\Windows\system32\drivers\iaStorV.sys 2012-11-20 19:54:06 ----A---- C:\Windows\system32\DiagCpl.dll 2012-11-20 19:54:06 ----A---- C:\Windows\system32\cscui.dll 2012-11-20 19:54:05 ----A---- C:\Windows\system32\msdtctm.dll 2012-11-20 19:54:05 ----A---- C:\Windows\system32\logoncli.dll 2012-11-20 19:54:05 ----A---- C:\Windows\system32\drivers\vmstorfl.sys 2012-11-20 19:54:04 ----A---- C:\Windows\system32\wiadefui.dll 2012-11-20 19:54:04 ----A---- C:\Windows\system32\themecpl.dll 2012-11-20 19:54:04 ----A---- C:\Windows\system32\sppcomapi.dll 2012-11-20 19:54:04 ----A---- C:\Windows\system32\shsetup.dll 2012-11-20 19:54:04 ----A---- C:\Windows\system32\SensorsCpl.dll 2012-11-20 19:54:04 ----A---- C:\Windows\system32\rasppp.dll 2012-11-20 19:54:04 ----A---- C:\Windows\system32\msconfig.exe 2012-11-20 19:54:04 ----A---- C:\Windows\system32\FirewallControlPanel.dll 2012-11-20 19:54:04 ----A---- C:\Windows\system32\drivers\storvsc.sys 2012-11-20 19:54:04 ----A---- C:\Windows\system32\cabview.dll 2012-11-20 19:54:04 ----A---- C:\Windows\system32\biocpl.dll 2012-11-20 19:54:03 ----A---- C:\Windows\system32\wpccpl.dll 2012-11-20 19:54:03 ----A---- C:\Windows\system32\PhotoScreensaver.scr 2012-11-20 19:54:03 ----A---- C:\Windows\system32\hgcpl.dll 2012-11-20 19:54:03 ----A---- C:\Windows\system32\FWPUCLNT.DLL 2012-11-20 19:54:03 ----A---- C:\Windows\system32\drivers\rdyboost.sys 2012-11-20 19:54:03 ----A---- C:\Windows\system32\dnscmmc.dll 2012-11-20 19:54:02 ----A---- C:\Windows\system32\tapisrv.dll 2012-11-20 19:54:02 ----A---- C:\Windows\system32\scecli.dll 2012-11-20 19:54:02 ----A---- C:\Windows\system32\mscories.dll 2012-11-20 19:54:02 ----A---- C:\Windows\system32\mscms.dll 2012-11-20 19:54:02 ----A---- C:\Windows\system32\mprddm.dll 2012-11-20 19:54:02 ----A---- C:\Windows\system32\localsec.dll 2012-11-20 19:54:02 ----A---- C:\Windows\system32\iasacct.dll 2012-11-20 19:54:02 ----A---- C:\Windows\system32\fontext.dll 2012-11-20 19:54:02 ----A---- C:\Windows\system32\drivers\usbhub.sys 2012-11-20 19:54:01 ----A---- C:\Windows\system32\wlanui.dll 2012-11-20 19:54:01 ----A---- C:\Windows\system32\wkssvc.dll 2012-11-20 19:54:01 ----A---- C:\Windows\system32\w32tm.exe 2012-11-20 19:54:01 ----A---- C:\Windows\system32\VAN.dll 2012-11-20 19:54:01 ----A---- C:\Windows\system32\usercpl.dll 2012-11-20 19:54:01 ----A---- C:\Windows\system32\SndVolSSO.dll 2012-11-20 19:54:01 ----A---- C:\Windows\system32\SndVol.exe 2012-11-20 19:54:01 ----A---- C:\Windows\system32\qedit.dll 2012-11-20 19:54:01 ----A---- C:\Windows\system32\prntvpt.dll 2012-11-20 19:54:01 ----A---- C:\Windows\system32\PerfCenterCPL.dll 2012-11-20 19:54:01 ----A---- C:\Windows\system32\netcenter.dll 2012-11-20 19:54:01 ----A---- C:\Windows\system32\mblctr.exe 2012-11-20 19:54:01 ----A---- C:\Windows\system32\KMSVC.DLL 2012-11-20 19:54:01 ----A---- C:\Windows\system32\bcdsrv.dll 2012-11-20 19:54:01 ----A---- C:\Windows\system32\batmeter.dll 2012-11-20 19:54:00 ----A---- C:\Windows\system32\zipfldr.dll 2012-11-20 19:54:00 ----A---- C:\Windows\system32\wpdbusenum.dll 2012-11-20 19:54:00 ----A---- C:\Windows\system32\wksprt.exe 2012-11-20 19:54:00 ----A---- C:\Windows\system32\spwizeng.dll 2012-11-20 19:54:00 ----A---- C:\Windows\system32\fdeploy.dll 2012-11-20 19:54:00 ----A---- C:\Windows\system32\drivers\ks.sys 2012-11-20 19:54:00 ----A---- C:\Windows\system32\azroleui.dll 2012-11-20 19:54:00 ----A---- C:\Windows\system32\accessibilitycpl.dll 2012-11-20 19:53:59 ----A---- C:\Windows\system32\wusa.exe 2012-11-20 19:53:59 ----A---- C:\Windows\system32\networkmap.dll 2012-11-20 19:53:59 ----A---- C:\Windows\system32\netjoin.dll 2012-11-20 19:53:59 ----A---- C:\Windows\system32\mspbda.dll 2012-11-20 19:53:59 ----A---- C:\Windows\system32\MSAC3ENC.DLL 2012-11-20 19:53:59 ----A---- C:\Windows\system32\MCEWMDRMNDBootstrap.dll 2012-11-20 19:53:59 ----A---- C:\Windows\system32\Faultrep.dll 2012-11-20 19:53:59 ----A---- C:\Windows\system32\cryptui.dll 2012-11-20 19:53:59 ----A---- C:\Windows\system32\adsldp.dll 2012-11-20 19:53:58 ----A---- C:\Windows\system32\taskhost.exe 2012-11-20 19:53:58 ----A---- C:\Windows\system32\taskbarcpl.dll 2012-11-20 19:53:58 ----A---- C:\Windows\system32\sud.dll 2012-11-20 19:53:58 ----A---- C:\Windows\system32\slui.exe 2012-11-20 19:53:58 ----A---- C:\Windows\system32\prnfldr.dll 2012-11-20 19:53:58 ----A---- C:\Windows\system32\photowiz.dll 2012-11-20 19:53:58 ----A---- C:\Windows\system32\OnLineIDCpl.dll 2012-11-20 19:53:58 ----A---- C:\Windows\system32\msieftp.dll 2012-11-20 19:53:58 ----A---- C:\Windows\system32\MediaMetadataHandler.dll 2012-11-20 19:53:58 ----A---- C:\Windows\system32\iasrad.dll 2012-11-20 19:53:58 ----A---- C:\Windows\system32\credssp.dll 2012-11-20 19:53:58 ----A---- C:\Windows\system32\cfgmgr32.dll 2012-11-20 19:53:58 ----A---- C:\Windows\system32\ActionCenter.dll 2012-11-20 19:53:57 ----A---- C:\Windows\system32\wpd_ci.dll 2012-11-20 19:53:57 ----A---- C:\Windows\system32\sisbkup.dll 2012-11-20 19:53:57 ----A---- C:\Windows\system32\shwebsvc.dll 2012-11-20 19:53:57 ----A---- C:\Windows\system32\recovery.dll 2012-11-20 19:53:57 ----A---- C:\Windows\system32\iprtrmgr.dll 2012-11-20 19:53:57 ----A---- C:\Windows\system32\ifsutil.dll 2012-11-20 19:53:57 ----A---- C:\Windows\system32\ieUnatt.exe 2012-11-20 19:53:57 ----A---- C:\Windows\system32\iesysprep.dll 2012-11-20 19:53:57 ----A---- C:\Windows\system32\halacpi.dll 2012-11-20 19:53:57 ----A---- C:\Windows\system32\ftp.exe 2012-11-20 19:53:57 ----A---- C:\Windows\system32\efscore.dll 2012-11-20 19:53:57 ----A---- C:\Windows\system32\drivers\hidclass.sys 2012-11-20 19:53:57 ----A---- C:\Windows\system32\dot3cfg.dll 2012-11-20 19:53:57 ----A---- C:\Windows\system32\defaultlocationcpl.dll 2012-11-20 19:53:56 ----A---- C:\Windows\system32\wmpmde.dll 2012-11-20 19:53:56 ----A---- C:\Windows\system32\syncui.dll 2012-11-20 19:53:56 ----A---- C:\Windows\system32\sppnp.dll 2012-11-20 19:53:56 ----A---- C:\Windows\system32\sdcpl.dll 2012-11-20 19:53:56 ----A---- C:\Windows\system32\ntlanman.dll 2012-11-20 19:53:56 ----A---- C:\Windows\system32\dskquoui.dll 2012-11-20 19:53:56 ----A---- C:\Windows\system32\DeviceCenter.dll 2012-11-20 19:53:56 ----A---- C:\Windows\system32\bcdedit.exe 2012-11-20 19:53:56 ----A---- C:\Windows\system32\autoplay.dll 2012-11-20 19:53:56 ----A---- C:\Windows\system32\ActionCenterCPL.dll 2012-11-20 19:53:55 ----A---- C:\Windows\system32\vdsutil.dll 2012-11-20 19:53:55 ----A---- C:\Windows\system32\systemcpl.dll 2012-11-20 19:53:55 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll 2012-11-20 19:53:55 ----A---- C:\Windows\system32\sethc.exe 2012-11-20 19:53:55 ----A---- C:\Windows\system32\rtutils.dll 2012-11-20 19:53:55 ----A---- C:\Windows\system32\rstrui.exe 2012-11-20 19:53:55 ----A---- C:\Windows\system32\riched20.dll 2012-11-20 19:53:55 ----A---- C:\Windows\system32\recdisc.exe 2012-11-20 19:53:55 ----A---- C:\Windows\system32\rdpsign.exe 2012-11-20 19:53:55 ----A---- C:\Windows\system32\OobeFldr.dll 2012-11-20 19:53:55 ----A---- C:\Windows\system32\ntprint.dll 2012-11-20 19:53:55 ----A---- C:\Windows\system32\nshwfp.dll 2012-11-20 19:53:55 ----A---- C:\Windows\system32\fvecpl.dll 2012-11-20 19:53:55 ----A---- C:\Windows\system32\bcdboot.exe 2012-11-20 19:53:54 ----A---- C:\Windows\system32\wmpsrcwp.dll 2012-11-20 19:53:54 ----A---- C:\Windows\system32\netplwiz.dll 2012-11-20 19:53:54 ----A---- C:\Windows\system32\NAPHLPR.DLL 2012-11-20 19:53:54 ----A---- C:\Windows\system32\migisol.dll 2012-11-20 19:53:54 ----A---- C:\Windows\system32\httpapi.dll 2012-11-20 19:53:54 ----A---- C:\Windows\system32\fms.dll 2012-11-20 19:53:54 ----A---- C:\Windows\system32\drivers\tssecsrv.sys 2012-11-20 19:53:54 ----A---- C:\Windows\system32\drivers\tdx.sys 2012-11-20 19:53:54 ----A---- C:\Windows\system32\dpx.dll 2012-11-20 19:53:54 ----A---- C:\Windows\system32\blackbox.dll 2012-11-20 19:53:54 ----A---- C:\Windows\system32\AxInstSv.dll 2012-11-20 19:53:54 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll 2012-11-20 19:53:54 ----A---- C:\Windows\system32\activeds.dll 2012-11-20 19:53:53 ----A---- C:\Windows\system32\wsqmcons.exe 2012-11-20 19:53:53 ----A---- C:\Windows\system32\wlanmsm.dll 2012-11-20 19:53:53 ----A---- C:\Windows\system32\wavemsp.dll 2012-11-20 19:53:53 ----A---- C:\Windows\system32\ReAgent.dll 2012-11-20 19:53:53 ----A---- C:\Windows\system32\provsvc.dll 2012-11-20 19:53:53 ----A---- C:\Windows\system32\nshipsec.dll 2012-11-20 19:53:53 ----A---- C:\Windows\system32\msftedit.dll 2012-11-20 19:53:53 ----A---- C:\Windows\system32\isoburn.exe 2012-11-20 19:53:53 ----A---- C:\Windows\system32\dot3ui.dll 2012-11-20 19:53:53 ----A---- C:\Windows\system32\dot3svc.dll 2012-11-20 19:53:53 ----A---- C:\Windows\system32\asycfilt.dll 2012-11-20 19:53:52 ----A---- C:\Windows\system32\wvc.dll 2012-11-20 19:53:52 ----A---- C:\Windows\system32\wtsapi32.dll 2012-11-20 19:53:52 ----A---- C:\Windows\system32\wimgapi.dll 2012-11-20 19:53:52 ----A---- C:\Windows\system32\tzutil.exe 2012-11-20 19:53:52 ----A---- C:\Windows\system32\sysclass.dll 2012-11-20 19:53:52 ----A---- C:\Windows\system32\ocsetup.exe 2012-11-20 19:53:52 ----A---- C:\Windows\system32\dsuiext.dll 2012-11-20 19:53:52 ----A---- C:\Windows\system32\drivers\ndproxy.sys 2012-11-20 19:53:52 ----A---- C:\Windows\system32\dfrgui.exe 2012-11-20 19:53:52 ----A---- C:\Windows\system32\certprop.dll 2012-11-20 19:53:52 ----A---- C:\Windows\system32\appinfo.dll 2012-11-20 19:53:52 ----A---- C:\Windows\system32\AdmTmpl.dll 2012-11-20 19:53:51 ----A---- C:\Windows\twain_32.dll 2012-11-20 19:53:51 ----A---- C:\Windows\system32\webcheck.dll 2012-11-20 19:53:51 ----A---- C:\Windows\system32\twext.dll 2012-11-20 19:53:51 ----A---- C:\Windows\system32\SmiEngine.dll 2012-11-20 19:53:51 ----A---- C:\Windows\system32\shdocvw.dll 2012-11-20 19:53:51 ----A---- C:\Windows\system32\setupugc.exe 2012-11-20 19:53:51 ----A---- C:\Windows\system32\qcap.dll 2012-11-20 19:53:51 ----A---- C:\Windows\system32\qasf.dll 2012-11-20 19:53:51 ----A---- C:\Windows\system32\PresentationSettings.exe 2012-11-20 19:53:51 ----A---- C:\Windows\system32\PkgMgr.exe 2012-11-20 19:53:51 ----A---- C:\Windows\system32\occache.dll 2012-11-20 19:53:51 ----A---- C:\Windows\system32\mstask.dll 2012-11-20 19:53:51 ----A---- C:\Windows\system32\msrating.dll 2012-11-20 19:53:51 ----A---- C:\Windows\system32\msfeedsbs.dll 2012-11-20 19:53:50 ----A---- C:\Windows\system32\wwanconn.dll 2012-11-20 19:53:50 ----A---- C:\Windows\system32\wmdrmsdk.dll 2012-11-20 19:53:50 ----A---- C:\Windows\system32\uxlib.dll 2012-11-20 19:53:50 ----A---- C:\Windows\system32\ssText3d.scr 2012-11-20 19:53:50 ----A---- C:\Windows\system32\srrstr.dll 2012-11-20 19:53:50 ----A---- C:\Windows\system32\slwga.dll 2012-11-20 19:53:50 ----A---- C:\Windows\system32\nslookup.exe 2012-11-20 19:53:50 ----A---- C:\Windows\system32\msvfw32.dll 2012-11-20 19:53:50 ----A---- C:\Windows\system32\mciavi32.dll 2012-11-20 19:53:50 ----A---- C:\Windows\system32\imm32.dll 2012-11-20 19:53:50 ----A---- C:\Windows\system32\imgutil.dll 2012-11-20 19:53:50 ----A---- C:\Windows\system32\clusapi.dll 2012-11-20 19:53:50 ----A---- C:\Windows\system32\audiodev.dll 2012-11-20 19:53:49 ----A---- C:\Windows\system32\WPDShServiceObj.dll 2012-11-20 19:53:49 ----A---- C:\Windows\system32\wimserv.exe 2012-11-20 19:53:49 ----A---- C:\Windows\system32\TSpkg.dll 2012-11-20 19:53:49 ----A---- C:\Windows\system32\remotepg.dll 2012-11-20 19:53:49 ----A---- C:\Windows\system32\rdpencom.dll 2012-11-20 19:53:49 ----A---- C:\Windows\system32\raschap.dll 2012-11-20 19:53:49 ----A---- C:\Windows\system32\perfmon.exe 2012-11-20 19:53:49 ----A---- C:\Windows\system32\msscp.dll 2012-11-20 19:53:49 ----A---- C:\Windows\system32\diskraid.exe 2012-11-20 19:53:49 ----A---- C:\Windows\system32\DevicePairingFolder.dll 2012-11-20 19:53:49 ----A---- C:\Windows\system32\acppage.dll 2012-11-20 19:53:48 ----A---- C:\Windows\system32\wmpdxm.dll 2012-11-20 19:53:48 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeResults.exe 2012-11-20 19:53:48 ----A---- C:\Windows\system32\vpnikeapi.dll 2012-11-20 19:53:48 ----A---- C:\Windows\system32\UserAccountControlSettings.dll 2012-11-20 19:53:48 ----A---- C:\Windows\system32\sdrsvc.dll 2012-11-20 19:53:48 ----A---- C:\Windows\system32\QUTIL.DLL 2012-11-20 19:53:48 ----A---- C:\Windows\system32\onexui.dll 2012-11-20 19:53:48 ----A---- C:\Windows\system32\olepro32.dll 2012-11-20 19:53:48 ----A---- C:\Windows\system32\ocsetapi.dll 2012-11-20 19:53:48 ----A---- C:\Windows\system32\nltest.exe 2012-11-20 19:53:48 ----A---- C:\Windows\system32\networkexplorer.dll 2012-11-20 19:53:48 ----A---- C:\Windows\system32\NAPCRYPT.DLL 2012-11-20 19:53:48 ----A---- C:\Windows\system32\input.dll 2012-11-20 19:53:48 ----A---- C:\Windows\system32\drmmgrtn.dll 2012-11-20 19:53:47 ----A---- C:\Windows\system32\wpdwcn.dll 2012-11-20 19:53:47 ----A---- C:\Windows\system32\vdsbas.dll 2012-11-20 19:53:47 ----A---- C:\Windows\system32\runonce.exe 2012-11-20 19:53:47 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe 2012-11-20 19:53:47 ----A---- C:\Windows\system32\Mcx2Svc.dll 2012-11-20 19:53:47 ----A---- C:\Windows\system32\logagent.exe 2012-11-20 19:53:47 ----A---- C:\Windows\system32\iTVData.dll 2012-11-20 19:53:47 ----A---- C:\Windows\system32\inseng.dll 2012-11-20 19:53:47 ----A---- C:\Windows\system32\dxdiagn.dll 2012-11-20 19:53:47 ----A---- C:\Windows\bfsvc.exe 2012-11-20 19:53:46 ----A---- C:\Windows\system32\wmpshell.dll 2012-11-20 19:53:46 ----A---- C:\Windows\system32\wmdrmdev.dll 2012-11-20 19:53:46 ----A---- C:\Windows\system32\unimdmat.dll 2012-11-20 19:53:46 ----A---- C:\Windows\system32\shacct.dll 2012-11-20 19:53:46 ----A---- C:\Windows\system32\PnPUnattend.exe 2012-11-20 19:53:46 ----A---- C:\Windows\system32\msvidc32.dll 2012-11-20 19:53:46 ----A---- C:\Windows\system32\msiexec.exe 2012-11-20 19:53:46 ----A---- C:\Windows\system32\MFPlay.dll 2012-11-20 19:53:46 ----A---- C:\Windows\system32\lsmproxy.dll 2012-11-20 19:53:46 ----A---- C:\Windows\system32\eapp3hst.dll 2012-11-20 19:53:46 ----A---- C:\Windows\system32\drivers\rmcast.sys 2012-11-20 19:53:46 ----A---- C:\Windows\system32\bitsadmin.exe 2012-11-20 19:53:45 ----A---- C:\Windows\system32\WPDSp.dll 2012-11-20 19:53:45 ----A---- C:\Windows\system32\tabcal.exe 2012-11-20 19:53:45 ----A---- C:\Windows\system32\srvcli.dll 2012-11-20 19:53:45 ----A---- C:\Windows\system32\sqlcese30.dll 2012-11-20 19:53:45 ----A---- C:\Windows\system32\rdpd3d.dll 2012-11-20 19:53:45 ----A---- C:\Windows\system32\PortableDeviceSyncProvider.dll 2012-11-20 19:53:45 ----A---- C:\Windows\system32\pdh.dll 2012-11-20 19:53:45 ----A---- C:\Windows\system32\OpcServices.dll 2012-11-20 19:53:45 ----A---- C:\Windows\system32\olethk32.dll 2012-11-20 19:53:45 ----A---- C:\Windows\system32\ncryptui.dll 2012-11-20 19:53:45 ----A---- C:\Windows\system32\mprapi.dll 2012-11-20 19:53:45 ----A---- C:\Windows\system32\MdSched.exe 2012-11-20 19:53:45 ----A---- C:\Windows\system32\logman.exe 2012-11-20 19:53:45 ----A---- C:\Windows\system32\iscsium.dll 2012-11-20 19:53:45 ----A---- C:\Windows\system32\djoin.exe 2012-11-20 19:53:45 ----A---- C:\Windows\system32\cscapi.dll 2012-11-20 19:53:45 ----A---- C:\Windows\system32\Bubbles.scr 2012-11-20 19:53:44 ----A---- C:\Windows\system32\wwanprotdim.dll 2012-11-20 19:53:44 ----A---- C:\Windows\system32\WMPhoto.dll 2012-11-20 19:53:44 ----A---- C:\Windows\system32\WMADMOD.DLL 2012-11-20 19:53:44 ----A---- C:\Windows\system32\wiavideo.dll 2012-11-20 19:53:44 ----A---- C:\Windows\system32\utildll.dll 2012-11-20 19:53:44 ----A---- C:\Windows\system32\tsgqec.dll 2012-11-20 19:53:44 ----A---- C:\Windows\system32\Ribbons.scr 2012-11-20 19:53:44 ----A---- C:\Windows\system32\QSVRMGMT.DLL 2012-11-20 19:53:44 ----A---- C:\Windows\system32\PortableDeviceStatus.dll 2012-11-20 19:53:44 ----A---- C:\Windows\system32\Mystify.scr 2012-11-20 19:53:44 ----A---- C:\Windows\system32\mapistub.dll 2012-11-20 19:53:44 ----A---- C:\Windows\system32\mapi32.dll 2012-11-20 19:53:44 ----A---- C:\Windows\system32\lpremove.exe 2012-11-20 19:53:44 ----A---- C:\Windows\system32\fphc.dll 2012-11-20 19:53:44 ----A---- C:\Windows\system32\drivers\USBAUDIO.sys 2012-11-20 19:53:44 ----A---- C:\Windows\system32\dot3msm.dll 2012-11-20 19:53:44 ----A---- C:\Windows\system32\CscMig.dll 2012-11-20 19:53:44 ----A---- C:\Windows\system32\avifil32.dll 2012-11-20 19:53:44 ----A---- C:\Windows\system32\ActionQueue.dll 2012-11-20 19:53:43 ----A---- C:\Windows\system32\WMVSDECD.DLL 2012-11-20 19:53:43 ----A---- C:\Windows\system32\wmdrmnet.dll 2012-11-20 19:53:43 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe 2012-11-20 19:53:43 ----A---- C:\Windows\system32\takeown.exe 2012-11-20 19:53:43 ----A---- C:\Windows\system32\sqmapi.dll 2012-11-20 19:53:43 ----A---- C:\Windows\system32\sppinst.dll 2012-11-20 19:53:43 ----A---- C:\Windows\system32\qdv.dll 2012-11-20 19:53:43 ----A---- C:\Windows\system32\msyuv.dll 2012-11-20 19:53:43 ----A---- C:\Windows\system32\msnetobj.dll 2012-11-20 19:53:43 ----A---- C:\Windows\system32\iyuv_32.dll 2012-11-20 19:53:43 ----A---- C:\Windows\system32\EhStorAPI.dll 2012-11-20 19:53:42 ----A---- C:\Windows\system32\wsnmp32.dll 2012-11-20 19:53:42 ----A---- C:\Windows\system32\WMSPDMOD.DLL 2012-11-20 19:53:42 ----A---- C:\Windows\system32\vfwwdm32.dll 2012-11-20 19:53:42 ----A---- C:\Windows\system32\unattend.dll 2012-11-20 19:53:42 ----A---- C:\Windows\system32\setupcln.dll 2012-11-20 19:53:42 ----A---- C:\Windows\system32\RelPost.exe 2012-11-20 19:53:42 ----A---- C:\Windows\system32\qprocess.exe 2012-11-20 19:53:42 ----A---- C:\Windows\system32\QCLIPROV.DLL 2012-11-20 19:53:42 ----A---- C:\Windows\system32\pdhui.dll 2012-11-20 19:53:42 ----A---- C:\Windows\system32\MuiUnattend.exe 2012-11-20 19:53:42 ----A---- C:\Windows\system32\msrle32.dll 2012-11-20 19:53:42 ----A---- C:\Windows\system32\cmstp.exe 2012-11-20 19:53:42 ----A---- C:\Windows\system32\cca.dll 2012-11-20 19:53:42 ----A---- C:\Windows\system32\basesrv.dll 2012-11-20 19:53:41 ----A---- C:\Windows\system32\umb.dll 2012-11-20 19:53:41 ----A---- C:\Windows\system32\tsbyuv.dll 2012-11-20 19:53:41 ----A---- C:\Windows\system32\qwinsta.exe 2012-11-20 19:53:41 ----A---- C:\Windows\system32\PrintIsolationProxy.dll 2012-11-20 19:53:41 ----A---- C:\Windows\system32\msorcl32.dll 2012-11-20 19:53:41 ----A---- C:\Windows\system32\msg.exe 2012-11-20 19:53:41 ----A---- C:\Windows\system32\iasrecst.dll 2012-11-20 19:53:41 ----A---- C:\Windows\system32\drivers\ndisuio.sys 2012-11-20 19:53:41 ----A---- C:\Windows\system32\chglogon.exe 2012-11-20 19:53:41 ----A---- C:\Windows\system32\AzSqlExt.dll 2012-11-20 19:53:40 ----A---- C:\Windows\system32\wkscli.dll 2012-11-20 19:53:40 ----A---- C:\Windows\system32\WavDest.dll 2012-11-20 19:53:40 ----A---- C:\Windows\system32\sppuinotify.dll 2012-11-20 19:53:40 ----A---- C:\Windows\system32\spbcd.dll 2012-11-20 19:53:40 ----A---- C:\Windows\system32\secproc_ssp_isv.dll 2012-11-20 19:53:40 ----A---- C:\Windows\system32\resutils.dll 2012-11-20 19:53:40 ----A---- C:\Windows\system32\relog.exe 2012-11-20 19:53:40 ----A---- C:\Windows\system32\rastapi.dll 2012-11-20 19:53:40 ----A---- C:\Windows\system32\quser.exe 2012-11-20 19:53:40 ----A---- C:\Windows\system32\netiougc.exe 2012-11-20 19:53:40 ----A---- C:\Windows\system32\netbtugc.exe 2012-11-20 19:53:40 ----A---- C:\Windows\system32\mydocs.dll 2012-11-20 19:53:40 ----A---- C:\Windows\system32\MultiDigiMon.exe 2012-11-20 19:53:40 ----A---- C:\Windows\system32\itircl.dll 2012-11-20 19:53:40 ----A---- C:\Windows\system32\iscsicli.exe 2012-11-20 19:53:40 ----A---- C:\Windows\system32\diskpart.exe 2012-11-20 19:53:40 ----A---- C:\Windows\system32\BdeHdCfg.exe 2012-11-20 19:53:40 ----A---- C:\Windows\system32\amstream.dll 2012-11-20 19:53:39 ----A---- C:\Windows\system32\wmpps.dll 2012-11-20 19:53:39 ----A---- C:\Windows\system32\tsdiscon.exe 2012-11-20 19:53:39 ----A---- C:\Windows\system32\tscon.exe 2012-11-20 19:53:39 ----A---- C:\Windows\system32\syssetup.dll 2012-11-20 19:53:39 ----A---- C:\Windows\system32\setbcdlocale.dll 2012-11-20 19:53:39 ----A---- C:\Windows\system32\secproc_ssp.dll 2012-11-20 19:53:39 ----A---- C:\Windows\system32\qappsrv.exe 2012-11-20 19:53:39 ----A---- C:\Windows\system32\nrpsrv.dll 2012-11-20 19:53:39 ----A---- C:\Windows\system32\FXSTIFF.dll 2012-11-20 19:53:39 ----A---- C:\Windows\system32\drivers\usbccgp.sys 2012-11-20 19:53:39 ----A---- C:\Windows\system32\chgusr.exe 2012-11-20 19:53:39 ----A---- C:\Windows\system32\chgport.exe 2012-11-20 19:53:39 ----A---- C:\Windows\system32\CertPolEng.dll 2012-11-20 19:53:38 ----A---- C:\Windows\system32\wiarpc.dll 2012-11-20 19:53:38 ----A---- C:\Windows\system32\WerFaultSecure.exe 2012-11-20 19:53:38 ----A---- C:\Windows\system32\tskill.exe 2012-11-20 19:53:38 ----A---- C:\Windows\system32\tlscsp.dll 2012-11-20 19:53:38 ----A---- C:\Windows\system32\shadow.exe 2012-11-20 19:53:38 ----A---- C:\Windows\system32\rwinsta.exe 2012-11-20 19:53:38 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe 2012-11-20 19:53:38 ----A---- C:\Windows\system32\RMActivate_ssp.exe 2012-11-20 19:53:38 ----A---- C:\Windows\system32\ReAgentc.exe 2012-11-20 19:53:38 ----A---- C:\Windows\system32\PrintBrmUi.exe 2012-11-20 19:53:38 ----A---- C:\Windows\system32\netutils.dll 2012-11-20 19:53:38 ----A---- C:\Windows\system32\muifontsetup.dll 2012-11-20 19:53:38 ----A---- C:\Windows\system32\mobsync.exe 2012-11-20 19:53:38 ----A---- C:\Windows\system32\mciqtz32.dll 2012-11-20 19:53:38 ----A---- C:\Windows\system32\logoff.exe 2012-11-20 19:53:38 ----A---- C:\Windows\system32\findstr.exe 2012-11-20 19:53:38 ----A---- C:\Windows\system32\eappgnui.dll 2012-11-20 19:53:38 ----A---- C:\Windows\system32\cabinet.dll 2012-11-20 19:53:37 ----A---- C:\Windows\system32\wdiasqmmodule.dll 2012-11-20 19:53:37 ----A---- C:\Windows\system32\unlodctr.exe 2012-11-20 19:53:37 ----A---- C:\Windows\system32\sppc.dll 2012-11-20 19:53:37 ----A---- C:\Windows\system32\spopk.dll 2012-11-20 19:53:37 ----A---- C:\Windows\system32\shimgvw.dll 2012-11-20 19:53:37 ----A---- C:\Windows\system32\repair-bde.exe 2012-11-20 19:53:37 ----A---- C:\Windows\system32\netcfg.exe 2012-11-20 19:53:37 ----A---- C:\Windows\system32\msdmo.dll 2012-11-20 19:53:37 ----A---- C:\Windows\system32\manage-bde.exe 2012-11-20 19:53:37 ----A---- C:\Windows\system32\luainstall.dll 2012-11-20 19:53:37 ----A---- C:\Windows\system32\iccvid.dll 2012-11-20 19:53:37 ----A---- C:\Windows\system32\HotStartUserAgent.dll 2012-11-20 19:53:37 ----A---- C:\Windows\system32\drivers\usbrpm.sys 2012-11-20 19:53:37 ----A---- C:\Windows\system32\drivers\tdi.sys 2012-11-20 19:53:37 ----A---- C:\Windows\system32\drivers\CompositeBus.sys 2012-11-20 19:53:37 ----A---- C:\Windows\system32\dosx.exe 2012-11-20 19:53:36 ----A---- C:\Windows\system32\vmstorfltres.dll 2012-11-20 19:53:36 ----A---- C:\Windows\system32\vmicres.dll 2012-11-20 19:53:36 ----A---- C:\Windows\system32\vmbusres.dll 2012-11-20 19:53:36 ----A---- C:\Windows\system32\UIRibbonRes.dll 2012-11-20 19:53:36 ----A---- C:\Windows\system32\reset.exe 2012-11-20 19:53:36 ----A---- C:\Windows\system32\rdprefdrvapi.dll 2012-11-20 19:53:36 ----A---- C:\Windows\system32\query.exe 2012-11-20 19:53:36 ----A---- C:\Windows\system32\odbcconf.dll 2012-11-20 19:53:36 ----A---- C:\Windows\system32\inetmib1.dll 2012-11-20 19:53:36 ----A---- C:\Windows\system32\drivers\cdrom.sys 2012-11-20 19:53:36 ----A---- C:\Windows\system32\change.exe 2012-11-20 19:53:35 ----A---- C:\Windows\system32\perfts.dll 2012-11-20 19:53:35 ----A---- C:\Windows\system32\msfeedssync.exe 2012-11-20 19:53:35 ----A---- C:\Windows\system32\icaapi.dll 2012-11-20 19:53:35 ----A---- C:\Windows\system32\FXSMON.dll 2012-11-20 19:53:35 ----A---- C:\Windows\system32\drivers\tunnel.sys 2012-11-20 19:53:35 ----A---- C:\Windows\system32\drivers\dfsc.sys 2012-11-20 19:53:34 ----A---- C:\Windows\system32\wshbth.dll 2012-11-20 19:53:34 ----A---- C:\Windows\system32\TRAPI.dll 2012-11-20 19:53:34 ----A---- C:\Windows\system32\schedcli.dll 2012-11-20 19:53:34 ----A---- C:\Windows\system32\RDPENCDD.dll 2012-11-20 19:53:34 ----A---- C:\Windows\system32\napdsnap.dll 2012-11-20 19:53:34 ----A---- C:\Windows\system32\LogonUI.exe 2012-11-20 19:53:34 ----A---- C:\Windows\system32\elsTrans.dll 2012-11-20 19:53:34 ----A---- C:\Windows\system32\dsauth.dll 2012-11-20 19:53:34 ----A---- C:\Windows\system32\cscdll.dll 2012-11-20 19:53:34 ----A---- C:\Windows\system32\bitsperf.dll 2012-11-20 19:53:33 ----A---- C:\Windows\system32\wsdchngr.dll 2012-11-20 19:53:33 ----A---- C:\Windows\system32\sscore.dll 2012-11-20 19:53:33 ----A---- C:\Windows\system32\drivers\acpipmi.sys 2012-11-20 19:53:32 ----A---- C:\Windows\system32\shgina.dll 2012-11-20 19:53:32 ----A---- C:\Windows\system32\riched32.dll 2012-11-20 19:53:32 ----A---- C:\Windows\system32\drivers\ndiswan.sys 2012-11-20 19:53:31 ----A---- C:\Windows\system32\rdpcfgex.dll 2012-11-20 19:53:31 ----A---- C:\Windows\system32\drivers\VMBusHID.sys 2012-11-20 19:53:31 ----A---- C:\Windows\system32\drivers\hidusb.sys 2012-11-20 19:53:31 ----A---- C:\Windows\system32\drivers\appid.sys 2012-11-20 19:53:30 ----A---- C:\Windows\system32\wshirda.dll 2012-11-20 19:53:30 ----A---- C:\Windows\system32\vmbuspipe.dll 2012-11-20 19:53:30 ----A---- C:\Windows\system32\drivers\USBCAMD2.sys 2012-11-20 19:53:30 ----A---- C:\Windows\system32\drivers\USBCAMD.sys 2012-11-20 19:53:30 ----A---- C:\Windows\system32\drivers\kbdhid.sys 2012-11-20 19:53:30 ----A---- C:\Windows\system32\drivers\IPMIDrv.sys 2012-11-20 19:53:30 ----A---- C:\Windows\system32\browseui.dll 2012-11-20 19:53:29 ----A---- C:\Windows\system32\vmictimeprovider.dll 2012-11-20 19:53:29 ----A---- C:\Windows\system32\VmdCoinstall.dll 2012-11-20 19:53:29 ----A---- C:\Windows\system32\VmbusCoinstaller.dll 2012-11-20 19:53:29 ----A---- C:\Windows\system32\spwmp.dll 2012-11-20 19:53:29 ----A---- C:\Windows\system32\IcCoinstall.dll 2012-11-20 19:53:29 ----A---- C:\Windows\system32\drivers\wanarp.sys 2012-11-20 19:53:29 ----A---- C:\Windows\system32\drivers\HdAudio.sys 2012-11-20 19:53:28 ----A---- C:\Windows\system32\shunimpl.dll 2012-11-20 19:53:28 ----A---- C:\Windows\system32\RDPREFDD.dll 2012-11-20 19:53:28 ----A---- C:\Windows\system32\dxmasf.dll 2012-11-20 19:53:28 ----A---- C:\Windows\system32\drivers\umbus.sys 2012-11-20 19:53:28 ----A---- C:\Windows\system32\drivers\sffp_sd.sys 2012-11-20 19:53:28 ----A---- C:\Windows\system32\drivers\scfilter.sys 2012-11-20 19:53:28 ----A---- C:\Windows\system32\drivers\RDPCDD.sys 2012-11-20 19:53:28 ----A---- C:\Windows\system32\drivers\hdaudbus.sys 2012-11-20 19:53:28 ----A---- C:\Windows\system32\C_ISCII.DLL 2012-11-20 19:53:26 ----A---- C:\Windows\system32\wmploc.DLL 2012-11-20 19:53:25 ----A---- C:\Windows\system32\KBDUS.DLL 2012-11-20 19:53:25 ----A---- C:\Windows\system32\KBDUGHR1.DLL 2012-11-20 19:53:25 ----A---- C:\Windows\system32\KBDTURME.DLL 2012-11-20 19:53:25 ----A---- C:\Windows\system32\KBDTAJIK.DLL 2012-11-20 19:53:25 ----A---- C:\Windows\system32\KBDSF.DLL 2012-11-20 19:53:25 ----A---- C:\Windows\system32\KBDNEPR.DLL 2012-11-20 19:53:25 ----A---- C:\Windows\system32\KBDMON.DLL 2012-11-20 19:53:25 ----A---- C:\Windows\system32\KBDMAORI.DLL 2012-11-20 19:53:25 ----A---- C:\Windows\system32\KBDLT1.DLL 2012-11-20 19:53:25 ----A---- C:\Windows\system32\kbdlk41a.dll 2012-11-20 19:53:25 ----A---- C:\Windows\system32\KBDINTEL.DLL 2012-11-20 19:53:25 ----A---- C:\Windows\system32\KBDINTAM.DLL 2012-11-20 19:53:25 ----A---- C:\Windows\system32\KBDINORI.DLL 2012-11-20 19:53:25 ----A---- C:\Windows\system32\KBDINMAR.DLL 2012-11-20 19:53:25 ----A---- C:\Windows\system32\KBDINKAN.DLL 2012-11-20 19:53:25 ----A---- C:\Windows\system32\KBDGEO.DLL 2012-11-20 19:53:25 ----A---- C:\Windows\system32\KBDBULG.DLL 2012-11-20 19:53:25 ----A---- C:\Windows\system32\KBDBLR.DLL 2012-11-20 19:53:25 ----A---- C:\Windows\system32\KBDBASH.DLL 2012-11-20 19:53:24 ----A---- C:\Windows\system32\spwizres.dll 2012-11-20 19:53:24 ----A---- C:\Windows\system32\pifmgr.dll 2012-11-20 19:53:24 ----A---- C:\Windows\system32\nlsbres.dll 2012-11-20 19:53:24 ----A---- C:\Windows\system32\KBDTUQ.DLL 2012-11-20 19:53:24 ----A---- C:\Windows\system32\KBDTUF.DLL 2012-11-20 19:53:24 ----A---- C:\Windows\system32\KBDSG.DLL 2012-11-20 19:53:24 ----A---- C:\Windows\system32\KBDPO.DLL 2012-11-20 19:53:24 ----A---- C:\Windows\system32\KBDINHIN.DLL 2012-11-20 19:53:24 ----A---- C:\Windows\system32\KBDINBEN.DLL 2012-11-20 19:53:24 ----A---- C:\Windows\system32\KBDGR1.DLL 2012-11-20 19:53:24 ----A---- C:\Windows\system32\KBDGKL.DLL 2012-11-20 19:53:24 ----A---- C:\Windows\system32\KBDCZ1.DLL 2012-11-20 19:53:24 ----A---- C:\Windows\system32\drivers\vms3cap.sys 2012-11-20 19:53:24 ----A---- C:\Windows\system32\dpnaddr.dll 2012-11-20 19:53:24 ----A---- C:\Windows\system32\BlbEvents.dll 2012-11-20 19:53:09 ----A---- C:\Windows\system32\wdscore.dll 2012-11-20 19:53:02 ----A---- C:\Windows\system32\wbemcomn.dll 2012-11-20 19:18:11 ----A---- C:\Windows\system32\xinput1_3.dll 2012-11-19 23:37:39 ----D---- C:\Gry 2012-11-19 23:16:25 ----D---- C:\Program Files\Alcohol Soft 2012-11-19 23:15:03 ----D---- C:\Program Files\WinRAR 2012-11-19 22:02:24 ----D---- C:\Program Files\Microsoft Works 2012-11-19 22:02:11 ----D---- C:\Program Files\Microsoft Visual Studio 2012-11-19 22:02:11 ----D---- C:\Program Files\Common Files\DESIGNER 2012-11-19 22:01:57 ----D---- C:\Windows\PCHEALTH 2012-11-19 22:01:57 ----D---- C:\Program Files\Microsoft.NET 2012-11-19 22:00:28 ----D---- C:\Program Files\Microsoft Office 2012-11-19 22:00:27 ----D---- C:\ProgramData\Microsoft Help 2012-11-19 21:59:15 ----RHD---- C:\MSOCache 2012-11-19 21:51:14 ----D---- C:\ProgramData\HP 2012-11-19 21:50:58 ----D---- C:\Program Files\HP 2012-11-19 21:49:01 ----D---- C:\ProgramData\Adobe 2012-11-19 21:48:50 ----D---- C:\Program Files\Common Files\Adobe 2012-11-19 21:47:15 ----D---- C:\Program Files\TomTom International B.V 2012-11-19 21:47:10 ----D---- C:\Program Files\MyTomTom 3 2012-11-19 21:45:28 ----D---- C:\Users\GRZESIEK\AppData\Roaming\Adobe 2012-11-19 21:45:21 ----D---- C:\Users\GRZESIEK\AppData\Roaming\NapiProjekt 2012-11-19 21:45:16 ----D---- C:\Windows\system32\Macromed 2012-11-19 21:45:07 ----D---- C:\Program Files\NapiProjekt 2012-11-19 21:39:40 ----D---- C:\Users\GRZESIEK\AppData\Roaming\Mozilla 2012-11-19 21:39:39 ----D---- C:\Program Files\Conduit 2012-11-19 21:39:13 ----D---- C:\Program Files\uTorrent 2012-11-19 21:37:42 ----D---- C:\Users\GRZESIEK\AppData\Roaming\uTorrent 2012-11-19 20:58:56 ----D---- C:\Users\GRZESIEK\AppData\Roaming\BESTplayer 2012-11-19 20:50:11 ----A---- C:\Windows\system32\drivers\sptd.sys 2012-11-19 20:24:00 ----D---- C:\Windows\system32\RTCOM 2012-11-19 20:23:35 ----A---- C:\Windows\system32\RtkHDMI.dll 2012-11-19 20:23:35 ----A---- C:\Windows\system32\RTEEP32H.dll 2012-11-19 20:23:35 ----A---- C:\Windows\system32\RTEEL32H.dll 2012-11-19 20:23:35 ----A---- C:\Windows\system32\RTEEG32H.dll 2012-11-19 20:23:35 ----A---- C:\Windows\system32\RTEED32H.dll 2012-11-19 20:23:35 ----A---- C:\Windows\system32\RHDMIExt.dll 2012-11-19 20:23:35 ----A---- C:\Windows\system32\RHCoInst.dll 2012-11-19 20:23:35 ----A---- C:\Windows\system32\drivers\RtHDMIV.sys 2012-11-19 20:23:34 ----A---- C:\Windows\system32\RH3DHT32.dll 2012-11-19 20:23:34 ----A---- C:\Windows\system32\RH3DAA32.dll 2012-11-19 20:23:34 ----A---- C:\Windows\system32\R4EEP32H.dll 2012-11-19 20:23:34 ----A---- C:\Windows\system32\R4EEL32H.dll 2012-11-19 20:23:34 ----A---- C:\Windows\system32\R4EEG32H.dll 2012-11-19 20:23:34 ----A---- C:\Windows\system32\R4EED32H.dll 2012-11-19 20:23:34 ----A---- C:\Windows\system32\R4EEA32H.dll 2012-11-19 20:23:33 ----A---- C:\Windows\system32\WavesLib.dll 2012-11-19 20:23:33 ----A---- C:\Windows\system32\WavesGUILib.dll 2012-11-19 20:23:33 ----A---- C:\Windows\system32\tosade.dll 2012-11-19 20:23:33 ----A---- C:\Windows\system32\TepeqAPO.dll 2012-11-19 20:23:33 ----A---- C:\Windows\system32\tadefxapo2.dll 2012-11-19 20:23:33 ----A---- C:\Windows\system32\tadefxapo.dll 2012-11-19 20:23:33 ----A---- C:\Windows\system32\SRSWOW.dll 2012-11-19 20:23:33 ----A---- C:\Windows\system32\SRSTSXT.dll 2012-11-19 20:23:33 ----A---- C:\Windows\system32\SRSTSHD.dll 2012-11-19 20:23:33 ----A---- C:\Windows\system32\SRSHP360.dll 2012-11-19 20:23:32 ----A---- C:\Windows\system32\SFSS_APO.dll 2012-11-19 20:23:32 ----A---- C:\Windows\system32\SFNHK.dll 2012-11-19 20:23:32 ----A---- C:\Windows\system32\SFCOM.dll 2012-11-19 20:23:32 ----A---- C:\Windows\system32\SFAPO.dll 2012-11-19 20:23:32 ----A---- C:\Windows\system32\drivers\RTKVHDA.sys 2012-11-19 20:23:31 ----A---- C:\Windows\system32\RtkPgExt.dll 2012-11-19 20:23:31 ----A---- C:\Windows\system32\RtkCoLDR.dll 2012-11-19 20:23:31 ----A---- C:\Windows\system32\RtkCoInstII.dll 2012-11-19 20:23:31 ----A---- C:\Windows\system32\RtkApoApi.dll 2012-11-19 20:23:31 ----A---- C:\Windows\system32\RtkAPO.dll 2012-11-19 20:23:31 ----A---- C:\Windows\system32\RTEEP32A.dll 2012-11-19 20:23:31 ----A---- C:\Windows\system32\RTEEL32A.dll 2012-11-19 20:23:31 ----A---- C:\Windows\system32\RTEEG32A.dll 2012-11-19 20:23:31 ----A---- C:\Windows\system32\RTEED32A.dll 2012-11-19 20:23:30 ----A---- C:\Windows\system32\RP3DHT32.dll 2012-11-19 20:23:30 ----A---- C:\Windows\system32\RP3DAA32.dll 2012-11-19 20:23:30 ----A---- C:\Windows\system32\RCoRes.dat 2012-11-19 20:23:30 ----A---- C:\Windows\system32\R4EEP32A.dll 2012-11-19 20:23:30 ----A---- C:\Windows\system32\R4EEL32A.dll 2012-11-19 20:23:30 ----A---- C:\Windows\system32\R4EEG32A.dll 2012-11-19 20:23:30 ----A---- C:\Windows\system32\R4EED32A.dll 2012-11-19 20:23:30 ----A---- C:\Windows\system32\R4EEA32A.dll 2012-11-19 20:23:30 ----A---- C:\Windows\system32\MaxxVolumeSDAPO.dll 2012-11-19 20:23:30 ----A---- C:\Windows\system32\MaxxAudioRealtek2.dll 2012-11-19 20:23:30 ----A---- C:\Windows\system32\MaxxAudioRealtek.dll 2012-11-19 20:23:30 ----A---- C:\Windows\system32\drivers\RTAIODAT.DAT 2012-11-19 20:23:29 ----A---- C:\Windows\system32\MaxxAudioEQ.dll 2012-11-19 20:23:29 ----A---- C:\Windows\system32\MaxxAudioAPOShell.dll 2012-11-19 20:23:29 ----A---- C:\Windows\system32\MaxxAudioAPO30.dll 2012-11-19 20:23:29 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll 2012-11-19 20:23:29 ----A---- C:\Windows\system32\MaxxAudioAPO.dll 2012-11-19 20:23:29 ----A---- C:\Windows\system32\KAAPORT.dll 2012-11-19 20:23:28 ----A---- C:\Windows\system32\FMAPO.dll 2012-11-19 20:23:28 ----A---- C:\Windows\system32\DTSVoiceClarityDLL.dll 2012-11-19 20:23:28 ----A---- C:\Windows\system32\DTSU2PREC32.dll 2012-11-19 20:23:28 ----A---- C:\Windows\system32\DTSU2PLFX32.dll 2012-11-19 20:23:28 ----A---- C:\Windows\system32\DTSU2PGFX32.dll 2012-11-19 20:23:27 ----HD---- C:\Program Files\InstallShield Installation Information 2012-11-19 20:23:27 ----D---- C:\Program Files\Realtek 2012-11-19 20:23:27 ----A---- C:\Windows\system32\DTSSymmetryDLL.dll 2012-11-19 20:23:27 ----A---- C:\Windows\system32\DTSS2SpeakerDLL.dll 2012-11-19 20:23:27 ----A---- C:\Windows\system32\DTSS2HeadphoneDLL.dll 2012-11-19 20:23:27 ----A---- C:\Windows\system32\DTSNeoPCDLL.dll 2012-11-19 20:23:27 ----A---- C:\Windows\system32\DTSLimiterDLL.dll 2012-11-19 20:23:27 ----A---- C:\Windows\system32\DTSLFXAPO.dll 2012-11-19 20:23:27 ----A---- C:\Windows\system32\DTSGFXAPONS.dll 2012-11-19 20:23:27 ----A---- C:\Windows\system32\DTSGFXAPO.dll 2012-11-19 20:23:27 ----A---- C:\Windows\system32\DTSGainCompensatorDLL.dll 2012-11-19 20:23:27 ----A---- C:\Windows\system32\DTSBoostDLL.dll 2012-11-19 20:23:27 ----A---- C:\Windows\system32\DTSBassEnhancementDLL.dll 2012-11-19 20:23:27 ----A---- C:\Windows\system32\AERTARen.dll 2012-11-19 20:23:27 ----A---- C:\Windows\system32\AERTACap.dll 2012-11-19 20:23:23 ----HD---- C:\Program Files\Temp 2012-11-19 20:23:23 ----A---- C:\Windows\RtlExUpd.dll 2012-11-19 20:23:21 ----D---- C:\Program Files\Common Files\InstallShield 2012-11-19 20:09:14 ----A---- C:\Windows\system32\drivers\nvstor32.sys 2012-11-19 20:09:13 ----A---- C:\Windows\system32\NvRCoZht.dll 2012-11-19 20:09:13 ----A---- C:\Windows\system32\NvRCoZhc.dll 2012-11-19 20:09:13 ----A---- C:\Windows\system32\NvRCoSv.dll 2012-11-19 20:09:13 ----A---- C:\Windows\system32\NvRCoRu.dll 2012-11-19 20:09:13 ----A---- C:\Windows\system32\NvRCoPtb.dll 2012-11-19 20:09:13 ----A---- C:\Windows\system32\NvRCoNo.dll 2012-11-19 20:09:13 ----A---- C:\Windows\system32\NvRCoNl.dll 2012-11-19 20:09:13 ----A---- C:\Windows\system32\NvRCoKo.dll 2012-11-19 20:09:13 ----A---- C:\Windows\system32\NvRCoJa.dll 2012-11-19 20:09:13 ----A---- C:\Windows\system32\NvRCoIt.dll 2012-11-19 20:09:13 ----A---- C:\Windows\system32\NvRCoFr.dll 2012-11-19 20:09:13 ----A---- C:\Windows\system32\NvRCoFi.dll 2012-11-19 20:09:13 ----A---- C:\Windows\system32\NvRCoEsm.dll 2012-11-19 20:09:13 ----A---- C:\Windows\system32\NvRCoEs.dll 2012-11-19 20:09:13 ----A---- C:\Windows\system32\NvRCoENU.dll 2012-11-19 20:09:13 ----A---- C:\Windows\system32\NvRCoEng.dll 2012-11-19 20:09:13 ----A---- C:\Windows\system32\NvRCoDe.dll 2012-11-19 20:09:13 ----A---- C:\Windows\system32\NvRCoDa.dll 2012-11-19 20:09:13 ----A---- C:\Windows\system32\nvraiins.dll 2012-11-19 20:09:13 ----A---- C:\Windows\system32\nvraidco.dll 2012-11-19 19:53:26 ----A---- C:\Windows\system32\D3DX9_42.dll 2012-11-19 19:53:25 ----A---- C:\Windows\system32\d3dx9_31.dll 2012-11-19 19:53:03 ----D---- C:\Program Files\Winamp Detect 2012-11-19 19:52:54 ----D---- C:\Program Files\Common Files\PX Storage Engine 2012-11-19 19:52:46 ----D---- C:\Users\GRZESIEK\AppData\Roaming\Winamp 2012-11-19 19:52:46 ----D---- C:\Users\GRZESIEK\AppData\Roaming\OpenCandy 2012-11-19 19:52:46 ----D---- C:\Program Files\Winamp 2012-11-19 19:38:55 ----A---- C:\Windows\system32\drivers\Diskdump.sys 2012-11-19 19:38:51 ----A---- C:\Windows\system32\mshtml.dll 2012-11-19 19:38:49 ----A---- C:\Windows\system32\ieframe.dll 2012-11-19 19:38:48 ----A---- C:\Windows\system32\iertutil.dll 2012-11-19 19:38:47 ----A---- C:\Windows\system32\wininet.dll 2012-11-19 19:38:47 ----A---- C:\Windows\system32\msfeeds.dll 2012-11-19 19:38:46 ----A---- C:\Windows\system32\urlmon.dll 2012-11-19 19:38:44 ----A---- C:\Windows\system32\mshtmled.dll 2012-11-19 19:38:43 ----A---- C:\Windows\system32\url.dll 2012-11-19 19:38:43 ----A---- C:\Windows\system32\jsproxy.dll 2012-11-19 19:38:43 ----A---- C:\Windows\system32\ieui.dll 2012-11-19 19:38:25 ----A---- C:\Windows\system32\drivers\srvnet.sys 2012-11-19 19:38:25 ----A---- C:\Windows\system32\drivers\srv2.sys 2012-11-19 19:38:25 ----A---- C:\Windows\system32\drivers\srv.sys 2012-11-19 19:38:23 ----A---- C:\Windows\system32\XpsPrint.dll 2012-11-19 19:38:19 ----A---- C:\Windows\system32\KernelBase.dll 2012-11-19 19:38:19 ----A---- C:\Windows\system32\kernel32.dll 2012-11-19 19:38:18 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2012-11-19 19:38:18 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2012-11-19 19:38:18 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2012-11-19 19:38:18 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2012-11-19 19:38:18 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2012-11-19 19:38:18 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2012-11-19 19:38:18 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2012-11-19 19:38:18 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2012-11-19 19:38:18 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2012-11-19 19:38:18 ----A---- C:\Windows\system32\winsrv.dll 2012-11-19 19:38:18 ----A---- C:\Windows\system32\conhost.exe 2012-11-19 19:38:17 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2012-11-19 19:38:17 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2012-11-19 19:38:17 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2012-11-19 19:38:17 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2012-11-19 19:38:17 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2012-11-19 19:38:17 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2012-11-19 19:38:17 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2012-11-19 19:38:17 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2012-11-19 19:38:17 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2012-11-19 19:38:17 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2012-11-19 19:38:17 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2012-11-19 19:38:17 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2012-11-19 19:38:17 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2012-11-19 19:38:17 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2012-11-19 19:38:17 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2012-11-19 19:38:17 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2012-11-19 19:38:17 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2012-11-19 19:38:17 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2012-11-19 19:38:17 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2012-11-19 19:38:05 ----A---- C:\Windows\system32\poqexec.exe 2012-11-19 19:38:02 ----A---- C:\Windows\system32\ntdll.dll 2012-11-19 19:37:59 ----A---- C:\Windows\system32\drivers\afd.sys 2012-11-19 19:37:57 ----A---- C:\Windows\system32\psisdecd.dll 2012-11-19 19:37:55 ----A---- C:\Windows\system32\EncDec.dll 2012-11-19 19:37:53 ----A---- C:\Windows\system32\vbscript.dll 2012-11-19 19:37:51 ----A---- C:\Windows\system32\msi.dll 2012-11-19 19:37:49 ----A---- C:\Windows\system32\msxml6.dll 2012-11-19 19:37:48 ----A---- C:\Windows\system32\msxml3r.dll 2012-11-19 19:37:48 ----A---- C:\Windows\system32\msxml3.dll 2012-11-19 19:37:47 ----A---- C:\Windows\system32\fontsub.dll 2012-11-19 19:37:47 ----A---- C:\Windows\system32\atmlib.dll 2012-11-19 19:37:47 ----A---- C:\Windows\system32\atmfd.dll 2012-11-19 19:37:35 ----A---- C:\Windows\system32\dnsapi.dll 2012-11-19 19:37:34 ----A---- C:\Windows\system32\dnsrslvr.dll 2012-11-19 19:37:34 ----A---- C:\Windows\system32\dnscacheugc.exe 2012-11-19 19:36:58 ----A---- C:\Windows\system32\FntCache.dll 2012-11-19 19:36:58 ----A---- C:\Windows\system32\d2d1.dll 2012-11-19 19:36:49 ----A---- C:\Windows\system32\webio.dll 2012-11-19 19:36:48 ----A---- C:\Windows\system32\sspisrv.dll 2012-11-19 19:36:48 ----A---- C:\Windows\system32\sspicli.dll 2012-11-19 19:36:48 ----A---- C:\Windows\system32\lsass.exe 2012-11-19 19:36:47 ----A---- C:\Windows\system32\secur32.dll 2012-11-19 19:36:44 ----A---- C:\Windows\system32\quartz.dll 2012-11-19 19:36:39 ----A---- C:\Windows\system32\ntoskrnl.exe 2012-11-19 19:36:39 ----A---- C:\Windows\system32\ntkrnlpa.exe 2012-11-19 19:36:26 ----A---- C:\Windows\system32\cdosys.dll 2012-11-19 19:36:20 ----A---- C:\Windows\explorer.exe 2012-11-19 19:36:18 ----A---- C:\Windows\system32\oleaut32.dll 2012-11-19 19:36:18 ----A---- C:\Windows\system32\oleacc.dll 2012-11-19 19:36:16 ----A---- C:\Windows\system32\rdrmemptylst.exe 2012-11-19 19:36:16 ----A---- C:\Windows\system32\rdpwsx.dll 2012-11-19 19:36:16 ----A---- C:\Windows\system32\rdpcorekmts.dll 2012-11-19 19:36:13 ----A---- C:\Windows\system32\tzres.dll 2012-11-19 19:36:05 ----A---- C:\Windows\system32\crypt32.dll 2012-11-19 19:36:04 ----A---- C:\Windows\system32\cryptsvc.dll 2012-11-19 19:36:04 ----A---- C:\Windows\system32\cryptnet.dll 2012-11-19 19:35:46 ----A---- C:\Windows\system32\ntshrui.dll 2012-11-19 19:35:44 ----A---- C:\Windows\system32\win32k.sys 2012-11-19 19:35:36 ----A---- C:\Windows\system32\CPFilters.dll 2012-11-19 19:35:35 ----A---- C:\Windows\system32\sbe.dll 2012-11-19 19:35:33 ----A---- C:\Windows\system32\kerberos.dll 2012-11-19 19:35:31 ----A---- C:\Windows\system32\mfc42.dll 2012-11-19 19:35:30 ----A---- C:\Windows\system32\mfc42u.dll 2012-11-19 19:35:29 ----A---- C:\Windows\system32\odbcjt32.dll 2012-11-19 19:35:28 ----A---- C:\Windows\system32\odbccu32.dll 2012-11-19 19:35:28 ----A---- C:\Windows\system32\odbccr32.dll 2012-11-19 19:35:28 ----A---- C:\Windows\system32\odbccp32.dll 2012-11-19 19:35:27 ----A---- C:\Windows\system32\odbctrac.dll 2012-11-19 19:35:22 ----A---- C:\Windows\system32\shell32.dll 2012-11-19 19:35:19 ----A---- C:\Windows\system32\drivers\ntfs.sys 2012-11-19 19:35:17 ----A---- C:\Windows\system32\msvcrt.dll 2012-11-19 19:35:12 ----A---- C:\Windows\system32\XpsGdiConverter.dll 2012-11-19 19:35:05 ----A---- C:\Windows\system32\drivers\partmgr.sys 2012-11-19 19:35:03 ----A---- C:\Windows\system32\packager.dll 2012-11-19 19:35:01 ----A---- C:\Windows\system32\localspl.dll 2012-11-19 19:34:57 ----A---- C:\Windows\system32\rdpcorets.dll 2012-11-19 19:34:57 ----A---- C:\Windows\system32\drivers\rdpwd.sys 2012-11-19 19:34:56 ----A---- C:\Windows\system32\netapi32.dll 2012-11-19 19:34:56 ----A---- C:\Windows\system32\browser.dll 2012-11-19 19:34:56 ----A---- C:\Windows\system32\browcli.dll 2012-11-19 19:34:54 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys 2012-11-19 19:34:54 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys 2012-11-19 19:34:54 ----A---- C:\Windows\system32\drivers\mrxsmb.sys 2012-11-19 19:34:50 ----A---- C:\Windows\system32\FXSCOVER.exe 2012-11-19 19:34:21 ----A---- C:\Windows\system32\d3d10level9.dll 2012-11-19 19:34:12 ----A---- C:\Windows\system32\DWrite.dll 2012-11-19 19:34:09 ----A---- C:\Windows\system32\profsvc.dll 2012-11-19 19:34:08 ----A---- C:\Windows\system32\profprov.dll 2012-11-19 19:34:07 ----A---- C:\Windows\system32\drivers\bowser.sys 2012-11-19 19:34:04 ----A---- C:\Windows\system32\umpnpmgr.dll 2012-11-19 19:34:03 ----A---- C:\Windows\system32\wintrust.dll 2012-11-19 19:33:52 ----A---- C:\Windows\system32\prevhost.exe 2012-11-19 19:33:48 ----A---- C:\Windows\system32\win32spl.dll 2012-11-19 19:33:47 ----A---- C:\Windows\system32\spoolsv.exe 2012-11-19 19:33:44 ----A---- C:\Windows\system32\jscript.dll 2012-11-19 19:33:40 ----A---- C:\Windows\system32\srcore.dll 2012-11-19 19:33:28 ----A---- C:\Windows\system32\d3d10_1core.dll 2012-11-19 19:33:27 ----A---- C:\Windows\system32\d3d10_1.dll 2012-11-19 19:33:22 ----A---- C:\Windows\system32\csrsrv.dll 2012-11-19 19:33:19 ----A---- C:\Windows\system32\xmllite.dll 2012-11-19 19:33:17 ----A---- C:\Windows\system32\synceng.dll 2012-11-19 19:33:16 ----A---- C:\Windows\system32\inetcomm.dll 2012-11-19 19:20:39 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys 2012-11-19 19:20:38 ----A---- C:\Windows\system32\drivers\dxgmms1.sys 2012-11-19 19:20:38 ----A---- C:\Windows\system32\cdd.dll 2012-11-19 19:05:17 ----N---- C:\Windows\system32\MpSigStub.exe 2012-11-19 19:03:49 ----D---- C:\Program Files\Common Files\Skype 2012-11-19 19:02:01 ----A---- C:\Windows\system32\cohelper.dll 2012-11-19 19:02:00 ----D---- C:\Program Files\NVIDIA Corporation 2012-11-19 18:58:25 ----D---- C:\Users\GRZESIEK\AppData\Roaming\Skype 2012-11-19 18:58:18 ----RD---- C:\Program Files\Skype 2012-11-19 18:58:16 ----D---- C:\ProgramData\Skype 2012-11-19 18:48:18 ----D---- C:\Program Files\Google 2012-11-19 18:45:04 ----A---- C:\Windows\system32\drivers\aswRdr2.sys 2012-11-19 18:44:31 ----A---- C:\Windows\system32\rdpudd.dll 2012-11-19 18:44:31 ----A---- C:\Windows\system32\rdpcore.dll 2012-11-19 18:44:31 ----A---- C:\Windows\system32\drivers\tdtcp.sys 2012-11-19 18:44:31 ----A---- C:\Windows\system32\drivers\tdpipe.sys 2012-11-19 18:44:31 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys 2012-11-19 18:44:00 ----A---- C:\Windows\system32\drivers\aswSnx.sys 2012-11-19 18:43:55 ----A---- C:\Windows\avastSS.scr 2012-11-19 18:41:11 ----A---- C:\Windows\system32\wups2.dll 2012-11-19 18:41:11 ----A---- C:\Windows\system32\wucltux.dll 2012-11-19 18:41:11 ----A---- C:\Windows\system32\wuaueng.dll 2012-11-19 18:41:11 ----A---- C:\Windows\system32\wuauclt.exe 2012-11-19 18:41:06 ----A---- C:\Windows\system32\wups.dll 2012-11-19 18:41:06 ----A---- C:\Windows\system32\wudriver.dll 2012-11-19 18:41:06 ----A---- C:\Windows\system32\wuapi.dll 2012-11-19 18:40:59 ----A---- C:\Windows\system32\wuwebv.dll 2012-11-19 18:40:59 ----A---- C:\Windows\system32\wuapp.exe 2012-11-19 18:36:32 ----A---- C:\Windows\system32\PerfStringBackup.INI 2012-11-19 18:36:00 ----A---- C:\Windows\system32\drivers\aswSP.sys 2012-11-19 18:36:00 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys 2012-11-19 18:35:59 ----A---- C:\Windows\system32\drivers\aswRdr.sys 2012-11-19 18:35:58 ----A---- C:\Windows\system32\drivers\aswTdi.sys 2012-11-19 18:35:55 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys 2012-11-19 18:35:17 ----SHD---- C:\Windows\Installer 2012-11-19 18:35:14 ----A---- C:\Windows\system32\aswBoot.exe 2012-11-19 18:35:12 ----D---- C:\ProgramData\Alwil Software 2012-11-19 18:35:12 ----D---- C:\Program Files\Alwil Software 2012-11-19 18:30:47 ----D---- C:\Users\GRZESIEK\AppData\Roaming\Identities 2012-11-19 18:30:36 ----SD---- C:\Users\GRZESIEK\AppData\Roaming\Microsoft 2012-11-19 18:30:36 ----D---- C:\Users\GRZESIEK\AppData\Roaming\Media Center Programs 2012-11-19 18:29:52 ----SHD---- C:\Recovery 2012-11-19 18:29:52 ----SHD---- C:\ProgramData\Ulubione 2012-11-19 18:29:52 ----SHD---- C:\ProgramData\Szablony 2012-11-19 18:29:52 ----SHD---- C:\ProgramData\Pulpit 2012-11-19 18:29:52 ----SHD---- C:\ProgramData\Menu Start 2012-11-19 18:29:52 ----SHD---- C:\ProgramData\Dokumenty 2012-11-19 18:29:52 ----SHD---- C:\ProgramData\Dane aplikacji 2012-11-19 18:24:34 ----D---- C:\Windows\SoftwareDistribution 2012-11-19 18:21:54 ----D---- C:\Windows\Prefetch 2012-11-19 18:21:39 ----ASH---- C:\pagefile.sys 2012-11-19 18:21:38 ----SHD---- C:\System Volume Information 2012-11-19 18:21:38 ----ASH---- C:\hiberfil.sys 2012-11-19 18:20:56 ----D---- C:\Windows\Panther 2012-11-19 18:20:44 ----RASH---- C:\BOOTSECT.BAK 2012-11-19 18:20:42 ----SHD---- C:\Boot 2012-11-19 18:20:30 ----D---- C:\Windows\system32\OEM ======List of files/folders modified in the last 1 month====== 2012-11-26 20:09:05 ----D---- C:\Windows\Temp 2012-11-26 20:09:00 ----RD---- C:\Program Files 2012-11-26 19:27:51 ----D---- C:\Windows\system32\config 2012-11-26 19:20:00 ----D---- C:\Windows\System32 2012-11-26 19:20:00 ----D---- C:\Windows\inf 2012-11-26 19:11:45 ----D---- C:\Windows\Tasks 2012-11-26 19:11:45 ----D---- C:\Windows\system32\wfp 2012-11-26 19:11:45 ----D---- C:\Windows\system32\DriverStore 2012-11-26 19:11:45 ----D---- C:\Windows\system32\catroot2 2012-11-26 19:11:45 ----D---- C:\Windows\rescache 2012-11-26 19:11:40 ----D---- C:\Windows\registration 2012-11-26 19:11:38 ----D---- C:\Windows\winsxs 2012-11-26 19:11:28 ----D---- C:\Windows\Microsoft.NET 2012-11-26 19:11:27 ----RSD---- C:\Windows\assembly 2012-11-26 19:11:22 ----HD---- C:\ProgramData 2012-11-26 18:13:15 ----D---- C:\Windows\system32\Tasks 2012-11-26 18:12:35 ----D---- C:\Windows\system32\wbem 2012-11-26 18:12:35 ----D---- C:\Windows 2012-11-22 17:54:02 ----D---- C:\Program Files\Common Files 2012-11-21 22:34:49 ----D---- C:\Windows\system32\wdi 2012-11-21 20:14:17 ----D---- C:\Windows\system32\drivers 2012-11-21 20:14:17 ----D---- C:\Windows\AppPatch 2012-11-21 20:14:16 ----D---- C:\Windows\system32\pl-PL 2012-11-21 20:14:16 ----D---- C:\Program Files\Common Files\System 2012-11-21 20:14:15 ----RSD---- C:\Windows\Fonts 2012-11-21 20:14:15 ----D---- C:\Windows\system32\migration 2012-11-21 20:14:15 ----D---- C:\Windows\ehome 2012-11-21 20:14:15 ----D---- C:\Program Files\Internet Explorer 2012-11-21 20:14:14 ----D---- C:\Program Files\Windows Journal 2012-11-21 20:14:13 ----D---- C:\Windows\PolicyDefinitions 2012-11-21 20:14:12 ----D---- C:\Windows\system32\drivers\pl-PL 2012-11-21 20:08:14 ----D---- C:\Windows\system32\catroot 2012-11-21 20:04:41 ----D---- C:\Windows\debug 2012-11-20 20:07:25 ----D---- C:\Program Files\Windows Sidebar 2012-11-20 20:07:25 ----D---- C:\Program Files\Windows Mail 2012-11-20 20:07:25 ----D---- C:\Program Files\DVD Maker 2012-11-20 20:07:24 ----D---- C:\Program Files\Windows Portable Devices 2012-11-20 20:07:24 ----D---- C:\Program Files\Windows Photo Viewer 2012-11-20 20:07:24 ----D---- C:\Program Files\Windows Media Player 2012-11-20 20:07:23 ----D---- C:\Windows\servicing 2012-11-20 20:07:23 ----D---- C:\Program Files\Windows Defender 2012-11-20 20:07:18 ----SHD---- C:\Windows\BitLockerDiscoveryVolumeContents 2012-11-20 20:07:18 ----D---- C:\Windows\system32\sysprep 2012-11-20 20:07:18 ----D---- C:\Windows\system32\oobe 2012-11-20 20:07:18 ----D---- C:\Windows\system32\en-US 2012-11-20 20:07:18 ----D---- C:\Windows\system32\da-DK 2012-11-20 20:07:17 ----D---- C:\Windows\system32\Setup 2012-11-20 20:07:17 ----D---- C:\Windows\system32\manifeststore 2012-11-20 20:07:17 ----D---- C:\Windows\system32\es-ES 2012-11-20 20:07:17 ----D---- C:\Windows\system32\cs-CZ 2012-11-20 20:07:17 ----D---- C:\Windows\system32\AdvancedInstallers 2012-11-20 20:07:15 ----D---- C:\Windows\system32\sppui 2012-11-20 20:07:15 ----D---- C:\Windows\system32\drivers\UMDF 2012-11-20 20:07:14 ----D---- C:\Windows\system32\migwiz 2012-11-20 20:07:14 ----D---- C:\Windows\system32\Dism 2012-11-20 20:06:54 ----D---- C:\Windows\system32\Boot 2012-11-20 20:03:07 ----A---- C:\Windows\system32\msclmd.dll 2012-11-20 17:25:45 ----D---- C:\Windows\Logs 2012-11-19 22:02:21 ----D---- C:\Program Files\Common Files\microsoft shared 2012-11-19 22:01:57 ----SD---- C:\ProgramData\Microsoft 2012-11-19 22:00:50 ----D---- C:\Windows\ShellNew 2012-11-19 21:50:59 ----D---- C:\Windows\twain_32 2012-11-19 18:41:36 ----D---- C:\Windows\system32\CodeIntegrity 2012-11-19 18:35:03 ----D---- C:\Windows\system32\restore 2012-11-19 18:30:44 ----SHD---- C:\$Recycle.Bin 2012-11-19 18:30:36 ----RD---- C:\Users 2012-11-19 18:29:52 ----D---- C:\Program Files\Windows NT 2012-11-19 18:22:23 ----D---- C:\Windows\CSC 2012-11-19 18:20:30 ----D---- C:\Windows\Setup ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 nvstor32;nvstor32; C:\Windows\system32\DRIVERS\nvstor32.sys [2010-04-08 215656] R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440] R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-11-19 477240] R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360] R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-10-15 44784] R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-10-30 738504] R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-10-30 361032] R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-10-30 54232] R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096] R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-10-30 21256] R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-10-30 58680] R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-13 8704] R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 4994560] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2012-06-19 3240400] R3 NVNET;NVIDIA nForce Ethernet Driver; C:\Windows\system32\DRIVERS\nvmf6232.sys [2010-08-12 298216] R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys [2012-06-05 204432] S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720] S3 amdagp;Sterownik filtru magistrali AGP AMD; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312] S3 ap2jswzk;ap2jswzk; C:\Windows\system32\drivers\ap2jswzk.sys [] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888] S3 NVENETFD;Sterownik kontrolera sieci NVIDIA nForce; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-13 347264] S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872] S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632] S3 sisagp;Filtr magistrali AGP SIS; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304] S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032] S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 52224] S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [] S3 usbscan;Sterownik skanera USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840] S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [] S3 viaagp;Filtr magistrali AGP VIA; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328] S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-13 52736] S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 176128] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2012-10-30 44808] R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992] R2 SearchIndexer;Search Indexer; C:\Windows\system32\svchost.exe [2009-07-14 20992] R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688] S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service; C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2012-01-05 75624] S2 gupdate;Usługa Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-11-19 136176] S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-11-09 160944] S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 gupdatem;Usługa Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-11-19 136176] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2012-11-20 529744] S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992] -----------------EOF----------------- [/log] Log RSIT 2 [log] info.txt logfile of random's system information tool 1.09 2012-11-26 20:09:20 ======Uninstall list====== µTorrent-->"C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe -maintain activex Adobe Reader 9.5.2 - Polish-->MsiExec.exe /I{AC76BA86-7AD7-1045-7B44-A95000000001} Alcohol 120%-->C:\Program Files\Alcohol Soft\Alcohol 120\uninst.exe Archiwizator WinRAR-->C:\Program Files\WinRAR\uninstall.exe avast! Free Antivirus-->C:\Program Files\Alwil Software\Avast5\aswRunDll.exe "C:\Program Files\Alwil Software\Avast5\Setup\setiface.dll" RunSetup Call of Duty Black Ops 2-->"C:\Gry\Call of Duty Black Ops 2\unins000.exe" Google Chrome-->"C:\Program Files\Google\Chrome\Application\23.0.1271.64\Installer\setup.exe" --uninstall --multi-install --chrome --system-level --verbose-logging Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} HP Deskjet 2050 J510 series Podstawowe oprogramowanie urządzenia-->MsiExec.exe /I{DD2469BA-DDE0-4296-A021-501559DD96C0} HP Deskjet 2050 J510 series Pomoc-->MsiExec.exe /I{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F} K-Lite Codec Pack 5.4.4 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe" Max Payne 3-->"C:\Program Files\InstallShield Installation Information\{1AA94747-3BF6-4237-9E1A-7B3067738FE1}\Setup.exe" -runfromtemp -l0x0415 -removeonly Microsoft Office Access MUI (Polish) 2007-->MsiExec.exe /X{90120000-0015-0415-0000-0000000FF1CE} Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE} Microsoft Office Excel MUI (Polish) 2007-->MsiExec.exe /X{90120000-0016-0415-0000-0000000FF1CE} Microsoft Office Groove MUI (Polish) 2007-->MsiExec.exe /X{90120000-00BA-0415-0000-0000000FF1CE} Microsoft Office InfoPath MUI (Polish) 2007-->MsiExec.exe /X{90120000-0044-0415-0000-0000000FF1CE} Microsoft Office OneNote MUI (Polish) 2007-->MsiExec.exe /X{90120000-00A1-0415-0000-0000000FF1CE} Microsoft Office Outlook MUI (Polish) 2007-->MsiExec.exe /X{90120000-001A-0415-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (Polish) 2007-->MsiExec.exe /X{90120000-0018-0415-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proof (Polish) 2007-->MsiExec.exe /X{90120000-001F-0415-0000-0000000FF1CE} Microsoft Office Proofing (Polish) 2007-->MsiExec.exe /X{90120000-002C-0415-0000-0000000FF1CE} Microsoft Office Publisher MUI (Polish) 2007-->MsiExec.exe /X{90120000-0019-0415-0000-0000000FF1CE} Microsoft Office Shared MUI (Polish) 2007-->MsiExec.exe /X{90120000-006E-0415-0000-0000000FF1CE} Microsoft Office Word MUI (Polish) 2007-->MsiExec.exe /X{90120000-001B-0415-0000-0000000FF1CE} Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5} MyTomTom 3.2.0.802-->C:\Program Files\MyTomTom 3\Uninstall MyTomTom3.exe NapiProjekt (2.1.0.2287)-->"C:\Program Files\NapiProjekt\unins000.exe" Nero 12 Full Repack-->C:\Program Files\Nero\Uninstall.exe neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B} NVIDIA Drivers-->C:\Program Files\NVIDIA Corporation\Uninstall\nvuninst.exe UninstallGUI Realtek HDMI Audio Driver for ATI-->C:\Program Files\Realtek\Audio\HDA\RtkUpd.exe -k -m -nrg2709 Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly Rockstar Games Social Club-->C:\Program Files\Rockstar Games\Social Club\uninstallRGSCRedistributable.exe Skype™ 6.0-->MsiExec.exe /X{EA17F4FC-FDBF-4CF8-A529-2D983132D053} Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3} Visual Studio C++ 10.0 Runtime-->MsiExec.exe /I{4412F224-3849-4461-A3E9-DEEF8D252790} Winamp-->"C:\Program Files\Winamp\UninstWA.exe" ======System event log====== Computer Name: 37L4247D28-05 Event Code: 7036 Message: Usługa Diagnostic Policy Service weszła w stan stopped. Record Number: 5 Source Name: Service Control Manager Time Written: 20090714045645.074339-000 Event Type: Informacje User: Computer Name: 37L4247D28-05 Event Code: 6005 Message: Uruchomiono usługę Dziennik zdarzeń. Record Number: 4 Source Name: EventLog Time Written: 20121119182223.000000-000 Event Type: Informacje User: Computer Name: 37L4247D28-05 Event Code: 6009 Message: Microsoft ® Windows ® 6.01. 7600 Multiprocessor Free. Record Number: 3 Source Name: EventLog Time Written: 20121119182223.000000-000 Event Type: Informacje User: Computer Name: 37L4247D28-05 Event Code: 6011 Message: Nazwa NetBIOS i nazwa hosta DNS tego komputera zostały zmienione z 37L4247D28-05 na WIN-FPA09ECBFDU. Record Number: 2 Source Name: EventLog Time Written: 20121119182223.000000-000 Event Type: Informacje User: Computer Name: 37L4247D28-05 Event Code: 7036 Message: Usługa Microsoft Software Shadow Copy Provider weszła w stan stopped. Record Number: 1 Source Name: Service Control Manager Time Written: 20090714045645.074339-000 Event Type: Informacje User: =====Application event log===== Computer Name: 37L4247D28-05 Event Code: 900 Message: Usługa ochrony oprogramowania jest uruchamiana. Record Number: 5 Source Name: Microsoft-Windows-Security-SPP Time Written: 20121119182430.000000-000 Event Type: Informacje User: Computer Name: 37L4247D28-05 Event Code: 5617 Message: Windows Management Instrumentation Service subsystems initialized successfully Record Number: 4 Source Name: Microsoft-Windows-WMI Time Written: 20121119182232.000000-000 Event Type: Informacje User: Computer Name: 37L4247D28-05 Event Code: 5615 Message: Windows Management Instrumentation Service started sucessfully Record Number: 3 Source Name: Microsoft-Windows-WMI Time Written: 20121119182228.000000-000 Event Type: Informacje User: Computer Name: 37L4247D28-05 Event Code: 1531 Message: Usługa profilów użytkowników została uruchomiona pomyślnie. Record Number: 2 Source Name: Microsoft-Windows-User Profiles Service Time Written: 20121119182224.068400-000 Event Type: Informacje User: ZARZĄDZANIE NT\SYSTEM Computer Name: 37L4247D28-05 Event Code: 4625 Message: System podrzędny EventSystem pomija zduplikowane wpisy dziennika zdarzeń przez okres 86400 sekund. Limit czasu pomijania można kontrolować za pomocą wartości REG_DWORD o nazwie SuppressDuplicateDuration w następującym kluczu rejestru: HKLM\Software\Microsoft\EventSystem\EventLog. Record Number: 1 Source Name: Microsoft-Windows-EventSystem Time Written: 20121119182224.000000-000 Event Type: Informacje User: =====Security event log===== Computer Name: 37L4247D28-05 Event Code: 4735 Message: Zmieniono grupę lokalną z włączonymi zabezpieczeniami. Podmiot: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: 37L4247D28-05$ Domena konta: WORKGROUP Identyfikator logowania: 0x3e7 Grupa: Identyfikator zabezpieczeń: S-1-5-32-551 Nazwa grupy: Operatorzy kopii zapasowych Domena grupy: Builtin Zmienione atrybuty: Nazwa konta SAM: - Historia identyfikatora SID: - Informacje dodatkowe: Uprawnienia: - Record Number: 5 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20121119182156.425200-000 Event Type: Sukcesy inspekcji User: Computer Name: 37L4247D28-05 Event Code: 4731 Message: Utworzono grupę lokalną z włączonymi zabezpieczeniami. Podmiot: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: 37L4247D28-05$ Domena konta: WORKGROUP Identyfikator logowania: 0x3e7 Nowa grupa: Identyfikator zabezpieczeń: S-1-5-32-551 Nazwa grupy: Operatorzy kopii zapasowych Domena grupy: Builtin Atrybuty: Nazwa konta SAM: Operatorzy kopii zapasowych Historia identyfikatora SID: - Informacje dodatkowe: Uprawnienia: - Record Number: 4 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20121119182156.409600-000 Event Type: Sukcesy inspekcji User: Computer Name: 37L4247D28-05 Event Code: 4902 Message: Utworzono tabelę zasad inspekcji użytkownika. Liczba elementów: 0 Identyfikator zasad: 0x23345 Record Number: 3 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20121119182155.894800-000 Event Type: Sukcesy inspekcji User: Computer Name: 37L4247D28-05 Event Code: 4624 Message: Użytkownik pomyślnie zalogował się na koncie. Podmiot: Identyfikator zabezpieczeń: S-1-0-0 Nazwa konta: - Domena konta: - Identyfikator logowania: 0x0 Typ logowania: 0 Nowe logowanie: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: SYSTEM Domena konta: ZARZĄDZANIE NT Identyfikator logowania: 0x3e7 Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000} Informacje o procesie: Identyfikator procesu: 0x4 Nazwa procesu: Informacje o sieci: Nazwa stacji roboczej: - Adres źródłowy sieci: - Port źródłowy: - Szczegółowe informacje o uwierzytelnianiu: Proces logowania: - Pakiet uwierzytelniania: - Usługi przejściowe: - Nazwa pakietu (tylko NTLM): - Długość klucza: 0 To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do którego został uzyskany dostęp. Pola podmiotu wskazują konto w systemie lokalnym, które zażądało logowania. Najczęściej jest to usługa, na przykład usługa Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe. Pole typu logowania wskazuje rodzaj zaistniałego logowania. Najczęstsze typy to 2 (interakcyjne) i 3 (sieciowe). Pola nowego logowania wskazują konto, dla którego zostało utworzone nowe logowanie, czyli konto, które zostało zalogowane. Pola sieci wskazują lokalizację, z której pochodziło zdalne żądanie logowania. Nazwa stacji roboczej nie zawsze jest dostępna i w niektórych przypadkach może być pusta. Pola informacji o uwierzytelnianiu zawierają szczegółowe informacje o tym konkretnym żądaniu logowania. - Identyfikator GUID logowania to unikatowy identyfikator, za pomocą którego można skorelować to zdarzenie ze zdarzeniem centrum dystrybucji kluczy. - Usługi przejściowe wskazują, które usługi pośrednie uczestniczyły w tym żądaniu logowania. - Nazwa pakietu wskazuje, który protokół podrzędny spośród protokołów NTLM został użyty. - Długość klucza wskazuje długość wygenerowanego klucza sesji. Jeśli nie zażądano klucza sesji, jest to wartość 0. Record Number: 2 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20121119182153.242800-000 Event Type: Sukcesy inspekcji User: Computer Name: 37L4247D28-05 Event Code: 4608 Message: Trwa uruchamianie systemu Windows. To zdarzenie jest rejestrowane w momencie uruchamiania programu LSASS.EXE i inicjowania podsystemu inspekcji. Record Number: 1 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20121119182153.149200-000 Event Type: Sukcesy inspekcji User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\ "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=x86 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\ "NUMBER_OF_PROCESSORS"=2 "PROCESSOR_LEVEL"=16 "PROCESSOR_IDENTIFIER"=x86 Family 16 Model 6 Stepping 3, AuthenticAMD "PROCESSOR_REVISION"=0603 -----------------EOF----------------- [/log]
Klos komentarz 3 grudnia 2012 komentarz 3 grudnia 2012 mam identyczny problem, narazie korzystam z windowsa XP na drugim dysku, ktoś znalazł rozwiązanie [url="http://torrentcity.pl"] [/url]
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.