x-kom hosting

Logi Do Sprawdzenia.

Grzenio95
utworzono
utworzono

Witam, grałem ostatnio znaną grę "Tibia" no i przypadek chciał, że prawdopodobnie mam na PC, keyloger'a lub jakieś inne złe oprogramowanie. Przechwyciło moje dane do logowania, no i w ten sposób pozbyłem się paru rzeczy. Daje logi do sprawdzenia czy dalej "to coś" jest na moim PC.
OTL
[log]OTL logfile created on: 2012-12-24 18:03:50 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Documents and Settings\Grzenio\Moje dokumenty\Downloads
Windows XP Home Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,26 Gb Available Physical Memory | 63,21% Memory free
3,85 Gb Paging File | 3,20 Gb Available in Paging File | 83,21% Paging File free
Paging file location(s): D:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 109,99 Gb Total Space | 55,89 Gb Free Space | 50,82% Space Free | Partition Type: NTFS
Drive D: | 39,05 Gb Total Space | 25,00 Gb Free Space | 64,01% Space Free | Partition Type: NTFS
Drive G: | 1,83 Gb Total Space | 1,00 Gb Free Space | 54,58% Space Free | Partition Type: FAT32

Computer Name: GRZYNIO | User Name: Grzenio | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2012-12-24 18:02:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Grzenio\Moje dokumenty\Downloads\OTL.exe
PRC - [2012-12-24 15:26:11 | 000,282,104 | ---- | M] () -- D:\WINDOWS\system32\PnkBstrB.exe
PRC - [2012-12-12 18:58:31 | 001,064,960 | ---- | M] () -- D:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe
PRC - [2012-12-05 02:15:17 | 001,242,728 | ---- | M] (Google Inc.) -- D:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2012-11-28 22:47:11 | 000,076,888 | ---- | M] () -- D:\WINDOWS\system32\PnkBstrA.exe
PRC - [2012-11-27 18:24:51 | 000,161,768 | ---- | M] (Oracle Corporation) -- D:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2012-11-27 18:24:50 | 000,174,056 | ---- | M] (Oracle Corporation) -- D:\WINDOWS\system32\javaw.exe
PRC - [2012-11-19 21:48:16 | 002,254,768 | ---- | M] (LogMeIn Inc.) -- D:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2012-11-19 21:48:14 | 001,435,568 | ---- | M] (LogMeIn Inc.) -- D:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2012-10-04 16:34:36 | 000,115,032 | R--- | M] (SweetIM Technologies Ltd.) -- D:\Program Files\SweetIM\Messenger\SweetIM.exe
PRC - [2012-09-23 15:28:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- D:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012-09-23 14:04:11 | 000,164,200 | ---- | M] (NVIDIA Corporation) -- D:\WINDOWS\system32\nvsvc32.exe
PRC - [2012-07-03 09:04:54 | 000,252,848 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2011-07-04 18:45:30 | 013,374,048 | ---- | M] (GG Network S.A.) -- D:\Program Files\Gadu-Gadu 10\gg.exe
PRC - [2010-06-25 15:57:50 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) -- D:\Program Files\TP-LINK\COMMON\RaRegistry.exe
PRC - [2010-06-25 15:57:42 | 001,638,400 | ---- | M] (TP-LINK TECHNOLOGIES CO., LTD. ) -- D:\Program Files\TP-LINK\COMMON\TWCU.exe
PRC - [2004-08-04 12:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\explorer.exe
PRC - [2004-08-04 12:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\winlogon.exe
PRC - [2004-08-04 12:00:00 | 000,218,112 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\wmiprvse.exe
PRC - [2004-08-04 12:00:00 | 000,112,128 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wuauclt.exe
PRC - [2004-08-04 12:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\services.exe
PRC - [2004-08-04 12:00:00 | 000,057,856 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\spoolsv.exe
PRC - [2004-08-04 12:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\smss.exe
PRC - [2004-08-04 12:00:00 | 000,044,544 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\alg.exe
PRC - [2004-08-04 12:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rundll32.exe
PRC - [2004-08-04 12:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ctfmon.exe
PRC - [2004-08-04 12:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2004-08-04 12:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2004-08-04 12:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2004-08-04 12:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2004-08-04 12:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2004-08-04 12:00:00 | 000,013,824 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wscntfy.exe
PRC - [2004-08-04 12:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\lsass.exe
PRC - [2004-08-04 12:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\csrss.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2012-12-24 18:02:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Grzenio\Moje dokumenty\Downloads\OTL.exe
MOD - [2012-12-24 15:26:11 | 000,282,104 | ---- | M] () -- D:\WINDOWS\system32\PnkBstrB.exe
MOD - [2012-12-24 12:29:09 | 000,441,220 | ---- | M] (Java(TM) Native Access (JNA)) -- D:\Documents and Settings\Grzenio\Ustawienia lokalne\Temp\jna\jna8201088035866334733.dll
MOD - [2012-12-12 18:58:31 | 001,064,960 | ---- | M] () -- D:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe
MOD - [2012-12-12 08:17:54 | 014,586,296 | ---- | M] () -- D:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll
MOD - [2012-12-07 21:43:06 | 000,096,088 | ---- | M] (SweetIM Technologies Ltd.) -- D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.1.0.1_0\mgHelperGCFB.dll
MOD - [2012-12-05 02:15:17 | 001,242,728 | ---- | M] (Google Inc.) -- D:\Program Files\Google\Chrome\Application\chrome.exe
MOD - [2012-12-05 02:15:15 | 012,456,040 | ---- | M] () -- D:\Program Files\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll
MOD - [2012-12-05 02:15:15 | 000,460,904 | ---- | M] () -- D:\Program Files\Google\Chrome\Application\23.0.1271.97\ppgooglenaclpluginchrome.dll
MOD - [2012-12-05 02:15:14 | 004,008,040 | ---- | M] () -- D:\Program Files\Google\Chrome\Application\23.0.1271.97\pdf.dll
MOD - [2012-12-05 02:14:29 | 000,587,880 | ---- | M] () -- D:\Program Files\Google\Chrome\Application\23.0.1271.97\libglesv2.dll
MOD - [2012-12-05 02:14:28 | 000,124,520 | ---- | M] () -- D:\Program Files\Google\Chrome\Application\23.0.1271.97\libegl.dll
MOD - [2012-12-05 02:14:27 | 009,963,112 | ---- | M] (The ICU Project) -- D:\Program Files\Google\Chrome\Application\23.0.1271.97\icudt.dll
MOD - [2012-12-05 02:14:23 | 041,743,976 | ---- | M] (Google Inc.) -- D:\Program Files\Google\Chrome\Application\23.0.1271.97\chrome.dll
MOD - [2012-12-05 02:14:21 | 000,157,304 | ---- | M] () -- D:\Program Files\Google\Chrome\Application\23.0.1271.97\avutil-51.dll
MOD - [2012-12-05 02:14:20 | 000,275,576 | ---- | M] () -- D:\Program Files\Google\Chrome\Application\23.0.1271.97\avformat-54.dll
MOD - [2012-12-05 02:14:19 | 002,168,952 | ---- | M] () -- D:\Program Files\Google\Chrome\Application\23.0.1271.97\avcodec-54.dll
MOD - [2012-11-28 22:47:11 | 000,076,888 | ---- | M] () -- D:\WINDOWS\system32\PnkBstrA.exe
MOD - [2012-11-27 19:18:22 | 000,027,958 | ---- | M] () -- D:\Program Files\Common Files\logonInit.dll
MOD - [2012-11-27 18:24:51 | 000,770,384 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Java\jre7\bin\msvcr100.dll
MOD - [2012-11-27 18:24:51 | 000,161,768 | ---- | M] (Oracle Corporation) -- D:\Program Files\Java\jre7\bin\jqs.exe
MOD - [2012-11-27 18:24:51 | 000,122,856 | ---- | M] (Oracle Corporation) -- D:\Program Files\Java\jre7\bin\sunec.dll
MOD - [2012-11-27 18:24:51 | 000,074,216 | ---- | M] (Oracle Corporation) -- D:\Program Files\Java\jre7\bin\net.dll
MOD - [2012-11-27 18:24:51 | 000,066,024 | ---- | M] (Oracle Corporation) -- D:\Program Files\Java\jre7\bin\zip.dll
MOD - [2012-11-27 18:24:51 | 000,049,640 | ---- | M] (Oracle Corporation) -- D:\Program Files\Java\jre7\bin\nio.dll
MOD - [2012-11-27 18:24:51 | 000,038,888 | ---- | M] (Oracle Corporation) -- D:\Program Files\Java\jre7\bin\verify.dll
MOD - [2012-11-27 18:24:50 | 003,367,912 | ---- | M] (Oracle Corporation) -- D:\Program Files\Java\jre7\bin\client\jvm.dll
MOD - [2012-11-27 18:24:50 | 000,174,056 | ---- | M] (Oracle Corporation) -- D:\WINDOWS\system32\javaw.exe
MOD - [2012-11-27 18:24:50 | 000,119,272 | ---- | M] (Oracle Corporation) -- D:\Program Files\Java\jre7\bin\java.dll
MOD - [2012-11-27 18:24:49 | 001,168,360 | ---- | M] (Oracle Corporation) -- D:\Program Files\Java\jre7\bin\awt.dll
MOD - [2012-11-19 21:48:16 | 002,254,768 | ---- | M] (LogMeIn Inc.) -- D:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
MOD - [2012-11-19 21:48:14 | 001,435,568 | ---- | M] (LogMeIn Inc.) -- D:\Program Files\LogMeIn Hamachi\hamachi-2.exe
MOD - [2012-10-04 16:35:08 | 000,074,072 | R--- | M] (SweetIM Technologies Ltd.) -- D:\Program Files\SweetIM\Messenger\mgxml_wrapper.dll
MOD - [2012-10-04 16:35:06 | 000,299,352 | R--- | M] (SweetIM Technologies Ltd.) -- D:\Program Files\SweetIM\Messenger\mgUpdateSupport.dll
MOD - [2012-10-04 16:35:04 | 000,098,648 | R--- | M] (SweetIM Technologies Ltd.) -- D:\Program Files\SweetIM\Messenger\mgsimcommon.dll
MOD - [2012-10-04 16:34:52 | 000,168,280 | R--- | M] (SweetIM Technologies Ltd.) -- D:\Program Files\SweetIM\Messenger\mghooking.dll
MOD - [2012-10-04 16:34:48 | 000,065,880 | R--- | M] (SweetIM Technologies Ltd.) -- D:\Program Files\SweetIM\Messenger\mgconfig.dll
MOD - [2012-10-04 16:34:48 | 000,036,696 | R--- | M] (SweetIM Technologies Ltd.) -- D:\Program Files\SweetIM\Messenger\mgcommunication.dll
MOD - [2012-10-04 16:34:46 | 000,516,440 | R--- | M] (SweetIM Technologies Ltd.) -- D:\Program Files\SweetIM\Messenger\mgcommon.dll
MOD - [2012-10-04 16:34:38 | 000,026,968 | R--- | M] (SweetIM Technologies Ltd.) -- D:\Program Files\SweetIM\Messenger\mgAdaptersProxy.dll
MOD - [2012-10-04 16:34:36 | 000,115,032 | R--- | M] (SweetIM Technologies Ltd.) -- D:\Program Files\SweetIM\Messenger\SweetIM.exe
MOD - [2012-09-23 15:28:00 | 002,811,240 | ---- | M] (NVIDIA Corporation) -- D:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll
MOD - [2012-09-23 15:28:00 | 002,376,704 | ---- | M] (NVIDIA Corporation) -- D:\WINDOWS\system32\nvapi.dll
MOD - [2012-09-23 15:28:00 | 000,981,352 | ---- | M] (NVIDIA Corporation) -- D:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll
MOD - [2012-09-23 15:28:00 | 000,634,728 | ---- | M] (NVIDIA Corporation) -- D:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU.dll
MOD - [2012-09-23 15:28:00 | 000,357,184 | ---- | M] () -- D:\Program Files\NVIDIA Corporation\nview\nvShell.dll
MOD - [2012-09-23 14:09:17 | 000,258,048 | ---- | M] (NVIDIA Corporation) -- D:\WINDOWS\system32\nvrspl.dll
MOD - [2012-09-23 14:04:12 | 015,512,424 | ---- | M] (NVIDIA Corporation) -- D:\WINDOWS\system32\nvcpl.dll
MOD - [2012-09-23 14:04:11 | 000,164,200 | ---- | M] (NVIDIA Corporation) -- D:\WINDOWS\system32\nvsvc32.exe
MOD - [2012-09-23 14:04:11 | 000,108,392 | ---- | M] (NVIDIA Corporation) -- D:\WINDOWS\system32\nvmctray.dll
MOD - [2012-07-03 09:04:54 | 000,252,848 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files\Common Files\Java\Java Update\jusched.exe
MOD - [2012-06-09 19:20:02 | 000,168,448 | ---- | M] (Alexander Roshal) -- D:\Program Files\WinRAR\RarExt.dll
MOD - [2011-07-04 18:46:24 | 004,514,400 | ---- | M] (GG Network S.A.) -- D:\Program Files\Gadu-Gadu 10\ggsip.dll
MOD - [2011-07-04 18:46:20 | 000,217,696 | ---- | M] () -- D:\Program Files\Gadu-Gadu 10\gglog.dll
MOD - [2011-07-04 18:46:18 | 000,123,488 | ---- | M] () -- D:\Program Files\Gadu-Gadu 10\ggipcradioproxy.dll
MOD - [2011-07-04 18:46:16 | 000,017,504 | ---- | M] () -- D:\Program Files\Gadu-Gadu 10\ggipc.dll
MOD - [2011-07-04 18:46:12 | 000,027,744 | ---- | M] () -- D:\Program Files\Gadu-Gadu 10\ggcrypto.dll
MOD - [2011-07-04 18:46:10 | 000,356,960 | ---- | M] () -- D:\Program Files\Gadu-Gadu 10\ggcommon.dll
MOD - [2011-07-04 18:45:36 | 000,815,712 | ---- | M] (GG Network S.A.) -- D:\Program Files\Gadu-Gadu 10\networkdao.dll
MOD - [2011-07-04 18:45:30 | 013,374,048 | ---- | M] (GG Network S.A.) -- D:\Program Files\Gadu-Gadu 10\gg.exe
MOD - [2011-04-16 04:04:30 | 014,749,696 | ---- | M] () -- D:\Program Files\Gadu-Gadu 10\QtWebKit4.dll
MOD - [2011-02-17 10:00:46 | 000,327,680 | ---- | M] (http://hunspell.sourceforge.net/) -- D:\Program Files\Gadu-Gadu 10\libhunspell.dll
MOD - [2011-02-17 10:00:44 | 000,640,000 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Gadu-Gadu 10\dbghelp.dll
MOD - [2011-02-17 10:00:44 | 000,319,488 | ---- | M] (The cURL library, http://curl.haxx.se/) -- D:\Program Files\Gadu-Gadu 10\libcurl.dll
MOD - [2011-02-17 10:00:28 | 001,781,760 | ---- | M] () -- D:\Program Files\Gadu-Gadu 10\QtScript4.dll
MOD - [2011-02-17 10:00:28 | 000,393,216 | ---- | M] () -- D:\Program Files\Gadu-Gadu 10\QtXml4.dll
MOD - [2011-02-17 10:00:28 | 000,327,680 | ---- | M] () -- D:\Program Files\Gadu-Gadu 10\QtSvg4.dll
MOD - [2011-02-17 10:00:26 | 001,044,480 | ---- | M] () -- D:\Program Files\Gadu-Gadu 10\QtNetwork4.dll
MOD - [2011-02-17 10:00:24 | 009,097,216 | ---- | M] () -- D:\Program Files\Gadu-Gadu 10\QtGui4.dll
MOD - [2011-02-17 10:00:24 | 002,560,000 | ---- | M] () -- D:\Program Files\Gadu-Gadu 10\QtCore4.dll
MOD - [2011-02-17 09:59:40 | 000,311,296 | ---- | M] () -- D:\Program Files\Gadu-Gadu 10\imageformats\qtiff4.dll
MOD - [2011-02-17 09:59:40 | 000,274,432 | ---- | M] () -- D:\Program Files\Gadu-Gadu 10\imageformats\qmng4.dll
MOD - [2011-02-17 09:59:40 | 000,143,360 | ---- | M] () -- D:\Program Files\Gadu-Gadu 10\imageformats\qjpeg4.dll
MOD - [2011-02-17 09:59:40 | 000,027,648 | ---- | M] () -- D:\Program Files\Gadu-Gadu 10\imageformats\qgif4.dll
MOD - [2011-02-17 09:59:40 | 000,018,944 | ---- | M] () -- D:\Program Files\Gadu-Gadu 10\imageformats\qsvg4.dll
MOD - [2011-02-17 09:59:32 | 001,163,264 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- D:\Program Files\Gadu-Gadu 10\libeay32.dll
MOD - [2011-02-17 09:59:32 | 000,253,952 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- D:\Program Files\Gadu-Gadu 10\ssleay32.dll
MOD - [2011-02-17 09:59:32 | 000,059,904 | ---- | M] () -- D:\Program Files\Gadu-Gadu 10\zlib1.dll
MOD - [2010-06-25 15:58:00 | 000,796,032 | ---- | M] (Ralink Technology, Corp.) -- D:\WINDOWS\system32\Scutum.dll
MOD - [2010-06-25 15:58:00 | 000,180,224 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- D:\WINDOWS\system32\W32N55.dll
MOD - [2010-06-25 15:58:00 | 000,147,456 | ---- | M] () -- D:\WINDOWS\system32\DiagFunc.dll
MOD - [2010-06-25 15:57:58 | 001,085,440 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- D:\WINDOWS\system32\libeay32.dll
MOD - [2010-06-25 15:57:58 | 000,200,704 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- D:\WINDOWS\system32\ssleay32.dll
MOD - [2010-06-25 15:57:50 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) -- D:\Program Files\TP-LINK\COMMON\RaRegistry.exe
MOD - [2010-06-25 15:57:42 | 001,638,400 | ---- | M] (TP-LINK TECHNOLOGIES CO., LTD. ) -- D:\Program Files\TP-LINK\COMMON\TWCU.exe
MOD - [2010-06-25 15:57:42 | 000,909,312 | ---- | M] () -- D:\Program Files\TP-LINK\COMMON\RaWLAPI.dll
MOD - [2010-05-26 11:41:02 | 002,106,216 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\D3DCompiler_43.dll
MOD - [2010-05-26 11:41:02 | 001,998,168 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\D3DX9_43.dll
MOD - [2010-03-18 16:47:22 | 000,030,040 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Aspnet_perf.dll
MOD - [2010-03-18 16:47:22 | 000,017,760 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\aspnet_counters.dll
MOD - [2010-03-18 13:16:28 | 000,771,424 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msvcr100_clr0400.dll
MOD - [2010-03-18 13:16:28 | 000,413,008 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
MOD - [2010-03-18 13:16:28 | 000,129,880 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\CORPerfMonExt.dll
MOD - [2010-03-18 13:16:28 | 000,121,688 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\PerfCounter.dll
MOD - [2010-03-18 13:16:28 | 000,070,472 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\dxva2.dll
MOD - [2010-03-18 10:09:00 | 000,297,808 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\mscoree.dll
MOD - [2010-03-18 10:09:00 | 000,049,488 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\netfxperf.dll
MOD - [2009-07-12 01:12:06 | 000,632,656 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
MOD - [2009-07-12 01:09:20 | 000,554,832 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll
MOD - [2009-03-08 04:39:48 | 011,063,808 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ieframe.dll
MOD - [2009-03-08 04:34:58 | 000,914,944 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wininet.dll
MOD - [2009-03-08 04:34:56 | 001,206,784 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\urlmon.dll
MOD - [2009-03-08 04:34:48 | 000,236,544 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\webcheck.dll
MOD - [2009-03-08 04:33:16 | 000,726,528 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\jscript.dll
MOD - [2009-03-08 04:32:48 | 000,128,512 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\advpack.dll
MOD - [2009-03-08 04:32:22 | 001,985,024 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\iertutil.dll
MOD - [2009-01-07 18:21:32 | 001,497,088 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\shdocvw.dll
MOD - [2009-01-07 18:21:32 | 001,022,976 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\browseui.dll
MOD - [2009-01-07 18:21:32 | 000,474,112 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\shlwapi.dll
MOD - [2009-01-07 18:20:36 | 000,023,552 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\normaliz.dll
MOD - [2008-07-25 11:16:40 | 000,033,800 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
MOD - [2008-07-06 13:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
MOD - [2006-10-18 21:47:22 | 002,450,944 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wmvcore.dll
MOD - [2006-10-18 21:47:22 | 000,133,632 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\WPDShServiceObj.dll
MOD - [2006-10-18 21:47:18 | 000,284,160 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\PortableDeviceApi.dll
MOD - [2006-10-18 21:47:18 | 000,222,208 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\WMASF.dll
MOD - [2006-10-18 21:47:18 | 000,166,912 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\PortableDeviceTypes.dll
MOD - [2006-07-11 18:35:42 | 000,503,808 | ---- | M] (Microsoft Corporation) -- D:\Program Files\SweetIM\Messenger\msvcp71.dll
MOD - [2006-07-11 18:35:38 | 000,348,160 | ---- | M] (Microsoft Corporation) -- D:\Program Files\SweetIM\Messenger\msvcr71.dll
MOD - [2005-05-03 12:58:36 | 002,890,240 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msi.dll
MOD - [2004-08-04 12:00:00 | 008,412,672 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\shell32.dll
MOD - [2004-08-04 12:00:00 | 002,977,792 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wmploc.dll
MOD - [2004-08-04 12:00:00 | 002,953,216 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\xpsp2res.dll
MOD - [2004-08-04 12:00:00 | 001,852,416 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\AppPatch\AcGenral.dll
MOD - [2004-08-04 12:00:00 | 001,714,688 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\netshell.dll
MOD - [2004-08-04 12:00:00 | 001,712,128 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\GdiPlus.dll
MOD - [2004-08-04 12:00:00 | 001,689,088 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\d3d9.dll
MOD - [2004-08-04 12:00:00 | 001,439,744 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\query.dll
MOD - [2004-08-04 12:00:00 | 001,281,024 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ole32.dll
MOD - [2004-08-04 12:00:00 | 001,251,840 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\comsvcs.dll
MOD - [2004-08-04 12:00:00 | 001,134,592 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wuaueng.dll
MOD - [2004-08-04 12:00:00 | 001,092,608 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\esent.dll
MOD - [2004-08-04 12:00:00 | 001,050,624 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2004-08-04 12:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\explorer.exe
MOD - [2004-08-04 12:00:00 | 001,024,000 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\mfc42u.dll
MOD - [2004-08-04 12:00:00 | 001,012,224 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\kernel32.dll
MOD - [2004-08-04 12:00:00 | 000,997,888 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msgina.dll
MOD - [2004-08-04 12:00:00 | 000,996,352 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\setupapi.dll
MOD - [2004-08-04 12:00:00 | 000,822,272 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\comres.dll
MOD - [2004-08-04 12:00:00 | 000,729,088 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\userenv.dll
MOD - [2004-08-04 12:00:00 | 000,723,968 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\lsasrv.dll
MOD - [2004-08-04 12:00:00 | 000,716,288 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ntdll.dll
MOD - [2004-08-04 12:00:00 | 000,714,240 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\sxs.dll
MOD - [2004-08-04 12:00:00 | 000,686,080 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\advapi32.dll
MOD - [2004-08-04 12:00:00 | 000,675,328 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rasdlg.dll
MOD - [2004-08-04 12:00:00 | 000,640,000 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\dbghelp.dll
MOD - [2004-08-04 12:00:00 | 000,629,248 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\netcfgx.dll
MOD - [2004-08-04 12:00:00 | 000,628,224 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\catsrvut.dll
MOD - [2004-08-04 12:00:00 | 000,611,328 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\comctl32.dll
MOD - [2004-08-04 12:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\crypt32.dll
MOD - [2004-08-04 12:00:00 | 000,586,240 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\mlang.dll
MOD - [2004-08-04 12:00:00 | 000,581,120 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rpcrt4.dll
MOD - [2004-08-04 12:00:00 | 000,578,560 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\user32.dll
MOD - [2004-08-04 12:00:00 | 000,553,472 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\oleaut32.dll
MOD - [2004-08-04 12:00:00 | 000,537,088 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msftedit.dll
MOD - [2004-08-04 12:00:00 | 000,530,944 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\wbemcore.dll
MOD - [2004-08-04 12:00:00 | 000,520,192 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\cryptui.dll
MOD - [2004-08-04 12:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\winlogon.exe
MOD - [2004-08-04 12:00:00 | 000,501,248 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\clbcatq.dll
MOD - [2004-08-04 12:00:00 | 000,472,064 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\fastprox.dll
MOD - [2004-08-04 12:00:00 | 000,437,248 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\wmiprvsd.dll
MOD - [2004-08-04 12:00:00 | 000,431,616 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\riched20.dll
MOD - [2004-08-04 12:00:00 | 000,430,592 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\vssapi.dll
MOD - [2004-08-04 12:00:00 | 000,427,520 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\samsrv.dll
MOD - [2004-08-04 12:00:00 | 000,425,472 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msdtcprx.dll
MOD - [2004-08-04 12:00:00 | 000,413,696 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msvcp60.dll
MOD - [2004-08-04 12:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\netlogon.dll
MOD - [2004-08-04 12:00:00 | 000,406,528 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\usp10.dll
MOD - [2004-08-04 12:00:00 | 000,395,776 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rpcss.dll
MOD - [2004-08-04 12:00:00 | 000,388,608 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\themeui.dll
MOD - [2004-08-04 12:00:00 | 000,367,616 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\dsound.dll
MOD - [2004-08-04 12:00:00 | 000,359,936 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wzcsvc.dll
MOD - [2004-08-04 12:00:00 | 000,351,232 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\winhttp.dll
MOD - [2004-08-04 12:00:00 | 000,346,624 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\hnetcfg.dll
MOD - [2004-08-04 12:00:00 | 000,343,552 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\localspl.dll
MOD - [2004-08-04 12:00:00 | 000,343,040 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msvcrt.dll
MOD - [2004-08-04 12:00:00 | 000,333,312 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\cscui.dll
MOD - [2004-08-04 12:00:00 | 000,332,288 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\netapi32.dll
MOD - [2004-08-04 12:00:00 | 000,331,264 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ipnathlp.dll
MOD - [2004-08-04 12:00:00 | 000,324,608 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\scesrv.dll
MOD - [2004-08-04 12:00:00 | 000,304,128 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\duser.dll
MOD - [2004-08-04 12:00:00 | 000,296,448 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\termsrv.dll
MOD - [2004-08-04 12:00:00 | 000,294,400 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\MSCTF.dll
MOD - [2004-08-04 12:00:00 | 000,294,400 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\kerberos.dll
MOD - [2004-08-04 12:00:00 | 000,285,184 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\pdh.dll
MOD - [2004-08-04 12:00:00 | 000,279,552 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\comdlg32.dll
MOD - [2004-08-04 12:00:00 | 000,278,016 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\gdi32.dll
MOD - [2004-08-04 12:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\wbemess.dll
MOD - [2004-08-04 12:00:00 | 000,267,776 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\oakley.dll
MOD - [2004-08-04 12:00:00 | 000,266,240 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\h323.tsp
MOD - [2004-08-04 12:00:00 | 000,266,240 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ddraw.dll
MOD - [2004-08-04 12:00:00 | 000,249,856 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\odbc32.dll
MOD - [2004-08-04 12:00:00 | 000,247,808 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\esscli.dll
MOD - [2004-08-04 12:00:00 | 000,246,784 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\mswsock.dll
MOD - [2004-08-04 12:00:00 | 000,246,272 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\tapisrv.dll
MOD - [2004-08-04 12:00:00 | 000,245,760 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\netui1.dll
MOD - [2004-08-04 12:00:00 | 000,243,200 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\es.dll
MOD - [2004-08-04 12:00:00 | 000,237,056 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rasapi32.dll
MOD - [2004-08-04 12:00:00 | 000,229,888 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\catsrv.dll
MOD - [2004-08-04 12:00:00 | 000,219,648 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\uxtheme.dll
MOD - [2004-08-04 12:00:00 | 000,214,528 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\wbemcomn.dll
MOD - [2004-08-04 12:00:00 | 000,207,360 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\unimdm.tsp
MOD - [2004-08-04 12:00:00 | 000,206,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rasppp.dll
MOD - [2004-08-04 12:00:00 | 000,198,144 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\netman.dll
MOD - [2004-08-04 12:00:00 | 000,197,632 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\certcli.dll
MOD - [2004-08-04 12:00:00 | 000,195,072 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msutb.dll
MOD - [2004-08-04 12:00:00 | 000,194,048 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\activeds.dll
MOD - [2004-08-04 12:00:00 | 000,192,000 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\schedsvc.dll
MOD - [2004-08-04 12:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2004-08-04 12:00:00 | 000,185,344 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\scecli.dll
MOD - [2004-08-04 12:00:00 | 000,183,296 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ipsecsvc.dll
MOD - [2004-08-04 12:00:00 | 000,182,272 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\tapi32.dll
MOD - [2004-08-04 12:00:00 | 000,178,176 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\winmm.dll
MOD - [2004-08-04 12:00:00 | 000,177,152 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\repdrvfs.dll
MOD - [2004-08-04 12:00:00 | 000,177,152 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\MSCTFIME.IME
MOD - [2004-08-04 12:00:00 | 000,176,640 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wintrust.dll
MOD - [2004-08-04 12:00:00 | 000,175,616 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\w32time.dll
MOD - [2004-08-04 12:00:00 | 000,174,080 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rasmans.dll
MOD - [2004-08-04 12:00:00 | 000,172,544 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wldap32.dll
MOD - [2004-08-04 12:00:00 | 000,171,008 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\srsvc.dll
MOD - [2004-08-04 12:00:00 | 000,164,864 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\credui.dll
MOD - [2004-08-04 12:00:00 | 000,163,328 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wuaucpl.cpl
MOD - [2004-08-04 12:00:00 | 000,163,328 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\oleacc.dll
MOD - [2004-08-04 12:00:00 | 000,161,280 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msdtcuiu.dll
MOD - [2004-08-04 12:00:00 | 000,155,136 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\modemui.dll
MOD - [2004-08-04 12:00:00 | 000,152,576 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rsaenh.dll
MOD - [2004-08-04 12:00:00 | 000,148,480 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\dnsapi.dll
MOD - [2004-08-04 12:00:00 | 000,146,432 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\winspool.drv
MOD - [2004-08-04 12:00:00 | 000,145,408 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\wmisvc.dll
MOD - [2004-08-04 12:00:00 | 000,144,896 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\schannel.dll
MOD - [2004-08-04 12:00:00 | 000,144,896 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ntshrui.dll
MOD - [2004-08-04 12:00:00 | 000,144,384 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\imagehlp.dll
MOD - [2004-08-04 12:00:00 | 000,143,360 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\adsldpc.dll
MOD - [2004-08-04 12:00:00 | 000,140,800 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\sfc_os.dll
MOD - [2004-08-04 12:00:00 | 000,137,216 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\dssenh.dll
MOD - [2004-08-04 12:00:00 | 000,135,168 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\shsvcs.dll
MOD - [2004-08-04 12:00:00 | 000,132,608 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\upnp.dll
MOD - [2004-08-04 12:00:00 | 000,132,096 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wkssvc.dll
MOD - [2004-08-04 12:00:00 | 000,129,536 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msv1_0.dll
MOD - [2004-08-04 12:00:00 | 000,126,976 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\apphelp.dll
MOD - [2004-08-04 12:00:00 | 000,122,368 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\stobject.dll
MOD - [2004-08-04 12:00:00 | 000,119,808 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ntmarta.dll
MOD - [2004-08-04 12:00:00 | 000,118,784 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\umpnpmgr.dll
MOD - [2004-08-04 12:00:00 | 000,118,272 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\oledlg.dll
MOD - [2004-08-04 12:00:00 | 000,115,712 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\mstlsapi.dll
MOD - [2004-08-04 12:00:00 | 000,112,640 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rastls.dll
MOD - [2004-08-04 12:00:00 | 000,112,128 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wuauclt.exe
MOD - [2004-08-04 12:00:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\dhcpcsvc.dll
MOD - [2004-08-04 12:00:00 | 000,110,080 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\imm32.dll
MOD - [2004-08-04 12:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\services.exe
MOD - [2004-08-04 12:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\win32spl.dll
MOD - [2004-08-04 12:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msscript.ocx
MOD - [2004-08-04 12:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\cscdll.dll
MOD - [2004-08-04 12:00:00 | 000,101,888 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\actxprxy.dll
MOD - [2004-08-04 12:00:00 | 000,099,328 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\winscard.dll
MOD - [2004-08-04 12:00:00 | 000,098,816 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\loadperf.dll
MOD - [2004-08-04 12:00:00 | 000,098,304 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Windows Media Player\wmpband.dll
MOD - [2004-08-04 12:00:00 | 000,098,304 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\wmiutils.dll
MOD - [2004-08-04 12:00:00 | 000,098,304 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\odbcint.dll
MOD - [2004-08-04 12:00:00 | 000,097,280 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\psbase.dll
MOD - [2004-08-04 12:00:00 | 000,096,768 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\srvsvc.dll
MOD - [2004-08-04 12:00:00 | 000,095,744 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\iphlpapi.dll
MOD - [2004-08-04 12:00:00 | 000,093,184 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wlnotify.dll
MOD - [2004-08-04 12:00:00 | 000,091,136 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\mydocs.dll
MOD - [2004-08-04 12:00:00 | 000,090,624 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\trkwks.dll
MOD - [2004-08-04 12:00:00 | 000,089,088 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\wmiaprpl.dll
MOD - [2004-08-04 12:00:00 | 000,087,040 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\mprapi.dll
MOD - [2004-08-04 12:00:00 | 000,083,456 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\olepro32.dll
MOD - [2004-08-04 12:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ws2_32.dll
MOD - [2004-08-04 12:00:00 | 000,081,408 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wscsvc.dll
MOD - [2004-08-04 12:00:00 | 000,081,408 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\netui0.dll
MOD - [2004-08-04 12:00:00 | 000,078,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\unimdmat.dll
MOD - [2004-08-04 12:00:00 | 000,077,312 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\browser.dll
MOD - [2004-08-04 12:00:00 | 000,075,264 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\inetpp.dll
MOD - [2004-08-04 12:00:00 | 000,074,752 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\spoolss.dll
MOD - [2004-08-04 12:00:00 | 000,073,728 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\mscms.dll
MOD - [2004-08-04 12:00:00 | 000,071,680 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msacm32.dll
MOD - [2004-08-04 12:00:00 | 000,069,632 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\raschap.dll
MOD - [2004-08-04 12:00:00 | 000,067,584 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\srclient.dll
MOD - [2004-08-04 12:00:00 | 000,067,584 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\browselc.dll
MOD - [2004-08-04 12:00:00 | 000,067,072 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ntdsapi.dll
MOD - [2004-08-04 12:00:00 | 000,066,560 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\mtxclu.dll
MOD - [2004-08-04 12:00:00 | 000,065,536 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\shimeng.dll
MOD - [2004-08-04 12:00:00 | 000,064,000 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\samlib.dll
MOD - [2004-08-04 12:00:00 | 000,063,488 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\cryptnet.dll
MOD - [2004-08-04 12:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\colbact.dll
MOD - [2004-08-04 12:00:00 | 000,061,440 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rasman.dll
MOD - [2004-08-04 12:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\cryptsvc.dll
MOD - [2004-08-04 12:00:00 | 000,059,904 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\mpr.dll
MOD - [2004-08-04 12:00:00 | 000,059,904 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\devenum.dll
MOD - [2004-08-04 12:00:00 | 000,059,904 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\cabinet.dll
MOD - [2004-08-04 12:00:00 | 000,058,880 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\resutils.dll
MOD - [2004-08-04 12:00:00 | 000,058,880 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rastapi.dll
MOD - [2004-08-04 12:00:00 | 000,058,880 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\atl.dll
MOD - [2004-08-04 12:00:00 | 000,057,856 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\spoolsv.exe
MOD - [2004-08-04 12:00:00 | 000,057,856 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\clusapi.dll
MOD - [2004-08-04 12:00:00 | 000,057,344 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ndptsp.tsp
MOD - [2004-08-04 12:00:00 | 000,057,344 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msasn1.dll
MOD - [2004-08-04 12:00:00 | 000,056,832 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\authz.dll
MOD - [2004-08-04 12:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\secur32.dll
MOD - [2004-08-04 12:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\eventlog.dll
MOD - [2004-08-04 12:00:00 | 000,053,760 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\winsta.dll
MOD - [2004-08-04 12:00:00 | 000,053,248 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\mfc42loc.dll
MOD - [2004-08-04 12:00:00 | 000,051,712 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wzcsapi.dll
MOD - [2004-08-04 12:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\smss.exe
MOD - [2004-08-04 12:00:00 | 000,049,664 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\regapi.dll
MOD - [2004-08-04 12:00:00 | 000,049,152 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wdigest.dll
MOD - [2004-08-04 12:00:00 | 000,049,152 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\cnbjmon.dll
MOD - [2004-08-04 12:00:00 | 000,048,128 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msprivs.dll
MOD - [2004-08-04 12:00:00 | 000,047,104 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\ncprov.dll
MOD - [2004-08-04 12:00:00 | 000,046,592 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\tcpmon.dll
MOD - [2004-08-04 12:00:00 | 000,044,032 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rtutils.dll
MOD - [2004-08-04 12:00:00 | 000,043,520 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\wbemsvc.dll
MOD - [2004-08-04 12:00:00 | 000,043,520 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ntlanman.dll
MOD - [2004-08-04 12:00:00 | 000,042,496 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\audiosrv.dll
MOD - [2004-08-04 12:00:00 | 000,041,472 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\perfctrs.dll
MOD - [2004-08-04 12:00:00 | 000,038,912 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\sens.dll
MOD - [2004-08-04 12:00:00 | 000,038,912 | ---- | M] (Microsoft Corporation) -- d:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
MOD - [2004-08-04 12:00:00 | 000,036,864 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wups.dll
MOD - [2004-08-04 12:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ncobjapi.dll
MOD - [2004-08-04 12:00:00 | 000,035,328 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\perfproc.dll
MOD - [2004-08-04 12:00:00 | 000,034,816 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ssdpapi.dll
MOD - [2004-08-04 12:00:00 | 000,034,304 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\pstorsvc.dll
MOD - [2004-08-04 12:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rundll32.exe
MOD - [2004-08-04 12:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\kmddsp.tsp
MOD - [2004-08-04 12:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\cryptdll.dll
MOD - [2004-08-04 12:00:00 | 000,032,768 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\winipsec.dll
MOD - [2004-08-04 12:00:00 | 000,031,232 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\traffic.dll
MOD - [2004-08-04 12:00:00 | 000,030,208 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\mspatcha.dll
MOD - [2004-08-04 12:00:00 | 000,030,208 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\hidphone.tsp
MOD - [2004-08-04 12:00:00 | 000,028,672 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\batmeter.dll
MOD - [2004-08-04 12:00:00 | 000,027,648 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\profmap.dll
MOD - [2004-08-04 12:00:00 | 000,026,624 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\perfdisk.dll
MOD - [2004-08-04 12:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\utildll.dll
MOD - [2004-08-04 12:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\shfolder.dll
MOD - [2004-08-04 12:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\perfos.dll
MOD - [2004-08-04 12:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\davclnt.dll
MOD - [2004-08-04 12:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\odbcbcp.dll
MOD - [2004-08-04 12:00:00 | 000,024,064 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wsock32.dll
MOD - [2004-08-04 12:00:00 | 000,023,552 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wdmaud.drv
MOD - [2004-08-04 12:00:00 | 000,023,040 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\psapi.dll
MOD - [2004-08-04 12:00:00 | 000,023,040 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ersvc.dll
MOD - [2004-08-04 12:00:00 | 000,022,528 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\mfcsubs.dll
MOD - [2004-08-04 12:00:00 | 000,022,016 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\lpk.dll
MOD - [2004-08-04 12:00:00 | 000,020,992 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msacm32.drv
MOD - [2004-08-04 12:00:00 | 000,020,992 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\hid.dll
MOD - [2004-08-04 12:00:00 | 000,019,968 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wshtcpip.dll
MOD - [2004-08-04 12:00:00 | 000,019,968 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ws2help.dll
MOD - [2004-08-04 12:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\wbemprox.dll
MOD - [2004-08-04 12:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\version.dll
MOD - [2004-08-04 12:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\seclogon.dll
MOD - [2004-08-04 12:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\midimap.dll
MOD - [2004-08-04 12:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\linkinfo.dll
MOD - [2004-08-04 12:00:00 | 000,018,432 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wtsapi32.dll
MOD - [2004-08-04 12:00:00 | 000,018,432 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\nddeapi.dll
MOD - [2004-08-04 12:00:00 | 000,017,408 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\powrprof.dll
MOD - [2004-08-04 12:00:00 | 000,017,408 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ipconf.tsp
MOD - [2004-08-04 12:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\winrnr.dll
MOD - [2004-08-04 12:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\usbmon.dll
MOD - [2004-08-04 12:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\perfnet.dll
MOD - [2004-08-04 12:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\pjlmon.dll
MOD - [2004-08-04 12:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ctfmon.exe
MOD - [2004-08-04 12:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe
MOD - [2004-08-04 12:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\drprov.dll
MOD - [2004-08-04 12:00:00 | 000,014,336 | ---- | M] () -- D:\WINDOWS\system32\msdmo.dll
MOD - [2004-08-04 12:00:00 | 000,013,824 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wscntfy.exe
MOD - [2004-08-04 12:00:00 | 000,013,824 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\uniplat.dll
MOD - [2004-08-04 12:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\lsass.exe
MOD - [2004-08-04 12:00:00 | 000,012,288 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\perfts.dll
MOD - [2004-08-04 12:00:00 | 000,012,288 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\netrap.dll
MOD - [2004-08-04 12:00:00 | 000,011,264 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\icaapi.dll
MOD - [2004-08-04 12:00:00 | 000,010,752 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\pschdprf.dll
MOD - [2004-08-04 12:00:00 | 000,009,728 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rsvpperf.dll
MOD - [2004-08-04 12:00:00 | 000,008,704 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\dciman32.dll
MOD - [2004-08-04 12:00:00 | 000,008,192 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rasadhlp.dll
MOD - [2004-08-04 12:00:00 | 000,008,192 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ntlsapi.dll
MOD - [2004-08-04 12:00:00 | 000,008,192 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\d3d8thk.dll
MOD - [2004-08-04 12:00:00 | 000,006,656 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wuauserv.dll
MOD - [2004-08-04 12:00:00 | 000,006,656 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\sensapi.dll
MOD - [2004-08-04 12:00:00 | 000,006,656 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msidle.dll
MOD - [2004-08-04 12:00:00 | 000,005,632 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wmi.dll
MOD - [2004-08-04 12:00:00 | 000,005,632 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\tapiperf.dll
MOD - [2004-08-04 12:00:00 | 000,005,120 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\sfc.dll
MOD - [2004-08-04 12:00:00 | 000,004,608 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msimg32.dll
MOD - [2004-08-04 01:44:00 | 000,021,504 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\hidserv.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012-12-12 08:17:55 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- D:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-11-27 18:24:51 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- D:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012-11-19 21:48:14 | 001,435,568 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- D:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012-11-09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- D:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-09-23 15:28:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- D:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2010-06-25 15:57:50 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- D:\Program Files\TP-LINK\COMMON\RaRegistry.exe -- (RalinkRegistryWriter)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\x3640001.sys -- (x3640001)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012-12-24 15:26:20 | 000,139,424 | ---- | M] () [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\PnkBstrK.sys -- (PnkBstrK)
DRV - [2012-12-24 14:10:52 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2012-11-27 16:09:44 | 000,077,056 | ---- | M] (VIA Technologies inc,.ltd) [Kernel | Boot | Running] -- D:\WINDOWS\system32\drivers\viasraid.sys -- (viasraid)
DRV - [2012-09-20 05:35:36 | 000,181,344 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2012-09-20 05:35:36 | 000,083,168 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2010-06-25 15:57:58 | 000,019,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\Scutum50.sys -- (Scutum50)
DRV - [2010-06-25 15:57:40 | 000,827,488 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\rt2870.sys -- (rt2870)
DRV - [2010-06-19 15:04:16 | 000,042,928 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\x3320001.sys -- (x3320001)
DRV - [2010-05-25 08:59:24 | 000,121,576 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2010-05-25 08:59:24 | 000,098,152 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ssadserd.sys -- (ssadserd)
DRV - [2010-05-25 08:59:24 | 000,096,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2010-05-25 08:59:24 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ssadadb.sys -- (androidusb)
DRV - [2010-05-25 08:59:24 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2010-04-27 03:25:20 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2010-04-27 03:25:20 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus)
DRV - [2010-04-27 03:25:20 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2009-03-18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2004-08-04 00:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2001-08-17 21:19:34 | 000,040,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\es1371mp.sys -- (es1371)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1644491937-1708537768-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://gazeta.pl/0,0.html?sc=1
IE - HKU\S-1-5-21-1644491937-1708537768-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1644491937-1708537768-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://youtube.pl/
IE - HKU\S-1-5-21-1644491937-1708537768-725345543-1004\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - D:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKU\S-1-5-21-1644491937-1708537768-725345543-1004\..\SearchScopes,DefaultScope = {76F5E59B-E0C6-449A-BE54-B95DEFB48A5F}
IE - HKU\S-1-5-21-1644491937-1708537768-725345543-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1644491937-1708537768-725345543-1004\..\SearchScopes\{2BD85B96-6BF0-44AB-9016-0C6072942246}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1644491937-1708537768-725345543-1004\..\SearchScopes\{39B64B4E-05FF-45FF-B9BC-DDCE3F793B4A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1644491937-1708537768-725345543-1004\..\SearchScopes\{76F5E59B-E0C6-449A-BE54-B95DEFB48A5F}: "URL" = http://szukaj.gazeta.pl/portalSearch.do?s.si(navigation).navigationEnabled=true&s.sm.query={searchTerms}
IE - HKU\S-1-5-21-1644491937-1708537768-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1644491937-1708537768-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>



[color=#E56717]========== FireFox ==========[/color]

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: D:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: D:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: D:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: D:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: D:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: D:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\support@mozilla.com: D:\Documents and Settings\Grzenio\Dane aplikacji\support@mozilla.com [2012-12-11 18:39:15 | 000,000,000 | ---D | M]


[color=#E56717]========== Chrome ==========[/color]

CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = D:\Program Files\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = D:\Program Files\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = D:\Program Files\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = D:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = D:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = D:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = D:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll
CHR - Extension: Dysk Google = D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Battlefield Heroes = D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh\5.0.196.0_0\
CHR - Extension: Szukaj w Google = D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: AdBlock = D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.54_0\
CHR - Extension: SweetIM for Facebook = D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.1.0.1_0\
CHR - Extension: Battlefield Play4Free = D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh\1.0.80.5_0\
CHR - Extension: Gmail = D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Dysk Google = D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Battlefield Heroes = D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh\5.0.196.0_0\
CHR - Extension: Szukaj w Google = D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: AdBlock = D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.54_0\
CHR - Extension: SweetIM for Facebook = D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.1.0.1_0\
CHR - Extension: Battlefield Play4Free = D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh\1.0.80.5_0\
CHR - Extension: Gmail = D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2004-08-04 12:00:00 | 000,000,742 | ---- | M]) - D:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - D:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O2 - BHO: (SimpleAdblock Class) - {FFCB3198-32F3-4E8B-9539-4324694ED664} - D:\Program Files\Common Files\Simple Adblock\SimpleAdblock.dll (Simple Adblock)
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - D:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKU\S-1-5-21-1644491937-1708537768-725345543-1004\..\Toolbar\WebBrowser: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - D:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] D:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [NvCplDaemon] D:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] D:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] D:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
O4 - HKLM..\Run: [SweetIM] D:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Sweetpacks Communicator] D:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe File not found
O4 - HKU\S-1-5-21-1644491937-1708537768-725345543-1004..\Run: [DAEMON Tools Lite] D:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1644491937-1708537768-725345543-1004..\Run: [Hoolapp Android] "D:\DOCUME~1\Grzenio\DANEAP~1\HOOLAP~1\Hoolapp.exe" /Minimized File not found
O4 - HKU\S-1-5-21-1644491937-1708537768-725345543-1004..\Run: [KPeerNexonEU] D:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe (NEXON Inc.)
O4 - HKU\S-1-5-21-1644491937-1708537768-725345543-1004..\Run: [Oracle Java] D:\WINDOWS\System32\javaw.exe (Oracle Corporation)
O4 - Startup: D:\Documents and Settings\All Users\Menu Start\Programy\Autostart\TP-LINK Wireless Utility.lnk = D:\Program Files\TP-LINK\COMMON\TWCU.exe (TP-LINK TECHNOLOGIES CO., LTD. )
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1644491937-1708537768-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1644491937-1708537768-725345543-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{065775D1-4E4D-49F9-B150-07BFD3DE1EB9}: DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (D:\WINDOWS\system32\userinit.exe) - D:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LogonInit: DllName - (logonInit.dll) - D:\Program Files\Common Files\logonInit.dll ()
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: D:\WINDOWS\Web\Wallpaper\Idylla.bmp
O24 - Desktop BackupWallPaper: D:\WINDOWS\Web\Wallpaper\Idylla.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012-11-27 18:02:38 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2012-12-24 14:17:24 | 000,000,000 | -HSD | C] -- D:\WINDOWS\ftpcache
[2012-12-24 14:16:15 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\Activision
[2012-12-24 14:11:07 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\DAEMON Tools Lite
[2012-12-24 14:10:55 | 000,000,000 | ---D | C] -- D:\WINDOWS\LastGood
[2012-12-24 14:10:52 | 000,242,240 | ---- | C] (DT Soft Ltd) -- D:\WINDOWS\System32\drivers\dtsoftbus01.sys
[2012-12-24 14:10:48 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\DAEMON Tools Lite
[2012-12-24 14:10:45 | 000,000,000 | ---D | C] -- D:\Program Files\DAEMON Tools Lite
[2012-12-24 14:08:23 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2012-12-24 12:28:36 | 000,000,000 | ---D | C] -- D:\WINDOWS\Minidump
[2012-12-24 11:49:02 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\BitTorrent
[2012-12-24 11:28:34 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\WMTools Downloaded Files
[2012-12-24 11:25:23 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Grzenio\Moje dokumenty\Moje wideo
[2012-12-24 11:25:23 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Dokumenty\Moje wideo
[2012-12-23 10:03:48 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Pulpit\iBot
[2012-12-17 17:49:57 | 000,000,000 | ---D | C] -- D:\Program Files\Tibiacast
[2012-12-16 17:57:11 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\Tibiacast
[2012-12-16 17:55:39 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\Tibiacast
[2012-12-13 19:57:22 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\CPUID
[2012-12-12 21:56:16 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\%Installer_PublisherName%
[2012-12-12 21:56:10 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\InstallMate
[2012-12-12 20:55:07 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Nexon
[2012-12-12 20:17:57 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\Nexon
[2012-12-12 20:12:50 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\NexonEU
[2012-12-12 18:58:25 | 000,446,464 | ---- | C] (NEXON Inc.) -- D:\WINDOWS\NEXON_EU_DownloaderUpdater.exe
[2012-12-12 18:58:25 | 000,000,000 | ---D | C] -- D:\Nexon
[2012-12-12 08:17:52 | 016,363,960 | ---- | C] (Adobe Systems Incorporated) -- D:\WINDOWS\System32\FlashPlayerInstaller.exe
[2012-12-11 18:42:15 | 000,000,000 | ---D | C] -- D:\Program Files\Microsoft.NET
[2012-12-11 18:39:15 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\support@mozilla.com
[2012-12-11 18:39:08 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Opera
[2012-12-11 18:39:08 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\Chrome_manager
[2012-12-10 17:57:45 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2012-12-10 16:20:49 | 000,121,576 | ---- | C] (MCCI Corporation) -- D:\WINDOWS\System32\drivers\ssadmdm.sys
[2012-12-10 16:20:49 | 000,098,152 | ---- | C] (MCCI Corporation) -- D:\WINDOWS\System32\drivers\ssadserd.sys
[2012-12-10 16:20:49 | 000,096,488 | ---- | C] (MCCI Corporation) -- D:\WINDOWS\System32\drivers\ssadbus.sys
[2012-12-10 16:20:49 | 000,030,312 | ---- | C] (Google Inc) -- D:\WINDOWS\System32\drivers\ssadadb.sys
[2012-12-10 16:20:49 | 000,012,776 | ---- | C] (MCCI Corporation) -- D:\WINDOWS\System32\drivers\ssadmdfl.sys
[2012-12-10 16:20:49 | 000,010,344 | ---- | C] (MCCI Corporation) -- D:\WINDOWS\System32\drivers\ssadcmnt.sys
[2012-12-10 16:20:49 | 000,010,216 | ---- | C] (MCCI Corporation) -- D:\WINDOWS\System32\drivers\ssadwhnt.sys
[2012-12-10 16:20:28 | 000,132,424 | ---- | C] (MCCI Corporation) -- D:\WINDOWS\System32\drivers\sscdmdm.sys
[2012-12-10 16:20:28 | 000,104,648 | ---- | C] (MCCI Corporation) -- D:\WINDOWS\System32\drivers\sscdbus.sys
[2012-12-10 16:20:28 | 000,014,920 | ---- | C] (MCCI Corporation) -- D:\WINDOWS\System32\drivers\sscdmdfl.sys
[2012-12-10 16:20:28 | 000,012,616 | ---- | C] (MCCI Corporation) -- D:\WINDOWS\System32\drivers\sscdcmnt.sys
[2012-12-10 16:20:28 | 000,012,616 | ---- | C] (MCCI Corporation) -- D:\WINDOWS\System32\drivers\sscdcm.sys
[2012-12-10 16:20:28 | 000,012,488 | ---- | C] (MCCI Corporation) -- D:\WINDOWS\System32\drivers\sscdwhnt.sys
[2012-12-10 16:20:28 | 000,012,488 | ---- | C] (MCCI Corporation) -- D:\WINDOWS\System32\drivers\sscdwh.sys
[2012-12-07 21:38:53 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\Samsung
[2012-12-07 21:38:45 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Moje dokumenty\samsung
[2012-12-07 21:36:31 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- D:\WINDOWS\System32\Redemption.dll
[2012-12-07 21:35:36 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers\umdf
[2012-12-07 21:34:25 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\XPSViewer
[2012-12-07 21:34:22 | 000,000,000 | ---D | C] -- D:\Program Files\MSBuild
[2012-12-07 21:34:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\en-US
[2012-12-07 21:34:15 | 000,000,000 | ---D | C] -- D:\Program Files\Reference Assemblies
[2012-12-07 21:33:31 | 000,000,000 | R-SD | C] -- D:\WINDOWS\assembly
[2012-12-07 21:33:13 | 000,000,000 | ---D | C] -- D:\WINDOWS\Microsoft.NET
[2012-12-07 21:32:46 | 000,000,000 | ---D | C] -- D:\Program Files\MSXML 6.0
[2012-12-07 21:31:27 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Downloaded Installations
[2012-12-07 21:31:19 | 000,000,000 | -H-D | C] -- D:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2012-12-07 21:18:17 | 000,181,344 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- D:\WINDOWS\System32\drivers\ssudmdm.sys
[2012-12-07 21:18:16 | 000,083,168 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- D:\WINDOWS\System32\drivers\ssudbus.sys
[2012-12-07 21:11:01 | 000,000,000 | ---D | C] -- D:\Program Files\SweetIM
[2012-12-07 21:11:01 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\SweetIM
[2012-12-07 21:10:46 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\ExpressFiles
[2012-12-04 21:10:47 | 000,042,928 | ---- | C] (Your Corporation) -- D:\WINDOWS\System32\drivers\x3320001.sys
[2012-12-04 21:10:47 | 000,000,000 | ---D | C] -- D:\WINDOWS\USB_Vibration
[2012-12-04 21:10:41 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\InstallShield
[2012-12-04 21:10:39 | 000,000,000 | ---D | C] -- D:\Program Files\USB Vibartion
[2012-12-04 17:02:57 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\K-Lite Codec Pack
[2012-12-04 17:02:51 | 000,000,000 | ---D | C] -- D:\Program Files\K-Lite Codec Pack
[2012-12-01 21:57:15 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\Skype
[2012-12-01 21:57:09 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Skype
[2012-12-01 21:57:09 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\Skype
[2012-12-01 21:57:08 | 000,000,000 | R--D | C] -- D:\Program Files\Skype
[2012-12-01 21:57:05 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Skype
[2012-12-01 17:19:57 | 000,010,344 | ---- | C] (MCCI Corporation) -- D:\WINDOWS\System32\drivers\ssadcm.sys
[2012-12-01 17:19:57 | 000,010,216 | ---- | C] (MCCI Corporation) -- D:\WINDOWS\System32\drivers\ssadwh.sys
[2012-12-01 17:19:51 | 000,000,000 | ---D | C] -- D:\Program Files\SAMSUNG
[2012-12-01 17:19:46 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Samsung
[2012-12-01 17:08:03 | 000,000,000 | ---D | C] -- D:\WINDOWS\Sun
[2012-11-28 22:34:58 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Moje dokumenty\Battlefield Play4Free
[2012-11-28 21:50:04 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\PunkBuster
[2012-11-28 21:38:15 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Moje dokumenty\Battlefield Heroes
[2012-11-28 21:28:59 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\LogFiles
[2012-11-28 21:28:58 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Menu Start\Programy\EA Games
[2012-11-28 19:06:49 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\.gstreamer-0.10
[2012-11-28 19:06:36 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2012-11-28 19:06:34 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\OpenFM
[2012-11-28 19:01:09 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Moje dokumenty\Electronic Arts
[2012-11-28 14:17:18 | 000,569,344 | ---- | C] ((c) MusicCity) -- D:\WINDOWS\System32\muzdecode.ax
[2012-11-28 14:17:18 | 000,491,520 | ---- | C] (Musiccity Co.Ltd.) -- D:\WINDOWS\System32\muzapp.dll
[2012-11-28 14:17:18 | 000,352,256 | ---- | C] (Sample Corporation) -- D:\WINDOWS\System32\MSLUR71.dll
[2012-11-28 14:17:18 | 000,258,048 | ---- | C] ((c) PeeringPortal) -- D:\WINDOWS\System32\muzoggsp.ax
[2012-11-28 14:17:18 | 000,245,760 | ---- | C] (Teruten Inc.) -- D:\WINDOWS\System32\MSCLib.dll
[2012-11-28 14:17:18 | 000,200,704 | ---- | C] ( (c) MusicCity) -- D:\WINDOWS\System32\muzwmts.dll
[2012-11-28 14:17:18 | 000,172,032 | ---- | C] (Musiccity Co.Ltd.) -- D:\WINDOWS\System32\muzapp.exe
[2012-11-28 14:17:18 | 000,155,648 | ---- | C] (Teruten Inc.) -- D:\WINDOWS\System32\MSFLib.dll
[2012-11-28 14:17:18 | 000,135,168 | ---- | C] (Musiccity Co.Ltd.) -- D:\WINDOWS\System32\muzaf1.dll
[2012-11-28 14:17:18 | 000,131,072 | ---- | C] ((c) MusicCity) -- D:\WINDOWS\System32\muzmpgsp.ax
[2012-11-28 14:17:18 | 000,122,880 | ---- | C] ((c) MUSICCITY) -- D:\WINDOWS\System32\muzeffect.ax
[2012-11-28 14:17:18 | 000,118,784 | ---- | C] ((주)마크애니) -- D:\WINDOWS\System32\MaDRM.dll
[2012-11-28 14:17:18 | 000,110,592 | ---- | C] ((c) MusicCity) -- D:\WINDOWS\System32\muzmp4sp.ax
[2012-11-28 14:17:18 | 000,057,344 | ---- | C] (Marktek) -- D:\WINDOWS\System32\MK_Lyric.dll
[2012-11-28 14:17:18 | 000,057,344 | ---- | C] (Marktek Inc.) -- D:\WINDOWS\System32\MTXSYNCICON.dll
[2012-11-28 14:17:18 | 000,049,152 | ---- | C] ((주) 마크애니) -- D:\WINDOWS\System32\MaJGUILib.dll
[2012-11-28 14:17:18 | 000,045,320 | ---- | C] (MARKANY) -- D:\WINDOWS\System32\MAMACExtract.dll
[2012-11-28 14:17:18 | 000,045,056 | ---- | C] ((주) 마크애니) -- D:\WINDOWS\System32\MaXMLProto.dll
[2012-11-28 14:17:18 | 000,045,056 | ---- | C] ((주) 마크애니) -- D:\WINDOWS\System32\MACXMLProto.dll
[2012-11-28 14:17:18 | 000,040,960 | ---- | C] (Telechips Inc.,) -- D:\WINDOWS\System32\MTTELECHIP.dll
[2012-11-28 14:17:18 | 000,024,576 | ---- | C] ((주)마크애니) -- D:\WINDOWS\System32\MASetupCleaner.exe
[2012-11-27 19:44:26 | 000,000,000 | -HSD | C] -- D:\RECYCLER
[2012-11-27 19:44:21 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi
[2012-11-27 19:44:16 | 000,000,000 | ---D | C] -- D:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi
[2012-11-27 19:43:53 | 000,000,000 | ---D | C] -- D:\Program Files\LogMeIn Hamachi
[2012-11-27 19:43:53 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\LogMeIn Hamachi
[2012-11-27 19:43:16 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\Hoolapp for Android
[2012-11-27 19:43:15 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\HoolappforAndroid
[2012-11-27 19:17:13 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\LolClient
[2012-11-27 19:13:54 | 000,000,000 | ---D | C] -- D:\WINDOWS\Logs
[2012-11-27 19:12:15 | 000,000,000 | ---D | C] -- D:\Direxct
[2012-11-27 19:09:27 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\Asprate
[2012-11-27 19:09:25 | 000,000,000 | ---D | C] -- D:\Program Files\Asprate
[2012-11-27 19:09:00 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\Tibia
[2012-11-27 18:58:37 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Sun
[2012-11-27 18:55:47 | 000,040,704 | ---- | C] (Creative Technology Ltd.) -- D:\WINDOWS\System32\drivers\es1371mp.sys
[2012-11-27 18:55:18 | 000,000,000 | -HSD | C] -- D:\WINDOWS\Installer
[2012-11-27 18:55:18 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\ODBC
[2012-11-27 18:55:16 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\SpeechEngines
[2012-11-27 18:55:15 | 000,000,000 | R--D | C] -- D:\Program Files
[2012-11-27 18:55:15 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Microsoft Shared
[2012-11-27 18:55:15 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files
[2012-11-27 18:55:00 | 000,176,157 | ---- | C] (Digi International, Inc.) -- D:\WINDOWS\System32\dllcache\dgrpsetu.dll
[2012-11-27 18:55:00 | 000,176,157 | ---- | C] (Digi International, Inc.) -- D:\WINDOWS\System32\dgrpsetu.dll
[2012-11-27 18:55:00 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- D:\WINDOWS\System32\EqnClass.Dll
[2012-11-27 18:55:00 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- D:\WINDOWS\System32\dllcache\eqnclass.dll
[2012-11-27 18:55:00 | 000,085,532 | ---- | C] (Digi International) -- D:\WINDOWS\System32\dllcache\dgsetup.dll
[2012-11-27 18:55:00 | 000,085,532 | ---- | C] (Digi International) -- D:\WINDOWS\System32\dgsetup.dll
[2012-11-27 18:55:00 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- D:\WINDOWS\System32\spxcoins.dll
[2012-11-27 18:55:00 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- D:\WINDOWS\System32\dllcache\spxcoins.dll
[2012-11-27 18:54:51 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Menu Start
[2012-11-27 18:54:51 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Dokumenty
[2012-11-27 18:54:51 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\Autostart
[2012-11-27 18:54:51 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\All Users\Szablony
[2012-11-27 18:54:51 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Ulubione
[2012-11-27 18:54:51 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Pulpit
[2012-11-27 18:54:31 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Identities
[2012-11-27 18:53:03 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\CatRoot2
[2012-11-27 18:53:03 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\CatRoot
[2012-11-27 18:52:58 | 000,000,000 | --SD | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Microsoft
[2012-11-27 18:52:58 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\All Users\Dane aplikacji
[2012-11-27 18:52:41 | 000,000,000 | ---D | C] -- D:\Documents and Settings
[2012-11-27 18:52:40 | 000,000,000 | -HSD | C] -- D:\System Volume Information
[2012-11-27 18:47:21 | 000,000,000 | R-SD | C] -- D:\WINDOWS\Fonts
[2012-11-27 18:47:21 | 000,000,000 | RHSD | C] -- D:\WINDOWS\System32\dllcache
[2012-11-27 18:47:21 | 000,000,000 | R--D | C] -- D:\WINDOWS\Web
[2012-11-27 18:47:21 | 000,000,000 | -H-D | C] -- D:\WINDOWS\inf
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\WinSxS
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\wins
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\wbem
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\usmt
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\twain_32
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\Temp
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\system32
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\system
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\spool
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\ShellExt
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\Setup
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\security
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\Resources
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\repair
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\ras
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\Provisioning
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\PeerNet
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\pchealth
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\oobe
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\npp
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\NLDRV
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\mui
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\mui
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\msapps
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\msagent
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\Media
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\java
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\inetsrv
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\IME
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\ime
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\icsxml
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\ias
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\Help
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\export
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers\etc
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\Driver Cache
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers\disdn
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\dhcp
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\Debug
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\Cursors
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\Connection Wizard
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\config
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\Config
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\AppPatch
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\addins
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\3com_dmi
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\3076
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\2052
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1054
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1045
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1042
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1041
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1037
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1033
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1031
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1028
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1025
[2012-11-27 18:28:47 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\TS3Client
[2012-11-27 18:28:14 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\NVIDIA
[2012-11-27 18:27:42 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\.minecraft
[2012-11-27 18:27:19 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\Tibia
[2012-11-27 18:26:23 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Menu Start\Programy\WinRAR
[2012-11-27 18:26:23 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\WinRAR
[2012-11-27 18:26:23 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\WinRAR
[2012-11-27 18:26:21 | 000,000,000 | ---D | C] -- D:\Program Files\WinRAR
[2012-11-27 18:26:01 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\TeamSpeak 3 Client
[2012-11-27 18:25:08 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Sun
[2012-11-27 18:25:08 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Java
[2012-11-27 18:25:04 | 000,821,736 | ---- | C] (Oracle Corporation) -- D:\WINDOWS\System32\npDeployJava1.dll
[2012-11-27 18:25:04 | 000,746,984 | ---- | C] (Oracle Corporation) -- D:\WINDOWS\System32\deployJava1.dll
[2012-11-27 18:25:04 | 000,246,760 | ---- | C] (Oracle Corporation) -- D:\WINDOWS\System32\javaws.exe
[2012-11-27 18:25:04 | 000,143,872 | ---- | C] (Oracle Corporation) -- D:\WINDOWS\System32\javacpl.cpl
[2012-11-27 18:25:00 | 000,174,056 | ---- | C] (Oracle Corporation) -- D:\WINDOWS\System32\javaw.exe
[2012-11-27 18:25:00 | 000,174,056 | ---- | C] (Oracle Corporation) -- D:\WINDOWS\System32\java.exe
[2012-11-27 18:25:00 | 000,093,672 | ---- | C] (Oracle Corporation) -- D:\WINDOWS\System32\WindowsAccessBridge.dll
[2012-11-27 18:24:47 | 000,000,000 | ---D | C] -- D:\Program Files\Java
[2012-11-27 18:23:42 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\Sun
[2012-11-27 18:21:45 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Simple Adblock
[2012-11-27 18:21:45 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\Simple Adblock
[2012-11-27 18:21:40 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\Gadu-Gadu 10
[2012-11-27 18:21:37 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2012-11-27 18:21:21 | 000,000,000 | ---D | C] -- D:\Program Files\Gadu-Gadu 10
[2012-11-27 18:20:29 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\Adobe
[2012-11-27 18:20:02 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Moje dokumenty\Downloads
[2012-11-27 18:19:24 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\Macromedia
[2012-11-27 18:17:48 | 000,697,272 | ---- | C] (Adobe Systems Incorporated) -- D:\WINDOWS\System32\FlashPlayerApp.exe
[2012-11-27 18:17:48 | 000,073,656 | ---- | C] (Adobe Systems Incorporated) -- D:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012-11-27 18:17:26 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Adobe
[2012-11-27 18:17:23 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\Google Chrome
[2012-11-27 18:16:35 | 000,000,000 | ---D | C] -- D:\Program Files\Google
[2012-11-27 18:16:34 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Google
[2012-11-27 18:15:59 | 000,000,000 | -HSD | C] -- D:\Documents and Settings\Grzenio\IECompatCache
[2012-11-27 18:15:50 | 000,000,000 | -HSD | C] -- D:\Documents and Settings\Grzenio\PrivacIE
[2012-11-27 18:15:39 | 000,000,000 | -HSD | C] -- D:\Documents and Settings\Grzenio\IETldCache
[2012-11-27 18:14:35 | 000,000,000 | ---D | C] -- D:\WINDOWS\WBEM
[2012-11-27 18:14:24 | 000,000,000 | -H-D | C] -- D:\WINDOWS\ie8
[2012-11-27 18:14:24 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\pl-PL
[2012-11-27 18:10:26 | 000,796,032 | ---- | C] (Ralink Technology, Corp.) -- D:\WINDOWS\System32\Scutum.dll
[2012-11-27 18:10:26 | 000,200,704 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- D:\WINDOWS\System32\ssleay32.dll
[2012-11-27 18:10:26 | 000,180,224 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- D:\WINDOWS\System32\W32N55.dll
[2012-11-27 18:10:26 | 000,152,968 | ---- | C] (Ralink Tech) -- D:\WINDOWS\System32\RalinkGina.dll
[2012-11-27 18:10:25 | 001,085,440 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- D:\WINDOWS\System32\libeay32.dll
[2012-11-27 18:10:25 | 000,019,072 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- D:\WINDOWS\System32\drivers\Scutum50.sys
[2012-11-27 18:10:25 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\TP-LINK
[2012-11-27 18:10:24 | 000,827,488 | ---- | C] (Ralink Technology, Corp.) -- D:\WINDOWS\System32\drivers\rt2870.sys
[2012-11-27 18:10:24 | 000,000,000 | ---D | C] -- D:\Program Files\TP-LINK
[2012-11-27 18:10:24 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\DRVSTORE
[2012-11-27 18:10:22 | 000,000,000 | -H-D | C] -- D:\Program Files\InstallShield Installation Information
[2012-11-27 18:10:22 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\TP-LINK Driver
[2012-11-27 18:09:41 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\NVIDIA
[2012-11-27 18:09:39 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\NVIDIA Corporation
[2012-11-27 18:09:34 | 000,335,872 | ---- | C] (NVIDIA Corporation) -- D:\WINDOWS\System32\nvrshe.dll
[2012-11-27 18:09:34 | 000,335,872 | ---- | C] (NVIDIA Corporation) -- D:\WINDOWS\System32\nvrsar.dll
[2012-11-27 18:09:34 | 000,286,720 | ---- | C] (NVIDIA Corporation) -- D:\WINDOWS\System32\nvrsfr.dll
[2012-11-27 18:09:34 | 000,282,624 | ---- | C] (NVIDIA Corporation) -- D:\WINDOWS\System32\nvrsit.dll
[2012-11-27 18:09:34 | 000,282,624 | ---- | C] (NVIDIA Corporation) -- D:\WINDOWS\System32\nvrses.dll
[2012-11-27 18:09:34 | 000,282,624 | ---- | C] (NVIDIA Corporation) -- D:\WINDOWS\System32\nvrsel.dll
[2012-11-27 18:09:34 | 000,278,528 | ---- | C] (NVIDIA Corporation) -- D:\WINDOWS\System32\nvrsde.dll
[2012-11-27 18:09:34 | 000,274,432 | ---- | C] (NVIDIA Corporation) -- D:\WINDOWS\System32\nvrspt.dll
[2012-11-27 18:09:34 | 000,274,432 | ---- | C] (NVIDIA Corporation) -- D:\WINDOWS\System32\nvrsnl.dll
[2012-11-27 18:09:34 | 000,274,432 | ---- | C] (NVIDIA Corporation) -- D:\WINDOWS\System32\nvrsja.dll
[2012-11-27 18:09:34 | 000,274,432 | ---- | C] (NVIDIA Corporation) -- D:\WINDOWS\System32\nvrsesm.dll
[2012-11-27 18:09:34 | 000,270,336 | ---- | C] (NVIDIA Corporation) -- D:\WINDOWS\System32\nvrsru.dll
[2012-11-27 18:09:34 | 000,270,336 | ---- | C] (NVIDIA Corporation) -- D:\WINDOWS\System32\nvrsptb.dll
[2012-11-27 18:09:34 | 000,266,240 | ---- | C] (NVIDIA Corporation) -- D:\WINDOWS\System32\nvrsko.dll
[2012-11-27 18:09:34 | 000,262,144 | ---- | C] (NVIDIA Corporation) -- D:\WINDOWS\System32\nvrshu.dll
[2012-11-27 18:09:34 | 000,258,048 | ---- | C] (NVIDIA Corporation) -- D:\WINDOWS\System32\nvrstr.dll
[2012-11-27 18:09:34 | 000,258,048 | ---- | C] (NVIDIA Corporation) -- D:\WINDOWS\System32\nvrssl.dll
[2012-11-27 18:09:34 | 000,258,048 | ---- | C] (NVIDIA Corporation) -- D:\WINDOWS\System32\nvrssk.dll
[2012-11-27 18:09:34 | 000,258,048 | ---- | C] (NVIDIA Corporation) -- D:\WINDOWS\System32\nvrspl.dll
[2012-11-27 18:09:34 | 000,253,952 | ---- | C] (NVIDIA Corporation) -- D:\WINDOWS\System32\nvrsth.dll
[2012-11-27 18:09:34 | 000,253,952 | ---- | C] (NVIDIA Corporation) -- D:\WINDOWS\System32\nvrssv.dll
[2012-11-27 18:09:34 | 000,253,952 | ---- | C] (NVIDIA Corporation) -- D:\WINDOWS\System32\nvrsno.dll
[2012-11-27 18:09:34 | 000,253,952 | ---- | C] (NVIDIA Corporation) -- D:\WINDOWS\System32\nvrsda.dll
[2012-11-27 18:09:34 | 000,249,856 | ---- | C] (NVIDIA Corporation) -- D:\WINDOWS\System32\nvrsfi.dll
[2012-11-27 18:09:34 | 000,249,856 | ---- | C] (NVIDIA Corporation) -- D:\WINDOWS\System32\nvrseng.dll
[2012-11-27 18:09:34 | 000,249,856 | ---- | C] (NVIDIA Corporation) -- D:\WINDOWS\System32\nvrscs.dll
[2012-11-27 18:09:34 | 000,229,376 | ---- | C] (NVIDIA Corporation) -- D:\WINDOWS\System32\nvrszhc.dll
[2012-11-27 18:09:34 | 000,143,720 | ---- | C] (NVIDIA Corporation) -- D:\WINDOWS\System32\nvcolor.exe
[2012-11-27 18:09:34 | 000,126,976 | ---- | C] (NVIDIA Corporation) -- D:\WINDOWS\System32\nvrszht.dll
[2012-11-27 18:09:33 | 015,512,424 | ---- | C] (NVIDIA Corporation) -- D:\WINDOWS\System32\nvcpl.dll
[2012-11-27 18:09:33 | 000,108,392 | ---- | C] (NVIDIA Corporation) -- D:\WINDOWS\System32\nvmctray.dll
[2012-11-27 18:09:31 | 000,054,272 | ---- | C] (NVIDIA Corporation) -- D:\WINDOWS\System32\nvwddi.dll
[2012-11-27 18:09:07 | 000,065,536 | ---- | C] (Khronos Group) -- D:\WINDOWS\System32\OpenCL.dll
[2012-11-27 18:08:53 | 019,103,744 | ---- | C] (NVIDIA Corporation) -- D:\WINDOWS\System32\nvoglnt.dll
[2012-11-27 18:08:53 | 007,446,528 | ---- | C] (NVIDIA Corporation) -- D:\WINDOWS\System32\nvcuda.dll
[2012-11-27 18:08:53 | 005,947,392 | ---- | C] (NVIDIA Corporation) -- D:\WINDOWS\System32\nvopencl.dll
[2012-11-27 18:08:53 | 002,578,792 | ---- | C] (NVIDIA Corporation) -- D:\WINDOWS\System32\nvcuvid.dll
[2012-11-27 18:08:53 | 001,866,088 | ---- | C] (NVIDIA Corporation) -- D:\WINDOWS\System32\nvcuvenc.dll
[2012-11-27 18:08:53 | 001,009,512 | ---- | C] (NVIDIA Corporation) -- D:\WINDOWS\System32\nvdispco32.dll
[2012-11-27 18:08:53 | 000,888,168 | ---- | C] (NVIDIA Corporation) -- D:\WINDOWS\System32\nvdispgenco32.dll
[2012-11-27 18:08:51 | 017,551,360 | ---- | C] (NVIDIA Corporation) -- D:\WINDOWS\System32\nvcompiler.dll
[2012-11-27 18:08:51 | 012,557,728 | ---- | C] (NVIDIA Corporation) -- D:\WINDOWS\System32\dllcache\nv4_mini.sys
[2012-11-27 18:08:51 | 004,494,208 | ---- | C] (NVIDIA Corporation) -- D:\WINDOWS\System32\nv4_disp.dll
[2012-11-27 18:08:51 | 004,494,208 | ---- | C] (NVIDIA Corporation) -- D:\WINDOWS\System32\dllcache\nv4_disp.dll
[2012-11-27 18:08:51 | 002,376,704 | ---- | C] (NVIDIA Corporation) -- D:\WINDOWS\System32\nvapi.dll
[2012-11-27 18:08:43 | 000,000,000 | ---D | C] -- D:\Program Files\NVIDIA Corporation
[2012-11-27 18:08:21 | 000,000,000 | ---D | C] -- D:\NVIDIA
[2012-11-27 18:07:10 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\Identities
[2012-11-27 18:07:09 | 000,000,000 | -H-D | C] -- D:\Program Files\Uninstall Information
[2012-11-27 18:07:08 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Grzenio\Moje dokumenty\Moje obrazy
[2012-11-27 18:07:08 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Grzenio\Moje dokumenty\Moja muzyka
[2012-11-27 18:07:01 | 000,000,000 | --SD | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\Microsoft
[2012-11-27 18:07:01 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\Grzenio\SendTo
[2012-11-27 18:07:01 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\Grzenio\Recent
[2012-11-27 18:07:01 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji
[2012-11-27 18:07:01 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Grzenio\Ulubione
[2012-11-27 18:07:01 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Grzenio\Moje dokumenty
[2012-11-27 18:07:01 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Grzenio\Menu Start
[2012-11-27 18:07:01 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Grzenio\Menu Start\Programy\Autostart
[2012-11-27 18:07:01 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Grzenio\Menu Start\Programy\Akcesoria
[2012-11-27 18:07:01 | 000,000,000 | -HSD | C] -- D:\Documents and Settings\Grzenio\Cookies
[2012-11-27 18:07:01 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\Grzenio\Ustawienia lokalne
[2012-11-27 18:07:01 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\Grzenio\Szablony
[2012-11-27 18:07:01 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\Grzenio\PrintHood
[2012-11-27 18:07:01 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\Grzenio\NetHood
[2012-11-27 18:07:01 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Pulpit
[2012-11-27 18:07:01 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Microsoft
[2012-11-27 18:05:36 | 000,000,000 | --SD | C] -- D:\WINDOWS\System32\Microsoft
[2012-11-27 18:05:36 | 000,000,000 | ---D | C] -- D:\WINDOWS\SoftwareDistribution
[2012-11-27 18:05:36 | 000,000,000 | ---D | C] -- D:\WINDOWS\Prefetch
[2012-11-27 18:05:35 | 000,000,000 | --SD | C] -- D:\Documents and Settings\LocalService\Dane aplikacji\Microsoft
[2012-11-27 18:05:35 | 000,000,000 | ---D | C] -- D:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2012-11-27 18:04:56 | 000,000,000 | --SD | C] -- D:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[2012-11-27 18:04:56 | 000,000,000 | ---D | C] -- D:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2012-11-27 18:03:48 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- D:\WINDOWS\System32\dllcache\rwia330.dll
[2012-11-27 18:03:48 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- D:\WINDOWS\System32\dllcache\rwia001.dll
[2012-11-27 18:03:48 | 000,026,624 | ---- | C] (RICOH Co., Ltd.) -- D:\WINDOWS\System32\dllcache\rw330ext.dll
[2012-11-27 18:03:12 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- D:\WINDOWS\System32\dllcache\esunid.dll
[2012-11-27 18:03:11 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- D:\WINDOWS\System32\dllcache\esuimgd.dll
[2012-11-27 18:03:11 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- D:\WINDOWS\System32\dllcache\esucmd.dll
[2012-11-27 18:03:04 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- D:\WINDOWS\System32\dllcache\cap7146.sys
[2012-11-27 18:02:46 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\xircom
[2012-11-27 18:02:46 | 000,000,000 | ---D | C] -- D:\Program Files\xerox
[2012-11-27 18:02:46 | 000,000,000 | ---D | C] -- D:\Program Files\microsoft frontpage
[2012-11-27 18:02:04 | 000,000,000 | -HSD | C] -- D:\Documents and Settings\All Users\DRM
[2012-11-27 18:01:58 | 000,000,000 | --SD | C] -- D:\WINDOWS\Downloaded Program Files
[2012-11-27 18:01:58 | 000,000,000 | R--D | C] -- D:\WINDOWS\Offline Web Pages
[2012-11-27 18:01:52 | 000,000,000 | -H-D | C] -- D:\Program Files\WindowsUpdate
[2012-11-27 18:01:51 | 000,000,000 | ---D | C] -- D:\Program Files\Usługi online
[2012-11-27 18:01:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\DirectX
[2012-11-27 18:01:17 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Services
[2012-11-27 18:01:15 | 000,000,000 | --SD | C] -- D:\WINDOWS\Tasks
[2012-11-27 18:01:15 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\MSSoap
[2012-11-27 18:01:12 | 000,000,000 | ---D | C] -- D:\WINDOWS\srchasst
[2012-11-27 18:01:11 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\Macromed
[2012-11-27 18:01:05 | 000,000,000 | ---D | C] -- D:\Program Files\Movie Maker
[2012-11-27 18:00:59 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\Restore
[2012-11-27 18:00:58 | 000,032,768 | ---- | C] (Intel Corporation) -- D:\WINDOWS\System32\isrdbg32.dll
[2012-11-27 18:00:58 | 000,032,768 | ---- | C] (Intel Corporation) -- D:\WINDOWS\System32\dllcache\isrdbg32.dll
[2012-11-27 18:00:55 | 000,000,000 | ---D | C] -- D:\Program Files\NetMeeting
[2012-11-27 18:00:53 | 000,000,000 | ---D | C] -- D:\Program Files\Outlook Express
[2012-11-27 18:00:48 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\System
[2012-11-27 18:00:47 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Dokumenty\Moje obrazy
[2012-11-27 18:00:47 | 000,000,000 | ---D | C] -- D:\Program Files\Internet Explorer
[2012-11-27 18:00:45 | 000,000,000 | ---D | C] -- D:\Program Files\ComPlus Applications
[2012-11-27 18:00:44 | 000,000,000 | ---D | C] -- D:\WINDOWS\Registration
[2012-11-27 18:00:43 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\Narzędzia administracyjne
[2012-11-27 18:00:28 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Dokumenty\Moja muzyka
[2012-11-27 18:00:28 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\Gry
[2012-11-27 18:00:28 | 000,000,000 | ---D | C] -- D:\Program Files\Windows Media Player
[2012-11-27 18:00:26 | 000,000,000 | ---D | C] -- D:\Program Files\Messenger
[2012-11-27 18:00:23 | 000,000,000 | ---D | C] -- D:\Program Files\MSN Gaming Zone
[2012-11-27 18:00:17 | 000,044,544 | ---- | C] (Hilgraeve, Inc.) -- D:\WINDOWS\System32\hticons.dll
[2012-11-27 18:00:16 | 000,013,312 | ---- | C] (Hilgraeve, Inc.) -- D:\WINDOWS\System32\dllcache\htrn_jis.dll
[2012-11-27 18:00:04 | 000,283,136 | ---- | C] (Cinematronics) -- D:\WINDOWS\System32\dllcache\pinball.exe
[2012-11-27 18:00:03 | 000,349,696 | ---- | C] (Hilgraeve, Inc.) -- D:\WINDOWS\System32\hypertrm.dll
[2012-11-27 18:00:03 | 000,000,000 | ---D | C] -- D:\Program Files\Windows NT
[2012-11-27 18:00:00 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\MsDtc
[2012-11-27 17:59:59 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\Com
[2012-11-27 17:59:41 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\Akcesoria
[2012-11-27 16:09:43 | 000,077,056 | ---- | C] (VIA Technologies inc,.ltd) -- D:\WINDOWS\System32\drivers\viasraid.sys
[3 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ]
[1 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2012-12-24 17:39:12 | 000,000,806 | ---- | M] () -- D:\Program Files\Common Files\userInit.dll
[2012-12-24 17:21:00 | 000,001,038 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012-12-24 17:17:00 | 000,000,930 | ---- | M] () -- D:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012-12-24 15:26:20 | 000,139,424 | ---- | M] () -- D:\WINDOWS\System32\drivers\PnkBstrK.sys
[2012-12-24 15:26:11 | 000,282,104 | ---- | M] () -- D:\WINDOWS\System32\PnkBstrB.xtr
[2012-12-24 14:16:17 | 000,000,451 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Call of Duty(R) 2 Singleplayer.lnk
[2012-12-24 14:16:17 | 000,000,451 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Call of Duty(R) 2 Multiplayer.lnk
[2012-12-24 14:16:15 | 000,000,266 | ---- | M] () -- D:\WINDOWS\game.ini
[2012-12-24 14:12:04 | 000,555,462 | ---- | M] () -- D:\WINDOWS\System32\perfh015.dat
[2012-12-24 14:12:04 | 000,493,190 | ---- | M] () -- D:\WINDOWS\System32\perfh009.dat
[2012-12-24 14:12:04 | 000,104,494 | ---- | M] () -- D:\WINDOWS\System32\perfc015.dat
[2012-12-24 14:12:04 | 000,083,734 | ---- | M] () -- D:\WINDOWS\System32\perfc009.dat
[2012-12-24 14:11:07 | 000,001,613 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\DAEMON Tools Lite.lnk
[2012-12-24 14:10:52 | 000,242,240 | ---- | M] (DT Soft Ltd) -- D:\WINDOWS\System32\drivers\dtsoftbus01.sys
[2012-12-24 12:29:09 | 000,001,034 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012-12-24 12:29:07 | 000,013,694 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl
[2012-12-24 12:29:07 | 000,000,290 | ---- | M] () -- D:\WINDOWS\tasks\Express FilesUpdate.job
[2012-12-24 12:28:35 | 000,002,048 | --S- | M] () -- D:\WINDOWS\bootstat.dat
[2012-12-24 11:53:05 | 000,004,608 | ---- | M] () -- D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-12-24 11:49:32 | 000,000,536 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\BitTorrent.lnk
[2012-12-24 11:25:57 | 000,223,060 | ---- | M] () -- D:\Documents and Settings\Grzenio\Pulpit\Tomorrowland_image_716x477.jpg
[2012-12-23 20:55:59 | 000,002,267 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2012-12-16 17:58:52 | 000,002,169 | ---- | M] () -- D:\Documents and Settings\Grzenio\Pulpit\Tibiacast.lnk
[2012-12-13 19:57:22 | 000,000,656 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\CPUID HWMonitor.lnk
[2012-12-12 20:17:58 | 000,000,630 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Combat Arms EU.lnk
[2012-12-12 18:58:25 | 000,446,464 | ---- | M] (NEXON Inc.) -- D:\WINDOWS\NEXON_EU_DownloaderUpdater.exe
[2012-12-12 18:58:25 | 000,000,235 | ---- | M] () -- D:\WINDOWS\System32\nxEuUninstall.bat
[2012-12-12 08:17:54 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- D:\WINDOWS\System32\FlashPlayerApp.exe
[2012-12-12 08:17:54 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- D:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012-12-12 08:17:53 | 016,363,960 | ---- | M] (Adobe Systems Incorporated) -- D:\WINDOWS\System32\FlashPlayerInstaller.exe
[2012-12-11 18:39:15 | 001,335,014 | ---- | M] () -- D:\Documents and Settings\Grzenio\Dane aplikacji\sqlite.jar
[2012-12-11 18:39:06 | 000,800,712 | ---- | M] () -- D:\Documents and Settings\Grzenio\Dane aplikacji\java_u.jar
[2012-12-11 18:37:03 | 000,000,544 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Tibia.lnk
[2012-12-07 21:37:55 | 000,096,664 | ---- | M] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2012-12-07 21:35:50 | 000,000,000 | -H-- | M] () -- D:\WINDOWS\System32\drivers\umdf\MsftWdf_user_01_00_00.Wdf
[2012-12-07 21:35:39 | 000,001,374 | ---- | M] () -- D:\WINDOWS\imsins.BAK
[2012-12-07 21:35:38 | 000,316,640 | ---- | M] () -- D:\WINDOWS\WMSysPr9.prx
[2012-12-05 21:34:17 | 000,117,614 | ---- | M] () -- D:\Documents and Settings\Grzenio\Pulpit\lol.jpg
[2012-12-04 21:31:57 | 000,000,552 | ---- | M] () -- D:\Documents and Settings\Grzenio\Pulpit\LFS.lnk
[2012-12-04 21:10:51 | 000,100,896 | ---- | M] () -- D:\WINDOWS\System32\xinput1_3.dll
[2012-12-04 21:10:47 | 000,000,559 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\LS-USBMX 1 2 3 Steering Wheel W Vibration.lnk
[2012-12-04 20:21:29 | 000,282,104 | ---- | M] () -- D:\WINDOWS\System32\PnkBstrB.ex0
[2012-12-02 11:04:33 | 000,000,818 | ---- | M] () -- D:\Documents and Settings\Grzenio\Pulpit\The Sims 3.lnk
[2012-12-01 17:20:45 | 000,000,000 | -H-- | M] () -- D:\WINDOWS\System32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
[2012-12-01 17:20:45 | 000,000,000 | -H-- | M] () -- D:\WINDOWS\System32\drivers\Msft_Kernel_ssadadb_01005.Wdf
[2012-11-28 22:34:31 | 000,138,056 | ---- | M] () -- D:\Documents and Settings\Grzenio\Dane aplikacji\PnkBstrK.sys
[2012-11-28 14:18:54 | 004,659,712 | ---- | M] (Dmitry Streblechenko) -- D:\WINDOWS\System32\Redemption.dll
[2012-11-28 14:17:18 | 000,974,848 | ---- | M] () -- D:\WINDOWS\System32\cis-2.4.dll
[2012-11-28 14:17:18 | 000,569,344 | ---- | M] ((c) MusicCity) -- D:\WINDOWS\System32\muzdecode.ax
[2012-11-28 14:17:18 | 000,491,520 | ---- | M] (Musiccity Co.Ltd.) -- D:\WINDOWS\System32\muzapp.dll
[2012-11-28 14:17:18 | 000,352,256 | ---- | M] (Sample Corporation) -- D:\WINDOWS\System32\MSLUR71.dll
[2012-11-28 14:17:18 | 000,258,048 | ---- | M] ((c) PeeringPortal) -- D:\WINDOWS\System32\muzoggsp.ax
[2012-11-28 14:17:18 | 000,245,760 | ---- | M] (Teruten Inc.) -- D:\WINDOWS\System32\MSCLib.dll
[2012-11-28 14:17:18 | 000,200,704 | ---- | M] ( (c) MusicCity) -- D:\WINDOWS\System32\muzwmts.dll
[2012-11-28 14:17:18 | 000,172,032 | ---- | M] (Musiccity Co.Ltd.) -- D:\WINDOWS\System32\muzapp.exe
[2012-11-28 14:17:18 | 000,155,648 | ---- | M] (Teruten Inc.) -- D:\WINDOWS\System32\MSFLib.dll
[2012-11-28 14:17:18 | 000,143,360 | ---- | M] () -- D:\WINDOWS\System32\3DAudio.ax
[2012-11-28 14:17:18 | 000,135,168 | ---- | M] (Musiccity Co.Ltd.) -- D:\WINDOWS\System32\muzaf1.dll
[2012-11-28 14:17:18 | 000,131,072 | ---- | M] ((c) MusicCity) -- D:\WINDOWS\System32\muzmpgsp.ax
[2012-11-28 14:17:18 | 000,122,880 | ---- | M] ((c) MUSICCITY) -- D:\WINDOWS\System32\muzeffect.ax
[2012-11-28 14:17:18 | 000,118,784 | ---- | M] ((주)마크애니) -- D:\WINDOWS\System32\MaDRM.dll
[2012-11-28 14:17:18 | 000,110,592 | ---- | M] ((c) MusicCity) -- D:\WINDOWS\System32\muzmp4sp.ax
[2012-11-28 14:17:18 | 000,081,920 | ---- | M] () -- D:\WINDOWS\System32\issacapi_bs-2.3.dll
[2012-11-28 14:17:18 | 000,065,536 | ---- | M] () -- D:\WINDOWS\System32\issacapi_pe-2.3.dll
[2012-11-28 14:17:18 | 000,057,344 | ---- | M] (Marktek) -- D:\WINDOWS\System32\MK_Lyric.dll
[2012-11-28 14:17:18 | 000,057,344 | ---- | M] (Marktek Inc.) -- D:\WINDOWS\System32\MTXSYNCICON.dll
[2012-11-28 14:17:18 | 000,057,344 | ---- | M] () -- D:\WINDOWS\System32\issacapi_se-2.3.dll
[2012-11-28 14:17:18 | 000,049,152 | ---- | M] ((주) 마크애니) -- D:\WINDOWS\System32\MaJGUILib.dll
[2012-11-28 14:17:18 | 000,045,320 | ---- | M] (MARKANY) -- D:\WINDOWS\System32\MAMACExtract.dll
[2012-11-28 14:17:18 | 000,045,056 | ---- | M] ((주) 마크애니) -- D:\WINDOWS\System32\MaXMLProto.dll
[2012-11-28 14:17:18 | 000,045,056 | ---- | M] ((주) 마크애니) -- D:\WINDOWS\System32\MACXMLProto.dll
[2012-11-28 14:17:18 | 000,040,960 | ---- | M] (Telechips Inc.,) -- D:\WINDOWS\System32\MTTELECHIP.dll
[2012-11-28 14:17:18 | 000,024,576 | ---- | M] ((주)마크애니) -- D:\WINDOWS\System32\MASetupCleaner.exe
[2012-11-27 19:18:22 | 000,027,958 | ---- | M] () -- D:\Program Files\Common Files\logonInit.dll
[2012-11-27 19:17:37 | 001,102,344 | ---- | M] () -- D:\WINDOWS\System32\nvdrsdb1.bin
[2012-11-27 19:17:37 | 000,000,001 | ---- | M] () -- D:\WINDOWS\System32\nvdrssel.bin
[2012-11-27 19:17:35 | 001,102,344 | ---- | M] () -- D:\WINDOWS\System32\nvdrsdb0.bin
[2012-11-27 19:17:02 | 000,000,678 | ---- | M] () -- D:\Documents and Settings\Grzenio\Pulpit\League Of Legends.lnk
[2012-11-27 19:09:27 | 000,001,838 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Tibia MULTI-IP Changer.lnk
[2012-11-27 18:26:23 | 000,000,694 | ---- | M] () -- D:\Documents and Settings\Grzenio\Pulpit\WinRAR.lnk
[2012-11-27 18:26:01 | 000,000,697 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\TeamSpeak 3 Client.lnk
[2012-11-27 18:24:51 | 000,093,672 | ---- | M] (Oracle Corporation) -- D:\WINDOWS\System32\WindowsAccessBridge.dll
[2012-11-27 18:24:50 | 000,821,736 | ---- | M] (Oracle Corporation) -- D:\WINDOWS\System32\npDeployJava1.dll
[2012-11-27 18:24:50 | 000,746,984 | ---- | M] (Oracle Corporation) -- D:\WINDOWS\System32\deployJava1.dll
[2012-11-27 18:24:50 | 000,246,760 | ---- | M] (Oracle Corporation) -- D:\WINDOWS\System32\javaws.exe
[2012-11-27 18:24:50 | 000,174,056 | ---- | M] (Oracle Corporation) -- D:\WINDOWS\System32\javaw.exe
[2012-11-27 18:24:50 | 000,174,056 | ---- | M] (Oracle Corporation) -- D:\WINDOWS\System32\java.exe
[2012-11-27 18:24:50 | 000,143,872 | ---- | M] (Oracle Corporation) -- D:\WINDOWS\System32\javacpl.cpl
[2012-11-27 18:24:09 | 000,263,186 | ---- | M] () -- D:\Documents and Settings\Grzenio\Pulpit\Minecraft.exe
[2012-11-27 18:21:37 | 000,000,791 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\OpenFM.lnk
[2012-11-27 18:21:37 | 000,000,762 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk
[2012-11-27 18:17:25 | 000,001,819 | ---- | M] () -- D:\Documents and Settings\Grzenio\Pulpit\Google Chrome.lnk
[2012-11-27 18:15:40 | 000,000,803 | ---- | M] () -- D:\Documents and Settings\Grzenio\Pulpit\Internet Explorer.lnk
[2012-11-27 18:13:55 | 000,013,694 | ---- | M] () -- D:\WINDOWS\System32\wpa.bak
[2012-11-27 18:10:25 | 000,001,630 | ---- | M] () -- D:\Documents and Settings\All Users\Menu Start\Programy\Autostart\TP-LINK Wireless Utility.lnk
[2012-11-27 18:10:25 | 000,001,612 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\TP-LINK Wireless Utility.lnk
[2012-11-27 18:09:03 | 000,000,000 | ---- | M] () -- D:\WINDOWS\System32\nvdrswr.lk
[2012-11-27 18:04:58 | 000,008,192 | ---- | M] () -- D:\WINDOWS\REGLOCS.OLD
[2012-11-27 18:04:07 | 000,000,261 | ---- | M] () -- D:\WINDOWS\System32\$winnt$.inf
[2012-11-27 18:02:38 | 000,002,596 | ---- | M] () -- D:\WINDOWS\System32\CONFIG.NT
[2012-11-27 18:02:31 | 000,023,392 | ---- | M] () -- D:\WINDOWS\System32\nscompat.tlb
[2012-11-27 18:02:31 | 000,016,832 | ---- | M] () -- D:\WINDOWS\System32\amcompat.tlb
[2012-11-27 18:02:27 | 000,004,293 | ---- | M] () -- D:\WINDOWS\ODBCINST.INI
[2012-11-27 18:00:46 | 000,021,856 | ---- | M] () -- D:\WINDOWS\System32\emptyregdb.dat
[2012-11-27 16:09:44 | 000,077,056 | ---- | M] (VIA Technologies inc,.ltd) -- D:\WINDOWS\System32\drivers\viasraid.sys
[3 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ]
[1 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-12-24 14:16:17 | 000,000,451 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Call of Duty(R) 2 Singleplayer.lnk
[2012-12-24 14:16:17 | 000,000,451 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Call of Duty(R) 2 Multiplayer.lnk
[2012-12-24 14:16:15 | 000,000,266 | ---- | C] () -- D:\WINDOWS\game.ini
[2012-12-24 14:11:07 | 000,001,613 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\DAEMON Tools Lite.lnk
[2012-12-24 11:49:32 | 000,000,536 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\BitTorrent.lnk
[2012-12-24 11:25:56 | 000,223,060 | ---- | C] () -- D:\Documents and Settings\Grzenio\Pulpit\Tomorrowland_image_716x477.jpg
[2012-12-24 11:25:30 | 000,004,608 | ---- | C] () -- D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-12-16 17:55:39 | 000,002,169 | ---- | C] () -- D:\Documents and Settings\Grzenio\Pulpit\Tibiacast.lnk
[2012-12-13 19:57:22 | 000,000,656 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\CPUID HWMonitor.lnk
[2012-12-12 20:17:58 | 000,000,630 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Combat Arms EU.lnk
[2012-12-12 18:58:25 | 000,000,235 | ---- | C] () -- D:\WINDOWS\System32\nxEuUninstall.bat
[2012-12-11 18:39:10 | 001,335,014 | ---- | C] () -- D:\Documents and Settings\Grzenio\Dane aplikacji\sqlite.jar
[2012-12-11 18:39:06 | 000,800,712 | ---- | C] () -- D:\Documents and Settings\Grzenio\Dane aplikacji\java_u.jar
[2012-12-07 21:35:50 | 000,000,000 | -H-- | C] () -- D:\WINDOWS\System32\drivers\umdf\MsftWdf_user_01_00_00.Wdf
[2012-12-07 21:34:37 | 000,062,304 | ---- | C] () -- D:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2012-12-07 21:10:46 | 000,000,290 | ---- | C] () -- D:\WINDOWS\tasks\Express FilesUpdate.job
[2012-12-05 21:34:16 | 000,117,614 | ---- | C] () -- D:\Documents and Settings\Grzenio\Pulpit\lol.jpg
[2012-12-04 21:31:57 | 000,000,552 | ---- | C] () -- D:\Documents and Settings\Grzenio\Pulpit\LFS.lnk
[2012-12-04 21:10:47 | 000,008,079 | ---- | C] () -- D:\WINDOWS\System32\drivers\x3320001.cat
[2012-12-04 21:10:47 | 000,000,559 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\LS-USBMX 1 2 3 Steering Wheel W Vibration.lnk
[2012-12-04 17:02:56 | 000,178,688 | ---- | C] () -- D:\WINDOWS\System32\unrar.dll
[2012-12-02 11:04:06 | 000,000,818 | ---- | C] () -- D:\Documents and Settings\Grzenio\Pulpit\The Sims 3.lnk
[2012-12-01 21:57:09 | 000,002,267 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2012-12-01 17:20:45 | 000,000,000 | -H-- | C] () -- D:\WINDOWS\System32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
[2012-12-01 17:20:45 | 000,000,000 | -H-- | C] () -- D:\WINDOWS\System32\drivers\Msft_Kernel_ssadadb_01005.Wdf
[2012-11-28 21:50:58 | 000,282,104 | ---- | C] () -- D:\WINDOWS\System32\PnkBstrB.xtr
[2012-11-28 21:29:44 | 000,139,424 | ---- | C] () -- D:\WINDOWS\System32\drivers\PnkBstrK.sys
[2012-11-28 21:29:44 | 000,138,056 | ---- | C] () -- D:\Documents and Settings\Grzenio\Dane aplikacji\PnkBstrK.sys
[2012-11-28 21:29:00 | 000,282,104 | ---- | C] () -- D:\WINDOWS\System32\PnkBstrB.exe
[2012-11-28 21:29:00 | 000,282,104 | ---- | C] () -- D:\WINDOWS\System32\PnkBstrB.ex0
[2012-11-28 21:28:59 | 000,076,888 | ---- | C] () -- D:\WINDOWS\System32\PnkBstrA.exe
[2012-11-28 14:17:18 | 000,974,848 | ---- | C] () -- D:\WINDOWS\System32\cis-2.4.dll
[2012-11-28 14:17:18 | 000,143,360 | ---- | C] () -- D:\WINDOWS\System32\3DAudio.ax
[2012-11-28 14:17:18 | 000,081,920 | ---- | C] () -- D:\WINDOWS\System32\issacapi_bs-2.3.dll
[2012-11-28 14:17:18 | 000,065,536 | ---- | C] () -- D:\WINDOWS\System32\issacapi_pe-2.3.dll
[2012-11-28 14:17:18 | 000,057,344 | ---- | C] () -- D:\WINDOWS\System32\issacapi_se-2.3.dll
[2012-11-28 07:38:50 | 000,000,806 | ---- | C] () -- D:\Program Files\Common Files\userInit.dll
[2012-11-27 19:18:22 | 000,027,958 | ---- | C] () -- D:\Program Files\Common Files\logonInit.dll
[2012-11-27 19:16:47 | 000,000,678 | ---- | C] () -- D:\Documents and Settings\Grzenio\Pulpit\League Of Legends.lnk
[2012-11-27 19:14:06 | 000,100,896 | ---- | C] () -- D:\WINDOWS\System32\xinput1_3.dll
[2012-11-27 19:09:27 | 000,001,838 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Tibia MULTI-IP Changer.lnk
[2012-11-27 18:55:20 | 000,001,374 | ---- | C] () -- D:\WINDOWS\imsins.BAK
[2012-11-27 18:55:18 | 000,004,293 | ---- | C] () -- D:\WINDOWS\ODBCINST.INI
[2012-11-27 18:55:16 | 001,685,606 | ---- | C] () -- D:\WINDOWS\System32\dllcache\sam.spd
[2012-11-27 18:55:16 | 000,643,717 | ---- | C] () -- D:\WINDOWS\System32\dllcache\ltts1033.lxa
[2012-11-27 18:55:16 | 000,605,050 | ---- | C] () -- D:\WINDOWS\System32\dllcache\r1033tts.lxa
[2012-11-27 18:55:16 | 000,000,888 | ---- | C] () -- D:\WINDOWS\System32\dllcache\sam.sdf
[2012-11-27 18:54:58 | 000,001,734 | ---- | C] () -- D:\WINDOWS\System32\AUTOEXEC.NT
[2012-11-27 18:53:12 | 001,014,483 | ---- | C] () -- D:\WINDOWS\System32\dllcache\SP2.CAT
[2012-11-27 18:53:12 | 000,808,524 | ---- | C] () -- D:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2012-11-27 18:53:12 | 000,399,670 | ---- | C] () -- D:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2012-11-27 18:53:12 | 000,168,806 | ---- | C] () -- D:\WINDOWS\System32\dllcache\startoc.cat
[2012-11-27 18:53:12 | 000,037,509 | ---- | C] () -- D:\WINDOWS\System32\dllcache\MW770.CAT
[2012-11-27 18:53:12 | 000,030,983 | ---- | C] () -- D:\WINDOWS\System32\dllcache\FP4.CAT
[2012-11-27 18:53:12 | 000,014,043 | ---- | C] () -- D:\WINDOWS\System32\dllcache\IMS.CAT
[2012-11-27 18:53:12 | 000,013,497 | ---- | C] () -- D:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2012-11-27 18:53:12 | 000,009,581 | ---- | C] () -- D:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2012-11-27 18:53:12 | 000,008,599 | ---- | C] () -- D:\WINDOWS\System32\dllcache\IASNT4.CAT
[2012-11-27 18:53:12 | 000,007,407 | ---- | C] () -- D:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2012-11-27 18:53:12 | 000,007,334 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmerrenu.cat
[2012-11-27 18:53:12 | 000,007,245 | ---- | C] () -- D:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2012-11-27 18:53:11 | 001,896,400 | ---- | C] () -- D:\WINDOWS\System32\dllcache\NT5.CAT
[2012-11-27 18:53:11 | 000,523,392 | ---- | C] () -- D:\WINDOWS\System32\dllcache\NT5INF.CAT
[2012-11-27 18:52:40 | 000,096,664 | ---- | C] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2012-11-27 18:51:45 | 000,000,261 | ---- | C] () -- D:\WINDOWS\System32\$winnt$.inf
[2012-11-27 18:27:19 | 000,000,544 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Tibia.lnk
[2012-11-27 18:26:23 | 000,000,694 | ---- | C] () -- D:\Documents and Settings\Grzenio\Pulpit\WinRAR.lnk
[2012-11-27 18:26:01 | 000,000,697 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\TeamSpeak 3 Client.lnk
[2012-11-27 18:24:06 | 000,263,186 | ---- | C] () -- D:\Documents and Settings\Grzenio\Pulpit\Minecraft.exe
[2012-11-27 18:21:37 | 000,000,791 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\OpenFM.lnk
[2012-11-27 18:21:37 | 000,000,762 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk
[2012-11-27 18:21:26 | 000,000,680 | ---- | C] () -- D:\Documents and Settings\All Users\Menu Start\Programy\Gadu-Gadu 10.lnk
[2012-11-27 18:17:49 | 000,000,930 | ---- | C] () -- D:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012-11-27 18:17:25 | 000,001,819 | ---- | C] () -- D:\Documents and Settings\Grzenio\Pulpit\Google Chrome.lnk
[2012-11-27 18:16:35 | 000,001,038 | ---- | C] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012-11-27 18:16:35 | 000,001,034 | ---- | C] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012-11-27 18:13:56 | 000,013,694 | ---- | C] () -- D:\WINDOWS\System32\wpa.bak
[2012-11-27 18:10:26 | 000,001,191 | ---- | C] () -- D:\WINDOWS\System32\W32N55.INI
[2012-11-27 18:10:26 | 000,000,516 | ---- | C] () -- D:\WINDOWS\System32\DiagFunc.ini
[2012-11-27 18:10:25 | 000,147,456 | ---- | C] () -- D:\WINDOWS\System32\DiagFunc.dll
[2012-11-27 18:10:25 | 000,001,630 | ---- | C] () -- D:\Documents and Settings\All Users\Menu Start\Programy\Autostart\TP-LINK Wireless Utility.lnk
[2012-11-27 18:10:25 | 000,001,612 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\TP-LINK Wireless Utility.lnk
[2012-11-27 18:10:23 | 000,013,931 | ---- | C] () -- D:\WINDOWS\System32\RaCoInst.dat
[2012-11-27 18:09:03 | 001,102,344 | ---- | C] () -- D:\WINDOWS\System32\nvdrsdb1.bin
[2012-11-27 18:09:03 | 001,102,344 | ---- | C] () -- D:\WINDOWS\System32\nvdrsdb0.bin
[2012-11-27 18:09:03 | 000,000,001 | ---- | C] () -- D:\WINDOWS\System32\nvdrssel.bin
[2012-11-27 18:09:03 | 000,000,000 | ---- | C] () -- D:\WINDOWS\System32\nvdrswr.lk
[2012-11-27 18:08:53 | 002,811,988 | ---- | C] () -- D:\WINDOWS\System32\nvdata.data
[2012-11-27 18:08:53 | 000,012,210 | ---- | C] () -- D:\WINDOWS\System32\nvinfo.pb
[2012-11-27 18:07:10 | 000,000,738 | ---- | C] () -- D:\Documents and Settings\Grzenio\Menu Start\Programy\Outlook Express.lnk
[2012-11-27 18:07:09 | 000,000,803 | ---- | C] () -- D:\Documents and Settings\Grzenio\Pulpit\Internet Explorer.lnk
[2012-11-27 18:07:01 | 000,001,599 | ---- | C] () -- D:\Documents and Settings\Grzenio\Menu Start\Programy\Pomoc zdalna.lnk
[2012-11-27 18:07:01 | 000,000,792 | ---- | C] () -- D:\Documents and Settings\Grzenio\Menu Start\Programy\Windows Media Player.lnk
[2012-11-27 18:04:58 | 000,008,192 | ---- | C] () -- D:\WINDOWS\REGLOCS.OLD
[2012-11-27 18:04:07 | 000,002,048 | --S- | C] () -- D:\WINDOWS\bootstat.dat
[2012-11-27 18:03:44 | 000,175,104 | ---- | C] () -- D:\WINDOWS\System32\dllcache\pintlcsa.dll
[2012-11-27 18:03:32 | 001,158,818 | ---- | C] () -- D:\WINDOWS\System32\dllcache\korwbrkr.lex
[2012-11-27 18:03:28 | 000,059,392 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imscinst.exe
[2012-11-27 18:03:27 | 000,196,665 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imjpinst.exe
[2012-11-27 18:03:26 | 000,134,339 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imekr.lex
[2012-11-27 18:03:19 | 013,463,552 | ---- | C] () -- D:\WINDOWS\System32\dllcache\hwxjpn.dll
[2012-11-27 18:03:16 | 000,108,827 | ---- | C] () -- D:\WINDOWS\System32\dllcache\hanja.lex
[2012-11-27 18:03:13 | 000,094,208 | ---- | C] () -- D:\WINDOWS\System32\dllcache\fpencode.dll
[2012-11-27 18:03:06 | 000,173,568 | ---- | C] () -- D:\WINDOWS\System32\dllcache\chtskf.dll
[2012-11-27 18:02:38 | 000,002,596 | ---- | C] () -- D:\WINDOWS\System32\CONFIG.NT
[2012-11-27 18:02:31 | 000,023,392 | ---- | C] () -- D:\WINDOWS\System32\nscompat.tlb
[2012-11-27 18:02:31 | 000,016,832 | ---- | C] () -- D:\WINDOWS\System32\amcompat.tlb
[2012-11-27 18:02:30 | 000,316,640 | ---- | C] () -- D:\WINDOWS\WMSysPr9.prx
[2012-11-27 18:01:52 | 000,000,786 | ---- | C] () -- D:\Documents and Settings\All Users\Menu Start\Programy\Windows Movie Maker.lnk
[2012-11-27 18:01:47 | 004,399,505 | ---- | C] () -- D:\WINDOWS\System32\dllcache\nls302en.lex
[2012-11-27 18:01:25 | 000,048,680 | -HS- | C] () -- D:\WINDOWS\winnt256.bmp
[2012-11-27 18:01:25 | 000,048,680 | -HS- | C] () -- D:\WINDOWS\winnt.bmp
[2012-11-27 18:01:19 | 000,000,984 | ---- | C] () -- D:\WINDOWS\System32\dllcache\srframe.mmf
[2012-11-27 18:01:09 | 000,004,639 | ---- | C] () -- D:\WINDOWS\System32\dllcache\mplayer2.exe
[2012-11-27 18:01:00 | 000,379,904 | ---- | C] () -- D:\WINDOWS\System32\dllcache\msinfo.dll
[2012-11-27 18:00:46 | 000,021,856 | ---- | C] () -- D:\WINDOWS\System32\emptyregdb.dat
[2012-11-27 18:00:28 | 000,000,643 | ---- | C] () -- D:\Documents and Settings\All Users\Menu Start\Programy\Windows Messenger.lnk
[2012-11-27 18:00:13 | 000,009,522 | ---- | C] () -- D:\WINDOWS\Indiański pled.bmp
[2012-11-27 18:00:12 | 000,065,978 | ---- | C] () -- D:\WINDOWS\Bąbelki.bmp
[2012-11-27 18:00:12 | 000,065,954 | ---- | C] () -- D:\WINDOWS\Pod mikroskopem.bmp
[2012-11-27 18:00:12 | 000,065,832 | ---- | C] () -- D:\WINDOWS\Stiuk z Santa Fe.bmp
[2012-11-27 18:00:12 | 000,026,680 | ---- | C] () -- D:\WINDOWS\Wachlarze.bmp
[2012-11-27 18:00:12 | 000,026,582 | ---- | C] () -- D:\WINDOWS\Nefryt.bmp
[2012-11-27 18:00:12 | 000,017,362 | ---- | C] () -- D:\WINDOWS\Rododendron.bmp
[2012-11-27 18:00:12 | 000,017,336 | ---- | C] () -- D:\WINDOWS\Na rybkach.bmp
[2012-11-27 18:00:12 | 000,017,062 | ---- | C] () -- D:\WINDOWS\Kawa.bmp
[2012-11-27 18:00:12 | 000,016,730 | ---- | C] () -- D:\WINDOWS\Puch.bmp
[2012-11-27 18:00:12 | 000,001,272 | ---- | C] () -- D:\WINDOWS\Niebieska koronka 16.bmp
[2012-11-27 18:00:10 | 000,003,286 | ---- | C] () -- D:\WINDOWS\System32\tslabels.h
[2012-11-27 18:00:10 | 000,001,225 | ---- | C] () -- D:\WINDOWS\System32\usrlogon.cmd
[2012-11-27 18:00:09 | 000,000,768 | ---- | C] () -- D:\WINDOWS\System32\msdtcprf.h
[2012-11-27 18:00:04 | 000,063,488 | ---- | C] () -- D:\WINDOWS\System32\wmimgmt.msc

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2012-12-07 21:33:31 | 000,000,227 | RHS- | M] () -- D:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2009-01-07 18:21:32 | 001,497,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = D:\WINDOWS\system32\wbem\fastprox.dll -- [2004-08-04 12:00:00 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = D:\WINDOWS\system32\wbem\wbemess.dll -- [2004-08-04 12:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#E56717]========== LOP Check ==========[/color]

[2012-12-12 21:56:16 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\%Installer_PublisherName%
[2012-12-24 14:10:28 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2012-11-27 18:21:37 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2012-12-12 21:56:10 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\InstallMate
[2012-12-12 20:55:07 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Nexon
[2012-12-12 20:12:50 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\NexonEU
[2012-12-24 13:09:04 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2012-12-10 16:23:05 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Samsung
[2012-12-12 08:12:29 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\SweetIM
[2012-12-10 17:57:45 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2012-11-27 18:10:22 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\TP-LINK Driver
[2012-12-17 19:13:00 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Grzenio\Dane aplikacji\.minecraft
[2012-12-24 14:20:50 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Grzenio\Dane aplikacji\BitTorrent
[2012-12-11 18:39:08 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Grzenio\Dane aplikacji\Chrome_manager
[2012-12-24 14:11:23 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Grzenio\Dane aplikacji\DAEMON Tools Lite
[2012-12-07 21:10:48 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Grzenio\Dane aplikacji\ExpressFiles
[2012-11-27 18:21:40 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Grzenio\Dane aplikacji\Gadu-Gadu 10
[2012-11-27 19:44:00 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Grzenio\Dane aplikacji\HoolappforAndroid
[2012-11-27 19:17:13 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Grzenio\Dane aplikacji\LolClient
[2012-11-28 19:06:34 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Grzenio\Dane aplikacji\OpenFM
[2012-12-10 16:23:06 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Grzenio\Dane aplikacji\Samsung
[2012-12-21 20:35:05 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Grzenio\Dane aplikacji\Simple Adblock
[2012-12-11 18:39:15 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Grzenio\Dane aplikacji\support@mozilla.com
[2012-12-11 18:39:00 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Grzenio\Dane aplikacji\Tibia
[2012-12-16 18:38:52 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Grzenio\Dane aplikacji\Tibiacast
[2012-12-17 19:54:28 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Grzenio\Dane aplikacji\TS3Client

[color=#E56717]========== Purity Check ==========[/color]



< End of report >[/log]

Ext
[log]OTL Extras logfile created on: 2012-12-24 18:03:50 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Documents and Settings\Grzenio\Moje dokumenty\Downloads
Windows XP Home Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,26 Gb Available Physical Memory | 63,21% Memory free
3,85 Gb Paging File | 3,20 Gb Available in Paging File | 83,21% Paging File free
Paging file location(s): D:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 109,99 Gb Total Space | 55,89 Gb Free Space | 50,82% Space Free | Partition Type: NTFS
Drive D: | 39,05 Gb Total Space | 25,00 Gb Free Space | 64,01% Space Free | Partition Type: NTFS
Drive G: | 1,83 Gb Total Space | 1,00 Gb Free Space | 54,58% Space Free | Partition Type: FAT32

Computer Name: GRZYNIO | User Name: Grzenio | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_USERS\S-1-5-21-1644491937-1708537768-725345543-1004\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Gry\Combat Arms EU\CombatArms.exe" = C:\Gry\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon)
"C:\Gry\Combat Arms EU\Engine.exe" = C:\Gry\Combat Arms EU\Engine.exe:*Enabled:Engine.exe -- (Nexon)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"D:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" = D:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)
"D:\Program Files\Gadu-Gadu 10\gg.exe" = D:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.)
"D:\Program Files\Java\jre7\bin\javaw.exe" = D:\Program Files\Java\jre7\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Oracle Corporation)
"D:\WINDOWS\system32\PnkBstrA.exe" = D:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA -- ()
"D:\WINDOWS\system32\PnkBstrB.exe" = D:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB -- ()
"C:\Gry\BattleField Heros\BFHeroes.exe" = C:\Gry\BattleField Heros\BFHeroes.exe:*:Enabled:Battlefield Heroes -- (Easy)
"C:\Gry\Battlefield FreeToPlay\BFP4f.exe" = C:\Gry\Battlefield FreeToPlay\BFP4f.exe:*:Enabled:BFP4f -- (Easy)
"D:\Program Files\Skype\Phone\Skype.exe" = D:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"D:\Program Files\ExpressFiles\expressdl.exe" = D:\Program Files\ExpressFiles\expressdl.exe:*:Enabled:Express Files
"D:\Program Files\ExpressFiles\ExpressFiles.exe" = D:\Program Files\ExpressFiles\ExpressFiles.exe:*:Enabled:Express Files
"D:\WINDOWS\system32\msiexec.exe" = D:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup -- (Microsoft Corporation)
"D:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe" = D:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe:*:Enabled:SweetPacksUpdateManager
"D:\WINDOWS\system32\muzapp.exe" = D:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player -- (Musiccity Co.Ltd.)
"C:\Gry\Grzenio\LFS\LFS.exe" = C:\Gry\Grzenio\LFS\LFS.exe:*:Enabled:LFS -- ()
"D:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe" = [String data over 1000 bytes]
"D:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\NGM.exe" = D:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon)
"C:\Gry\Combat Arms EU\CombatArms.exe" = C:\Gry\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon)
"C:\Gry\Combat Arms EU\NMService.exe" = C:\Gry\Combat Arms EU\NMService.exe:*:Enabled:Nexon Messenger Core -- (Nexon Corp.)
"C:\Gry\Combat Arms EU\Engine.exe" = C:\Gry\Combat Arms EU\Engine.exe:*Enabled:Engine.exe -- (Nexon)
"C:\Program Files\Tibiacast\Tibiacast Client.exe" = C:\Program Files\Tibiacast\Tibiacast Client.exe:*:Enabled:Tibiacast Client
"D:\Program Files\Tibiacast\Tibiacast Client.exe" = D:\Program Files\Tibiacast\Tibiacast Client.exe:*:Enabled:Tibiacast Client -- (Silver Squirrel Software HB)
"C:\Program Files\BitTorrent\BitTorrent.exe" = C:\Program Files\BitTorrent\BitTorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
"C:\Gry\Call Of Duty 2\CoD2MP_s.exe" = C:\Gry\Call Of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s -- ()


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{289AC7E0-0AEE-4a7b-913C-709D9803D23E}" = Nexon Game Manager
"{2A558A06-A44E-400D-95AD-D9FAA89AFD36}" = LS-USBMX 1/2/3 Steering Wheel W/Vibration
"{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5C19E2DC-4CCF-3114-B40A-6E565987025F}" = Microsoft .NET Framework 4 Extended PLK Language Pack
"{65096D90-297A-495D-AD10-3A83F5904346}" = Tibiacast
"{6FFEF5E1-F7B0-40DD-838D-557BD7EE4301}" = TP-LINK Wireless Utility
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A0C9DF2B-89B5-4483-8983-18A68200F1B4}" = SweetIM for Messenger 3.7
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 306.81
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 306.81
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.28
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B4920103-09F6-4AD2-B150-CFC4474D2DDC}" = Simple Adblock
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}" = Internet Explorer Toolbar 4.6 by SweetPacks
"{CAE017F8-C238-4397-879B-7FBB915D9457}" = LogMeIn Hamachi
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{E9AA8EB9-FCD1-4829-AE3C-F2D211C67F42}" = Internet Explorer
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"BitTorrent" = BitTorrent
"Combat Arms EU" = Combat Arms EU
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.21
"DAEMON Tools Lite" = DAEMON Tools Lite
"Gadu-Gadu 10" = Gadu-Gadu 10
"Google Chrome" = Google Chrome
"ie8" = Windows Internet Explorer 8
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"KLiteCodecPack_is1" = K-Lite Codec Pack 9.5.5 (Full)
"LogMeIn Hamachi" = LogMeIn Hamachi
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended
"PunkBusterSvc" = PunkBuster Services
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Tibia_is1" = Tibia
"TMIPC" = Tibia MULTI-ip changer
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"WinRAR archiver" = WinRAR 4.20 (32-bitowy)
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-1644491937-1708537768-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{87686C21-8A15-4b4d-A3F1-11141D9BE094}" = Battlefield Play4Free (Grzenio)
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes (Grzenio)

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2012-11-27 14:44:09 | Computer Name = GRZYNIO | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Określony serwer nie może wykonać żądanej operacji.

Error - 2012-11-27 14:44:09 | Computer Name = GRZYNIO | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Określony serwer nie może wykonać żądanej operacji.

Error - 2012-12-05 13:28:53 | Computer Name = GRZYNIO | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd bfp4f.exe, wersja 0.0.0.0, moduł powodujący
błąd ntdll.dll, wersja 5.1.2600.2180, adres błędu 0x00001010.

Error - 2012-12-07 16:39:15 | Computer Name = GRZYNIO | Source = .NET Runtime Optimization Service | ID = 1101
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Failed to compile: System.Xml, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
. Error code = 0x800706be

Error - 2012-12-10 11:23:14 | Computer Name = GRZYNIO | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd setup.exe, wersja 16.0.0.400, moduł powodujący
błąd unknown, wersja 0.0.0.0, adres błędu 0x4ec05846.

Error - 2012-12-13 13:01:07 | Computer Name = GRZYNIO | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd nexon_eu_downloader_engine.exe, wersja 2.5.10.0,
moduł powodujący błąd nexon_eu_downloader_engine.exe, wersja 2.5.10.0, adres błędu
0x0000c145.

Error - 2012-12-17 02:22:23 | Computer Name = GRZYNIO | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd nexon_eu_downloader_engine.exe, wersja 2.5.10.0,
moduł powodujący błąd nexon_eu_downloader_engine.exe, wersja 2.5.10.0, adres błędu
0x0000c145.

Error - 2012-12-18 15:46:19 | Computer Name = GRZYNIO | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd skype.exe, wersja 6.0.0.126, moduł powodujący
błąd kernel32.dll, wersja 5.1.2600.2180, adres błędu 0x000097d2.

Error - 2012-12-20 13:32:29 | Computer Name = GRZYNIO | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd nexon_eu_downloader_engine.exe, wersja 2.5.10.0,
moduł powodujący błąd nexon_eu_downloader_engine.exe, wersja 2.5.10.0, adres błędu
0x0000c145.

Error - 2012-12-22 15:49:34 | Computer Name = GRZYNIO | Source = MsiInstaller | ID = 11316
Description = Product: Tibiacast -- Error 1316. A network error occurred while attempting
to read from the file: D:\DOCUME~1\Grzenio\USTAWI~1\Temp\Rar$EXa0.726\Tibiacast
Installer.msi

[ System Events ]
Error - 2012-12-12 03:13:27 | Computer Name = GRZYNIO | Source = Service Control Manager | ID = 7023
Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący
błąd: %%126

Error - 2012-12-12 03:13:27 | Computer Name = GRZYNIO | Source = Service Control Manager | ID = 7023
Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący
błąd: %%126

Error - 2012-12-12 03:13:28 | Computer Name = GRZYNIO | Source = Service Control Manager | ID = 7023
Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący
błąd: %%126

Error - 2012-12-12 03:13:28 | Computer Name = GRZYNIO | Source = Service Control Manager | ID = 7023
Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący
błąd: %%126

Error - 2012-12-12 03:13:28 | Computer Name = GRZYNIO | Source = Service Control Manager | ID = 7023
Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący
błąd: %%126

Error - 2012-12-12 03:13:28 | Computer Name = GRZYNIO | Source = Service Control Manager | ID = 7023
Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący
błąd: %%126

Error - 2012-12-12 03:13:28 | Computer Name = GRZYNIO | Source = Service Control Manager | ID = 7023
Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący
błąd: %%126

Error - 2012-12-12 03:13:28 | Computer Name = GRZYNIO | Source = Service Control Manager | ID = 7023
Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący
błąd: %%126

Error - 2012-12-12 03:13:28 | Computer Name = GRZYNIO | Source = Service Control Manager | ID = 7023
Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący
błąd: %%126

Error - 2012-12-12 03:13:28 | Computer Name = GRZYNIO | Source = Service Control Manager | ID = 7023
Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący
błąd: %%126


< End of report >
[/log]

Gość
komentarz
komentarz (edytowane)

Owszem infekcja jest ale nie z tibi.
tu jest infekcja "javowska" czyli załadowany wpis startowy javy i pliczek java_U.jar
[quote]
[color=#282828][font=helvetica, arial, sans-serif]D:\Documents and Settings\Grzenio\Dane aplikacji\[b]java_u.jar[/b][/font][/color]
[color=#282828][font=helvetica, arial, sans-serif]O4 - HKU\S-1-5-21-1644491937-1708537768-725345543-1004..\Run: [Oracle Java] D:\WINDOWS\System32\javaw.exe (Oracle Corporation)[/font][/color]
[/quote]

1. Uruchom OTL i w okno [b]Własne opcje skanowania /skrypt[/b] wklej
[code]
:OTL
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\x3640001.sys -- (x3640001)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - D:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - D:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKU\S-1-5-21-1644491937-1708537768-725345543-1004\..\Toolbar\WebBrowser: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - D:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [SweetIM] D:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Sweetpacks Communicator] D:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe File not found
O4 - HKU\S-1-5-21-1644491937-1708537768-725345543-1004..\Run: [Hoolapp Android] "D:\DOCUME~1\Grzenio\DANEAP~1\HOOLAP~1\Hoolapp.exe" /Minimized File not found

:Files
D:\Documents and Settings\Grzenio\Dane aplikacji\java_u.jar
D:\Program Files\SweetIM
D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.1.0.1_0\mgHelperGCFB.dll

:Reg
[HKEY_USERS\S-1-5-21-1644491937-1708537768-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Run]
"Oracle Java"=-

:Commands
[emptytemp]
[/code]

Kliknij [b]Wykonaj skrypt[/b]
Spakuj folder C:\_OTL do zipa i schostuj na speedyshare i podaj linka

2.Użyj adwcleaner-a

[url="http://general-changelog-team.fr/downloads/viewdownload/20-outils-de-xplode/2-adwcleaner"]http://general-chang...de/2-adwcleaner[/url]

Opcja delete


3.Wyskanuj system skanerem malwarebytes anti-malware(odrzuć ofertę testową)(znalezione wyrzuć do kwarantanny i podaj log)

4.Podaj nowy log z OTL

5.Podaj log z Kaspersky TDSS Killer(jeżeli coś wykryje ustawiasz skip)

  • Dobra wypowiedź 1
Grzenio95
komentarz
komentarz

Log z malware:
[log]Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Wersja bazy: v2012.12.24.10

Windows XP Service Pack 2 x86 NTFS
Internet Explorer 8.0.6001.18702
Grzenio :: GRZYNIO [administrator]

2012-12-25 01:38:11
mbam-log-2012-12-25 (01-38-11).txt

Typ skanowania: Szybkie skanowanie
Zaznaczone opcje skanowania: Pamięć | Rozruch | Rejestr | System plików | Heurystyka/Dodatkowe | Heuristyka/Shuriken | PUP | PUM
Odznaczone opcje skanowania: P2P
Przeskanowano obiektów: 207484
Upłynęło: 2 minut(y), 57 sekund(y)

Wykrytych procesów w pamięci: 0
(Nie znaleziono zagrożeń)

Wykrytych modułów w pamięci: 0
(Nie znaleziono zagrożeń)

Wykrytych kluczy rejestru: 0
(Nie znaleziono zagrożeń)

Wykrytych wartości rejestru: 0
(Nie znaleziono zagrożeń)

Wykryte wpisy rejestru systemowego: 0
(Nie znaleziono zagrożeń)

wykrytych folderów: 0
(Nie znaleziono zagrożeń)

Wykrytych plików: 0
(Nie znaleziono zagrożeń)

(zakończone)
[/log]

Log OTL:

[log]OTL logfile created on: 2012-12-25 01:42:51 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Documents and Settings\Grzenio\Moje dokumenty\Downloads
Windows XP Home Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,53 Gb Available Physical Memory | 76,53% Memory free
3,85 Gb Paging File | 3,47 Gb Available in Paging File | 90,12% Paging File free
Paging file location(s): D:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 109,99 Gb Total Space | 55,89 Gb Free Space | 50,82% Space Free | Partition Type: NTFS
Drive D: | 39,05 Gb Total Space | 30,51 Gb Free Space | 78,13% Space Free | Partition Type: NTFS

Computer Name: GRZYNIO | User Name: Grzenio | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2012-12-24 18:02:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Grzenio\Moje dokumenty\Downloads\OTL.exe
PRC - [2012-12-12 18:58:31 | 001,064,960 | ---- | M] () -- D:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe
PRC - [2012-12-05 02:15:17 | 001,242,728 | ---- | M] (Google Inc.) -- D:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2012-11-28 22:47:11 | 000,076,888 | ---- | M] () -- D:\WINDOWS\system32\PnkBstrA.exe
PRC - [2012-11-27 18:24:51 | 000,161,768 | ---- | M] (Oracle Corporation) -- D:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2012-11-19 21:48:16 | 002,254,768 | ---- | M] (LogMeIn Inc.) -- D:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2012-11-19 21:48:14 | 001,435,568 | ---- | M] (LogMeIn Inc.) -- D:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2012-09-23 15:28:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- D:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012-09-23 14:04:11 | 000,164,200 | ---- | M] (NVIDIA Corporation) -- D:\WINDOWS\system32\nvsvc32.exe
PRC - [2012-07-03 09:04:54 | 000,252,848 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2010-06-25 15:57:50 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) -- D:\Program Files\TP-LINK\COMMON\RaRegistry.exe
PRC - [2010-06-25 15:57:42 | 001,638,400 | ---- | M] (TP-LINK TECHNOLOGIES CO., LTD. ) -- D:\Program Files\TP-LINK\COMMON\TWCU.exe
PRC - [2004-08-04 12:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\explorer.exe
PRC - [2004-08-04 12:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\winlogon.exe
PRC - [2004-08-04 12:00:00 | 000,218,112 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\wmiprvse.exe
PRC - [2004-08-04 12:00:00 | 000,112,128 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wuauclt.exe
PRC - [2004-08-04 12:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\services.exe
PRC - [2004-08-04 12:00:00 | 000,057,856 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\spoolsv.exe
PRC - [2004-08-04 12:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\smss.exe
PRC - [2004-08-04 12:00:00 | 000,044,544 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\alg.exe
PRC - [2004-08-04 12:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rundll32.exe
PRC - [2004-08-04 12:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ctfmon.exe
PRC - [2004-08-04 12:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2004-08-04 12:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2004-08-04 12:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2004-08-04 12:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2004-08-04 12:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2004-08-04 12:00:00 | 000,013,824 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wscntfy.exe
PRC - [2004-08-04 12:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\lsass.exe
PRC - [2004-08-04 12:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\csrss.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2012-12-24 18:02:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Grzenio\Moje dokumenty\Downloads\OTL.exe
MOD - [2012-12-12 18:58:31 | 001,064,960 | ---- | M] () -- D:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe
MOD - [2012-12-05 02:15:17 | 001,242,728 | ---- | M] (Google Inc.) -- D:\Program Files\Google\Chrome\Application\chrome.exe
MOD - [2012-12-05 02:15:15 | 012,456,040 | ---- | M] () -- D:\Program Files\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll
MOD - [2012-12-05 02:15:15 | 000,460,904 | ---- | M] () -- D:\Program Files\Google\Chrome\Application\23.0.1271.97\ppgooglenaclpluginchrome.dll
MOD - [2012-12-05 02:15:14 | 004,008,040 | ---- | M] () -- D:\Program Files\Google\Chrome\Application\23.0.1271.97\pdf.dll
MOD - [2012-12-05 02:14:29 | 000,587,880 | ---- | M] () -- D:\Program Files\Google\Chrome\Application\23.0.1271.97\libglesv2.dll
MOD - [2012-12-05 02:14:28 | 000,124,520 | ---- | M] () -- D:\Program Files\Google\Chrome\Application\23.0.1271.97\libegl.dll
MOD - [2012-12-05 02:14:27 | 009,963,112 | ---- | M] (The ICU Project) -- D:\Program Files\Google\Chrome\Application\23.0.1271.97\icudt.dll
MOD - [2012-12-05 02:14:23 | 041,743,976 | ---- | M] (Google Inc.) -- D:\Program Files\Google\Chrome\Application\23.0.1271.97\chrome.dll
MOD - [2012-12-05 02:14:21 | 000,157,304 | ---- | M] () -- D:\Program Files\Google\Chrome\Application\23.0.1271.97\avutil-51.dll
MOD - [2012-12-05 02:14:20 | 000,275,576 | ---- | M] () -- D:\Program Files\Google\Chrome\Application\23.0.1271.97\avformat-54.dll
MOD - [2012-12-05 02:14:19 | 002,168,952 | ---- | M] () -- D:\Program Files\Google\Chrome\Application\23.0.1271.97\avcodec-54.dll
MOD - [2012-11-28 22:47:11 | 000,076,888 | ---- | M] () -- D:\WINDOWS\system32\PnkBstrA.exe
MOD - [2012-11-27 19:18:22 | 000,027,958 | ---- | M] () -- D:\Program Files\Common Files\logonInit.dll
MOD - [2012-11-27 18:24:51 | 000,770,384 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Java\jre7\bin\msvcr100.dll
MOD - [2012-11-27 18:24:51 | 000,161,768 | ---- | M] (Oracle Corporation) -- D:\Program Files\Java\jre7\bin\jqs.exe
MOD - [2012-11-19 21:48:16 | 002,254,768 | ---- | M] (LogMeIn Inc.) -- D:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
MOD - [2012-11-19 21:48:14 | 001,435,568 | ---- | M] (LogMeIn Inc.) -- D:\Program Files\LogMeIn Hamachi\hamachi-2.exe
MOD - [2012-09-29 19:54:26 | 000,080,968 | ---- | M] (Malwarebytes Corporation) -- D:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll
MOD - [2012-09-23 15:28:00 | 002,811,240 | ---- | M] (NVIDIA Corporation) -- D:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll
MOD - [2012-09-23 15:28:00 | 002,376,704 | ---- | M] (NVIDIA Corporation) -- D:\WINDOWS\system32\nvapi.dll
MOD - [2012-09-23 15:28:00 | 000,981,352 | ---- | M] (NVIDIA Corporation) -- D:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll
MOD - [2012-09-23 15:28:00 | 000,634,728 | ---- | M] (NVIDIA Corporation) -- D:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU.dll
MOD - [2012-09-23 14:09:17 | 000,258,048 | ---- | M] (NVIDIA Corporation) -- D:\WINDOWS\system32\nvrspl.dll
MOD - [2012-09-23 14:04:11 | 000,164,200 | ---- | M] (NVIDIA Corporation) -- D:\WINDOWS\system32\nvsvc32.exe
MOD - [2012-09-23 14:04:11 | 000,108,392 | ---- | M] (NVIDIA Corporation) -- D:\WINDOWS\system32\nvmctray.dll
MOD - [2012-07-03 09:04:54 | 000,252,848 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files\Common Files\Java\Java Update\jusched.exe
MOD - [2012-06-09 19:20:02 | 000,168,448 | ---- | M] (Alexander Roshal) -- D:\Program Files\WinRAR\RarExt.dll
MOD - [2010-06-25 15:58:00 | 000,796,032 | ---- | M] (Ralink Technology, Corp.) -- D:\WINDOWS\system32\Scutum.dll
MOD - [2010-06-25 15:58:00 | 000,180,224 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- D:\WINDOWS\system32\W32N55.dll
MOD - [2010-06-25 15:58:00 | 000,147,456 | ---- | M] () -- D:\WINDOWS\system32\DiagFunc.dll
MOD - [2010-06-25 15:57:58 | 001,085,440 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- D:\WINDOWS\system32\libeay32.dll
MOD - [2010-06-25 15:57:58 | 000,200,704 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- D:\WINDOWS\system32\ssleay32.dll
MOD - [2010-06-25 15:57:50 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) -- D:\Program Files\TP-LINK\COMMON\RaRegistry.exe
MOD - [2010-06-25 15:57:42 | 001,638,400 | ---- | M] (TP-LINK TECHNOLOGIES CO., LTD. ) -- D:\Program Files\TP-LINK\COMMON\TWCU.exe
MOD - [2010-06-25 15:57:42 | 000,909,312 | ---- | M] () -- D:\Program Files\TP-LINK\COMMON\RaWLAPI.dll
MOD - [2010-05-26 11:41:02 | 002,106,216 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\D3DCompiler_43.dll
MOD - [2010-05-26 11:41:02 | 001,998,168 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\D3DX9_43.dll
MOD - [2010-03-18 16:47:22 | 000,030,040 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Aspnet_perf.dll
MOD - [2010-03-18 16:47:22 | 000,017,760 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\aspnet_counters.dll
MOD - [2010-03-18 13:16:28 | 000,771,424 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msvcr100_clr0400.dll
MOD - [2010-03-18 13:16:28 | 000,413,008 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
MOD - [2010-03-18 13:16:28 | 000,129,880 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\CORPerfMonExt.dll
MOD - [2010-03-18 13:16:28 | 000,121,688 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\PerfCounter.dll
MOD - [2010-03-18 13:16:28 | 000,070,472 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\dxva2.dll
MOD - [2010-03-18 10:09:00 | 000,297,808 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\mscoree.dll
MOD - [2010-03-18 10:09:00 | 000,049,488 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\netfxperf.dll
MOD - [2009-07-12 01:12:06 | 000,632,656 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
MOD - [2009-03-08 04:39:48 | 011,063,808 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ieframe.dll
MOD - [2009-03-08 04:34:58 | 000,914,944 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wininet.dll
MOD - [2009-03-08 04:34:56 | 001,206,784 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\urlmon.dll
MOD - [2009-03-08 04:34:48 | 000,236,544 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\webcheck.dll
MOD - [2009-03-08 04:32:48 | 000,128,512 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\advpack.dll
MOD - [2009-03-08 04:32:22 | 001,985,024 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\iertutil.dll
MOD - [2009-01-07 18:21:32 | 001,497,088 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\shdocvw.dll
MOD - [2009-01-07 18:21:32 | 001,022,976 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\browseui.dll
MOD - [2009-01-07 18:21:32 | 000,474,112 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\shlwapi.dll
MOD - [2009-01-07 18:20:36 | 000,023,552 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\normaliz.dll
MOD - [2008-07-25 11:16:40 | 000,033,800 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
MOD - [2008-07-06 13:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
MOD - [2006-10-18 21:47:22 | 000,133,632 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\WPDShServiceObj.dll
MOD - [2006-10-18 21:47:18 | 000,284,160 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\PortableDeviceApi.dll
MOD - [2006-10-18 21:47:18 | 000,166,912 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\PortableDeviceTypes.dll
MOD - [2005-05-03 12:58:36 | 002,890,240 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msi.dll
MOD - [2004-08-04 12:00:00 | 008,412,672 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\shell32.dll
MOD - [2004-08-04 12:00:00 | 002,953,216 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\xpsp2res.dll
MOD - [2004-08-04 12:00:00 | 001,852,416 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\AppPatch\AcGenral.dll
MOD - [2004-08-04 12:00:00 | 001,714,688 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\netshell.dll
MOD - [2004-08-04 12:00:00 | 001,712,128 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\GdiPlus.dll
MOD - [2004-08-04 12:00:00 | 001,689,088 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\d3d9.dll
MOD - [2004-08-04 12:00:00 | 001,439,744 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\query.dll
MOD - [2004-08-04 12:00:00 | 001,281,024 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ole32.dll
MOD - [2004-08-04 12:00:00 | 001,251,840 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\comsvcs.dll
MOD - [2004-08-04 12:00:00 | 001,134,592 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wuaueng.dll
MOD - [2004-08-04 12:00:00 | 001,092,608 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\esent.dll
MOD - [2004-08-04 12:00:00 | 001,050,624 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2004-08-04 12:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\explorer.exe
MOD - [2004-08-04 12:00:00 | 001,024,000 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\mfc42u.dll
MOD - [2004-08-04 12:00:00 | 001,012,224 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\kernel32.dll
MOD - [2004-08-04 12:00:00 | 000,997,888 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msgina.dll
MOD - [2004-08-04 12:00:00 | 000,996,352 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\setupapi.dll
MOD - [2004-08-04 12:00:00 | 000,822,272 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\comres.dll
MOD - [2004-08-04 12:00:00 | 000,729,088 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\userenv.dll
MOD - [2004-08-04 12:00:00 | 000,723,968 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\lsasrv.dll
MOD - [2004-08-04 12:00:00 | 000,716,288 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ntdll.dll
MOD - [2004-08-04 12:00:00 | 000,714,240 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\sxs.dll
MOD - [2004-08-04 12:00:00 | 000,686,080 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\advapi32.dll
MOD - [2004-08-04 12:00:00 | 000,675,328 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rasdlg.dll
MOD - [2004-08-04 12:00:00 | 000,640,000 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\dbghelp.dll
MOD - [2004-08-04 12:00:00 | 000,629,248 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\netcfgx.dll
MOD - [2004-08-04 12:00:00 | 000,611,328 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\comctl32.dll
MOD - [2004-08-04 12:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\crypt32.dll
MOD - [2004-08-04 12:00:00 | 000,586,240 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\mlang.dll
MOD - [2004-08-04 12:00:00 | 000,581,120 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rpcrt4.dll
MOD - [2004-08-04 12:00:00 | 000,578,560 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\user32.dll
MOD - [2004-08-04 12:00:00 | 000,553,472 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\oleaut32.dll
MOD - [2004-08-04 12:00:00 | 000,537,088 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msftedit.dll
MOD - [2004-08-04 12:00:00 | 000,530,944 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\wbemcore.dll
MOD - [2004-08-04 12:00:00 | 000,520,192 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\cryptui.dll
MOD - [2004-08-04 12:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\winlogon.exe
MOD - [2004-08-04 12:00:00 | 000,501,248 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\clbcatq.dll
MOD - [2004-08-04 12:00:00 | 000,472,064 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\fastprox.dll
MOD - [2004-08-04 12:00:00 | 000,437,248 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\wmiprvsd.dll
MOD - [2004-08-04 12:00:00 | 000,431,616 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\riched20.dll
MOD - [2004-08-04 12:00:00 | 000,430,592 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\vssapi.dll
MOD - [2004-08-04 12:00:00 | 000,427,520 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\samsrv.dll
MOD - [2004-08-04 12:00:00 | 000,425,472 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msdtcprx.dll
MOD - [2004-08-04 12:00:00 | 000,413,696 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msvcp60.dll
MOD - [2004-08-04 12:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\netlogon.dll
MOD - [2004-08-04 12:00:00 | 000,406,528 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\usp10.dll
MOD - [2004-08-04 12:00:00 | 000,395,776 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rpcss.dll
MOD - [2004-08-04 12:00:00 | 000,388,608 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\themeui.dll
MOD - [2004-08-04 12:00:00 | 000,378,880 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wzcdlg.dll
MOD - [2004-08-04 12:00:00 | 000,359,936 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wzcsvc.dll
MOD - [2004-08-04 12:00:00 | 000,351,232 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\winhttp.dll
MOD - [2004-08-04 12:00:00 | 000,346,624 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\hnetcfg.dll
MOD - [2004-08-04 12:00:00 | 000,343,552 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\localspl.dll
MOD - [2004-08-04 12:00:00 | 000,343,040 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msvcrt.dll
MOD - [2004-08-04 12:00:00 | 000,333,312 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\cscui.dll
MOD - [2004-08-04 12:00:00 | 000,332,288 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\netapi32.dll
MOD - [2004-08-04 12:00:00 | 000,331,264 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ipnathlp.dll
MOD - [2004-08-04 12:00:00 | 000,324,608 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\scesrv.dll
MOD - [2004-08-04 12:00:00 | 000,304,128 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\duser.dll
MOD - [2004-08-04 12:00:00 | 000,296,448 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\termsrv.dll
MOD - [2004-08-04 12:00:00 | 000,294,400 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\MSCTF.dll
MOD - [2004-08-04 12:00:00 | 000,294,400 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\kerberos.dll
MOD - [2004-08-04 12:00:00 | 000,285,184 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\pdh.dll
MOD - [2004-08-04 12:00:00 | 000,279,552 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\comdlg32.dll
MOD - [2004-08-04 12:00:00 | 000,278,016 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\gdi32.dll
MOD - [2004-08-04 12:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\wbemess.dll
MOD - [2004-08-04 12:00:00 | 000,267,776 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\oakley.dll
MOD - [2004-08-04 12:00:00 | 000,266,240 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\h323.tsp
MOD - [2004-08-04 12:00:00 | 000,249,856 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\odbc32.dll
MOD - [2004-08-04 12:00:00 | 000,247,808 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\esscli.dll
MOD - [2004-08-04 12:00:00 | 000,246,784 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\mswsock.dll
MOD - [2004-08-04 12:00:00 | 000,246,272 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\tapisrv.dll
MOD - [2004-08-04 12:00:00 | 000,245,760 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\netui1.dll
MOD - [2004-08-04 12:00:00 | 000,243,200 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\es.dll
MOD - [2004-08-04 12:00:00 | 000,237,056 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rasapi32.dll
MOD - [2004-08-04 12:00:00 | 000,219,648 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\uxtheme.dll
MOD - [2004-08-04 12:00:00 | 000,214,528 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\wbemcomn.dll
MOD - [2004-08-04 12:00:00 | 000,207,360 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\unimdm.tsp
MOD - [2004-08-04 12:00:00 | 000,206,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rasppp.dll
MOD - [2004-08-04 12:00:00 | 000,198,144 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\netman.dll
MOD - [2004-08-04 12:00:00 | 000,197,632 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\certcli.dll
MOD - [2004-08-04 12:00:00 | 000,195,072 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msutb.dll
MOD - [2004-08-04 12:00:00 | 000,194,048 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\activeds.dll
MOD - [2004-08-04 12:00:00 | 000,192,000 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\schedsvc.dll
MOD - [2004-08-04 12:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2004-08-04 12:00:00 | 000,185,344 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\scecli.dll
MOD - [2004-08-04 12:00:00 | 000,183,296 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ipsecsvc.dll
MOD - [2004-08-04 12:00:00 | 000,182,272 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\tapi32.dll
MOD - [2004-08-04 12:00:00 | 000,178,176 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\winmm.dll
MOD - [2004-08-04 12:00:00 | 000,177,152 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\repdrvfs.dll
MOD - [2004-08-04 12:00:00 | 000,177,152 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\MSCTFIME.IME
MOD - [2004-08-04 12:00:00 | 000,176,640 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wintrust.dll
MOD - [2004-08-04 12:00:00 | 000,175,616 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\w32time.dll
MOD - [2004-08-04 12:00:00 | 000,174,080 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rasmans.dll
MOD - [2004-08-04 12:00:00 | 000,172,544 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wldap32.dll
MOD - [2004-08-04 12:00:00 | 000,171,008 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\srsvc.dll
MOD - [2004-08-04 12:00:00 | 000,164,864 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\credui.dll
MOD - [2004-08-04 12:00:00 | 000,163,328 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wuaucpl.cpl
MOD - [2004-08-04 12:00:00 | 000,163,328 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\oleacc.dll
MOD - [2004-08-04 12:00:00 | 000,161,280 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msdtcuiu.dll
MOD - [2004-08-04 12:00:00 | 000,152,576 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rsaenh.dll
MOD - [2004-08-04 12:00:00 | 000,148,480 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\dnsapi.dll
MOD - [2004-08-04 12:00:00 | 000,146,432 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\winspool.drv
MOD - [2004-08-04 12:00:00 | 000,145,408 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\wmisvc.dll
MOD - [2004-08-04 12:00:00 | 000,144,896 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\schannel.dll
MOD - [2004-08-04 12:00:00 | 000,144,896 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ntshrui.dll
MOD - [2004-08-04 12:00:00 | 000,144,384 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\imagehlp.dll
MOD - [2004-08-04 12:00:00 | 000,143,360 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\adsldpc.dll
MOD - [2004-08-04 12:00:00 | 000,140,800 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\sfc_os.dll
MOD - [2004-08-04 12:00:00 | 000,137,216 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\dssenh.dll
MOD - [2004-08-04 12:00:00 | 000,135,168 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\shsvcs.dll
MOD - [2004-08-04 12:00:00 | 000,132,608 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\upnp.dll
MOD - [2004-08-04 12:00:00 | 000,132,096 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wkssvc.dll
MOD - [2004-08-04 12:00:00 | 000,129,536 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msv1_0.dll
MOD - [2004-08-04 12:00:00 | 000,126,976 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\apphelp.dll
MOD - [2004-08-04 12:00:00 | 000,122,368 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\stobject.dll
MOD - [2004-08-04 12:00:00 | 000,119,808 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ntmarta.dll
MOD - [2004-08-04 12:00:00 | 000,118,784 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\umpnpmgr.dll
MOD - [2004-08-04 12:00:00 | 000,118,272 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\oledlg.dll
MOD - [2004-08-04 12:00:00 | 000,115,712 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\mstlsapi.dll
MOD - [2004-08-04 12:00:00 | 000,112,640 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rastls.dll
MOD - [2004-08-04 12:00:00 | 000,112,128 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wuauclt.exe
MOD - [2004-08-04 12:00:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\dhcpcsvc.dll
MOD - [2004-08-04 12:00:00 | 000,110,080 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\imm32.dll
MOD - [2004-08-04 12:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\services.exe
MOD - [2004-08-04 12:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\win32spl.dll
MOD - [2004-08-04 12:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msscript.ocx
MOD - [2004-08-04 12:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\cscdll.dll
MOD - [2004-08-04 12:00:00 | 000,101,888 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\actxprxy.dll
MOD - [2004-08-04 12:00:00 | 000,099,328 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\winscard.dll
MOD - [2004-08-04 12:00:00 | 000,098,816 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\loadperf.dll
MOD - [2004-08-04 12:00:00 | 000,098,304 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Windows Media Player\wmpband.dll
MOD - [2004-08-04 12:00:00 | 000,098,304 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\wmiutils.dll
MOD - [2004-08-04 12:00:00 | 000,098,304 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\odbcint.dll
MOD - [2004-08-04 12:00:00 | 000,097,280 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\psbase.dll
MOD - [2004-08-04 12:00:00 | 000,096,768 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\srvsvc.dll
MOD - [2004-08-04 12:00:00 | 000,095,744 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\iphlpapi.dll
MOD - [2004-08-04 12:00:00 | 000,093,184 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wlnotify.dll
MOD - [2004-08-04 12:00:00 | 000,091,136 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\mydocs.dll
MOD - [2004-08-04 12:00:00 | 000,090,624 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\trkwks.dll
MOD - [2004-08-04 12:00:00 | 000,089,088 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\wmiaprpl.dll
MOD - [2004-08-04 12:00:00 | 000,087,040 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\mprapi.dll
MOD - [2004-08-04 12:00:00 | 000,083,456 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\olepro32.dll
MOD - [2004-08-04 12:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ws2_32.dll
MOD - [2004-08-04 12:00:00 | 000,081,408 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wscsvc.dll
MOD - [2004-08-04 12:00:00 | 000,081,408 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\netui0.dll
MOD - [2004-08-04 12:00:00 | 000,077,312 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\browser.dll
MOD - [2004-08-04 12:00:00 | 000,075,264 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\inetpp.dll
MOD - [2004-08-04 12:00:00 | 000,074,752 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\spoolss.dll
MOD - [2004-08-04 12:00:00 | 000,073,728 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\mscms.dll
MOD - [2004-08-04 12:00:00 | 000,071,680 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\wbemcons.dll
MOD - [2004-08-04 12:00:00 | 000,071,680 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msacm32.dll
MOD - [2004-08-04 12:00:00 | 000,069,632 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\raschap.dll
MOD - [2004-08-04 12:00:00 | 000,067,584 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\srclient.dll
MOD - [2004-08-04 12:00:00 | 000,067,584 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\browselc.dll
MOD - [2004-08-04 12:00:00 | 000,067,072 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ntdsapi.dll
MOD - [2004-08-04 12:00:00 | 000,066,560 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\mtxclu.dll
MOD - [2004-08-04 12:00:00 | 000,065,536 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\shimeng.dll
MOD - [2004-08-04 12:00:00 | 000,064,000 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\samlib.dll
MOD - [2004-08-04 12:00:00 | 000,063,488 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\cryptnet.dll
MOD - [2004-08-04 12:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\colbact.dll
MOD - [2004-08-04 12:00:00 | 000,061,440 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rasman.dll
MOD - [2004-08-04 12:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\cryptsvc.dll
MOD - [2004-08-04 12:00:00 | 000,059,904 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\mpr.dll
MOD - [2004-08-04 12:00:00 | 000,059,904 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\devenum.dll
MOD - [2004-08-04 12:00:00 | 000,059,904 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\cabinet.dll
MOD - [2004-08-04 12:00:00 | 000,058,880 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\resutils.dll
MOD - [2004-08-04 12:00:00 | 000,058,880 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rastapi.dll
MOD - [2004-08-04 12:00:00 | 000,058,880 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\atl.dll
MOD - [2004-08-04 12:00:00 | 000,057,856 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\spoolsv.exe
MOD - [2004-08-04 12:00:00 | 000,057,856 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\clusapi.dll
MOD - [2004-08-04 12:00:00 | 000,057,344 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ndptsp.tsp
MOD - [2004-08-04 12:00:00 | 000,057,344 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msasn1.dll
MOD - [2004-08-04 12:00:00 | 000,056,832 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\authz.dll
MOD - [2004-08-04 12:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\secur32.dll
MOD - [2004-08-04 12:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\eventlog.dll
MOD - [2004-08-04 12:00:00 | 000,053,760 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\winsta.dll
MOD - [2004-08-04 12:00:00 | 000,053,248 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\mfc42loc.dll
MOD - [2004-08-04 12:00:00 | 000,051,712 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wzcsapi.dll
MOD - [2004-08-04 12:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\smss.exe
MOD - [2004-08-04 12:00:00 | 000,049,664 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\regapi.dll
MOD - [2004-08-04 12:00:00 | 000,049,152 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wdigest.dll
MOD - [2004-08-04 12:00:00 | 000,049,152 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\cnbjmon.dll
MOD - [2004-08-04 12:00:00 | 000,048,128 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msprivs.dll
MOD - [2004-08-04 12:00:00 | 000,047,104 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\ncprov.dll
MOD - [2004-08-04 12:00:00 | 000,046,592 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\tcpmon.dll
MOD - [2004-08-04 12:00:00 | 000,044,032 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rtutils.dll
MOD - [2004-08-04 12:00:00 | 000,043,520 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\wbemsvc.dll
MOD - [2004-08-04 12:00:00 | 000,043,520 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ntlanman.dll
MOD - [2004-08-04 12:00:00 | 000,042,496 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\audiosrv.dll
MOD - [2004-08-04 12:00:00 | 000,041,472 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\perfctrs.dll
MOD - [2004-08-04 12:00:00 | 000,038,912 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\sens.dll
MOD - [2004-08-04 12:00:00 | 000,038,912 | ---- | M] (Microsoft Corporation) -- d:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
MOD - [2004-08-04 12:00:00 | 000,036,864 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wups.dll
MOD - [2004-08-04 12:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ncobjapi.dll
MOD - [2004-08-04 12:00:00 | 000,035,328 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\perfproc.dll
MOD - [2004-08-04 12:00:00 | 000,034,816 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ssdpapi.dll
MOD - [2004-08-04 12:00:00 | 000,034,304 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\pstorsvc.dll
MOD - [2004-08-04 12:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rundll32.exe
MOD - [2004-08-04 12:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\kmddsp.tsp
MOD - [2004-08-04 12:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\cryptdll.dll
MOD - [2004-08-04 12:00:00 | 000,032,768 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\winipsec.dll
MOD - [2004-08-04 12:00:00 | 000,031,232 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\traffic.dll
MOD - [2004-08-04 12:00:00 | 000,030,208 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\mspatcha.dll
MOD - [2004-08-04 12:00:00 | 000,030,208 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\hidphone.tsp
MOD - [2004-08-04 12:00:00 | 000,028,672 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\batmeter.dll
MOD - [2004-08-04 12:00:00 | 000,027,648 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\profmap.dll
MOD - [2004-08-04 12:00:00 | 000,026,624 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\perfdisk.dll
MOD - [2004-08-04 12:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\utildll.dll
MOD - [2004-08-04 12:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\shfolder.dll
MOD - [2004-08-04 12:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\perfos.dll
MOD - [2004-08-04 12:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\davclnt.dll
MOD - [2004-08-04 12:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\odbcbcp.dll
MOD - [2004-08-04 12:00:00 | 000,024,064 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wsock32.dll
MOD - [2004-08-04 12:00:00 | 000,023,552 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wdmaud.drv
MOD - [2004-08-04 12:00:00 | 000,023,040 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\psapi.dll
MOD - [2004-08-04 12:00:00 | 000,023,040 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ersvc.dll
MOD - [2004-08-04 12:00:00 | 000,022,016 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\lpk.dll
MOD - [2004-08-04 12:00:00 | 000,020,992 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msacm32.drv
MOD - [2004-08-04 12:00:00 | 000,020,992 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\hid.dll
MOD - [2004-08-04 12:00:00 | 000,019,968 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wshtcpip.dll
MOD - [2004-08-04 12:00:00 | 000,019,968 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ws2help.dll
MOD - [2004-08-04 12:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\wbemprox.dll
MOD - [2004-08-04 12:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\version.dll
MOD - [2004-08-04 12:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\seclogon.dll
MOD - [2004-08-04 12:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\midimap.dll
MOD - [2004-08-04 12:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\linkinfo.dll
MOD - [2004-08-04 12:00:00 | 000,018,432 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wtsapi32.dll
MOD - [2004-08-04 12:00:00 | 000,018,432 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\nddeapi.dll
MOD - [2004-08-04 12:00:00 | 000,017,408 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\powrprof.dll
MOD - [2004-08-04 12:00:00 | 000,017,408 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ipconf.tsp
MOD - [2004-08-04 12:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\winrnr.dll
MOD - [2004-08-04 12:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\usbmon.dll
MOD - [2004-08-04 12:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\perfnet.dll
MOD - [2004-08-04 12:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\pjlmon.dll
MOD - [2004-08-04 12:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ctfmon.exe
MOD - [2004-08-04 12:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe
MOD - [2004-08-04 12:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\drprov.dll
MOD - [2004-08-04 12:00:00 | 000,014,336 | ---- | M] () -- D:\WINDOWS\system32\msdmo.dll
MOD - [2004-08-04 12:00:00 | 000,013,824 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wscntfy.exe
MOD - [2004-08-04 12:00:00 | 000,013,824 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\uniplat.dll
MOD - [2004-08-04 12:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\lsass.exe
MOD - [2004-08-04 12:00:00 | 000,012,288 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\perfts.dll
MOD - [2004-08-04 12:00:00 | 000,012,288 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\netrap.dll
MOD - [2004-08-04 12:00:00 | 000,011,264 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\icaapi.dll
MOD - [2004-08-04 12:00:00 | 000,010,752 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\pschdprf.dll
MOD - [2004-08-04 12:00:00 | 000,009,728 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rsvpperf.dll
MOD - [2004-08-04 12:00:00 | 000,008,192 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rasadhlp.dll
MOD - [2004-08-04 12:00:00 | 000,008,192 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ntlsapi.dll
MOD - [2004-08-04 12:00:00 | 000,008,192 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\d3d8thk.dll
MOD - [2004-08-04 12:00:00 | 000,006,656 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wuauserv.dll
MOD - [2004-08-04 12:00:00 | 000,006,656 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\sensapi.dll
MOD - [2004-08-04 12:00:00 | 000,006,656 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msidle.dll
MOD - [2004-08-04 12:00:00 | 000,005,632 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wmi.dll
MOD - [2004-08-04 12:00:00 | 000,005,632 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\tapiperf.dll
MOD - [2004-08-04 12:00:00 | 000,005,120 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\sfc.dll
MOD - [2004-08-04 12:00:00 | 000,004,608 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msimg32.dll
MOD - [2004-08-04 01:44:00 | 000,021,504 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\hidserv.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012-12-12 08:17:55 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- D:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-11-27 18:24:51 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- D:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012-11-19 21:48:14 | 001,435,568 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- D:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012-11-09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- D:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-09-23 15:28:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- D:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2010-06-25 15:57:50 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- D:\Program Files\TP-LINK\COMMON\RaRegistry.exe -- (RalinkRegistryWriter)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012-12-24 14:10:52 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2012-11-27 16:09:44 | 000,077,056 | ---- | M] (VIA Technologies inc,.ltd) [Kernel | Boot | Running] -- D:\WINDOWS\system32\drivers\viasraid.sys -- (viasraid)
DRV - [2012-09-20 05:35:36 | 000,181,344 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2012-09-20 05:35:36 | 000,083,168 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2010-06-25 15:57:58 | 000,019,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\Scutum50.sys -- (Scutum50)
DRV - [2010-06-25 15:57:40 | 000,827,488 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\rt2870.sys -- (rt2870)
DRV - [2010-06-19 15:04:16 | 000,042,928 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\x3320001.sys -- (x3320001)
DRV - [2010-05-25 08:59:24 | 000,121,576 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2010-05-25 08:59:24 | 000,098,152 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ssadserd.sys -- (ssadserd)
DRV - [2010-05-25 08:59:24 | 000,096,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2010-05-25 08:59:24 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ssadadb.sys -- (androidusb)
DRV - [2010-05-25 08:59:24 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2010-04-27 03:25:20 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2010-04-27 03:25:20 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus)
DRV - [2010-04-27 03:25:20 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2009-03-18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2004-08-04 00:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2001-08-17 21:19:34 | 000,040,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\es1371mp.sys -- (es1371)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1644491937-1708537768-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://gazeta.pl/0,0.html?sc=1
IE - HKU\S-1-5-21-1644491937-1708537768-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1644491937-1708537768-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://youtube.pl/
IE - HKU\S-1-5-21-1644491937-1708537768-725345543-1004\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1644491937-1708537768-725345543-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1644491937-1708537768-725345543-1004\..\SearchScopes\{2BD85B96-6BF0-44AB-9016-0C6072942246}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1644491937-1708537768-725345543-1004\..\SearchScopes\{39B64B4E-05FF-45FF-B9BC-DDCE3F793B4A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1644491937-1708537768-725345543-1004\..\SearchScopes\{76F5E59B-E0C6-449A-BE54-B95DEFB48A5F}: "URL" = http://szukaj.gazeta.pl/portalSearch.do?s.si(navigation).navigationEnabled=true&s.sm.query={searchTerms}
IE - HKU\S-1-5-21-1644491937-1708537768-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1644491937-1708537768-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

IE - HKU\S-1-5-21-1644491937-1708537768-725345543-1005\..\SearchScopes,DefaultScope =


[color=#E56717]========== FireFox ==========[/color]

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: D:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: D:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: D:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: D:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: D:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: D:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\support@mozilla.com: D:\Documents and Settings\Grzenio\Dane aplikacji\support@mozilla.com [2012-12-11 18:39:15 | 000,000,000 | ---D | M]


[color=#E56717]========== Chrome ==========[/color]

CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = D:\Program Files\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = D:\Program Files\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = D:\Program Files\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = D:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = D:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = D:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = D:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll
CHR - Extension: Dysk Google = D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Battlefield Heroes = D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh\5.0.196.0_0\
CHR - Extension: Szukaj w Google = D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: AdBlock = D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.54_0\
CHR - Extension: Battlefield Play4Free = D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh\1.0.80.5_0\
CHR - Extension: Gmail = D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Dysk Google = D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Battlefield Heroes = D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh\5.0.196.0_0\
CHR - Extension: Szukaj w Google = D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: AdBlock = D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.54_0\
CHR - Extension: Battlefield Play4Free = D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh\1.0.80.5_0\
CHR - Extension: Gmail = D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2004-08-04 12:00:00 | 000,000,742 | ---- | M]) - D:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SimpleAdblock Class) - {FFCB3198-32F3-4E8B-9539-4324694ED664} - D:\Program Files\Common Files\Simple Adblock\SimpleAdblock.dll (Simple Adblock)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] D:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [NvCplDaemon] D:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] D:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] D:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
O4 - HKU\S-1-5-21-1644491937-1708537768-725345543-1004..\Run: [DAEMON Tools Lite] D:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1644491937-1708537768-725345543-1004..\Run: [KPeerNexonEU] D:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe (NEXON Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: D:\Documents and Settings\All Users\Menu Start\Programy\Autostart\TP-LINK Wireless Utility.lnk = D:\Program Files\TP-LINK\COMMON\TWCU.exe (TP-LINK TECHNOLOGIES CO., LTD. )
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1644491937-1708537768-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1644491937-1708537768-725345543-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{065775D1-4E4D-49F9-B150-07BFD3DE1EB9}: DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (D:\WINDOWS\system32\userinit.exe) - D:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LogonInit: DllName - (logonInit.dll) - D:\Program Files\Common Files\logonInit.dll ()
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: D:\WINDOWS\Web\Wallpaper\Idylla.bmp
O24 - Desktop BackupWallPaper: D:\WINDOWS\Web\Wallpaper\Idylla.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012-11-27 18:02:38 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2012-12-25 01:37:08 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\Malwarebytes
[2012-12-25 01:36:52 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes' Anti-Malware
[2012-12-25 01:36:52 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
[2012-12-25 01:36:51 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- D:\WINDOWS\System32\drivers\mbam.sys
[2012-12-25 01:36:51 | 000,000,000 | ---D | C] -- D:\Program Files\Malwarebytes' Anti-Malware
[2012-12-25 01:30:10 | 000,000,000 | ---D | C] -- D:\_OTL
[2012-12-24 14:17:24 | 000,000,000 | -HSD | C] -- D:\WINDOWS\ftpcache
[2012-12-24 14:16:15 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\Activision
[2012-12-24 14:11:07 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\DAEMON Tools Lite
[2012-12-24 14:10:52 | 000,242,240 | ---- | C] (DT Soft Ltd) -- D:\WINDOWS\System32\drivers\dtsoftbus01.sys
[2012-12-24 14:10:48 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\DAEMON Tools Lite
[2012-12-24 14:10:45 | 000,000,000 | ---D | C] -- D:\Program Files\DAEMON Tools Lite
[2012-12-24 14:08:23 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2012-12-24 12:28:36 | 000,000,000 | ---D | C] -- D:\WINDOWS\Minidump
[2012-12-24 11:49:02 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\BitTorrent
[2012-12-24 11:28:34 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\WMTools Downloaded Files
[2012-12-24 11:25:23 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Grzenio\Moje dokumenty\Moje wideo
[2012-12-24 11:25:23 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Dokumenty\Moje wideo
[2012-12-23 10:03:48 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Pulpit\iBot
[2012-12-17 17:49:57 | 000,000,000 | ---D | C] -- D:\Program Files\Tibiacast
[2012-12-16 17:57:11 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\Tibiacast
[2012-12-16 17:55:39 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\Tibiacast
[2012-12-13 19:57:22 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\CPUID
[2012-12-12 21:56:16 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\%Installer_PublisherName%
[2012-12-12 20:55:07 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Nexon
[2012-12-12 20:17:57 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\Nexon
[2012-12-12 20:12:50 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\NexonEU
[2012-12-12 18:58:25 | 000,446,464 | ---- | C] (NEXON Inc.) -- D:\WINDOWS\NEXON_EU_DownloaderUpdater.exe
[2012-12-12 18:58:25 | 000,000,000 | ---D | C] -- D:\Nexon
[2012-12-11 18:42:15 | 000,000,000 | ---D | C] -- D:\Program Files\Microsoft.NET
[2012-12-11 18:39:15 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\support@mozilla.com
[2012-12-11 18:39:08 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Opera
[2012-12-11 18:39:08 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\Chrome_manager
[2012-12-10 17:57:45 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2012-12-10 16:20:49 | 000,121,576 | ---- | C] (MCCI Corporation) -- D:\WINDOWS\System32\drivers\ssadmdm.sys
[2012-12-10 16:20:49 | 000,098,152 | ---- | C] (MCCI Corporation) -- D:\WINDOWS\System32\drivers\ssadserd.sys
[2012-12-10 16:20:49 | 000,096,488 | ---- | C] (MCCI Corporation) -- D:\WINDOWS\System32\drivers\ssadbus.sys
[2012-12-10 16:20:49 | 000,012,776 | ---- | C] (MCCI Corporation) -- D:\WINDOWS\System32\drivers\ssadmdfl.sys
[2012-12-10 16:20:49 | 000,010,344 | ---- | C] (MCCI Corporation) -- D:\WINDOWS\System32\drivers\ssadcmnt.sys
[2012-12-10 16:20:49 | 000,010,216 | ---- | C] (MCCI Corporation) -- D:\WINDOWS\System32\drivers\ssadwhnt.sys
[2012-12-10 16:20:28 | 000,132,424 | ---- | C] (MCCI Corporation) -- D:\WINDOWS\System32\drivers\sscdmdm.sys
[2012-12-10 16:20:28 | 000,104,648 | ---- | C] (MCCI Corporation) -- D:\WINDOWS\System32\drivers\sscdbus.sys
[2012-12-10 16:20:28 | 000,014,920 | ---- | C] (MCCI Corporation) -- D:\WINDOWS\System32\drivers\sscdmdfl.sys
[2012-12-10 16:20:28 | 000,012,616 | ---- | C] (MCCI Corporation) -- D:\WINDOWS\System32\drivers\sscdcmnt.sys
[2012-12-10 16:20:28 | 000,012,616 | ---- | C] (MCCI Corporation) -- D:\WINDOWS\System32\drivers\sscdcm.sys
[2012-12-10 16:20:28 | 000,012,488 | ---- | C] (MCCI Corporation) -- D:\WINDOWS\System32\drivers\sscdwhnt.sys
[2012-12-10 16:20:28 | 000,012,488 | ---- | C] (MCCI Corporation) -- D:\WINDOWS\System32\drivers\sscdwh.sys
[2012-12-07 21:38:53 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\Samsung
[2012-12-07 21:38:45 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Moje dokumenty\samsung
[2012-12-07 21:36:31 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- D:\WINDOWS\System32\Redemption.dll
[2012-12-07 21:35:36 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers\umdf
[2012-12-07 21:34:25 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\XPSViewer
[2012-12-07 21:34:22 | 000,000,000 | ---D | C] -- D:\Program Files\MSBuild
[2012-12-07 21:34:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\en-US
[2012-12-07 21:34:15 | 000,000,000 | ---D | C] -- D:\Program Files\Reference Assemblies
[2012-12-07 21:33:31 | 000,000,000 | R-SD | C] -- D:\WINDOWS\assembly
[2012-12-07 21:33:13 | 000,000,000 | ---D | C] -- D:\WINDOWS\Microsoft.NET
[2012-12-07 21:32:46 | 000,000,000 | ---D | C] -- D:\Program Files\MSXML 6.0
[2012-12-07 21:31:27 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Downloaded Installations
[2012-12-07 21:31:19 | 000,000,000 | -H-D | C] -- D:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2012-12-07 21:18:17 | 000,181,344 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- D:\WINDOWS\System32\drivers\ssudmdm.sys
[2012-12-07 21:18:16 | 000,083,168 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- D:\WINDOWS\System32\drivers\ssudbus.sys
[2012-12-07 21:10:46 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\ExpressFiles
[2012-12-04 21:10:47 | 000,042,928 | ---- | C] (Your Corporation) -- D:\WINDOWS\System32\drivers\x3320001.sys
[2012-12-04 21:10:47 | 000,000,000 | ---D | C] -- D:\WINDOWS\USB_Vibration
[2012-12-04 21:10:41 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\InstallShield
[2012-12-04 21:10:39 | 000,000,000 | ---D | C] -- D:\Program Files\USB Vibartion
[2012-12-04 17:02:57 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\K-Lite Codec Pack
[2012-12-04 17:02:51 | 000,000,000 | ---D | C] -- D:\Program Files\K-Lite Codec Pack
[2012-12-01 21:57:15 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\Skype
[2012-12-01 21:57:09 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Skype
[2012-12-01 21:57:09 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\Skype
[2012-12-01 21:57:08 | 000,000,000 | R--D | C] -- D:\Program Files\Skype
[2012-12-01 21:57:05 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Skype
[2012-12-01 17:19:57 | 000,010,344 | ---- | C] (MCCI Corporation) -- D:\WINDOWS\System32\drivers\ssadcm.sys
[2012-12-01 17:19:57 | 000,010,216 | ---- | C] (MCCI Corporation) -- D:\WINDOWS\System32\drivers\ssadwh.sys
[2012-12-01 17:19:51 | 000,000,000 | ---D | C] -- D:\Program Files\SAMSUNG
[2012-12-01 17:19:46 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Samsung
[2012-12-01 17:08:03 | 000,000,000 | ---D | C] -- D:\WINDOWS\Sun
[2012-11-28 22:34:58 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Moje dokumenty\Battlefield Play4Free
[2012-11-28 21:50:04 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\PunkBuster
[2012-11-28 21:38:15 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Moje dokumenty\Battlefield Heroes
[2012-11-28 21:28:59 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\LogFiles
[2012-11-28 21:28:58 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Menu Start\Programy\EA Games
[2012-11-28 19:06:49 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\.gstreamer-0.10
[2012-11-28 19:06:36 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2012-11-28 19:06:34 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\OpenFM
[2012-11-28 19:01:09 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Moje dokumenty\Electronic Arts
[2012-11-28 14:17:18 | 000,569,344 | ---- | C] ((c) MusicCity) -- D:\WINDOWS\System32\muzdecode.ax
[2012-11-28 14:17:18 | 000,491,520 | ---- | C] (Musiccity Co.Ltd.) -- D:\WINDOWS\System32\muzapp.dll
[2012-11-28 14:17:18 | 000,352,256 | ---- | C] (Sample Corporation) -- D:\WINDOWS\System32\MSLUR71.dll
[2012-11-28 14:17:18 | 000,258,048 | ---- | C] ((c) PeeringPortal) -- D:\WINDOWS\System32\muzoggsp.ax
[2012-11-28 14:17:18 | 000,245,760 | ---- | C] (Teruten Inc.) -- D:\WINDOWS\System32\MSCLib.dll
[2012-11-28 14:17:18 | 000,200,704 | ---- | C] ( (c) MusicCity) -- D:\WINDOWS\System32\muzwmts.dll
[2012-11-28 14:17:18 | 000,172,032 | ---- | C] (Musiccity Co.Ltd.) -- D:\WINDOWS\System32\muzapp.exe
[2012-11-28 14:17:18 | 000,155,648 | ---- | C] (Teruten Inc.) -- D:\WINDOWS\System32\MSFLib.dll
[2012-11-28 14:17:18 | 000,135,168 | ---- | C] (Musiccity Co.Ltd.) -- D:\WINDOWS\System32\muzaf1.dll
[2012-11-28 14:17:18 | 000,131,072 | ---- | C] ((c) MusicCity) -- D:\WINDOWS\System32\muzmpgsp.ax
[2012-11-28 14:17:18 | 000,122,880 | ---- | C] ((c) MUSICCITY) -- D:\WINDOWS\System32\muzeffect.ax
[2012-11-28 14:17:18 | 000,118,784 | ---- | C] ((주)마크애니) -- D:\WINDOWS\System32\MaDRM.dll
[2012-11-28 14:17:18 | 000,110,592 | ---- | C] ((c) MusicCity) -- D:\WINDOWS\System32\muzmp4sp.ax
[2012-11-28 14:17:18 | 000,057,344 | ---- | C] (Marktek) -- D:\WINDOWS\System32\MK_Lyric.dll
[2012-11-28 14:17:18 | 000,057,344 | ---- | C] (Marktek Inc.) -- D:\WINDOWS\System32\MTXSYNCICON.dll
[2012-11-28 14:17:18 | 000,049,152 | ---- | C] ((주) 마크애니) -- D:\WINDOWS\System32\MaJGUILib.dll
[2012-11-28 14:17:18 | 000,045,320 | ---- | C] (MARKANY) -- D:\WINDOWS\System32\MAMACExtract.dll
[2012-11-28 14:17:18 | 000,045,056 | ---- | C] ((주) 마크애니) -- D:\WINDOWS\System32\MaXMLProto.dll
[2012-11-28 14:17:18 | 000,045,056 | ---- | C] ((주) 마크애니) -- D:\WINDOWS\System32\MACXMLProto.dll
[2012-11-28 14:17:18 | 000,040,960 | ---- | C] (Telechips Inc.,) -- D:\WINDOWS\System32\MTTELECHIP.dll
[2012-11-28 14:17:18 | 000,024,576 | ---- | C] ((주)마크애니) -- D:\WINDOWS\System32\MASetupCleaner.exe
[2012-11-27 19:44:26 | 000,000,000 | -HSD | C] -- D:\RECYCLER
[2012-11-27 19:44:21 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi
[2012-11-27 19:44:16 | 000,000,000 | ---D | C] -- D:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi
[2012-11-27 19:43:53 | 000,000,000 | ---D | C] -- D:\Program Files\LogMeIn Hamachi
[2012-11-27 19:43:53 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\LogMeIn Hamachi
[2012-11-27 19:43:16 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\Hoolapp for Android
[2012-11-27 19:43:15 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\HoolappforAndroid
[2012-11-27 19:17:13 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\LolClient
[2012-11-27 19:13:54 | 000,000,000 | ---D | C] -- D:\WINDOWS\Logs
[2012-11-27 19:12:15 | 000,000,000 | ---D | C] -- D:\Direxct
[2012-11-27 19:09:27 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\Asprate
[2012-11-27 19:09:25 | 000,000,000 | ---D | C] -- D:\Program Files\Asprate
[2012-11-27 19:09:00 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\Tibia
[2012-11-27 18:58:37 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Sun
[2012-11-27 18:55:18 | 000,000,000 | -HSD | C] -- D:\WINDOWS\Installer
[2012-11-27 18:55:18 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\ODBC
[2012-11-27 18:55:16 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\SpeechEngines
[2012-11-27 18:55:15 | 000,000,000 | R--D | C] -- D:\Program Files
[2012-11-27 18:55:15 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Microsoft Shared
[2012-11-27 18:55:15 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files
[2012-11-27 18:54:51 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Menu Start
[2012-11-27 18:54:51 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Dokumenty
[2012-11-27 18:54:51 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\Autostart
[2012-11-27 18:54:51 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\All Users\Szablony
[2012-11-27 18:54:51 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Ulubione
[2012-11-27 18:54:51 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Pulpit
[2012-11-27 18:54:31 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Identities
[2012-11-27 18:53:03 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\CatRoot2
[2012-11-27 18:53:03 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\CatRoot
[2012-11-27 18:52:58 | 000,000,000 | --SD | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Microsoft
[2012-11-27 18:52:58 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\All Users\Dane aplikacji
[2012-11-27 18:52:41 | 000,000,000 | ---D | C] -- D:\Documents and Settings
[2012-11-27 18:52:40 | 000,000,000 | -HSD | C] -- D:\System Volume Information
[2012-11-27 18:47:21 | 000,000,000 | R-SD | C] -- D:\WINDOWS\Fonts
[2012-11-27 18:47:21 | 000,000,000 | RHSD | C] -- D:\WINDOWS\System32\dllcache
[2012-11-27 18:47:21 | 000,000,000 | R--D | C] -- D:\WINDOWS\Web
[2012-11-27 18:47:21 | 000,000,000 | -H-D | C] -- D:\WINDOWS\inf
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\WinSxS
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\wins
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\wbem
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\usmt
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\twain_32
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\Temp
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\system32
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\system
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\spool
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\ShellExt
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\Setup
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\security
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\Resources
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\repair
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\ras
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\Provisioning
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\PeerNet
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\pchealth
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\oobe
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\npp
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\NLDRV
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\mui
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\mui
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\msapps
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\msagent
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\Media
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\java
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\inetsrv
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\IME
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\ime
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\icsxml
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\ias
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\Help
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\export
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers\etc
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\Driver Cache
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers\disdn
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\dhcp
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\Debug
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\Cursors
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\Connection Wizard
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\config
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\Config
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\AppPatch
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\addins
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\3com_dmi
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\3076
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\2052
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1054
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1045
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1042
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1041
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1037
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1033
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1031
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1028
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1025
[2012-11-27 18:28:47 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\TS3Client
[2012-11-27 18:28:14 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\NVIDIA
[2012-11-27 18:27:42 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\.minecraft
[2012-11-27 18:27:19 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\Tibia
[2012-11-27 18:26:23 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Menu Start\Programy\WinRAR
[2012-11-27 18:26:23 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\WinRAR
[2012-11-27 18:26:23 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\WinRAR
[2012-11-27 18:26:21 | 000,000,000 | ---D | C] -- D:\Program Files\WinRAR
[2012-11-27 18:26:01 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\TeamSpeak 3 Client
[2012-11-27 18:25:08 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Sun
[2012-11-27 18:25:08 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Java
[2012-11-27 18:24:47 | 000,000,000 | ---D | C] -- D:\Program Files\Java
[2012-11-27 18:23:42 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\Sun
[2012-11-27 18:21:45 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Simple Adblock
[2012-11-27 18:21:45 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\Simple Adblock
[2012-11-27 18:21:40 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\Gadu-Gadu 10
[2012-11-27 18:21:37 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2012-11-27 18:21:21 | 000,000,000 | ---D | C] -- D:\Program Files\Gadu-Gadu 10
[2012-11-27 18:20:29 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\Adobe
[2012-11-27 18:20:02 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Moje dokumenty\Downloads
[2012-11-27 18:19:24 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\Macromedia
[2012-11-27 18:17:26 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Adobe
[2012-11-27 18:17:23 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\Google Chrome
[2012-11-27 18:16:35 | 000,000,000 | ---D | C] -- D:\Program Files\Google
[2012-11-27 18:16:34 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Google
[2012-11-27 18:15:59 | 000,000,000 | -HSD | C] -- D:\Documents and Settings\Grzenio\IECompatCache
[2012-11-27 18:15:50 | 000,000,000 | -HSD | C] -- D:\Documents and Settings\Grzenio\PrivacIE
[2012-11-27 18:15:39 | 000,000,000 | -HSD | C] -- D:\Documents and Settings\Grzenio\IETldCache
[2012-11-27 18:14:35 | 000,000,000 | ---D | C] -- D:\WINDOWS\WBEM
[2012-11-27 18:14:24 | 000,000,000 | -H-D | C] -- D:\WINDOWS\ie8
[2012-11-27 18:14:24 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\pl-PL
[2012-11-27 18:10:26 | 000,796,032 | ---- | C] (Ralink Technology, Corp.) -- D:\WINDOWS\System32\Scutum.dll
[2012-11-27 18:10:26 | 000,200,704 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- D:\WINDOWS\System32\ssleay32.dll
[2012-11-27 18:10:26 | 000,180,224 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- D:\WINDOWS\System32\W32N55.dll
[2012-11-27 18:10:26 | 000,152,968 | ---- | C] (Ralink Tech) -- D:\WINDOWS\System32\RalinkGina.dll
[2012-11-27 18:10:25 | 001,085,440 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- D:\WINDOWS\System32\libeay32.dll
[2012-11-27 18:10:25 | 000,019,072 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- D:\WINDOWS\System32\drivers\Scutum50.sys
[2012-11-27 18:10:25 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\TP-LINK
[2012-11-27 18:10:24 | 000,827,488 | ---- | C] (Ralink Technology, Corp.) -- D:\WINDOWS\System32\drivers\rt2870.sys
[2012-11-27 18:10:24 | 000,000,000 | ---D | C] -- D:\Program Files\TP-LINK
[2012-11-27 18:10:24 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\DRVSTORE
[2012-11-27 18:10:22 | 000,000,000 | -H-D | C] -- D:\Program Files\InstallShield Installation Information
[2012-11-27 18:10:22 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\TP-LINK Driver
[2012-11-27 18:09:41 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\NVIDIA
[2012-11-27 18:09:39 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\NVIDIA Corporation
[2012-11-27 18:09:07 | 000,065,536 | ---- | C] (Khronos Group) -- D:\WINDOWS\System32\OpenCL.dll
[2012-11-27 18:08:43 | 000,000,000 | ---D | C] -- D:\Program Files\NVIDIA Corporation
[2012-11-27 18:08:21 | 000,000,000 | ---D | C] -- D:\NVIDIA
[2012-11-27 18:07:10 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\Identities
[2012-11-27 18:07:09 | 000,000,000 | -H-D | C] -- D:\Program Files\Uninstall Information
[2012-11-27 18:07:08 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Grzenio\Moje dokumenty\Moje obrazy
[2012-11-27 18:07:08 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Grzenio\Moje dokumenty\Moja muzyka
[2012-11-27 18:07:01 | 000,000,000 | --SD | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\Microsoft
[2012-11-27 18:07:01 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\Grzenio\SendTo
[2012-11-27 18:07:01 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\Grzenio\Recent
[2012-11-27 18:07:01 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji
[2012-11-27 18:07:01 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Grzenio\Ulubione
[2012-11-27 18:07:01 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Grzenio\Moje dokumenty
[2012-11-27 18:07:01 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Grzenio\Menu Start
[2012-11-27 18:07:01 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Grzenio\Menu Start\Programy\Autostart
[2012-11-27 18:07:01 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Grzenio\Menu Start\Programy\Akcesoria
[2012-11-27 18:07:01 | 000,000,000 | -HSD | C] -- D:\Documents and Settings\Grzenio\Cookies
[2012-11-27 18:07:01 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\Grzenio\Ustawienia lokalne
[2012-11-27 18:07:01 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\Grzenio\Szablony
[2012-11-27 18:07:01 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\Grzenio\PrintHood
[2012-11-27 18:07:01 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\Grzenio\NetHood
[2012-11-27 18:07:01 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Pulpit
[2012-11-27 18:07:01 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Microsoft
[2012-11-27 18:05:36 | 000,000,000 | --SD | C] -- D:\WINDOWS\System32\Microsoft
[2012-11-27 18:05:36 | 000,000,000 | ---D | C] -- D:\WINDOWS\SoftwareDistribution
[2012-11-27 18:05:36 | 000,000,000 | ---D | C] -- D:\WINDOWS\Prefetch
[2012-11-27 18:05:35 | 000,000,000 | --SD | C] -- D:\Documents and Settings\LocalService\Dane aplikacji\Microsoft
[2012-11-27 18:05:35 | 000,000,000 | ---D | C] -- D:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2012-11-27 18:04:56 | 000,000,000 | --SD | C] -- D:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[2012-11-27 18:04:56 | 000,000,000 | ---D | C] -- D:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2012-11-27 18:03:48 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- D:\WINDOWS\System32\dllcache\rwia330.dll
[2012-11-27 18:03:48 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- D:\WINDOWS\System32\dllcache\rwia001.dll
[2012-11-27 18:03:48 | 000,026,624 | ---- | C] (RICOH Co., Ltd.) -- D:\WINDOWS\System32\dllcache\rw330ext.dll
[2012-11-27 18:03:04 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- D:\WINDOWS\System32\dllcache\cap7146.sys
[2012-11-27 18:02:46 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\xircom
[2012-11-27 18:02:46 | 000,000,000 | ---D | C] -- D:\Program Files\xerox
[2012-11-27 18:02:46 | 000,000,000 | ---D | C] -- D:\Program Files\microsoft frontpage
[2012-11-27 18:02:04 | 000,000,000 | -HSD | C] -- D:\Documents and Settings\All Users\DRM
[2012-11-27 18:01:58 | 000,000,000 | --SD | C] -- D:\WINDOWS\Downloaded Program Files
[2012-11-27 18:01:58 | 000,000,000 | R--D | C] -- D:\WINDOWS\Offline Web Pages
[2012-11-27 18:01:52 | 000,000,000 | -H-D | C] -- D:\Program Files\WindowsUpdate
[2012-11-27 18:01:51 | 000,000,000 | ---D | C] -- D:\Program Files\Usługi online
[2012-11-27 18:01:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\DirectX
[2012-11-27 18:01:17 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Services
[2012-11-27 18:01:15 | 000,000,000 | --SD | C] -- D:\WINDOWS\Tasks
[2012-11-27 18:01:15 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\MSSoap
[2012-11-27 18:01:12 | 000,000,000 | ---D | C] -- D:\WINDOWS\srchasst
[2012-11-27 18:01:11 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\Macromed
[2012-11-27 18:01:05 | 000,000,000 | ---D | C] -- D:\Program Files\Movie Maker
[2012-11-27 18:00:59 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\Restore
[2012-11-27 18:00:55 | 000,000,000 | ---D | C] -- D:\Program Files\NetMeeting
[2012-11-27 18:00:53 | 000,000,000 | ---D | C] -- D:\Program Files\Outlook Express
[2012-11-27 18:00:48 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\System
[2012-11-27 18:00:47 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Dokumenty\Moje obrazy
[2012-11-27 18:00:47 | 000,000,000 | ---D | C] -- D:\Program Files\Internet Explorer
[2012-11-27 18:00:45 | 000,000,000 | ---D | C] -- D:\Program Files\ComPlus Applications
[2012-11-27 18:00:44 | 000,000,000 | ---D | C] -- D:\WINDOWS\Registration
[2012-11-27 18:00:43 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\Narzędzia administracyjne
[2012-11-27 18:00:28 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Dokumenty\Moja muzyka
[2012-11-27 18:00:28 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\Gry
[2012-11-27 18:00:28 | 000,000,000 | ---D | C] -- D:\Program Files\Windows Media Player
[2012-11-27 18:00:26 | 000,000,000 | ---D | C] -- D:\Program Files\Messenger
[2012-11-27 18:00:23 | 000,000,000 | ---D | C] -- D:\Program Files\MSN Gaming Zone
[2012-11-27 18:00:04 | 000,283,136 | ---- | C] (Cinematronics) -- D:\WINDOWS\System32\dllcache\pinball.exe
[2012-11-27 18:00:03 | 000,000,000 | ---D | C] -- D:\Program Files\Windows NT
[2012-11-27 18:00:00 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\MsDtc
[2012-11-27 17:59:59 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\Com
[2012-11-27 17:59:41 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\Akcesoria

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2012-12-25 01:36:52 | 000,000,784 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Malwarebytes Anti-Malware.lnk
[2012-12-25 01:35:40 | 000,001,034 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012-12-25 01:35:39 | 000,000,290 | ---- | M] () -- D:\WINDOWS\tasks\Express FilesUpdate.job
[2012-12-25 01:35:34 | 000,002,048 | --S- | M] () -- D:\WINDOWS\bootstat.dat
[2012-12-25 01:35:34 | 000,000,006 | -H-- | M] () -- D:\WINDOWS\tasks\SA.DAT
[2012-12-25 01:34:51 | 002,097,152 | -H-- | M] () -- D:\Documents and Settings\Grzenio\NTUSER.DAT
[2012-12-25 01:34:51 | 000,000,188 | -HS- | M] () -- D:\Documents and Settings\Grzenio\ntuser.ini
[2012-12-25 01:34:47 | 005,328,468 | -H-- | M] () -- D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2012-12-25 01:32:31 | 003,880,824 | ---- | M] () -- D:\_OTL.rar
[2012-12-25 01:31:28 | 000,013,694 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl
[2012-12-25 01:29:39 | 000,000,109 | ---- | M] () -- D:\Program Files\Common Files\userInit.dll
[2012-12-25 01:21:00 | 000,001,038 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012-12-25 01:17:00 | 000,000,930 | ---- | M] () -- D:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012-12-24 15:26:20 | 000,139,424 | ---- | M] () -- D:\WINDOWS\System32\drivers\PnkBstrK.sys
[2012-12-24 15:26:11 | 000,282,104 | ---- | M] () -- D:\WINDOWS\System32\PnkBstrB.xtr
[2012-12-24 14:16:17 | 000,000,451 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Call of Duty(R) 2 Singleplayer.lnk
[2012-12-24 14:16:17 | 000,000,451 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Call of Duty(R) 2 Multiplayer.lnk
[2012-12-24 14:16:15 | 000,000,266 | ---- | M] () -- D:\WINDOWS\game.ini
[2012-12-24 14:12:04 | 000,555,462 | ---- | M] () -- D:\WINDOWS\System32\perfh015.dat
[2012-12-24 14:12:04 | 000,493,190 | ---- | M] () -- D:\WINDOWS\System32\perfh009.dat
[2012-12-24 14:12:04 | 000,104,494 | ---- | M] () -- D:\WINDOWS\System32\perfc015.dat
[2012-12-24 14:12:04 | 000,083,734 | ---- | M] () -- D:\WINDOWS\System32\perfc009.dat
[2012-12-24 14:12:03 | 001,254,092 | ---- | M] () -- D:\WINDOWS\System32\PerfStringBackup.INI
[2012-12-24 14:11:07 | 000,001,613 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\DAEMON Tools Lite.lnk
[2012-12-24 14:10:52 | 000,242,240 | ---- | M] (DT Soft Ltd) -- D:\WINDOWS\System32\drivers\dtsoftbus01.sys
[2012-12-24 11:53:05 | 000,004,608 | ---- | M] () -- D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-12-24 11:49:32 | 000,000,536 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\BitTorrent.lnk
[2012-12-24 11:25:57 | 000,223,060 | ---- | M] () -- D:\Documents and Settings\Grzenio\Pulpit\Tomorrowland_image_716x477.jpg
[2012-12-23 20:55:59 | 000,002,267 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2012-12-16 17:58:52 | 000,002,169 | ---- | M] () -- D:\Documents and Settings\Grzenio\Pulpit\Tibiacast.lnk
[2012-12-13 19:57:22 | 000,000,656 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\CPUID HWMonitor.lnk
[2012-12-12 20:17:58 | 000,000,630 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Combat Arms EU.lnk
[2012-12-12 18:58:25 | 000,446,464 | ---- | M] (NEXON Inc.) -- D:\WINDOWS\NEXON_EU_DownloaderUpdater.exe
[2012-12-12 18:58:25 | 000,000,235 | ---- | M] () -- D:\WINDOWS\System32\nxEuUninstall.bat
[2012-12-11 18:39:15 | 001,335,014 | ---- | M] () -- D:\Documents and Settings\Grzenio\Dane aplikacji\sqlite.jar
[2012-12-11 18:37:03 | 000,000,544 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Tibia.lnk
[2012-12-07 21:38:42 | 000,012,328 | ---- | M] () -- D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2012-12-07 21:37:55 | 000,096,664 | ---- | M] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2012-12-07 21:35:50 | 000,000,000 | -H-- | M] () -- D:\WINDOWS\System32\drivers\umdf\MsftWdf_user_01_00_00.Wdf
[2012-12-07 21:35:39 | 000,001,374 | ---- | M] () -- D:\WINDOWS\imsins.BAK
[2012-12-07 21:35:38 | 000,316,640 | ---- | M] () -- D:\WINDOWS\WMSysPr9.prx
[2012-12-05 21:34:17 | 000,117,614 | ---- | M] () -- D:\Documents and Settings\Grzenio\Pulpit\lol.jpg
[2012-12-04 21:31:57 | 000,000,552 | ---- | M] () -- D:\Documents and Settings\Grzenio\Pulpit\LFS.lnk
[2012-12-04 21:10:51 | 000,100,896 | ---- | M] () -- D:\WINDOWS\System32\xinput1_3.dll
[2012-12-04 21:10:47 | 000,000,559 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\LS-USBMX 1 2 3 Steering Wheel W Vibration.lnk
[2012-12-04 20:21:29 | 000,282,104 | ---- | M] () -- D:\WINDOWS\System32\PnkBstrB.ex0
[2012-12-02 11:04:33 | 000,000,818 | ---- | M] () -- D:\Documents and Settings\Grzenio\Pulpit\The Sims 3.lnk
[2012-12-01 17:20:45 | 000,000,000 | -H-- | M] () -- D:\WINDOWS\System32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
[2012-12-01 17:20:45 | 000,000,000 | -H-- | M] () -- D:\WINDOWS\System32\drivers\Msft_Kernel_ssadadb_01005.Wdf
[2012-11-28 22:34:31 | 000,138,056 | ---- | M] () -- D:\Documents and Settings\Grzenio\Dane aplikacji\PnkBstrK.sys
[2012-11-28 14:18:54 | 004,659,712 | ---- | M] (Dmitry Streblechenko) -- D:\WINDOWS\System32\Redemption.dll
[2012-11-28 14:17:18 | 000,974,848 | ---- | M] () -- D:\WINDOWS\System32\cis-2.4.dll
[2012-11-28 14:17:18 | 000,569,344 | ---- | M] ((c) MusicCity) -- D:\WINDOWS\System32\muzdecode.ax
[2012-11-28 14:17:18 | 000,491,520 | ---- | M] (Musiccity Co.Ltd.) -- D:\WINDOWS\System32\muzapp.dll
[2012-11-28 14:17:18 | 000,352,256 | ---- | M] (Sample Corporation) -- D:\WINDOWS\System32\MSLUR71.dll
[2012-11-28 14:17:18 | 000,258,048 | ---- | M] ((c) PeeringPortal) -- D:\WINDOWS\System32\muzoggsp.ax
[2012-11-28 14:17:18 | 000,245,760 | ---- | M] (Teruten Inc.) -- D:\WINDOWS\System32\MSCLib.dll
[2012-11-28 14:17:18 | 000,200,704 | ---- | M] ( (c) MusicCity) -- D:\WINDOWS\System32\muzwmts.dll
[2012-11-28 14:17:18 | 000,172,032 | ---- | M] (Musiccity Co.Ltd.) -- D:\WINDOWS\System32\muzapp.exe
[2012-11-28 14:17:18 | 000,155,648 | ---- | M] (Teruten Inc.) -- D:\WINDOWS\System32\MSFLib.dll
[2012-11-28 14:17:18 | 000,143,360 | ---- | M] () -- D:\WINDOWS\System32\3DAudio.ax
[2012-11-28 14:17:18 | 000,135,168 | ---- | M] (Musiccity Co.Ltd.) -- D:\WINDOWS\System32\muzaf1.dll
[2012-11-28 14:17:18 | 000,131,072 | ---- | M] ((c) MusicCity) -- D:\WINDOWS\System32\muzmpgsp.ax
[2012-11-28 14:17:18 | 000,122,880 | ---- | M] ((c) MUSICCITY) -- D:\WINDOWS\System32\muzeffect.ax
[2012-11-28 14:17:18 | 000,118,784 | ---- | M] ((주)마크애니) -- D:\WINDOWS\System32\MaDRM.dll
[2012-11-28 14:17:18 | 000,110,592 | ---- | M] ((c) MusicCity) -- D:\WINDOWS\System32\muzmp4sp.ax
[2012-11-28 14:17:18 | 000,081,920 | ---- | M] () -- D:\WINDOWS\System32\issacapi_bs-2.3.dll
[2012-11-28 14:17:18 | 000,065,536 | ---- | M] () -- D:\WINDOWS\System32\issacapi_pe-2.3.dll
[2012-11-28 14:17:18 | 000,057,344 | ---- | M] (Marktek) -- D:\WINDOWS\System32\MK_Lyric.dll
[2012-11-28 14:17:18 | 000,057,344 | ---- | M] (Marktek Inc.) -- D:\WINDOWS\System32\MTXSYNCICON.dll
[2012-11-28 14:17:18 | 000,057,344 | ---- | M] () -- D:\WINDOWS\System32\issacapi_se-2.3.dll
[2012-11-28 14:17:18 | 000,049,152 | ---- | M] ((주) 마크애니) -- D:\WINDOWS\System32\MaJGUILib.dll
[2012-11-28 14:17:18 | 000,045,320 | ---- | M] (MARKANY) -- D:\WINDOWS\System32\MAMACExtract.dll
[2012-11-28 14:17:18 | 000,045,056 | ---- | M] ((주) 마크애니) -- D:\WINDOWS\System32\MaXMLProto.dll
[2012-11-28 14:17:18 | 000,045,056 | ---- | M] ((주) 마크애니) -- D:\WINDOWS\System32\MACXMLProto.dll
[2012-11-28 14:17:18 | 000,040,960 | ---- | M] (Telechips Inc.,) -- D:\WINDOWS\System32\MTTELECHIP.dll
[2012-11-28 14:17:18 | 000,024,576 | ---- | M] ((주)마크애니) -- D:\WINDOWS\System32\MASetupCleaner.exe
[2012-11-27 19:18:22 | 000,027,958 | ---- | M] () -- D:\Program Files\Common Files\logonInit.dll
[2012-11-27 19:17:37 | 001,102,344 | ---- | M] () -- D:\WINDOWS\System32\nvdrsdb1.bin
[2012-11-27 19:17:37 | 000,000,001 | ---- | M] () -- D:\WINDOWS\System32\nvdrssel.bin
[2012-11-27 19:17:35 | 001,102,344 | ---- | M] () -- D:\WINDOWS\System32\nvdrsdb0.bin
[2012-11-27 19:17:02 | 000,000,678 | ---- | M] () -- D:\Documents and Settings\Grzenio\Pulpit\League Of Legends.lnk
[2012-11-27 19:09:27 | 000,001,838 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Tibia MULTI-IP Changer.lnk
[2012-11-27 18:55:15 | 000,000,231 | ---- | M] () -- D:\WINDOWS\system.ini
[2012-11-27 18:26:23 | 000,000,694 | ---- | M] () -- D:\Documents and Settings\Grzenio\Pulpit\WinRAR.lnk
[2012-11-27 18:26:01 | 000,000,697 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\TeamSpeak 3 Client.lnk
[2012-11-27 18:24:09 | 000,263,186 | ---- | M] () -- D:\Documents and Settings\Grzenio\Pulpit\Minecraft.exe
[2012-11-27 18:21:37 | 000,000,791 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\OpenFM.lnk
[2012-11-27 18:21:37 | 000,000,762 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk
[2012-11-27 18:17:25 | 000,001,819 | ---- | M] () -- D:\Documents and Settings\Grzenio\Pulpit\Google Chrome.lnk
[2012-11-27 18:15:40 | 000,000,803 | ---- | M] () -- D:\Documents and Settings\Grzenio\Pulpit\Internet Explorer.lnk
[2012-11-27 18:13:55 | 000,013,694 | ---- | M] () -- D:\WINDOWS\System32\wpa.bak
[2012-11-27 18:10:25 | 000,001,630 | ---- | M] () -- D:\Documents and Settings\All Users\Menu Start\Programy\Autostart\TP-LINK Wireless Utility.lnk
[2012-11-27 18:10:25 | 000,001,612 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\TP-LINK Wireless Utility.lnk
[2012-11-27 18:09:03 | 000,000,000 | ---- | M] () -- D:\WINDOWS\System32\nvdrswr.lk
[2012-11-27 18:04:58 | 000,008,192 | ---- | M] () -- D:\WINDOWS\REGLOCS.OLD
[2012-11-27 18:04:07 | 000,000,261 | ---- | M] () -- D:\WINDOWS\System32\$winnt$.inf
[2012-11-27 18:02:38 | 000,002,596 | ---- | M] () -- D:\WINDOWS\System32\CONFIG.NT
[2012-11-27 18:02:38 | 000,000,477 | ---- | M] () -- D:\WINDOWS\win.ini
[2012-11-27 18:02:38 | 000,000,000 | ---- | M] () -- D:\WINDOWS\control.ini
[2012-11-27 18:02:31 | 000,023,392 | ---- | M] () -- D:\WINDOWS\System32\nscompat.tlb
[2012-11-27 18:02:31 | 000,016,832 | ---- | M] () -- D:\WINDOWS\System32\amcompat.tlb
[2012-11-27 18:02:27 | 000,004,293 | ---- | M] () -- D:\WINDOWS\ODBCINST.INI
[2012-11-27 18:01:58 | 000,000,488 | RH-- | M] () -- D:\WINDOWS\System32\WindowsLogon.manifest
[2012-11-27 18:01:58 | 000,000,488 | RH-- | M] () -- D:\WINDOWS\System32\logonui.exe.manifest
[2012-11-27 18:01:54 | 000,000,749 | RH-- | M] () -- D:\WINDOWS\System32\wuaucpl.cpl.manifest
[2012-11-27 18:01:54 | 000,000,749 | RH-- | M] () -- D:\WINDOWS\WindowsShell.Manifest
[2012-11-27 18:01:54 | 000,000,749 | RH-- | M] () -- D:\WINDOWS\System32\sapi.cpl.manifest
[2012-11-27 18:01:54 | 000,000,749 | RH-- | M] () -- D:\WINDOWS\System32\nwc.cpl.manifest
[2012-11-27 18:01:54 | 000,000,749 | RH-- | M] () -- D:\WINDOWS\System32\ncpa.cpl.manifest
[2012-11-27 18:01:54 | 000,000,749 | RH-- | M] () -- D:\WINDOWS\System32\cdplayer.exe.manifest
[2012-11-27 18:00:46 | 000,021,856 | ---- | M] () -- D:\WINDOWS\System32\emptyregdb.dat
[2012-11-27 18:00:44 | 000,000,037 | ---- | M] () -- D:\WINDOWS\vbaddin.ini
[2012-11-27 18:00:44 | 000,000,036 | ---- | M] () -- D:\WINDOWS\vb.ini

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-12-25 01:36:52 | 000,000,784 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Malwarebytes Anti-Malware.lnk
[2012-12-25 01:32:19 | 003,880,824 | ---- | C] () -- D:\_OTL.rar
[2012-12-24 14:16:17 | 000,000,451 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Call of Duty(R) 2 Singleplayer.lnk
[2012-12-24 14:16:17 | 000,000,451 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Call of Duty(R) 2 Multiplayer.lnk
[2012-12-24 14:16:15 | 000,000,266 | ---- | C] () -- D:\WINDOWS\game.ini
[2012-12-24 14:11:07 | 000,001,613 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\DAEMON Tools Lite.lnk
[2012-12-24 11:49:32 | 000,000,536 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\BitTorrent.lnk
[2012-12-24 11:25:56 | 000,223,060 | ---- | C] () -- D:\Documents and Settings\Grzenio\Pulpit\Tomorrowland_image_716x477.jpg
[2012-12-24 11:25:30 | 000,004,608 | ---- | C] () -- D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-12-16 17:55:39 | 000,002,169 | ---- | C] () -- D:\Documents and Settings\Grzenio\Pulpit\Tibiacast.lnk
[2012-12-13 19:57:22 | 000,000,656 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\CPUID HWMonitor.lnk
[2012-12-12 20:17:58 | 000,000,630 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Combat Arms EU.lnk
[2012-12-12 18:58:25 | 000,000,235 | ---- | C] () -- D:\WINDOWS\System32\nxEuUninstall.bat
[2012-12-11 18:39:10 | 001,335,014 | ---- | C] () -- D:\Documents and Settings\Grzenio\Dane aplikacji\sqlite.jar
[2012-12-07 21:35:50 | 000,000,000 | -H-- | C] () -- D:\WINDOWS\System32\drivers\umdf\MsftWdf_user_01_00_00.Wdf
[2012-12-07 21:34:37 | 000,062,304 | ---- | C] () -- D:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2012-12-07 21:10:46 | 000,000,290 | ---- | C] () -- D:\WINDOWS\tasks\Express FilesUpdate.job
[2012-12-05 21:34:16 | 000,117,614 | ---- | C] () -- D:\Documents and Settings\Grzenio\Pulpit\lol.jpg
[2012-12-04 21:31:57 | 000,000,552 | ---- | C] () -- D:\Documents and Settings\Grzenio\Pulpit\LFS.lnk
[2012-12-04 21:10:47 | 000,008,079 | ---- | C] () -- D:\WINDOWS\System32\drivers\x3320001.cat
[2012-12-04 21:10:47 | 000,000,559 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\LS-USBMX 1 2 3 Steering Wheel W Vibration.lnk
[2012-12-04 17:02:56 | 000,178,688 | ---- | C] () -- D:\WINDOWS\System32\unrar.dll
[2012-12-02 11:04:06 | 000,000,818 | ---- | C] () -- D:\Documents and Settings\Grzenio\Pulpit\The Sims 3.lnk
[2012-12-01 21:57:09 | 000,002,267 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2012-12-01 17:20:45 | 000,000,000 | -H-- | C] () -- D:\WINDOWS\System32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
[2012-12-01 17:20:45 | 000,000,000 | -H-- | C] () -- D:\WINDOWS\System32\drivers\Msft_Kernel_ssadadb_01005.Wdf
[2012-11-28 21:50:58 | 000,282,104 | ---- | C] () -- D:\WINDOWS\System32\PnkBstrB.xtr
[2012-11-28 21:29:44 | 000,139,424 | ---- | C] () -- D:\WINDOWS\System32\drivers\PnkBstrK.sys
[2012-11-28 21:29:44 | 000,138,056 | ---- | C] () -- D:\Documents and Settings\Grzenio\Dane aplikacji\PnkBstrK.sys
[2012-11-28 21:29:00 | 000,282,104 | ---- | C] () -- D:\WINDOWS\System32\PnkBstrB.exe
[2012-11-28 21:29:00 | 000,282,104 | ---- | C] () -- D:\WINDOWS\System32\PnkBstrB.ex0
[2012-11-28 21:28:59 | 000,076,888 | ---- | C] () -- D:\WINDOWS\System32\PnkBstrA.exe
[2012-11-28 14:17:18 | 000,974,848 | ---- | C] () -- D:\WINDOWS\System32\cis-2.4.dll
[2012-11-28 14:17:18 | 000,143,360 | ---- | C] () -- D:\WINDOWS\System32\3DAudio.ax
[2012-11-28 14:17:18 | 000,081,920 | ---- | C] () -- D:\WINDOWS\System32\issacapi_bs-2.3.dll
[2012-11-28 14:17:18 | 000,065,536 | ---- | C] () -- D:\WINDOWS\System32\issacapi_pe-2.3.dll
[2012-11-28 14:17:18 | 000,057,344 | ---- | C] () -- D:\WINDOWS\System32\issacapi_se-2.3.dll
[2012-11-28 07:38:50 | 000,000,109 | ---- | C] () -- D:\Program Files\Common Files\userInit.dll
[2012-11-27 19:18:22 | 000,027,958 | ---- | C] () -- D:\Program Files\Common Files\logonInit.dll
[2012-11-27 19:16:47 | 000,000,678 | ---- | C] () -- D:\Documents and Settings\Grzenio\Pulpit\League Of Legends.lnk
[2012-11-27 19:14:06 | 000,100,896 | ---- | C] () -- D:\WINDOWS\System32\xinput1_3.dll
[2012-11-27 19:09:27 | 000,001,838 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Tibia MULTI-IP Changer.lnk
[2012-11-27 18:55:20 | 000,001,374 | ---- | C] () -- D:\WINDOWS\imsins.BAK
[2012-11-27 18:55:18 | 001,254,092 | ---- | C] () -- D:\WINDOWS\System32\PerfStringBackup.INI
[2012-11-27 18:55:18 | 000,004,293 | ---- | C] () -- D:\WINDOWS\ODBCINST.INI
[2012-11-27 18:55:16 | 001,685,606 | ---- | C] () -- D:\WINDOWS\System32\dllcache\sam.spd
[2012-11-27 18:55:16 | 000,643,717 | ---- | C] () -- D:\WINDOWS\System32\dllcache\ltts1033.lxa
[2012-11-27 18:55:16 | 000,605,050 | ---- | C] () -- D:\WINDOWS\System32\dllcache\r1033tts.lxa
[2012-11-27 18:55:16 | 000,000,888 | ---- | C] () -- D:\WINDOWS\System32\dllcache\sam.sdf
[2012-11-27 18:55:11 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_28603.nls
[2012-11-27 18:55:11 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\c_28603.nls
[2012-11-27 18:55:10 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_857.nls
[2012-11-27 18:55:10 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\c_857.nls
[2012-11-27 18:55:10 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_28599.nls
[2012-11-27 18:55:10 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\c_28599.nls
[2012-11-27 18:55:10 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10081.nls
[2012-11-27 18:55:10 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\c_10081.nls
[2012-11-27 18:55:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_28595.nls
[2012-11-27 18:55:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\C_28595.NLS
[2012-11-27 18:55:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10017.nls
[2012-11-27 18:55:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\c_10017.nls
[2012-11-27 18:55:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10007.nls
[2012-11-27 18:55:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\c_10007.nls
[2012-11-27 18:55:07 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_869.nls
[2012-11-27 18:55:07 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\c_869.nls
[2012-11-27 18:55:07 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_737.nls
[2012-11-27 18:55:07 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\c_737.nls
[2012-11-27 18:55:07 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_875.nls
[2012-11-27 18:55:07 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\c_875.nls
[2012-11-27 18:55:07 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_28597.nls
[2012-11-27 18:55:07 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\C_28597.NLS
[2012-11-27 18:55:07 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10006.nls
[2012-11-27 18:55:07 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\c_10006.nls
[2012-11-27 18:55:06 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_866.nls
[2012-11-27 18:55:06 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\c_866.nls
[2012-11-27 18:55:06 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_855.nls
[2012-11-27 18:55:06 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\c_855.nls
[2012-11-27 18:55:06 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_28594.nls
[2012-11-27 18:55:06 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\C_28594.NLS
[2012-11-27 18:55:02 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20127.nls
[2012-11-27 18:55:02 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\c_20127.nls
[2012-11-27 18:55:00 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10082.nls
[2012-11-27 18:55:00 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\c_10082.nls
[2012-11-27 18:55:00 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10029.nls
[2012-11-27 18:55:00 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\c_10029.nls
[2012-11-27 18:55:00 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10010.nls
[2012-11-27 18:55:00 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\c_10010.nls
[2012-11-27 18:54:58 | 000,001,734 | ---- | C] () -- D:\WINDOWS\System32\AUTOEXEC.NT
[2012-11-27 18:53:12 | 001,086,058 | ---- | C] () -- D:\WINDOWS\System32\dllcache\NTPRINT.CAT
[2012-11-27 18:53:12 | 001,014,483 | ---- | C] () -- D:\WINDOWS\System32\dllcache\SP2.CAT
[2012-11-27 18:53:12 | 000,808,524 | ---- | C] () -- D:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2012-11-27 18:53:12 | 000,399,670 | ---- | C] () -- D:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2012-11-27 18:53:12 | 000,168,806 | ---- | C] () -- D:\WINDOWS\System32\dllcache\startoc.cat
[2012-11-27 18:53:12 | 000,037,509 | ---- | C] () -- D:\WINDOWS\System32\dllcache\MW770.CAT
[2012-11-27 18:53:12 | 000,030,983 | ---- | C] () -- D:\WINDOWS\System32\dllcache\FP4.CAT
[2012-11-27 18:53:12 | 000,014,043 | ---- | C] () -- D:\WINDOWS\System32\dllcache\IMS.CAT
[2012-11-27 18:53:12 | 000,013,497 | ---- | C] () -- D:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2012-11-27 18:53:12 | 000,009,581 | ---- | C] () -- D:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2012-11-27 18:53:12 | 000,008,599 | ---- | C] () -- D:\WINDOWS\System32\dllcache\IASNT4.CAT
[2012-11-27 18:53:12 | 000,007,407 | ---- | C] () -- D:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2012-11-27 18:53:12 | 000,007,334 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmerrenu.cat
[2012-11-27 18:53:12 | 000,007,245 | ---- | C] () -- D:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2012-11-27 18:53:11 | 001,896,400 | ---- | C] () -- D:\WINDOWS\System32\dllcache\NT5.CAT
[2012-11-27 18:53:11 | 000,523,392 | ---- | C] () -- D:\WINDOWS\System32\dllcache\NT5INF.CAT
[2012-11-27 18:52:54 | 000,012,328 | ---- | C] () -- D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2012-11-27 18:52:40 | 000,096,664 | ---- | C] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2012-11-27 18:51:45 | 000,000,261 | ---- | C] () -- D:\WINDOWS\System32\$winnt$.inf
[2012-11-27 18:27:19 | 000,000,544 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Tibia.lnk
[2012-11-27 18:26:23 | 000,000,694 | ---- | C] () -- D:\Documents and Settings\Grzenio\Pulpit\WinRAR.lnk
[2012-11-27 18:26:01 | 000,000,697 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\TeamSpeak 3 Client.lnk
[2012-11-27 18:24:06 | 000,263,186 | ---- | C] () -- D:\Documents and Settings\Grzenio\Pulpit\Minecraft.exe
[2012-11-27 18:21:37 | 000,000,791 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\OpenFM.lnk
[2012-11-27 18:21:37 | 000,000,762 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk
[2012-11-27 18:21:26 | 000,000,680 | ---- | C] () -- D:\Documents and Settings\All Users\Menu Start\Programy\Gadu-Gadu 10.lnk
[2012-11-27 18:17:49 | 000,000,930 | ---- | C] () -- D:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012-11-27 18:17:25 | 000,001,819 | ---- | C] () -- D:\Documents and Settings\Grzenio\Pulpit\Google Chrome.lnk
[2012-11-27 18:16:35 | 000,001,038 | ---- | C] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012-11-27 18:16:35 | 000,001,034 | ---- | C] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012-11-27 18:13:56 | 000,013,694 | ---- | C] () -- D:\WINDOWS\System32\wpa.bak
[2012-11-27 18:10:32 | 005,328,468 | -H-- | C] () -- D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2012-11-27 18:10:26 | 000,001,191 | ---- | C] () -- D:\WINDOWS\System32\W32N55.INI
[2012-11-27 18:10:26 | 000,000,516 | ---- | C] () -- D:\WINDOWS\System32\DiagFunc.ini
[2012-11-27 18:10:25 | 000,147,456 | ---- | C] () -- D:\WINDOWS\System32\DiagFunc.dll
[2012-11-27 18:10:25 | 000,001,630 | ---- | C] () -- D:\Documents and Settings\All Users\Menu Start\Programy\Autostart\TP-LINK Wireless Utility.lnk
[2012-11-27 18:10:25 | 000,001,612 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\TP-LINK Wireless Utility.lnk
[2012-11-27 18:10:23 | 000,013,931 | ---- | C] () -- D:\WINDOWS\System32\RaCoInst.dat
[2012-11-27 18:09:03 | 001,102,344 | ---- | C] () -- D:\WINDOWS\System32\nvdrsdb1.bin
[2012-11-27 18:09:03 | 001,102,344 | ---- | C] () -- D:\WINDOWS\System32\nvdrsdb0.bin
[2012-11-27 18:09:03 | 000,000,001 | ---- | C] () -- D:\WINDOWS\System32\nvdrssel.bin
[2012-11-27 18:09:03 | 000,000,000 | ---- | C] () -- D:\WINDOWS\System32\nvdrswr.lk
[2012-11-27 18:08:53 | 002,811,988 | ---- | C] () -- D:\WINDOWS\System32\nvdata.data
[2012-11-27 18:08:53 | 000,012,210 | ---- | C] () -- D:\WINDOWS\System32\nvinfo.pb
[2012-11-27 18:07:10 | 000,000,738 | ---- | C] () -- D:\Documents and Settings\Grzenio\Menu Start\Programy\Outlook Express.lnk
[2012-11-27 18:07:09 | 000,000,803 | ---- | C] () -- D:\Documents and Settings\Grzenio\Pulpit\Internet Explorer.lnk
[2012-11-27 18:07:01 | 002,097,152 | -H-- | C] () -- D:\Documents and Settings\Grzenio\NTUSER.DAT
[2012-11-27 18:07:01 | 000,001,599 | ---- | C] () -- D:\Documents and Settings\Grzenio\Menu Start\Programy\Pomoc zdalna.lnk
[2012-11-27 18:07:01 | 000,000,792 | ---- | C] () -- D:\Documents and Settings\Grzenio\Menu Start\Programy\Windows Media Player.lnk
[2012-11-27 18:07:01 | 000,000,188 | -HS- | C] () -- D:\Documents and Settings\Grzenio\ntuser.ini
[2012-11-27 18:05:36 | 000,000,006 | -H-- | C] () -- D:\WINDOWS\tasks\SA.DAT
[2012-11-27 18:04:58 | 000,008,192 | ---- | C] () -- D:\WINDOWS\REGLOCS.OLD
[2012-11-27 18:04:07 | 000,002,048 | --S- | C] () -- D:\WINDOWS\bootstat.dat
[2012-11-27 18:04:04 | 000,028,288 | ---- | C] () -- D:\WINDOWS\System32\dllcache\xjis.nls
[2012-11-27 18:03:45 | 000,083,748 | ---- | C] () -- D:\WINDOWS\System32\dllcache\prcp.nls
[2012-11-27 18:03:45 | 000,083,748 | ---- | C] () -- D:\WINDOWS\System32\dllcache\prc.nls
[2012-11-27 18:03:44 | 000,175,104 | ---- | C] () -- D:\WINDOWS\System32\dllcache\pintlcsa.dll
[2012-11-27 18:03:33 | 000,047,066 | ---- | C] () -- D:\WINDOWS\System32\dllcache\ksc.nls
[2012-11-27 18:03:32 | 001,158,818 | ---- | C] () -- D:\WINDOWS\System32\dllcache\korwbrkr.lex
[2012-11-27 18:03:28 | 000,059,392 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imscinst.exe
[2012-11-27 18:03:27 | 000,196,665 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imjpinst.exe
[2012-11-27 18:03:26 | 000,134,339 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imekr.lex
[2012-11-27 18:03:19 | 013,463,552 | ---- | C] () -- D:\WINDOWS\System32\dllcache\hwxjpn.dll
[2012-11-27 18:03:16 | 000,108,827 | ---- | C] () -- D:\WINDOWS\System32\dllcache\hanja.lex
[2012-11-27 18:03:13 | 000,094,208 | ---- | C] () -- D:\WINDOWS\System32\dllcache\fpencode.dll
[2012-11-27 18:03:06 | 000,173,568 | ---- | C] () -- D:\WINDOWS\System32\dllcache\chtskf.dll
[2012-11-27 18:03:04 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_864.nls
[2012-11-27 18:03:04 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_862.nls
[2012-11-27 18:03:04 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_858.nls
[2012-11-27 18:03:04 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_720.nls
[2012-11-27 18:03:04 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_870.nls
[2012-11-27 18:03:04 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_708.nls
[2012-11-27 18:03:03 | 000,180,770 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20932.nls
[2012-11-27 18:03:03 | 000,177,698 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20949.nls
[2012-11-27 18:03:03 | 000,173,602 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20936.nls
[2012-11-27 18:03:03 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_28596.nls
[2012-11-27 18:03:03 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_21027.nls
[2012-11-27 18:03:03 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_21025.nls
[2012-11-27 18:03:03 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20924.nls
[2012-11-27 18:03:03 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20880.nls
[2012-11-27 18:03:03 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20871.nls
[2012-11-27 18:03:03 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20838.nls
[2012-11-27 18:03:03 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20833.nls
[2012-11-27 18:03:03 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20424.nls
[2012-11-27 18:03:03 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20423.nls
[2012-11-27 18:03:03 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20420.nls
[2012-11-27 18:03:02 | 000,187,938 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20005.nls
[2012-11-27 18:03:02 | 000,180,258 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20004.nls
[2012-11-27 18:03:02 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20297.nls
[2012-11-27 18:03:02 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20290.nls
[2012-11-27 18:03:02 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20285.nls
[2012-11-27 18:03:02 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20284.nls
[2012-11-27 18:03:02 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20280.nls
[2012-11-27 18:03:02 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20278.nls
[2012-11-27 18:03:02 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20277.nls
[2012-11-27 18:03:02 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20273.nls
[2012-11-27 18:03:02 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20269.nls
[2012-11-27 18:03:02 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20108.nls
[2012-11-27 18:03:02 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20107.nls
[2012-11-27 18:03:02 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20106.nls
[2012-11-27 18:03:02 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20105.nls
[2012-11-27 18:03:01 | 000,189,986 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1361.nls
[2012-11-27 18:03:01 | 000,186,402 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20001.nls
[2012-11-27 18:03:01 | 000,185,378 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20003.nls
[2012-11-27 18:03:01 | 000,180,258 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20000.nls
[2012-11-27 18:03:01 | 000,173,602 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20002.nls
[2012-11-27 18:03:01 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1149.nls
[2012-11-27 18:03:01 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1148.nls
[2012-11-27 18:03:01 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1147.nls
[2012-11-27 18:03:01 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1146.nls
[2012-11-27 18:03:01 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1145.nls
[2012-11-27 18:03:01 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1144.nls
[2012-11-27 18:03:01 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1143.nls
[2012-11-27 18:03:01 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1142.nls
[2012-11-27 18:03:00 | 000,195,618 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10002.nls
[2012-11-27 18:03:00 | 000,177,698 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10003.nls
[2012-11-27 18:03:00 | 000,173,602 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10008.nls
[2012-11-27 18:03:00 | 000,162,850 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10001.nls
[2012-11-27 18:03:00 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1141.nls
[2012-11-27 18:03:00 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1140.nls
[2012-11-27 18:03:00 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1047.nls
[2012-11-27 18:03:00 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10021.nls
[2012-11-27 18:03:00 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10005.nls
[2012-11-27 18:03:00 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10004.nls
[2012-11-27 18:02:59 | 000,082,172 | ---- | C] () -- D:\WINDOWS\System32\dllcache\bopomofo.nls
[2012-11-27 18:02:59 | 000,066,728 | ---- | C] () -- D:\WINDOWS\System32\dllcache\big5.nls
[2012-11-27 18:02:38 | 000,002,596 | ---- | C] () -- D:\WINDOWS\System32\CONFIG.NT
[2012-11-27 18:02:38 | 000,000,000 | ---- | C] () -- D:\WINDOWS\control.ini
[2012-11-27 18:02:31 | 000,023,392 | ---- | C] () -- D:\WINDOWS\System32\nscompat.tlb
[2012-11-27 18:02:31 | 000,016,832 | ---- | C] () -- D:\WINDOWS\System32\amcompat.tlb
[2012-11-27 18:02:30 | 000,316,640 | ---- | C] () -- D:\WINDOWS\WMSysPr9.prx
[2012-11-27 18:01:58 | 000,000,488 | RH-- | C] () -- D:\WINDOWS\System32\WindowsLogon.manifest
[2012-11-27 18:01:58 | 000,000,488 | RH-- | C] () -- D:\WINDOWS\System32\logonui.exe.manifest
[2012-11-27 18:01:54 | 000,000,749 | RH-- | C] () -- D:\WINDOWS\System32\wuaucpl.cpl.manifest
[2012-11-27 18:01:54 | 000,000,749 | RH-- | C] () -- D:\WINDOWS\WindowsShell.Manifest
[2012-11-27 18:01:54 | 000,000,749 | RH-- | C] () -- D:\WINDOWS\System32\sapi.cpl.manifest
[2012-11-27 18:01:54 | 000,000,749 | RH-- | C] () -- D:\WINDOWS\System32\nwc.cpl.manifest
[2012-11-27 18:01:54 | 000,000,749 | RH-- | C] () -- D:\WINDOWS\System32\ncpa.cpl.manifest
[2012-11-27 18:01:54 | 000,000,749 | RH-- | C] () -- D:\WINDOWS\System32\cdplayer.exe.manifest
[2012-11-27 18:01:52 | 000,000,786 | ---- | C] () -- D:\Documents and Settings\All Users\Menu Start\Programy\Windows Movie Maker.lnk
[2012-11-27 18:01:47 | 004,399,505 | ---- | C] () -- D:\WINDOWS\System32\dllcache\nls302en.lex
[2012-11-27 18:01:25 | 000,048,680 | -HS- | C] () -- D:\WINDOWS\winnt256.bmp
[2012-11-27 18:01:25 | 000,048,680 | -HS- | C] () -- D:\WINDOWS\winnt.bmp
[2012-11-27 18:01:19 | 000,000,984 | ---- | C] () -- D:\WINDOWS\System32\dllcache\srframe.mmf
[2012-11-27 18:01:09 | 000,004,639 | ---- | C] () -- D:\WINDOWS\System32\dllcache\mplayer2.exe
[2012-11-27 18:01:00 | 000,379,904 | ---- | C] () -- D:\WINDOWS\System32\dllcache\msinfo.dll
[2012-11-27 18:00:46 | 000,021,856 | ---- | C] () -- D:\WINDOWS\System32\emptyregdb.dat
[2012-11-27 18:00:44 | 000,000,037 | ---- | C] () -- D:\WINDOWS\vbaddin.ini
[2012-11-27 18:00:44 | 000,000,036 | ---- | C] () -- D:\WINDOWS\vb.ini
[2012-11-27 18:00:28 | 000,000,643 | ---- | C] () -- D:\Documents and Settings\All Users\Menu Start\Programy\Windows Messenger.lnk
[2012-11-27 18:00:13 | 000,009,522 | ---- | C] () -- D:\WINDOWS\Indiański pled.bmp
[2012-11-27 18:00:12 | 000,093,702 | ---- | C] () -- D:\WINDOWS\System32\subrange.uce
[2012-11-27 18:00:12 | 000,065,978 | ---- | C] () -- D:\WINDOWS\Bąbelki.bmp
[2012-11-27 18:00:12 | 000,065,954 | ---- | C] () -- D:\WINDOWS\Pod mikroskopem.bmp
[2012-11-27 18:00:12 | 000,065,832 | ---- | C] () -- D:\WINDOWS\Stiuk z Santa Fe.bmp
[2012-11-27 18:00:12 | 000,026,680 | ---- | C] () -- D:\WINDOWS\Wachlarze.bmp
[2012-11-27 18:00:12 | 000,026,582 | ---- | C] () -- D:\WINDOWS\Nefryt.bmp
[2012-11-27 18:00:12 | 000,017,362 | ---- | C] () -- D:\WINDOWS\Rododendron.bmp
[2012-11-27 18:00:12 | 000,017,336 | ---- | C] () -- D:\WINDOWS\Na rybkach.bmp
[2012-11-27 18:00:12 | 000,017,062 | ---- | C] () -- D:\WINDOWS\Kawa.bmp
[2012-11-27 18:00:12 | 000,016,730 | ---- | C] () -- D:\WINDOWS\Puch.bmp
[2012-11-27 18:00:12 | 000,001,272 | ---- | C] () -- D:\WINDOWS\Niebieska koronka 16.bmp
[2012-11-27 18:00:11 | 000,060,458 | ---- | C] () -- D:\WINDOWS\System32\ideograf.uce
[2012-11-27 18:00:11 | 000,024,006 | ---- | C] () -- D:\WINDOWS\System32\gb2312.uce
[2012-11-27 18:00:11 | 000,022,984 | ---- | C] () -- D:\WINDOWS\System32\bopomofo.uce
[2012-11-27 18:00:11 | 000,016,740 | ---- | C] () -- D:\WINDOWS\System32\shiftjis.uce
[2012-11-27 18:00:11 | 000,012,876 | ---- | C] () -- D:\WINDOWS\System32\korean.uce
[2012-11-27 18:00:11 | 000,008,484 | ---- | C] () -- D:\WINDOWS\System32\kanji_2.uce
[2012-11-27 18:00:11 | 000,006,948 | ---- | C] () -- D:\WINDOWS\System32\kanji_1.uce
[2012-11-27 18:00:10 | 000,026,717 | ---- | C] () -- D:\WINDOWS\System32\tslabels.ini
[2012-11-27 18:00:10 | 000,003,286 | ---- | C] () -- D:\WINDOWS\System32\tslabels.h
[2012-11-27 18:00:10 | 000,001,225 | ---- | C] () -- D:\WINDOWS\System32\usrlogon.cmd
[2012-11-27 18:00:09 | 000,003,813 | ---- | C] () -- D:\WINDOWS\System32\msdtcprf.ini
[2012-11-27 18:00:09 | 000,000,768 | ---- | C] () -- D:\WINDOWS\System32\msdtcprf.h
[2012-11-27 18:00:04 | 000,063,488 | ---- | C] () -- D:\WINDOWS\System32\wmimgmt.msc

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2012-12-07 21:33:31 | 000,000,227 | RHS- | M] () -- D:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2009-01-07 18:21:32 | 001,497,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = D:\WINDOWS\system32\wbem\fastprox.dll -- [2004-08-04 12:00:00 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = D:\WINDOWS\system32\wbem\wbemess.dll -- [2004-08-04 12:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#E56717]========== LOP Check ==========[/color]

[2012-12-12 21:56:16 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\%Installer_PublisherName%
[2012-12-24 14:10:28 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2012-11-27 18:21:37 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2012-12-12 20:55:07 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Nexon
[2012-12-12 20:12:50 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\NexonEU
[2012-12-24 13:09:04 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2012-12-10 16:23:05 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Samsung
[2012-12-10 17:57:45 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2012-11-27 18:10:22 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\TP-LINK Driver
[2012-12-17 19:13:00 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Grzenio\Dane aplikacji\.minecraft
[2012-12-24 14:20:50 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Grzenio\Dane aplikacji\BitTorrent
[2012-12-11 18:39:08 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Grzenio\Dane aplikacji\Chrome_manager
[2012-12-24 14:11:23 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Grzenio\Dane aplikacji\DAEMON Tools Lite
[2012-12-07 21:10:48 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Grzenio\Dane aplikacji\ExpressFiles
[2012-11-27 18:21:40 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Grzenio\Dane aplikacji\Gadu-Gadu 10
[2012-11-27 19:44:00 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Grzenio\Dane aplikacji\HoolappforAndroid
[2012-11-27 19:17:13 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Grzenio\Dane aplikacji\LolClient
[2012-11-28 19:06:34 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Grzenio\Dane aplikacji\OpenFM
[2012-12-10 16:23:06 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Grzenio\Dane aplikacji\Samsung
[2012-12-21 20:35:05 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Grzenio\Dane aplikacji\Simple Adblock
[2012-12-11 18:39:15 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Grzenio\Dane aplikacji\support@mozilla.com
[2012-12-11 18:39:00 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Grzenio\Dane aplikacji\Tibia
[2012-12-16 18:38:52 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Grzenio\Dane aplikacji\Tibiacast
[2012-12-17 19:54:28 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Grzenio\Dane aplikacji\TS3Client

[color=#E56717]========== Purity Check ==========[/color]



< End of report >
[/log]
Ext z OTL:

[log]OTL Extras logfile created on: 2012-12-25 01:42:51 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Documents and Settings\Grzenio\Moje dokumenty\Downloads
Windows XP Home Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,53 Gb Available Physical Memory | 76,53% Memory free
3,85 Gb Paging File | 3,47 Gb Available in Paging File | 90,12% Paging File free
Paging file location(s): D:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 109,99 Gb Total Space | 55,89 Gb Free Space | 50,82% Space Free | Partition Type: NTFS
Drive D: | 39,05 Gb Total Space | 30,51 Gb Free Space | 78,13% Space Free | Partition Type: NTFS

Computer Name: GRZYNIO | User Name: Grzenio | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_USERS\S-1-5-21-1644491937-1708537768-725345543-1004\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Gry\Combat Arms EU\CombatArms.exe" = C:\Gry\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon)
"C:\Gry\Combat Arms EU\Engine.exe" = C:\Gry\Combat Arms EU\Engine.exe:*Enabled:Engine.exe -- (Nexon)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"D:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" = D:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)
"D:\Program Files\Gadu-Gadu 10\gg.exe" = D:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.)
"D:\Program Files\Java\jre7\bin\javaw.exe" = D:\Program Files\Java\jre7\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Oracle Corporation)
"D:\WINDOWS\system32\PnkBstrA.exe" = D:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA -- ()
"D:\WINDOWS\system32\PnkBstrB.exe" = D:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB -- ()
"C:\Gry\BattleField Heros\BFHeroes.exe" = C:\Gry\BattleField Heros\BFHeroes.exe:*:Enabled:Battlefield Heroes -- (Easy)
"C:\Gry\Battlefield FreeToPlay\BFP4f.exe" = C:\Gry\Battlefield FreeToPlay\BFP4f.exe:*:Enabled:BFP4f -- (Easy)
"D:\Program Files\Skype\Phone\Skype.exe" = D:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"D:\Program Files\ExpressFiles\expressdl.exe" = D:\Program Files\ExpressFiles\expressdl.exe:*:Enabled:Express Files
"D:\Program Files\ExpressFiles\ExpressFiles.exe" = D:\Program Files\ExpressFiles\ExpressFiles.exe:*:Enabled:Express Files
"D:\WINDOWS\system32\msiexec.exe" = D:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup -- (Microsoft Corporation)
"D:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe" = D:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe:*:Enabled:SweetPacksUpdateManager
"D:\WINDOWS\system32\muzapp.exe" = D:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player -- (Musiccity Co.Ltd.)
"C:\Gry\Grzenio\LFS\LFS.exe" = C:\Gry\Grzenio\LFS\LFS.exe:*:Enabled:LFS -- ()
"D:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe" = [String data over 1000 bytes]
"D:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\NGM.exe" = D:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon)
"C:\Gry\Combat Arms EU\CombatArms.exe" = C:\Gry\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon)
"C:\Gry\Combat Arms EU\NMService.exe" = C:\Gry\Combat Arms EU\NMService.exe:*:Enabled:Nexon Messenger Core -- (Nexon Corp.)
"C:\Gry\Combat Arms EU\Engine.exe" = C:\Gry\Combat Arms EU\Engine.exe:*Enabled:Engine.exe -- (Nexon)
"C:\Program Files\Tibiacast\Tibiacast Client.exe" = C:\Program Files\Tibiacast\Tibiacast Client.exe:*:Enabled:Tibiacast Client
"D:\Program Files\Tibiacast\Tibiacast Client.exe" = D:\Program Files\Tibiacast\Tibiacast Client.exe:*:Enabled:Tibiacast Client -- (Silver Squirrel Software HB)
"C:\Program Files\BitTorrent\BitTorrent.exe" = C:\Program Files\BitTorrent\BitTorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
"C:\Gry\Call Of Duty 2\CoD2MP_s.exe" = C:\Gry\Call Of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s -- ()


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{289AC7E0-0AEE-4a7b-913C-709D9803D23E}" = Nexon Game Manager
"{2A558A06-A44E-400D-95AD-D9FAA89AFD36}" = LS-USBMX 1/2/3 Steering Wheel W/Vibration
"{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5C19E2DC-4CCF-3114-B40A-6E565987025F}" = Microsoft .NET Framework 4 Extended PLK Language Pack
"{65096D90-297A-495D-AD10-3A83F5904346}" = Tibiacast
"{6FFEF5E1-F7B0-40DD-838D-557BD7EE4301}" = TP-LINK Wireless Utility
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 306.81
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 306.81
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.28
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B4920103-09F6-4AD2-B150-CFC4474D2DDC}" = Simple Adblock
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CAE017F8-C238-4397-879B-7FBB915D9457}" = LogMeIn Hamachi
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{E9AA8EB9-FCD1-4829-AE3C-F2D211C67F42}" = Internet Explorer
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"BitTorrent" = BitTorrent
"Combat Arms EU" = Combat Arms EU
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.21
"DAEMON Tools Lite" = DAEMON Tools Lite
"Gadu-Gadu 10" = Gadu-Gadu 10
"Google Chrome" = Google Chrome
"ie8" = Windows Internet Explorer 8
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"KLiteCodecPack_is1" = K-Lite Codec Pack 9.5.5 (Full)
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.65.1.1000
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended
"PunkBusterSvc" = PunkBuster Services
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Tibia_is1" = Tibia
"TMIPC" = Tibia MULTI-ip changer
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"WinRAR archiver" = WinRAR 4.20 (32-bitowy)
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-1644491937-1708537768-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{87686C21-8A15-4b4d-A3F1-11141D9BE094}" = Battlefield Play4Free (Grzenio)
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes (Grzenio)

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2012-11-27 14:44:09 | Computer Name = GRZYNIO | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Określony serwer nie może wykonać żądanej operacji.

Error - 2012-11-27 14:44:09 | Computer Name = GRZYNIO | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Określony serwer nie może wykonać żądanej operacji.

Error - 2012-12-05 13:28:53 | Computer Name = GRZYNIO | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd bfp4f.exe, wersja 0.0.0.0, moduł powodujący
błąd ntdll.dll, wersja 5.1.2600.2180, adres błędu 0x00001010.

Error - 2012-12-07 16:39:15 | Computer Name = GRZYNIO | Source = .NET Runtime Optimization Service | ID = 1101
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Failed to compile: System.Xml, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
. Error code = 0x800706be

Error - 2012-12-10 11:23:14 | Computer Name = GRZYNIO | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd setup.exe, wersja 16.0.0.400, moduł powodujący
błąd unknown, wersja 0.0.0.0, adres błędu 0x4ec05846.

Error - 2012-12-13 13:01:07 | Computer Name = GRZYNIO | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd nexon_eu_downloader_engine.exe, wersja 2.5.10.0,
moduł powodujący błąd nexon_eu_downloader_engine.exe, wersja 2.5.10.0, adres błędu
0x0000c145.

Error - 2012-12-17 02:22:23 | Computer Name = GRZYNIO | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd nexon_eu_downloader_engine.exe, wersja 2.5.10.0,
moduł powodujący błąd nexon_eu_downloader_engine.exe, wersja 2.5.10.0, adres błędu
0x0000c145.

Error - 2012-12-18 15:46:19 | Computer Name = GRZYNIO | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd skype.exe, wersja 6.0.0.126, moduł powodujący
błąd kernel32.dll, wersja 5.1.2600.2180, adres błędu 0x000097d2.

Error - 2012-12-20 13:32:29 | Computer Name = GRZYNIO | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd nexon_eu_downloader_engine.exe, wersja 2.5.10.0,
moduł powodujący błąd nexon_eu_downloader_engine.exe, wersja 2.5.10.0, adres błędu
0x0000c145.

Error - 2012-12-22 15:49:34 | Computer Name = GRZYNIO | Source = MsiInstaller | ID = 11316
Description = Product: Tibiacast -- Error 1316. A network error occurred while attempting
to read from the file: D:\DOCUME~1\Grzenio\USTAWI~1\Temp\Rar$EXa0.726\Tibiacast
Installer.msi

[ System Events ]
Error - 2012-12-12 03:13:27 | Computer Name = GRZYNIO | Source = Service Control Manager | ID = 7023
Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący
błąd: %%126

Error - 2012-12-12 03:13:27 | Computer Name = GRZYNIO | Source = Service Control Manager | ID = 7023
Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący
błąd: %%126

Error - 2012-12-12 03:13:28 | Computer Name = GRZYNIO | Source = Service Control Manager | ID = 7023
Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący
błąd: %%126

Error - 2012-12-12 03:13:28 | Computer Name = GRZYNIO | Source = Service Control Manager | ID = 7023
Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący
błąd: %%126

Error - 2012-12-12 03:13:28 | Computer Name = GRZYNIO | Source = Service Control Manager | ID = 7023
Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący
błąd: %%126

Error - 2012-12-12 03:13:28 | Computer Name = GRZYNIO | Source = Service Control Manager | ID = 7023
Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący
błąd: %%126

Error - 2012-12-12 03:13:28 | Computer Name = GRZYNIO | Source = Service Control Manager | ID = 7023
Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący
błąd: %%126

Error - 2012-12-12 03:13:28 | Computer Name = GRZYNIO | Source = Service Control Manager | ID = 7023
Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący
błąd: %%126

Error - 2012-12-12 03:13:28 | Computer Name = GRZYNIO | Source = Service Control Manager | ID = 7023
Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący
błąd: %%126

Error - 2012-12-12 03:13:28 | Computer Name = GRZYNIO | Source = Service Control Manager | ID = 7023
Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący
błąd: %%126


< End of report >
[/log]

Kaspersky (o to chodziło?)

[log]01:43:25.0109 0308 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
01:43:25.0421 0308 ============================================================
01:43:25.0421 0308 Current date / time: 2012/12/25 01:43:25.0421
01:43:25.0421 0308 SystemInfo:
01:43:25.0421 0308
01:43:25.0484 0308 OS Version: 5.1.2600 ServicePack: 2.0
01:43:25.0484 0308 Product type: Workstation
01:43:25.0484 0308 ComputerName: GRZYNIO
01:43:25.0484 0308 UserName: Grzenio
01:43:25.0484 0308 Windows directory: D:\WINDOWS
01:43:25.0484 0308 System windows directory: D:\WINDOWS
01:43:25.0484 0308 Processor architecture: Intel x86
01:43:25.0484 0308 Number of processors: 1
01:43:25.0484 0308 Page size: 0x1000
01:43:25.0484 0308 Boot type: Normal boot
01:43:25.0484 0308 ============================================================
01:43:26.0296 0308 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000058
01:43:26.0296 0308 ============================================================
01:43:26.0296 0308 \Device\Harddisk0\DR0:
01:43:26.0296 0308 MBR partitions:
01:43:26.0296 0308 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F00, BlocksNum 0x4E1AF2B
01:43:26.0296 0308 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x4E1EE2B, BlocksNum 0xDBF9C96
01:43:26.0296 0308 ============================================================
01:43:26.0375 0308 C: <-> \Device\Harddisk0\DR0\Partition2
01:43:26.0406 0308 D: <-> \Device\Harddisk0\DR0\Partition1
01:43:26.0406 0308 ============================================================
01:43:26.0406 0308 Initialize success
01:43:26.0406 0308 ============================================================
01:45:46.0765 1904 ============================================================
01:45:46.0765 1904 Scan started
01:45:46.0765 1904 Mode: Manual;
01:45:46.0765 1904 ============================================================
01:45:47.0000 1904 ================ Scan system memory ========================
01:45:47.0000 1904 System memory - ok
01:45:47.0031 1904 ================ Scan services =============================
01:45:47.0187 1904 Abiosdsk - ok
01:45:47.0203 1904 abp480n5 - ok
01:45:47.0250 1904 [ A966410ECF83B81F3B0B8E07A71957D4 ] ACPI D:\WINDOWS\system32\DRIVERS\ACPI.sys
01:45:47.0250 1904 ACPI - ok
01:45:47.0281 1904 [ 66A42B7DB194E24B973BBCCE840A0F3F ] ACPIEC D:\WINDOWS\system32\drivers\ACPIEC.sys
01:45:47.0281 1904 ACPIEC - ok
01:45:47.0343 1904 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc D:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
01:45:47.0343 1904 AdobeFlashPlayerUpdateSvc - ok
01:45:47.0359 1904 adpu160m - ok
01:45:47.0406 1904 [ 841F385C6CFAF66B58FBD898722BB4F0 ] aec D:\WINDOWS\system32\drivers\aec.sys
01:45:47.0406 1904 aec - ok
01:45:47.0468 1904 [ 5AC495F4CB807B2B98AD2AD591E6D92E ] AFD D:\WINDOWS\System32\drivers\afd.sys
01:45:47.0468 1904 AFD - ok
01:45:47.0500 1904 Aha154x - ok
01:45:47.0531 1904 aic78u2 - ok
01:45:47.0562 1904 aic78xx - ok
01:45:47.0609 1904 [ F79B5C5B0A77A134C5671992335D1409 ] Alerter D:\WINDOWS\system32\alrsvc.dll
01:45:47.0609 1904 Alerter - ok
01:45:47.0640 1904 [ 9D12991BC6B6C5C0FBAB4C06E7073DF1 ] ALG D:\WINDOWS\System32\alg.exe
01:45:47.0640 1904 ALG - ok
01:45:47.0656 1904 AliIde - ok
01:45:47.0687 1904 amsint - ok
01:45:47.0750 1904 [ DD8D9C597AF7CD2F6B70A3D6A4A1ACEA ] androidusb D:\WINDOWS\system32\Drivers\ssadadb.sys
01:45:47.0750 1904 androidusb - ok
01:45:47.0781 1904 AppMgmt - ok
01:45:47.0812 1904 asc - ok
01:45:47.0843 1904 asc3350p - ok
01:45:47.0875 1904 asc3550 - ok
01:45:48.0031 1904 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
01:45:48.0031 1904 aspnet_state - ok
01:45:48.0093 1904 [ 02000ABF34AF4C218C35D257024807D6 ] AsyncMac D:\WINDOWS\system32\DRIVERS\asyncmac.sys
01:45:48.0093 1904 AsyncMac - ok
01:45:48.0140 1904 [ CDFE4411A69C224BD1D11B2DA92DAC51 ] atapi D:\WINDOWS\system32\DRIVERS\atapi.sys
01:45:48.0140 1904 atapi - ok
01:45:48.0171 1904 Atdisk - ok
01:45:48.0218 1904 [ EC88DA854AB7D7752EC8BE11A741BB7F ] Atmarpc D:\WINDOWS\system32\DRIVERS\atmarpc.sys
01:45:48.0218 1904 Atmarpc - ok
01:45:48.0250 1904 [ 18BFF5EBA35F2562C5AA03EB9C6BA29E ] AudioSrv D:\WINDOWS\System32\audiosrv.dll
01:45:48.0250 1904 AudioSrv - ok
01:45:48.0296 1904 [ D9F724AA26C010A217C97606B160ED68 ] audstub D:\WINDOWS\system32\DRIVERS\audstub.sys
01:45:48.0312 1904 audstub - ok
01:45:48.0359 1904 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep D:\WINDOWS\system32\drivers\Beep.sys
01:45:48.0359 1904 Beep - ok
01:45:48.0406 1904 [ A6BFD910074B02C8794FC65F39CC6B28 ] BITS D:\WINDOWS\system32\qmgr.dll
01:45:48.0421 1904 BITS - ok
01:45:48.0453 1904 [ 210830D2497FEF78694076179AF8C795 ] Browser D:\WINDOWS\System32\browser.dll
01:45:48.0453 1904 Browser - ok
01:45:48.0500 1904 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k D:\WINDOWS\system32\drivers\cbidf2k.sys
01:45:48.0500 1904 cbidf2k - ok
01:45:48.0531 1904 cd20xrnt - ok
01:45:48.0578 1904 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio D:\WINDOWS\system32\drivers\Cdaudio.sys
01:45:48.0578 1904 Cdaudio - ok
01:45:48.0625 1904 [ CD7D5152DF32B47F4E36F710B35AAE02 ] Cdfs D:\WINDOWS\system32\drivers\Cdfs.sys
01:45:48.0625 1904 Cdfs - ok
01:45:48.0640 1904 [ AF9C19B3100FE010496B1A27181FBF72 ] Cdrom D:\WINDOWS\system32\DRIVERS\cdrom.sys
01:45:48.0656 1904 Cdrom - ok
01:45:48.0671 1904 Changer - ok
01:45:48.0718 1904 [ B4E0A9B9064AA79AE188C0D953543520 ] CiSvc D:\WINDOWS\system32\cisvc.exe
01:45:48.0718 1904 CiSvc - ok
01:45:48.0750 1904 [ 1B11121083C32EA9A55ABE547A23FF71 ] ClipSrv D:\WINDOWS\system32\clipsrv.exe
01:45:48.0765 1904 ClipSrv - ok
01:45:48.0828 1904 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
01:45:48.0828 1904 clr_optimization_v2.0.50727_32 - ok
01:45:48.0875 1904 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
01:45:48.0890 1904 clr_optimization_v4.0.30319_32 - ok
01:45:48.0921 1904 CmdIde - ok
01:45:48.0953 1904 COMSysApp - ok
01:45:48.0984 1904 Cpqarray - ok
01:45:49.0031 1904 [ 91723CD7C96C5854149F9CAE820A90DD ] CryptSvc D:\WINDOWS\System32\cryptsvc.dll
01:45:49.0031 1904 CryptSvc - ok
01:45:49.0046 1904 dac2w2k - ok
01:45:49.0078 1904 dac960nt - ok
01:45:49.0140 1904 [ 346E5B19FC986FE7185A0C2C43593722 ] DcomLaunch D:\WINDOWS\system32\rpcss.dll
01:45:49.0140 1904 DcomLaunch - ok
01:45:49.0203 1904 [ 6CC6C4B9D7B906A151AA094CA087B9F0 ] dg_ssudbus D:\WINDOWS\system32\DRIVERS\ssudbus.sys
01:45:49.0203 1904 dg_ssudbus - ok
01:45:49.0250 1904 [ 94B49F2D487A7D4A79B3E96B6D5685B0 ] Dhcp D:\WINDOWS\System32\dhcpcsvc.dll
01:45:49.0250 1904 Dhcp - ok
01:45:49.0281 1904 [ 00CA44E4534865F8A3B64F7C0984BFF0 ] Disk D:\WINDOWS\system32\DRIVERS\disk.sys
01:45:49.0281 1904 Disk - ok
01:45:49.0296 1904 dmadmin - ok
01:45:49.0375 1904 [ 3B809FFAD55DCEBDB156D5CA1BD3DA65 ] dmboot D:\WINDOWS\system32\drivers\dmboot.sys
01:45:49.0375 1904 dmboot - ok
01:45:49.0421 1904 [ 27725B6501201C3080BA73048BCE389A ] dmio D:\WINDOWS\system32\drivers\dmio.sys
01:45:49.0421 1904 dmio - ok
01:45:49.0468 1904 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload D:\WINDOWS\system32\drivers\dmload.sys
01:45:49.0468 1904 dmload - ok
01:45:49.0500 1904 [ 4ADBB7593EC0115F7622C335B427C3DA ] dmserver D:\WINDOWS\System32\dmserver.dll
01:45:49.0500 1904 dmserver - ok
01:45:49.0562 1904 [ A6F881284AC1150E37D9AE47FF601267 ] DMusic D:\WINDOWS\system32\drivers\DMusic.sys
01:45:49.0562 1904 DMusic - ok
01:45:49.0593 1904 [ F61C204EBCAA1D6B5FB5DFE7034741F3 ] Dnscache D:\WINDOWS\System32\dnsrslvr.dll
01:45:49.0593 1904 Dnscache - ok
01:45:49.0609 1904 dpti2o - ok
01:45:49.0640 1904 [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E ] drmkaud D:\WINDOWS\system32\drivers\drmkaud.sys
01:45:49.0640 1904 drmkaud - ok
01:45:49.0671 1904 [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01 D:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
01:45:49.0687 1904 dtsoftbus01 - ok
01:45:49.0718 1904 EagleXNt - ok
01:45:49.0781 1904 [ EFD32591F9E29C00A5814DF3F6D46683 ] ERSvc D:\WINDOWS\System32\ersvc.dll
01:45:49.0781 1904 ERSvc - ok
01:45:49.0828 1904 [ A55DD7D8CED5D2624A9EE2DDA7BE0319 ] es1371 D:\WINDOWS\system32\drivers\es1371mp.sys
01:45:49.0828 1904 es1371 - ok
01:45:49.0875 1904 [ 3DA8D964D2CC12EF8E8C342471A37917 ] Eventlog D:\WINDOWS\system32\services.exe
01:45:49.0890 1904 Eventlog - ok
01:45:49.0937 1904 [ DC54CC79E1FAEFA480A8117C9BF105E1 ] EventSystem D:\WINDOWS\system32\es.dll
01:45:49.0937 1904 EventSystem - ok
01:45:50.0000 1904 [ 3117F595E9615E04F05A54FC15A03B20 ] Fastfat D:\WINDOWS\system32\drivers\Fastfat.sys
01:45:50.0000 1904 Fastfat - ok
01:45:50.0062 1904 [ 7C8E934687C496EDC69FDBBD2C277E63 ] FastUserSwitchingCompatibility D:\WINDOWS\System32\shsvcs.dll
01:45:50.0062 1904 FastUserSwitchingCompatibility - ok
01:45:50.0109 1904 [ CED2E8396A8838E59D8FD529C680E02C ] Fdc D:\WINDOWS\system32\DRIVERS\fdc.sys
01:45:50.0109 1904 Fdc - ok
01:45:50.0156 1904 [ E9648254056BCE81A85380C0C3647DC4 ] FETNDIS D:\WINDOWS\system32\DRIVERS\fetnd5.sys
01:45:50.0156 1904 FETNDIS - ok
01:45:50.0187 1904 [ C5FB298257C0A6514EA17835E774EA0A ] Fips D:\WINDOWS\system32\drivers\Fips.sys
01:45:50.0187 1904 Fips - ok
01:45:50.0234 1904 [ 0DD1DE43115B93F4D85E889D7A86F548 ] Flpydisk D:\WINDOWS\system32\DRIVERS\flpydisk.sys
01:45:50.0234 1904 Flpydisk - ok
01:45:50.0281 1904 [ 157754F0DF355A9E0A6F54721914F9C6 ] FltMgr D:\WINDOWS\system32\DRIVERS\fltMgr.sys
01:45:50.0281 1904 FltMgr - ok
01:45:50.0343 1904 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 D:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
01:45:50.0343 1904 FontCache3.0.0.0 - ok
01:45:50.0406 1904 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec D:\WINDOWS\system32\drivers\Fs_Rec.sys
01:45:50.0406 1904 Fs_Rec - ok
01:45:50.0453 1904 [ ED6D921D8AB423138FB35BEEE6D6A6CB ] Ftdisk D:\WINDOWS\system32\DRIVERS\ftdisk.sys
01:45:50.0453 1904 Ftdisk - ok
01:45:50.0484 1904 [ 4216CD545E5C30807B560C5DCAA812E6 ] gagp30kx D:\WINDOWS\system32\DRIVERS\gagp30kx.sys
01:45:50.0484 1904 gagp30kx - ok
01:45:50.0515 1904 [ 5F92FD09E5610A5995DA7D775EADCD12 ] gameenum D:\WINDOWS\system32\DRIVERS\gameenum.sys
01:45:50.0515 1904 gameenum - ok
01:45:50.0578 1904 [ C0F1D4A21DE5A415DF8170616703DEBF ] Gpc D:\WINDOWS\system32\DRIVERS\msgpc.sys
01:45:50.0578 1904 Gpc - ok
01:45:50.0656 1904 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate D:\Program Files\Google\Update\GoogleUpdate.exe
01:45:50.0656 1904 gupdate - ok
01:45:50.0671 1904 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem D:\Program Files\Google\Update\GoogleUpdate.exe
01:45:50.0671 1904 gupdatem - ok
01:45:50.0703 1904 [ 833051C6C6C42117191935F734CFBD97 ] hamachi D:\WINDOWS\system32\DRIVERS\hamachi.sys
01:45:50.0703 1904 hamachi - ok
01:45:50.0781 1904 [ A7EBBF64C7610B7C67D46AE620AADBA3 ] Hamachi2Svc D:\Program Files\LogMeIn Hamachi\hamachi-2.exe
01:45:50.0796 1904 Hamachi2Svc - ok
01:45:50.0875 1904 [ E1552A082E8C0FBB70B758F170B3AFF8 ] helpsvc D:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
01:45:50.0875 1904 helpsvc - ok
01:45:50.0890 1904 [ 7D00FEC9B6DE9776B3D0EAD70BD71968 ] HidServ D:\WINDOWS\System32\hidserv.dll
01:45:50.0890 1904 HidServ - ok
01:45:50.0937 1904 [ 1DE6783B918F540149AA69943BDFEBA8 ] hidusb D:\WINDOWS\system32\DRIVERS\hidusb.sys
01:45:50.0953 1904 hidusb - ok
01:45:50.0984 1904 hpn - ok
01:45:51.0046 1904 [ C19B522A9AE0BBC3293397F3055E80A1 ] HTTP D:\WINDOWS\system32\Drivers\HTTP.sys
01:45:51.0046 1904 HTTP - ok
01:45:51.0078 1904 [ 2D303CAF3C6DCFB246E74550DBED5880 ] HTTPFilter D:\WINDOWS\System32\w3ssl.dll
01:45:51.0078 1904 HTTPFilter - ok
01:45:51.0109 1904 i2omgmt - ok
01:45:51.0140 1904 i2omp - ok
01:45:51.0187 1904 [ 2656FDFE0A7916C3A16F374454C55DD9 ] i8042prt D:\WINDOWS\system32\DRIVERS\i8042prt.sys
01:45:51.0187 1904 i8042prt - ok
01:45:51.0312 1904 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
01:45:51.0328 1904 idsvc - ok
01:45:51.0375 1904 [ F8AA320C6A0409C0380E5D8A99D76EC6 ] Imapi D:\WINDOWS\system32\DRIVERS\imapi.sys
01:45:51.0375 1904 Imapi - ok
01:45:51.0437 1904 [ BC74431E59FB0BADF3E9162BD8D37B00 ] ImapiService D:\WINDOWS\system32\imapi.exe
01:45:51.0437 1904 ImapiService - ok
01:45:51.0500 1904 ini910u - ok
01:45:51.0546 1904 IntelIde - ok
01:45:51.0593 1904 [ 4448006B6BC60E6C027932CFC38D6855 ] Ip6Fw D:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
01:45:51.0593 1904 Ip6Fw - ok
01:45:51.0640 1904 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver D:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
01:45:51.0640 1904 IpFilterDriver - ok
01:45:51.0671 1904 [ E1EC7F5DA720B640CD8FB8424F1B14BB ] IpInIp D:\WINDOWS\system32\DRIVERS\ipinip.sys
01:45:51.0671 1904 IpInIp - ok
01:45:51.0718 1904 [ B5A8E215AC29D24D60B4D1250EF05ACE ] IpNat D:\WINDOWS\system32\DRIVERS\ipnat.sys
01:45:51.0718 1904 IpNat - ok
01:45:51.0750 1904 [ 64537AA5C003A6AFEEE1DF819062D0D1 ] IPSec D:\WINDOWS\system32\DRIVERS\ipsec.sys
01:45:51.0750 1904 IPSec - ok
01:45:51.0812 1904 [ 50708DAA1B1CBB7D6AC1CF8F56A24410 ] IRENUM D:\WINDOWS\system32\DRIVERS\irenum.sys
01:45:51.0812 1904 IRENUM - ok
01:45:51.0843 1904 [ 01A9E68528F4F34E5702123D27C67BD4 ] isapnp D:\WINDOWS\system32\DRIVERS\isapnp.sys
01:45:51.0859 1904 isapnp - ok
01:45:51.0937 1904 [ B591E761161D1EF547D76EF236EAA6A5 ] JavaQuickStarterService D:\Program Files\Java\jre7\bin\jqs.exe
01:45:51.0937 1904 JavaQuickStarterService - ok
01:45:51.0984 1904 [ CC13DB862F929AE33F64C3BEDC01CD31 ] Kbdclass D:\WINDOWS\system32\DRIVERS\kbdclass.sys
01:45:51.0984 1904 Kbdclass - ok
01:45:52.0015 1904 [ 831BE9197BDACE6BDCAC1BFDBE1C380F ] kbdhid D:\WINDOWS\system32\DRIVERS\kbdhid.sys
01:45:52.0015 1904 kbdhid - ok
01:45:52.0078 1904 [ D93CAD07C5683DB066B0B2D2D3790EAD ] kmixer D:\WINDOWS\system32\drivers\kmixer.sys
01:45:52.0078 1904 kmixer - ok
01:45:52.0125 1904 [ EB7FFE87FD367EA8FCA0506F74A87FBB ] KSecDD D:\WINDOWS\system32\drivers\KSecDD.sys
01:45:52.0125 1904 KSecDD - ok
01:45:52.0171 1904 [ 83EC18EE52DBF7CCE9520F848F4E6584 ] lanmanserver D:\WINDOWS\System32\srvsvc.dll
01:45:52.0171 1904 lanmanserver - ok
01:45:52.0250 1904 [ FF68CD5B967CD210562C292CBD263555 ] lanmanworkstation D:\WINDOWS\System32\wkssvc.dll
01:45:52.0250 1904 lanmanworkstation - ok
01:45:52.0296 1904 lbrtfdc - ok
01:45:52.0375 1904 [ 94136B41F35666254DE29006DCCC30FC ] LmHosts D:\WINDOWS\System32\lmhsvc.dll
01:45:52.0375 1904 LmHosts - ok
01:45:52.0421 1904 [ 1D0EBF9EDAE8A61CBF56ED1FF8489FAC ] Messenger D:\WINDOWS\System32\msgsvc.dll
01:45:52.0421 1904 Messenger - ok
01:45:52.0468 1904 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd D:\WINDOWS\system32\drivers\mnmdd.sys
01:45:52.0468 1904 mnmdd - ok
01:45:52.0515 1904 [ DB082AAFD0859E28744E6629B64E0A91 ] mnmsrvc D:\WINDOWS\system32\mnmsrvc.exe
01:45:52.0531 1904 mnmsrvc - ok
01:45:52.0578 1904 [ 15F33D12D604D0198CE5561F102CD9C5 ] Modem D:\WINDOWS\system32\drivers\Modem.sys
01:45:52.0578 1904 Modem - ok
01:45:52.0625 1904 [ 69C12B99AE8B6B99EC314E9B99833728 ] Mouclass D:\WINDOWS\system32\DRIVERS\mouclass.sys
01:45:52.0625 1904 Mouclass - ok
01:45:52.0671 1904 [ ECEC1E6CD558AB80F944F31326E9D3B5 ] mouhid D:\WINDOWS\system32\DRIVERS\mouhid.sys
01:45:52.0671 1904 mouhid - ok
01:45:52.0734 1904 [ 65653F3B4477F3C63E68A9659F85EE2E ] MountMgr D:\WINDOWS\system32\drivers\MountMgr.sys
01:45:52.0734 1904 MountMgr - ok
01:45:52.0750 1904 mraid35x - ok
01:45:52.0781 1904 [ 46EDCC8F2DB2F322C24F48785CB46366 ] MRxDAV D:\WINDOWS\system32\DRIVERS\mrxdav.sys
01:45:52.0781 1904 MRxDAV - ok
01:45:52.0812 1904 [ 1FD607FC67F7F7C633C3DA65BFC53D18 ] MRxSmb D:\WINDOWS\system32\DRIVERS\mrxsmb.sys
01:45:52.0812 1904 MRxSmb - ok
01:45:52.0859 1904 [ FB68F196B215782333FA1467CBAFC8B0 ] MSDTC D:\WINDOWS\system32\msdtc.exe
01:45:52.0859 1904 MSDTC - ok
01:45:52.0921 1904 [ 561B3A4333CA2DBDBA28B5B956822519 ] Msfs D:\WINDOWS\system32\drivers\Msfs.sys
01:45:52.0921 1904 Msfs - ok
01:45:52.0937 1904 MSIServer - ok
01:45:52.0968 1904 [ AE431A8DD3C1D0D0610CDBAC16057AD0 ] MSKSSRV D:\WINDOWS\system32\drivers\MSKSSRV.sys
01:45:52.0968 1904 MSKSSRV - ok
01:45:52.0968 1904 [ 13E75FEF9DFEB08EEDED9D0246E1F448 ] MSPCLOCK D:\WINDOWS\system32\drivers\MSPCLOCK.sys
01:45:52.0984 1904 MSPCLOCK - ok
01:45:53.0000 1904 [ 1988A33FF19242576C3D0EF9CE785DA7 ] MSPQM D:\WINDOWS\system32\drivers\MSPQM.sys
01:45:53.0000 1904 MSPQM - ok
01:45:53.0031 1904 [ 469541F8BFD2B32659D5D463A6714BCE ] mssmbios D:\WINDOWS\system32\DRIVERS\mssmbios.sys
01:45:53.0031 1904 mssmbios - ok
01:45:53.0062 1904 [ 82035E0F41C2DD05AE41D27FE6CF7DE1 ] Mup D:\WINDOWS\system32\drivers\Mup.sys
01:45:53.0062 1904 Mup - ok
01:45:53.0109 1904 [ 558635D3AF1C7546D26067D5D9B6959E ] NDIS D:\WINDOWS\system32\drivers\NDIS.sys
01:45:53.0109 1904 NDIS - ok
01:45:53.0156 1904 [ 08D43BBDACDF23F34D79E44ED35C1B4C ] NdisTapi D:\WINDOWS\system32\DRIVERS\ndistapi.sys
01:45:53.0156 1904 NdisTapi - ok
01:45:53.0187 1904 [ 34D6CD56409DA9A7ED573E1C90A308BF ] Ndisuio D:\WINDOWS\system32\DRIVERS\ndisuio.sys
01:45:53.0187 1904 Ndisuio - ok
01:45:53.0203 1904 [ 0B90E255A9490166AB368CD55A529893 ] NdisWan D:\WINDOWS\system32\DRIVERS\ndiswan.sys
01:45:53.0203 1904 NdisWan - ok
01:45:53.0234 1904 [ 59FC3FB44D2669BC144FD87826BB571F ] NDProxy D:\WINDOWS\system32\drivers\NDProxy.sys
01:45:53.0234 1904 NDProxy - ok
01:45:53.0265 1904 [ 3A2ACA8FC1D7786902CA434998D7CEB4 ] NetBIOS D:\WINDOWS\system32\DRIVERS\netbios.sys
01:45:53.0265 1904 NetBIOS - ok
01:45:53.0281 1904 [ 0C80E410CD2F47134407EE7DD19CC86B ] NetBT D:\WINDOWS\system32\DRIVERS\netbt.sys
01:45:53.0281 1904 NetBT - ok
01:45:53.0328 1904 [ 8DE3841527161ABDFAE5C44AB570F8E1 ] NetDDE D:\WINDOWS\system32\netdde.exe
01:45:53.0343 1904 NetDDE - ok
01:45:53.0375 1904 [ 8DE3841527161ABDFAE5C44AB570F8E1 ] NetDDEdsdm D:\WINDOWS\system32\netdde.exe
01:45:53.0375 1904 NetDDEdsdm - ok
01:45:53.0421 1904 [ F485FEFC8CC4FD29243D800BE5D275D1 ] Netlogon D:\WINDOWS\system32\lsass.exe
01:45:53.0421 1904 Netlogon - ok
01:45:53.0468 1904 [ 3E7B6583269BC118720D0020B03CC71E ] Netman D:\WINDOWS\System32\netman.dll
01:45:53.0468 1904 Netman - ok
01:45:53.0546 1904 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
01:45:53.0562 1904 NetTcpPortSharing - ok
01:45:53.0609 1904 [ 83387067B25E000E64B178A62E5DCD24 ] Nla D:\WINDOWS\System32\mswsock.dll
01:45:53.0609 1904 Nla - ok
01:45:53.0656 1904 [ 4F601BCB8F64EA3AC0994F98FED03F8E ] Npfs D:\WINDOWS\system32\drivers\Npfs.sys
01:45:53.0656 1904 Npfs - ok
01:45:53.0687 1904 [ B78BE402C3F63DD55521F73876951CDD ] Ntfs D:\WINDOWS\system32\drivers\Ntfs.sys
01:45:53.0703 1904 Ntfs - ok
01:45:53.0734 1904 [ F485FEFC8CC4FD29243D800BE5D275D1 ] NtLmSsp D:\WINDOWS\system32\lsass.exe
01:45:53.0734 1904 NtLmSsp - ok
01:45:53.0796 1904 [ C8CE1566B0537C3F5F7AE1CA458A6697 ] NtmsSvc D:\WINDOWS\system32\ntmssvc.dll
01:45:53.0796 1904 NtmsSvc - ok
01:45:53.0843 1904 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null D:\WINDOWS\system32\drivers\Null.sys
01:45:53.0843 1904 Null - ok
01:45:54.0187 1904 [ 68B8C35782FFD20973524F748234B5A9 ] nv D:\WINDOWS\system32\DRIVERS\nv4_mini.sys
01:45:54.0281 1904 nv - ok
01:45:54.0359 1904 [ FFD30DAAF62D605069F6EB42D2E807C3 ] NVSvc D:\WINDOWS\system32\nvsvc32.exe
01:45:54.0359 1904 NVSvc - ok
01:45:54.0453 1904 [ 210EE09CB9C2655E55BD48D851369DC1 ] nvUpdatusService D:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
01:45:54.0468 1904 nvUpdatusService - ok
01:45:54.0515 1904 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt D:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
01:45:54.0515 1904 NwlnkFlt - ok
01:45:54.0546 1904 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd D:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
01:45:54.0546 1904 NwlnkFwd - ok
01:45:54.0625 1904 [ 2FF48D8FDC815A8492FB2BD81E6999C2 ] Parport D:\WINDOWS\system32\drivers\Parport.sys
01:45:54.0625 1904 Parport - ok
01:45:54.0671 1904 [ 3334430C29DC338092F79C38EF7B4CD0 ] PartMgr D:\WINDOWS\system32\drivers\PartMgr.sys
01:45:54.0671 1904 PartMgr - ok
01:45:54.0718 1904 [ 453EC2C2A20A1382F564541918520EEB ] ParVdm D:\WINDOWS\system32\drivers\ParVdm.sys
01:45:54.0718 1904 ParVdm - ok
01:45:54.0750 1904 [ 5FD05C92EC56F696EAA50B68CEF1B84A ] PCI D:\WINDOWS\system32\DRIVERS\pci.sys
01:45:54.0750 1904 PCI - ok
01:45:54.0765 1904 PCIDump - ok
01:45:54.0796 1904 PCIIde - ok
01:45:54.0859 1904 [ 2849812217ECEC059CB45F80EB6E52D4 ] Pcmcia D:\WINDOWS\system32\drivers\Pcmcia.sys
01:45:54.0859 1904 Pcmcia - ok
01:45:54.0875 1904 PDCOMP - ok
01:45:54.0906 1904 PDFRAME - ok
01:45:54.0937 1904 PDRELI - ok
01:45:54.0968 1904 PDRFRAME - ok
01:45:55.0000 1904 perc2 - ok
01:45:55.0031 1904 perc2hib - ok
01:45:55.0109 1904 [ 3DA8D964D2CC12EF8E8C342471A37917 ] PlugPlay D:\WINDOWS\system32\services.exe
01:45:55.0109 1904 PlugPlay - ok
01:45:55.0171 1904 [ 205E1B699FD3F2F9B036EEA2EC30C620 ] PnkBstrA D:\WINDOWS\system32\PnkBstrA.exe
01:45:55.0171 1904 PnkBstrA - ok
01:45:55.0187 1904 [ F485FEFC8CC4FD29243D800BE5D275D1 ] PolicyAgent D:\WINDOWS\system32\lsass.exe
01:45:55.0187 1904 PolicyAgent - ok
01:45:55.0250 1904 [ 1C5CC65AAC0783C344F16353E60B72AC ] PptpMiniport D:\WINDOWS\system32\DRIVERS\raspptp.sys
01:45:55.0250 1904 PptpMiniport - ok
01:45:55.0296 1904 [ 0914733FB2FC58F69CDA0E929BF2DF22 ] Processor D:\WINDOWS\system32\DRIVERS\processr.sys
01:45:55.0296 1904 Processor - ok
01:45:55.0343 1904 [ F485FEFC8CC4FD29243D800BE5D275D1 ] ProtectedStorage D:\WINDOWS\system32\lsass.exe
01:45:55.0343 1904 ProtectedStorage - ok
01:45:55.0390 1904 [ 48671F327553DCF1D27F6197F622A668 ] PSched D:\WINDOWS\system32\DRIVERS\psched.sys
01:45:55.0390 1904 PSched - ok
01:45:55.0437 1904 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink D:\WINDOWS\system32\DRIVERS\ptilink.sys
01:45:55.0437 1904 Ptilink - ok
01:45:55.0468 1904 ql1080 - ok
01:45:55.0500 1904 Ql10wnt - ok
01:45:55.0531 1904 ql12160 - ok
01:45:55.0562 1904 ql1240 - ok
01:45:55.0593 1904 ql1280 - ok
01:45:55.0687 1904 [ 583608EE65AABF971117A61AEE4BCAAE ] RalinkRegistryWriter D:\Program Files\TP-LINK\COMMON\RaRegistry.exe
01:45:55.0687 1904 RalinkRegistryWriter - ok
01:45:55.0734 1904 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd D:\WINDOWS\system32\DRIVERS\rasacd.sys
01:45:55.0734 1904 RasAcd - ok
01:45:55.0796 1904 [ 5ED5AF86EE8CC13F6392B37A81AF5D5B ] RasAuto D:\WINDOWS\System32\rasauto.dll
01:45:55.0796 1904 RasAuto - ok
01:45:55.0828 1904 [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C ] Rasl2tp D:\WINDOWS\system32\DRIVERS\rasl2tp.sys
01:45:55.0828 1904 Rasl2tp - ok
01:45:55.0875 1904 [ FF59EC9427760470DE7FFCA75738ECB8 ] RasMan D:\WINDOWS\System32\rasmans.dll
01:45:55.0875 1904 RasMan - ok
01:45:55.0906 1904 [ 7306EEED8895454CBED4669BE9F79FAA ] RasPppoe D:\WINDOWS\system32\DRIVERS\raspppoe.sys
01:45:55.0906 1904 RasPppoe - ok
01:45:55.0937 1904 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti D:\WINDOWS\system32\DRIVERS\raspti.sys
01:45:55.0937 1904 Raspti - ok
01:45:56.0000 1904 [ 29D66245ADBA878FFF574CD66ABD2884 ] Rdbss D:\WINDOWS\system32\DRIVERS\rdbss.sys
01:45:56.0015 1904 Rdbss - ok
01:45:56.0062 1904 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD D:\WINDOWS\system32\DRIVERS\RDPCDD.sys
01:45:56.0062 1904 RDPCDD - ok
01:45:56.0156 1904 [ D4F5643D7714EF499AE9527FDCD50894 ] RDPWD D:\WINDOWS\system32\drivers\RDPWD.sys
01:45:56.0171 1904 RDPWD - ok
01:45:56.0218 1904 [ EE93399BC7CD84624AB7890DD7D8B296 ] RDSessMgr D:\WINDOWS\system32\sessmgr.exe
01:45:56.0218 1904 RDSessMgr - ok
01:45:56.0281 1904 [ BDDCECE9ACDAD26841C987D10376F6F7 ] redbook D:\WINDOWS\system32\DRIVERS\redbook.sys
01:45:56.0281 1904 redbook - ok
01:45:56.0328 1904 [ 6A9CB0C18B634B187B8B5A32B0FC2773 ] RemoteAccess D:\WINDOWS\System32\mprdim.dll
01:45:56.0328 1904 RemoteAccess - ok
01:45:56.0375 1904 [ 6BE739F700580F23740EFA1D1B57C0A5 ] RpcLocator D:\WINDOWS\system32\locator.exe
01:45:56.0375 1904 RpcLocator - ok
01:45:56.0406 1904 [ 346E5B19FC986FE7185A0C2C43593722 ] RpcSs D:\WINDOWS\system32\rpcss.dll
01:45:56.0406 1904 RpcSs - ok
01:45:56.0468 1904 [ 9ACEE3313020A01235336C2A483AFD1A ] RSVP D:\WINDOWS\system32\rsvp.exe
01:45:56.0468 1904 RSVP - ok
01:45:56.0531 1904 [ 487FC03649653349ACE757571EFC3EC9 ] rt2870 D:\WINDOWS\system32\DRIVERS\rt2870.sys
01:45:56.0546 1904 rt2870 - ok
01:45:56.0578 1904 [ F485FEFC8CC4FD29243D800BE5D275D1 ] SamSs D:\WINDOWS\system32\lsass.exe
01:45:56.0578 1904 SamSs - ok
01:45:56.0625 1904 [ 8DF7262F72C3AB75486D21BA78B9F749 ] SCardSvr D:\WINDOWS\System32\SCardSvr.exe
01:45:56.0625 1904 SCardSvr - ok
01:45:56.0687 1904 [ E5F1C9EAD4C6617ACD40CA90882CC7D4 ] Schedule D:\WINDOWS\system32\schedsvc.dll
01:45:56.0687 1904 Schedule - ok
01:45:56.0750 1904 [ F34C06D1C706A6D9433570B087A18B02 ] Scutum50 D:\WINDOWS\system32\Drivers\Scutum50.sys
01:45:56.0750 1904 Scutum50 - ok
01:45:56.0796 1904 [ D26E26EA516450AF9D072635C60387F4 ] Secdrv D:\WINDOWS\system32\DRIVERS\secdrv.sys
01:45:56.0796 1904 Secdrv - ok
01:45:56.0843 1904 [ 60255AC385A08AAF4897AB4A42483500 ] seclogon D:\WINDOWS\System32\seclogon.dll
01:45:56.0843 1904 seclogon - ok
01:45:56.0875 1904 [ 1398DF553E701C7948188A7D4E347A18 ] SENS D:\WINDOWS\system32\sens.dll
01:45:56.0875 1904 SENS - ok
01:45:56.0921 1904 [ A2D868AEEFF612E70E213C451A70CAFB ] serenum D:\WINDOWS\system32\DRIVERS\serenum.sys
01:45:56.0921 1904 serenum - ok
01:45:56.0968 1904 [ 859BC6F8C3D58CFDA9181E9926C7DDB9 ] Serial D:\WINDOWS\system32\DRIVERS\serial.sys
01:45:56.0968 1904 Serial - ok
01:45:57.0109 1904 [ 0D13B6DF6E9E101013A7AFB0CE629FE0 ] Sfloppy D:\WINDOWS\system32\drivers\Sfloppy.sys
01:45:57.0109 1904 Sfloppy - ok
01:45:57.0140 1904 [ DDC87ADF808D192A5212CC8A1E7F8E87 ] SharedAccess D:\WINDOWS\System32\ipnathlp.dll
01:45:57.0140 1904 SharedAccess - ok
01:45:57.0187 1904 [ 7C8E934687C496EDC69FDBBD2C277E63 ] ShellHWDetection D:\WINDOWS\System32\shsvcs.dll
01:45:57.0187 1904 ShellHWDetection - ok
01:45:57.0218 1904 Simbad - ok
01:45:57.0281 1904 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate D:\Program Files\Skype\Updater\Updater.exe
01:45:57.0281 1904 SkypeUpdate - ok
01:45:57.0343 1904 Sparrow - ok
01:45:57.0375 1904 [ 8E186B8F23295D1E42C573B82B80D548 ] splitter D:\WINDOWS\system32\drivers\splitter.sys
01:45:57.0375 1904 splitter - ok
01:45:57.0437 1904 [ BEBE8A85954FF460374FD5A0CD21E19B ] Spooler D:\WINDOWS\system32\spoolsv.exe
01:45:57.0437 1904 Spooler - ok
01:45:57.0468 1904 [ 6145CA23BCCDA679A772EC0AF42D6EB5 ] sr D:\WINDOWS\system32\DRIVERS\sr.sys
01:45:57.0484 1904 sr - ok
01:45:57.0515 1904 [ F309D9894FCA821E3C2F557A8032D47A ] srservice D:\WINDOWS\system32\srsvc.dll
01:45:57.0515 1904 srservice - ok
01:45:57.0562 1904 [ 20B7E396720353E4117D64D9DCB926CA ] Srv D:\WINDOWS\system32\DRIVERS\srv.sys
01:45:57.0562 1904 Srv - ok
01:45:57.0609 1904 [ 406776FE3C2B66796BAC1A7AFB9AC8A1 ] ssadbus D:\WINDOWS\system32\DRIVERS\ssadbus.sys
01:45:57.0609 1904 ssadbus - ok
01:45:57.0671 1904 [ B19532D015A5D295E2AA34BB521202CF ] ssadmdfl D:\WINDOWS\system32\DRIVERS\ssadmdfl.sys
01:45:57.0671 1904 ssadmdfl - ok
01:45:57.0703 1904 [ 2AEBF9108E6F435458B9499C27394DA4 ] ssadmdm D:\WINDOWS\system32\DRIVERS\ssadmdm.sys
01:45:57.0703 1904 ssadmdm - ok
01:45:57.0718 1904 [ 28F893C9B4E98DEE5AE3C24DB56B1B11 ] ssadserd D:\WINDOWS\system32\DRIVERS\ssadserd.sys
01:45:57.0718 1904 ssadserd - ok
01:45:57.0781 1904 [ FFE42941E0326C322F40B0B79A46493C ] sscdbus D:\WINDOWS\system32\DRIVERS\sscdbus.sys
01:45:57.0781 1904 sscdbus - ok
01:45:57.0812 1904 [ A68E7D87ADFBB8C50D88CD58230C6819 ] sscdmdfl D:\WINDOWS\system32\DRIVERS\sscdmdfl.sys
01:45:57.0812 1904 sscdmdfl - ok
01:45:57.0843 1904 [ B534B24151281856EC2F69ED3D6D60DD ] sscdmdm D:\WINDOWS\system32\DRIVERS\sscdmdm.sys
01:45:57.0843 1904 sscdmdm - ok
01:45:57.0906 1904 [ BB754C4BE0B18F0FAF01A7EBDE7025C4 ] SSDPSRV D:\WINDOWS\System32\ssdpsrv.dll
01:45:57.0906 1904 SSDPSRV - ok
01:45:57.0953 1904 [ 359FEE084F1173FFFFD7F9CCBD43D47F ] ssudmdm D:\WINDOWS\system32\DRIVERS\ssudmdm.sys
01:45:57.0953 1904 ssudmdm - ok
01:45:58.0015 1904 [ C6718154A50FE6C55E382CDBDEDCE7A7 ] stisvc D:\WINDOWS\system32\wiaservc.dll
01:45:58.0015 1904 stisvc - ok
01:45:58.0062 1904 [ 03C1BAE4766E2450219D20B993D6E046 ] swenum D:\WINDOWS\system32\DRIVERS\swenum.sys
01:45:58.0062 1904 swenum - ok
01:45:58.0093 1904 [ 94ABC808FC4B6D7D2BBF42B85E25BB4D ] swmidi D:\WINDOWS\system32\drivers\swmidi.sys
01:45:58.0093 1904 swmidi - ok
01:45:58.0125 1904 SwPrv - ok
01:45:58.0156 1904 symc810 - ok
01:45:58.0187 1904 symc8xx - ok
01:45:58.0234 1904 sym_hi - ok
01:45:58.0250 1904 sym_u3 - ok
01:45:58.0296 1904 [ 650AD082D46BAC0E64C9C0E0928492FD ] sysaudio D:\WINDOWS\system32\drivers\sysaudio.sys
01:45:58.0296 1904 sysaudio - ok
01:45:58.0343 1904 [ 5893B3B5B966233CAE426B2FEDC34DDF ] SysmonLog D:\WINDOWS\system32\smlogsvc.exe
01:45:58.0343 1904 SysmonLog - ok
01:45:58.0390 1904 [ 0A695B77564D8E9333E846B526F95AB2 ] TapiSrv D:\WINDOWS\System32\tapisrv.dll
01:45:58.0390 1904 TapiSrv - ok
01:45:58.0421 1904 [ 9F4B36614A0FC234525BA224957DE55C ] Tcpip D:\WINDOWS\system32\DRIVERS\tcpip.sys
01:45:58.0421 1904 Tcpip - ok
01:45:58.0453 1904 [ 38D437CF2D98965F239B0ABCD66DCB0F ] TDPIPE D:\WINDOWS\system32\drivers\TDPIPE.sys
01:45:58.0453 1904 TDPIPE - ok
01:45:58.0500 1904 [ ED0580AF02502D00AD8C4C066B156BE9 ] TDTCP D:\WINDOWS\system32\drivers\TDTCP.sys
01:45:58.0500 1904 TDTCP - ok
01:45:58.0531 1904 [ A540A99C281D933F3D69D55E48727F47 ] TermDD D:\WINDOWS\system32\DRIVERS\termdd.sys
01:45:58.0531 1904 TermDD - ok
01:45:58.0562 1904 [ 2C28157229925280916B3041CCC5FE4B ] TermService D:\WINDOWS\System32\termsrv.dll
01:45:58.0562 1904 TermService - ok
01:45:58.0593 1904 [ 7C8E934687C496EDC69FDBBD2C277E63 ] Themes D:\WINDOWS\System32\shsvcs.dll
01:45:58.0593 1904 Themes - ok
01:45:58.0609 1904 TosIde - ok
01:45:58.0671 1904 [ FACBC230AA93401D2FE88976E7CB7369 ] TrkWks D:\WINDOWS\system32\trkwks.dll
01:45:58.0671 1904 TrkWks - ok
01:45:58.0718 1904 [ 12F70256F140CD7D52C58C7048FDE657 ] Udfs D:\WINDOWS\system32\drivers\Udfs.sys
01:45:58.0718 1904 Udfs - ok
01:45:58.0750 1904 ultra - ok
01:45:58.0781 1904 [ AFF2E5045961BBC0A602BB6F95EB1345 ] Update D:\WINDOWS\system32\DRIVERS\update.sys
01:45:58.0781 1904 Update - ok
01:45:58.0843 1904 [ 387D2A06C8E7CCCEA8E9A350C8FE6781 ] upnphost D:\WINDOWS\System32\upnphost.dll
01:45:58.0843 1904 upnphost - ok
01:45:58.0875 1904 [ 576A2C38CF3904F2CA1107F922288435 ] UPS D:\WINDOWS\System32\ups.exe
01:45:58.0875 1904 UPS - ok
01:45:58.0921 1904 [ BFFD9F120CC63BCBAA3D840F3EEF9F79 ] usbccgp D:\WINDOWS\system32\DRIVERS\usbccgp.sys
01:45:58.0921 1904 usbccgp - ok
01:45:58.0953 1904 [ 15E993BA2F6946B2BFBBFCD30398621E ] usbehci D:\WINDOWS\system32\DRIVERS\usbehci.sys
01:45:58.0953 1904 usbehci - ok
01:45:58.0968 1904 [ C72F40947F92CEA56A8FB532EDF025F1 ] usbhub D:\WINDOWS\system32\DRIVERS\usbhub.sys
01:45:58.0968 1904 usbhub - ok
01:45:59.0015 1904 [ 6CD7B22193718F1D17A47A1CD6D37E75 ] USBSTOR D:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
01:45:59.0015 1904 USBSTOR - ok
01:45:59.0062 1904 [ F8FD1400092E23C8F2F31406EF06167B ] usbuhci D:\WINDOWS\system32\DRIVERS\usbuhci.sys
01:45:59.0062 1904 usbuhci - ok
01:45:59.0109 1904 [ 8A60EDD72B4EA5AEA8202DAF0E427925 ] VgaSave D:\WINDOWS\System32\drivers\vga.sys
01:45:59.0109 1904 VgaSave - ok
01:45:59.0140 1904 [ 59CB1338AD3654417BEA49636457F65D ] ViaIde D:\WINDOWS\system32\DRIVERS\viaide.sys
01:45:59.0140 1904 ViaIde - ok
01:45:59.0187 1904 [ 2EAB80850163B2A123D09F34574BEDCF ] viasraid D:\WINDOWS\system32\DRIVERS\viasraid.sys
01:45:59.0187 1904 viasraid - ok
01:45:59.0203 1904 [ ECD173739B8EC10A814CC18653DF5A36 ] VolSnap D:\WINDOWS\system32\drivers\VolSnap.sys
01:45:59.0203 1904 VolSnap - ok
01:45:59.0250 1904 [ FEC1E19B91972105044960B23C442949 ] VSS D:\WINDOWS\System32\vssvc.exe
01:45:59.0250 1904 VSS - ok
01:45:59.0281 1904 [ 000A0D516A2E20441E77AEA44E46B19B ] W32Time D:\WINDOWS\system32\w32time.dll
01:45:59.0281 1904 W32Time - ok
01:45:59.0343 1904 [ 984EF0B9788ABF89974CFED4BFBAACBC ] Wanarp D:\WINDOWS\system32\DRIVERS\wanarp.sys
01:45:59.0343 1904 Wanarp - ok
01:45:59.0406 1904 [ FD47474BD21794508AF449D9D91AF6E6 ] Wdf01000 D:\WINDOWS\system32\DRIVERS\Wdf01000.sys
01:45:59.0421 1904 Wdf01000 - ok
01:45:59.0437 1904 WDICA - ok
01:45:59.0468 1904 [ 2797F33EBF50466020C430EE4F037933 ] wdmaud D:\WINDOWS\system32\drivers\wdmaud.sys
01:45:59.0468 1904 wdmaud - ok
01:45:59.0515 1904 [ F796BEFE565C59A30A4C61B640557276 ] WebClient D:\WINDOWS\System32\webclnt.dll
01:45:59.0515 1904 WebClient - ok
01:45:59.0609 1904 [ 482435B2A2DE8E06C83C3B1EB3237C2C ] winmgmt D:\WINDOWS\system32\wbem\WMIsvc.dll
01:45:59.0609 1904 winmgmt - ok
01:45:59.0703 1904 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN D:\WINDOWS\system32\MsPMSNSv.dll
01:45:59.0703 1904 WmdmPmSN - ok
01:45:59.0781 1904 [ 45E43704611D7C2202A180FF87E63550 ] WmiApSrv D:\WINDOWS\system32\wbem\wmiapsrv.exe
01:45:59.0781 1904 WmiApSrv - ok
01:45:59.0953 1904 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
01:46:00.0000 1904 WPFFontCache_v0400 - ok
01:46:00.0062 1904 [ 390D0951271908C46EECF89893876424 ] wscsvc D:\WINDOWS\system32\wscsvc.dll
01:46:00.0062 1904 wscsvc - ok
01:46:00.0125 1904 [ 40C600488FF127953AA2F1835E5FD433 ] wuauserv D:\WINDOWS\system32\wuauserv.dll
01:46:00.0125 1904 wuauserv - ok
01:46:00.0187 1904 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf D:\WINDOWS\system32\DRIVERS\WudfPf.sys
01:46:00.0187 1904 WudfPf - ok
01:46:00.0218 1904 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd D:\WINDOWS\system32\DRIVERS\wudfrd.sys
01:46:00.0218 1904 WudfRd - ok
01:46:00.0265 1904 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc D:\WINDOWS\System32\WUDFSvc.dll
01:46:00.0265 1904 WudfSvc - ok
01:46:00.0328 1904 [ 98A8014DBE72349F73462262CF493574 ] WZCSVC D:\WINDOWS\System32\wzcsvc.dll
01:46:00.0328 1904 WZCSVC - ok
01:46:00.0406 1904 [ 43519481CE00D7DFABEDB9F7DB42FD4C ] x3320001 D:\WINDOWS\system32\drivers\x3320001.sys
01:46:00.0406 1904 x3320001 - ok
01:46:00.0468 1904 [ E3C9EF5BCC9EB171BD81051CD19BDED7 ] xmlprov D:\WINDOWS\System32\xmlprov.dll
01:46:00.0468 1904 xmlprov - ok
01:46:00.0531 1904 ================ Scan global ===============================
01:46:00.0578 1904 [ FF952713E6B51D49B68BBA9233FBAA81 ] D:\WINDOWS\system32\basesrv.dll
01:46:00.0609 1904 [ 143B9018051E3A3CFDE92A861F8080E9 ] D:\WINDOWS\system32\winsrv.dll
01:46:00.0656 1904 [ 143B9018051E3A3CFDE92A861F8080E9 ] D:\WINDOWS\system32\winsrv.dll
01:46:00.0687 1904 [ 3DA8D964D2CC12EF8E8C342471A37917 ] D:\WINDOWS\system32\services.exe
01:46:00.0687 1904 [Global] - ok
01:46:00.0718 1904 ================ Scan MBR ==================================
01:46:00.0734 1904 [ 32052574BF9F325AE309ABC7BFD04460 ] \Device\Harddisk0\DR0
01:46:00.0906 1904 \Device\Harddisk0\DR0 - ok
01:46:00.0921 1904 ================ Scan VBR ==================================
01:46:00.0953 1904 [ 0AB41C90518EAE903A4484715855495B ] \Device\Harddisk0\DR0\Partition1
01:46:00.0953 1904 \Device\Harddisk0\DR0\Partition1 - ok
01:46:00.0984 1904 [ B1DEB2E8F27F724741F208771C9CD45C ] \Device\Harddisk0\DR0\Partition2
01:46:00.0984 1904 \Device\Harddisk0\DR0\Partition2 - ok
01:46:00.0984 1904 ============================================================
01:46:00.0984 1904 Scan finished
01:46:00.0984 1904 ============================================================
01:46:01.0031 2844 Detected object count: 0
01:46:01.0031 2844 Actual detected object count: 0
[/log]

Gość
komentarz
komentarz

Teraz wygląda dobrze ;)
W OTL-u kliknij [b]SPRZĄTANIE[/b]

Schostuj spakowaną kwarantanne i na PW podaj mi linka.

  • Dobra wypowiedź 1
wirusolog
komentarz
komentarz

No nie wiem, czy wszystko OK.

[quote] O20 - Winlogon\Notify\LogonInit: DllName - (logonInit.dll) - D:\Program Files\Common Files\logonInit.dll ()[/quote]
To jest Tibijski Keylogger, do tego dochodzi jeszcze jego permamentnie pojawiający się kumpel:
[b] D:\Program Files\Common Files\userInit.dll[/b]

Conor proszę o dokładniejsze sprawdzanie logów, następnym razem napisze do Administracji!

  • Dobra wypowiedź 1
Gość
komentarz
komentarz (edytowane)

@wirusolog
Dziękuje za wzrócenie uwagi
Jak napiszesz to napiszesz trudno najwyżej sprowadze tu "kolege" z peba o nicku wirusolog32 ;)

Jedno mnie zastanawia moderatorka poprawia skrypt a sama nie załważa keyloggera



1. Uruchom OTL i w okno [b]Własne opcje skanowania /skrypt[/b]


Wklej

[code]

:OTL
O20 - Winlogon\Notify\LogonInit: DllName - (logonInit.dll) - D:\Program Files\Common Files\logonInit.dll ()

:Files
D:\Program Files\Common Files\logonInit.dll
:Commands
[emptytemp]
[/code]

Kliknij [b]Wykonaj skrypt[/b]

  • Dobra wypowiedź 1
Grzenio95
komentarz
komentarz

Wykonałem, podać Logi?
Btw. Polecacie jakiegoś darmowego Antyvira?

wirusolog
komentarz
komentarz

Tak, wklej logi.
Jeżeli chodzi o AV to Avira lub Avast.

  • Dobra wypowiedź 1
Grzenio95
komentarz
komentarz

OTL
[log] OTL logfile created on: 2012-12-25 12:50:29 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Documents and Settings\Grzenio\Moje dokumenty\Downloads
Windows XP Home Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,45 Gb Available Physical Memory | 72,37% Memory free
3,85 Gb Paging File | 3,39 Gb Available in Paging File | 88,11% Paging File free
Paging file location(s): D:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 109,99 Gb Total Space | 55,89 Gb Free Space | 50,82% Space Free | Partition Type: NTFS
Drive D: | 39,05 Gb Total Space | 30,50 Gb Free Space | 78,09% Space Free | Partition Type: NTFS

Computer Name: GRZYNIO | User Name: Grzenio | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2012-12-24 18:02:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Grzenio\Moje dokumenty\Downloads\OTL.exe
PRC - [2012-12-12 18:58:31 | 001,064,960 | ---- | M] () -- D:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe
PRC - [2012-12-05 02:15:17 | 001,242,728 | ---- | M] (Google Inc.) -- D:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2012-11-28 22:47:11 | 000,076,888 | ---- | M] () -- D:\WINDOWS\system32\PnkBstrA.exe
PRC - [2012-11-27 18:24:51 | 000,161,768 | ---- | M] (Oracle Corporation) -- D:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2012-11-19 21:48:16 | 002,254,768 | ---- | M] (LogMeIn Inc.) -- D:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2012-11-19 21:48:14 | 001,435,568 | ---- | M] (LogMeIn Inc.) -- D:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2012-09-23 15:28:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- D:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012-09-23 14:04:11 | 000,164,200 | ---- | M] (NVIDIA Corporation) -- D:\WINDOWS\system32\nvsvc32.exe
PRC - [2012-07-03 09:04:54 | 000,252,848 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2010-06-25 15:57:50 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) -- D:\Program Files\TP-LINK\COMMON\RaRegistry.exe
PRC - [2010-06-25 15:57:42 | 001,638,400 | ---- | M] (TP-LINK TECHNOLOGIES CO., LTD. ) -- D:\Program Files\TP-LINK\COMMON\TWCU.exe
PRC - [2004-08-04 12:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\explorer.exe
PRC - [2004-08-04 12:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\winlogon.exe
PRC - [2004-08-04 12:00:00 | 000,218,112 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\wmiprvse.exe
PRC - [2004-08-04 12:00:00 | 000,112,128 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wuauclt.exe
PRC - [2004-08-04 12:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\services.exe
PRC - [2004-08-04 12:00:00 | 000,057,856 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\spoolsv.exe
PRC - [2004-08-04 12:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\smss.exe
PRC - [2004-08-04 12:00:00 | 000,044,544 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\alg.exe
PRC - [2004-08-04 12:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rundll32.exe
PRC - [2004-08-04 12:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ctfmon.exe
PRC - [2004-08-04 12:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2004-08-04 12:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2004-08-04 12:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2004-08-04 12:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2004-08-04 12:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2004-08-04 12:00:00 | 000,013,824 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wscntfy.exe
PRC - [2004-08-04 12:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\lsass.exe
PRC - [2004-08-04 12:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\csrss.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2012-12-24 18:02:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Grzenio\Moje dokumenty\Downloads\OTL.exe
MOD - [2012-12-12 18:58:31 | 001,064,960 | ---- | M] () -- D:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe
MOD - [2012-12-05 02:15:17 | 001,242,728 | ---- | M] (Google Inc.) -- D:\Program Files\Google\Chrome\Application\chrome.exe
MOD - [2012-12-05 02:15:15 | 012,456,040 | ---- | M] () -- D:\Program Files\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll
MOD - [2012-12-05 02:15:15 | 000,460,904 | ---- | M] () -- D:\Program Files\Google\Chrome\Application\23.0.1271.97\ppgooglenaclpluginchrome.dll
MOD - [2012-12-05 02:15:14 | 004,008,040 | ---- | M] () -- D:\Program Files\Google\Chrome\Application\23.0.1271.97\pdf.dll
MOD - [2012-12-05 02:14:29 | 000,587,880 | ---- | M] () -- D:\Program Files\Google\Chrome\Application\23.0.1271.97\libglesv2.dll
MOD - [2012-12-05 02:14:28 | 000,124,520 | ---- | M] () -- D:\Program Files\Google\Chrome\Application\23.0.1271.97\libegl.dll
MOD - [2012-12-05 02:14:27 | 009,963,112 | ---- | M] (The ICU Project) -- D:\Program Files\Google\Chrome\Application\23.0.1271.97\icudt.dll
MOD - [2012-12-05 02:14:23 | 041,743,976 | ---- | M] (Google Inc.) -- D:\Program Files\Google\Chrome\Application\23.0.1271.97\chrome.dll
MOD - [2012-12-05 02:14:21 | 000,157,304 | ---- | M] () -- D:\Program Files\Google\Chrome\Application\23.0.1271.97\avutil-51.dll
MOD - [2012-12-05 02:14:20 | 000,275,576 | ---- | M] () -- D:\Program Files\Google\Chrome\Application\23.0.1271.97\avformat-54.dll
MOD - [2012-12-05 02:14:19 | 002,168,952 | ---- | M] () -- D:\Program Files\Google\Chrome\Application\23.0.1271.97\avcodec-54.dll
MOD - [2012-11-28 22:47:11 | 000,076,888 | ---- | M] () -- D:\WINDOWS\system32\PnkBstrA.exe
MOD - [2012-11-27 18:24:51 | 000,770,384 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Java\jre7\bin\msvcr100.dll
MOD - [2012-11-27 18:24:51 | 000,161,768 | ---- | M] (Oracle Corporation) -- D:\Program Files\Java\jre7\bin\jqs.exe
MOD - [2012-11-19 21:48:16 | 002,254,768 | ---- | M] (LogMeIn Inc.) -- D:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
MOD - [2012-11-19 21:48:14 | 001,435,568 | ---- | M] (LogMeIn Inc.) -- D:\Program Files\LogMeIn Hamachi\hamachi-2.exe
MOD - [2012-09-23 15:28:00 | 002,811,240 | ---- | M] (NVIDIA Corporation) -- D:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll
MOD - [2012-09-23 15:28:00 | 002,376,704 | ---- | M] (NVIDIA Corporation) -- D:\WINDOWS\system32\nvapi.dll
MOD - [2012-09-23 15:28:00 | 000,981,352 | ---- | M] (NVIDIA Corporation) -- D:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll
MOD - [2012-09-23 15:28:00 | 000,634,728 | ---- | M] (NVIDIA Corporation) -- D:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU.dll
MOD - [2012-09-23 14:09:17 | 000,258,048 | ---- | M] (NVIDIA Corporation) -- D:\WINDOWS\system32\nvrspl.dll
MOD - [2012-09-23 14:04:11 | 000,164,200 | ---- | M] (NVIDIA Corporation) -- D:\WINDOWS\system32\nvsvc32.exe
MOD - [2012-09-23 14:04:11 | 000,108,392 | ---- | M] (NVIDIA Corporation) -- D:\WINDOWS\system32\nvmctray.dll
MOD - [2012-07-03 09:04:54 | 000,252,848 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files\Common Files\Java\Java Update\jusched.exe
MOD - [2010-06-25 15:58:00 | 000,796,032 | ---- | M] (Ralink Technology, Corp.) -- D:\WINDOWS\system32\Scutum.dll
MOD - [2010-06-25 15:58:00 | 000,180,224 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- D:\WINDOWS\system32\W32N55.dll
MOD - [2010-06-25 15:58:00 | 000,147,456 | ---- | M] () -- D:\WINDOWS\system32\DiagFunc.dll
MOD - [2010-06-25 15:57:58 | 001,085,440 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- D:\WINDOWS\system32\libeay32.dll
MOD - [2010-06-25 15:57:58 | 000,200,704 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- D:\WINDOWS\system32\ssleay32.dll
MOD - [2010-06-25 15:57:50 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) -- D:\Program Files\TP-LINK\COMMON\RaRegistry.exe
MOD - [2010-06-25 15:57:42 | 001,638,400 | ---- | M] (TP-LINK TECHNOLOGIES CO., LTD. ) -- D:\Program Files\TP-LINK\COMMON\TWCU.exe
MOD - [2010-06-25 15:57:42 | 000,909,312 | ---- | M] () -- D:\Program Files\TP-LINK\COMMON\RaWLAPI.dll
MOD - [2010-05-26 11:41:02 | 002,106,216 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\D3DCompiler_43.dll
MOD - [2010-05-26 11:41:02 | 001,998,168 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\D3DX9_43.dll
MOD - [2010-03-18 16:47:22 | 000,030,040 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Aspnet_perf.dll
MOD - [2010-03-18 16:47:22 | 000,017,760 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\aspnet_counters.dll
MOD - [2010-03-18 13:16:28 | 000,771,424 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msvcr100_clr0400.dll
MOD - [2010-03-18 13:16:28 | 000,413,008 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
MOD - [2010-03-18 13:16:28 | 000,129,880 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\CORPerfMonExt.dll
MOD - [2010-03-18 13:16:28 | 000,121,688 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\PerfCounter.dll
MOD - [2010-03-18 13:16:28 | 000,070,472 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\dxva2.dll
MOD - [2010-03-18 10:09:00 | 000,297,808 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\mscoree.dll
MOD - [2010-03-18 10:09:00 | 000,049,488 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\netfxperf.dll
MOD - [2009-07-12 01:12:06 | 000,632,656 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
MOD - [2009-03-08 04:39:48 | 011,063,808 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ieframe.dll
MOD - [2009-03-08 04:34:58 | 000,914,944 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wininet.dll
MOD - [2009-03-08 04:34:56 | 001,206,784 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\urlmon.dll
MOD - [2009-03-08 04:34:48 | 000,236,544 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\webcheck.dll
MOD - [2009-03-08 04:32:48 | 000,128,512 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\advpack.dll
MOD - [2009-03-08 04:32:22 | 001,985,024 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\iertutil.dll
MOD - [2009-01-07 18:21:32 | 001,497,088 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\shdocvw.dll
MOD - [2009-01-07 18:21:32 | 001,022,976 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\browseui.dll
MOD - [2009-01-07 18:21:32 | 000,474,112 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\shlwapi.dll
MOD - [2009-01-07 18:20:36 | 000,023,552 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\normaliz.dll
MOD - [2008-07-25 11:16:40 | 000,033,800 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
MOD - [2008-07-06 13:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
MOD - [2006-10-18 21:47:22 | 000,133,632 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\WPDShServiceObj.dll
MOD - [2006-10-18 21:47:18 | 000,284,160 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\PortableDeviceApi.dll
MOD - [2006-10-18 21:47:18 | 000,166,912 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\PortableDeviceTypes.dll
MOD - [2005-05-03 12:58:36 | 002,890,240 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msi.dll
MOD - [2004-08-04 12:00:00 | 008,412,672 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\shell32.dll
MOD - [2004-08-04 12:00:00 | 002,953,216 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\xpsp2res.dll
MOD - [2004-08-04 12:00:00 | 001,852,416 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\AppPatch\AcGenral.dll
MOD - [2004-08-04 12:00:00 | 001,714,688 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\netshell.dll
MOD - [2004-08-04 12:00:00 | 001,712,128 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\GdiPlus.dll
MOD - [2004-08-04 12:00:00 | 001,689,088 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\d3d9.dll
MOD - [2004-08-04 12:00:00 | 001,439,744 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\query.dll
MOD - [2004-08-04 12:00:00 | 001,281,024 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ole32.dll
MOD - [2004-08-04 12:00:00 | 001,251,840 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\comsvcs.dll
MOD - [2004-08-04 12:00:00 | 001,134,592 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wuaueng.dll
MOD - [2004-08-04 12:00:00 | 001,092,608 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\esent.dll
MOD - [2004-08-04 12:00:00 | 001,050,624 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2004-08-04 12:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\explorer.exe
MOD - [2004-08-04 12:00:00 | 001,024,000 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\mfc42u.dll
MOD - [2004-08-04 12:00:00 | 001,012,224 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\kernel32.dll
MOD - [2004-08-04 12:00:00 | 000,997,888 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msgina.dll
MOD - [2004-08-04 12:00:00 | 000,996,352 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\setupapi.dll
MOD - [2004-08-04 12:00:00 | 000,822,272 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\comres.dll
MOD - [2004-08-04 12:00:00 | 000,729,088 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\userenv.dll
MOD - [2004-08-04 12:00:00 | 000,723,968 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\lsasrv.dll
MOD - [2004-08-04 12:00:00 | 000,716,288 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ntdll.dll
MOD - [2004-08-04 12:00:00 | 000,714,240 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\sxs.dll
MOD - [2004-08-04 12:00:00 | 000,686,080 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\advapi32.dll
MOD - [2004-08-04 12:00:00 | 000,675,328 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rasdlg.dll
MOD - [2004-08-04 12:00:00 | 000,640,000 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\dbghelp.dll
MOD - [2004-08-04 12:00:00 | 000,629,248 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\netcfgx.dll
MOD - [2004-08-04 12:00:00 | 000,611,328 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\comctl32.dll
MOD - [2004-08-04 12:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\crypt32.dll
MOD - [2004-08-04 12:00:00 | 000,586,240 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\mlang.dll
MOD - [2004-08-04 12:00:00 | 000,581,120 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rpcrt4.dll
MOD - [2004-08-04 12:00:00 | 000,578,560 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\user32.dll
MOD - [2004-08-04 12:00:00 | 000,563,200 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\shdoclc.dll
MOD - [2004-08-04 12:00:00 | 000,553,472 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\oleaut32.dll
MOD - [2004-08-04 12:00:00 | 000,537,088 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msftedit.dll
MOD - [2004-08-04 12:00:00 | 000,530,944 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\wbemcore.dll
MOD - [2004-08-04 12:00:00 | 000,520,192 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\cryptui.dll
MOD - [2004-08-04 12:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\winlogon.exe
MOD - [2004-08-04 12:00:00 | 000,501,248 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\clbcatq.dll
MOD - [2004-08-04 12:00:00 | 000,472,064 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\fastprox.dll
MOD - [2004-08-04 12:00:00 | 000,437,248 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\wmiprvsd.dll
MOD - [2004-08-04 12:00:00 | 000,431,616 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\riched20.dll
MOD - [2004-08-04 12:00:00 | 000,430,592 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\vssapi.dll
MOD - [2004-08-04 12:00:00 | 000,427,520 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\samsrv.dll
MOD - [2004-08-04 12:00:00 | 000,425,472 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msdtcprx.dll
MOD - [2004-08-04 12:00:00 | 000,413,696 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msvcp60.dll
MOD - [2004-08-04 12:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\netlogon.dll
MOD - [2004-08-04 12:00:00 | 000,406,528 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\usp10.dll
MOD - [2004-08-04 12:00:00 | 000,395,776 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rpcss.dll
MOD - [2004-08-04 12:00:00 | 000,388,608 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\themeui.dll
MOD - [2004-08-04 12:00:00 | 000,378,880 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wzcdlg.dll
MOD - [2004-08-04 12:00:00 | 000,359,936 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wzcsvc.dll
MOD - [2004-08-04 12:00:00 | 000,351,232 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\winhttp.dll
MOD - [2004-08-04 12:00:00 | 000,346,624 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\hnetcfg.dll
MOD - [2004-08-04 12:00:00 | 000,343,552 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\localspl.dll
MOD - [2004-08-04 12:00:00 | 000,343,040 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msvcrt.dll
MOD - [2004-08-04 12:00:00 | 000,333,312 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\cscui.dll
MOD - [2004-08-04 12:00:00 | 000,332,288 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\netapi32.dll
MOD - [2004-08-04 12:00:00 | 000,331,264 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ipnathlp.dll
MOD - [2004-08-04 12:00:00 | 000,324,608 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\scesrv.dll
MOD - [2004-08-04 12:00:00 | 000,304,128 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\duser.dll
MOD - [2004-08-04 12:00:00 | 000,296,448 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\termsrv.dll
MOD - [2004-08-04 12:00:00 | 000,294,400 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\MSCTF.dll
MOD - [2004-08-04 12:00:00 | 000,294,400 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\kerberos.dll
MOD - [2004-08-04 12:00:00 | 000,285,184 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\pdh.dll
MOD - [2004-08-04 12:00:00 | 000,279,552 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\comdlg32.dll
MOD - [2004-08-04 12:00:00 | 000,278,016 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\gdi32.dll
MOD - [2004-08-04 12:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\wbemess.dll
MOD - [2004-08-04 12:00:00 | 000,267,776 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\oakley.dll
MOD - [2004-08-04 12:00:00 | 000,266,240 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\h323.tsp
MOD - [2004-08-04 12:00:00 | 000,249,856 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\odbc32.dll
MOD - [2004-08-04 12:00:00 | 000,247,808 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\esscli.dll
MOD - [2004-08-04 12:00:00 | 000,246,784 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\mswsock.dll
MOD - [2004-08-04 12:00:00 | 000,246,272 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\tapisrv.dll
MOD - [2004-08-04 12:00:00 | 000,245,760 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\netui1.dll
MOD - [2004-08-04 12:00:00 | 000,243,200 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\es.dll
MOD - [2004-08-04 12:00:00 | 000,237,056 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rasapi32.dll
MOD - [2004-08-04 12:00:00 | 000,219,648 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\uxtheme.dll
MOD - [2004-08-04 12:00:00 | 000,214,528 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\wbemcomn.dll
MOD - [2004-08-04 12:00:00 | 000,207,360 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\unimdm.tsp
MOD - [2004-08-04 12:00:00 | 000,206,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rasppp.dll
MOD - [2004-08-04 12:00:00 | 000,198,144 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\netman.dll
MOD - [2004-08-04 12:00:00 | 000,197,632 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\certcli.dll
MOD - [2004-08-04 12:00:00 | 000,195,072 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msutb.dll
MOD - [2004-08-04 12:00:00 | 000,194,048 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\activeds.dll
MOD - [2004-08-04 12:00:00 | 000,192,000 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\schedsvc.dll
MOD - [2004-08-04 12:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2004-08-04 12:00:00 | 000,185,344 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\scecli.dll
MOD - [2004-08-04 12:00:00 | 000,183,296 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ipsecsvc.dll
MOD - [2004-08-04 12:00:00 | 000,182,272 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\tapi32.dll
MOD - [2004-08-04 12:00:00 | 000,178,176 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\winmm.dll
MOD - [2004-08-04 12:00:00 | 000,177,152 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\repdrvfs.dll
MOD - [2004-08-04 12:00:00 | 000,177,152 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\MSCTFIME.IME
MOD - [2004-08-04 12:00:00 | 000,176,640 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wintrust.dll
MOD - [2004-08-04 12:00:00 | 000,175,616 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\w32time.dll
MOD - [2004-08-04 12:00:00 | 000,174,080 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rasmans.dll
MOD - [2004-08-04 12:00:00 | 000,172,544 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wldap32.dll
MOD - [2004-08-04 12:00:00 | 000,171,008 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\srsvc.dll
MOD - [2004-08-04 12:00:00 | 000,164,864 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\credui.dll
MOD - [2004-08-04 12:00:00 | 000,163,328 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wuaucpl.cpl
MOD - [2004-08-04 12:00:00 | 000,163,328 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\oleacc.dll
MOD - [2004-08-04 12:00:00 | 000,161,280 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msdtcuiu.dll
MOD - [2004-08-04 12:00:00 | 000,152,576 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rsaenh.dll
MOD - [2004-08-04 12:00:00 | 000,148,480 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\dnsapi.dll
MOD - [2004-08-04 12:00:00 | 000,146,432 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\winspool.drv
MOD - [2004-08-04 12:00:00 | 000,145,408 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\wmisvc.dll
MOD - [2004-08-04 12:00:00 | 000,144,896 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\schannel.dll
MOD - [2004-08-04 12:00:00 | 000,144,896 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ntshrui.dll
MOD - [2004-08-04 12:00:00 | 000,144,384 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\imagehlp.dll
MOD - [2004-08-04 12:00:00 | 000,143,360 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\adsldpc.dll
MOD - [2004-08-04 12:00:00 | 000,140,800 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\sfc_os.dll
MOD - [2004-08-04 12:00:00 | 000,137,216 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\dssenh.dll
MOD - [2004-08-04 12:00:00 | 000,135,168 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\shsvcs.dll
MOD - [2004-08-04 12:00:00 | 000,132,608 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\upnp.dll
MOD - [2004-08-04 12:00:00 | 000,132,096 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wkssvc.dll
MOD - [2004-08-04 12:00:00 | 000,129,536 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msv1_0.dll
MOD - [2004-08-04 12:00:00 | 000,126,976 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\apphelp.dll
MOD - [2004-08-04 12:00:00 | 000,122,368 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\stobject.dll
MOD - [2004-08-04 12:00:00 | 000,119,808 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ntmarta.dll
MOD - [2004-08-04 12:00:00 | 000,118,784 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\umpnpmgr.dll
MOD - [2004-08-04 12:00:00 | 000,118,272 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\oledlg.dll
MOD - [2004-08-04 12:00:00 | 000,115,712 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\mstlsapi.dll
MOD - [2004-08-04 12:00:00 | 000,112,640 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rastls.dll
MOD - [2004-08-04 12:00:00 | 000,112,128 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wuauclt.exe
MOD - [2004-08-04 12:00:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\dhcpcsvc.dll
MOD - [2004-08-04 12:00:00 | 000,110,080 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\imm32.dll
MOD - [2004-08-04 12:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\services.exe
MOD - [2004-08-04 12:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\win32spl.dll
MOD - [2004-08-04 12:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msscript.ocx
MOD - [2004-08-04 12:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\cscdll.dll
MOD - [2004-08-04 12:00:00 | 000,099,328 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\winscard.dll
MOD - [2004-08-04 12:00:00 | 000,098,816 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\loadperf.dll
MOD - [2004-08-04 12:00:00 | 000,098,304 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Windows Media Player\wmpband.dll
MOD - [2004-08-04 12:00:00 | 000,098,304 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\wmiutils.dll
MOD - [2004-08-04 12:00:00 | 000,098,304 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\odbcint.dll
MOD - [2004-08-04 12:00:00 | 000,097,280 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\psbase.dll
MOD - [2004-08-04 12:00:00 | 000,096,768 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\srvsvc.dll
MOD - [2004-08-04 12:00:00 | 000,095,744 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\iphlpapi.dll
MOD - [2004-08-04 12:00:00 | 000,093,184 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wlnotify.dll
MOD - [2004-08-04 12:00:00 | 000,090,624 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\trkwks.dll
MOD - [2004-08-04 12:00:00 | 000,089,088 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\wmiaprpl.dll
MOD - [2004-08-04 12:00:00 | 000,087,040 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\mprapi.dll
MOD - [2004-08-04 12:00:00 | 000,083,456 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\olepro32.dll
MOD - [2004-08-04 12:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ws2_32.dll
MOD - [2004-08-04 12:00:00 | 000,081,408 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wscsvc.dll
MOD - [2004-08-04 12:00:00 | 000,081,408 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\netui0.dll
MOD - [2004-08-04 12:00:00 | 000,077,312 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\browser.dll
MOD - [2004-08-04 12:00:00 | 000,075,264 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\inetpp.dll
MOD - [2004-08-04 12:00:00 | 000,074,752 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\spoolss.dll
MOD - [2004-08-04 12:00:00 | 000,073,728 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\mscms.dll
MOD - [2004-08-04 12:00:00 | 000,071,680 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msacm32.dll
MOD - [2004-08-04 12:00:00 | 000,069,632 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\raschap.dll
MOD - [2004-08-04 12:00:00 | 000,067,584 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\srclient.dll
MOD - [2004-08-04 12:00:00 | 000,067,584 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\browselc.dll
MOD - [2004-08-04 12:00:00 | 000,067,072 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ntdsapi.dll
MOD - [2004-08-04 12:00:00 | 000,066,560 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\mtxclu.dll
MOD - [2004-08-04 12:00:00 | 000,065,536 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\shimeng.dll
MOD - [2004-08-04 12:00:00 | 000,064,000 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\samlib.dll
MOD - [2004-08-04 12:00:00 | 000,063,488 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\cryptnet.dll
MOD - [2004-08-04 12:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\colbact.dll
MOD - [2004-08-04 12:00:00 | 000,061,440 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rasman.dll
MOD - [2004-08-04 12:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\cryptsvc.dll
MOD - [2004-08-04 12:00:00 | 000,059,904 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\mpr.dll
MOD - [2004-08-04 12:00:00 | 000,059,904 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\devenum.dll
MOD - [2004-08-04 12:00:00 | 000,059,904 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\cabinet.dll
MOD - [2004-08-04 12:00:00 | 000,058,880 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\resutils.dll
MOD - [2004-08-04 12:00:00 | 000,058,880 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rastapi.dll
MOD - [2004-08-04 12:00:00 | 000,058,880 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\atl.dll
MOD - [2004-08-04 12:00:00 | 000,057,856 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\spoolsv.exe
MOD - [2004-08-04 12:00:00 | 000,057,856 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\clusapi.dll
MOD - [2004-08-04 12:00:00 | 000,057,344 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ndptsp.tsp
MOD - [2004-08-04 12:00:00 | 000,057,344 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msasn1.dll
MOD - [2004-08-04 12:00:00 | 000,056,832 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\authz.dll
MOD - [2004-08-04 12:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\secur32.dll
MOD - [2004-08-04 12:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\eventlog.dll
MOD - [2004-08-04 12:00:00 | 000,053,760 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\winsta.dll
MOD - [2004-08-04 12:00:00 | 000,053,248 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\mfc42loc.dll
MOD - [2004-08-04 12:00:00 | 000,051,712 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wzcsapi.dll
MOD - [2004-08-04 12:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\smss.exe
MOD - [2004-08-04 12:00:00 | 000,049,664 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\regapi.dll
MOD - [2004-08-04 12:00:00 | 000,049,152 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wdigest.dll
MOD - [2004-08-04 12:00:00 | 000,049,152 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\cnbjmon.dll
MOD - [2004-08-04 12:00:00 | 000,048,128 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msprivs.dll
MOD - [2004-08-04 12:00:00 | 000,047,104 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\ncprov.dll
MOD - [2004-08-04 12:00:00 | 000,046,592 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\tcpmon.dll
MOD - [2004-08-04 12:00:00 | 000,044,032 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rtutils.dll
MOD - [2004-08-04 12:00:00 | 000,043,520 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\wbemsvc.dll
MOD - [2004-08-04 12:00:00 | 000,043,520 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ntlanman.dll
MOD - [2004-08-04 12:00:00 | 000,042,496 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\audiosrv.dll
MOD - [2004-08-04 12:00:00 | 000,041,472 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\perfctrs.dll
MOD - [2004-08-04 12:00:00 | 000,038,912 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\sens.dll
MOD - [2004-08-04 12:00:00 | 000,038,912 | ---- | M] (Microsoft Corporation) -- d:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
MOD - [2004-08-04 12:00:00 | 000,036,864 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wups.dll
MOD - [2004-08-04 12:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ncobjapi.dll
MOD - [2004-08-04 12:00:00 | 000,035,328 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\perfproc.dll
MOD - [2004-08-04 12:00:00 | 000,034,816 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ssdpapi.dll
MOD - [2004-08-04 12:00:00 | 000,034,304 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\pstorsvc.dll
MOD - [2004-08-04 12:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rundll32.exe
MOD - [2004-08-04 12:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\kmddsp.tsp
MOD - [2004-08-04 12:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\cryptdll.dll
MOD - [2004-08-04 12:00:00 | 000,032,768 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\winipsec.dll
MOD - [2004-08-04 12:00:00 | 000,031,232 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\traffic.dll
MOD - [2004-08-04 12:00:00 | 000,030,208 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\mspatcha.dll
MOD - [2004-08-04 12:00:00 | 000,030,208 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\hidphone.tsp
MOD - [2004-08-04 12:00:00 | 000,028,672 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\batmeter.dll
MOD - [2004-08-04 12:00:00 | 000,027,648 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\profmap.dll
MOD - [2004-08-04 12:00:00 | 000,026,624 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\perfdisk.dll
MOD - [2004-08-04 12:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\utildll.dll
MOD - [2004-08-04 12:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\shfolder.dll
MOD - [2004-08-04 12:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\perfos.dll
MOD - [2004-08-04 12:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\davclnt.dll
MOD - [2004-08-04 12:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\odbcbcp.dll
MOD - [2004-08-04 12:00:00 | 000,024,064 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wsock32.dll
MOD - [2004-08-04 12:00:00 | 000,023,552 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wdmaud.drv
MOD - [2004-08-04 12:00:00 | 000,023,040 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\psapi.dll
MOD - [2004-08-04 12:00:00 | 000,023,040 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ersvc.dll
MOD - [2004-08-04 12:00:00 | 000,022,016 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\lpk.dll
MOD - [2004-08-04 12:00:00 | 000,020,992 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msacm32.drv
MOD - [2004-08-04 12:00:00 | 000,020,992 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\hid.dll
MOD - [2004-08-04 12:00:00 | 000,019,968 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wshtcpip.dll
MOD - [2004-08-04 12:00:00 | 000,019,968 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ws2help.dll
MOD - [2004-08-04 12:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\wbemprox.dll
MOD - [2004-08-04 12:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\version.dll
MOD - [2004-08-04 12:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\seclogon.dll
MOD - [2004-08-04 12:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\midimap.dll
MOD - [2004-08-04 12:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\linkinfo.dll
MOD - [2004-08-04 12:00:00 | 000,018,432 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wtsapi32.dll
MOD - [2004-08-04 12:00:00 | 000,018,432 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\nddeapi.dll
MOD - [2004-08-04 12:00:00 | 000,017,408 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\powrprof.dll
MOD - [2004-08-04 12:00:00 | 000,017,408 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ipconf.tsp
MOD - [2004-08-04 12:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\winrnr.dll
MOD - [2004-08-04 12:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\usbmon.dll
MOD - [2004-08-04 12:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\perfnet.dll
MOD - [2004-08-04 12:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\pjlmon.dll
MOD - [2004-08-04 12:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ctfmon.exe
MOD - [2004-08-04 12:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe
MOD - [2004-08-04 12:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\drprov.dll
MOD - [2004-08-04 12:00:00 | 000,014,336 | ---- | M] () -- D:\WINDOWS\system32\msdmo.dll
MOD - [2004-08-04 12:00:00 | 000,013,824 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wscntfy.exe
MOD - [2004-08-04 12:00:00 | 000,013,824 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\uniplat.dll
MOD - [2004-08-04 12:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\lsass.exe
MOD - [2004-08-04 12:00:00 | 000,012,288 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rasctrs.dll
MOD - [2004-08-04 12:00:00 | 000,012,288 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\perfts.dll
MOD - [2004-08-04 12:00:00 | 000,012,288 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\netrap.dll
MOD - [2004-08-04 12:00:00 | 000,011,264 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\icaapi.dll
MOD - [2004-08-04 12:00:00 | 000,010,752 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\pschdprf.dll
MOD - [2004-08-04 12:00:00 | 000,009,728 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rsvpperf.dll
MOD - [2004-08-04 12:00:00 | 000,008,192 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rasadhlp.dll
MOD - [2004-08-04 12:00:00 | 000,008,192 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ntlsapi.dll
MOD - [2004-08-04 12:00:00 | 000,008,192 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\d3d8thk.dll
MOD - [2004-08-04 12:00:00 | 000,006,656 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wuauserv.dll
MOD - [2004-08-04 12:00:00 | 000,006,656 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\sensapi.dll
MOD - [2004-08-04 12:00:00 | 000,006,656 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msidle.dll
MOD - [2004-08-04 12:00:00 | 000,005,632 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wmi.dll
MOD - [2004-08-04 12:00:00 | 000,005,632 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\tapiperf.dll
MOD - [2004-08-04 12:00:00 | 000,005,120 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\sfc.dll
MOD - [2004-08-04 12:00:00 | 000,004,608 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msimg32.dll
MOD - [2004-08-04 01:44:00 | 000,021,504 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\hidserv.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012-12-12 08:17:55 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- D:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-11-27 18:24:51 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- D:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012-11-19 21:48:14 | 001,435,568 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- D:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012-11-09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- D:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-09-23 15:28:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- D:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2010-06-25 15:57:50 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- D:\Program Files\TP-LINK\COMMON\RaRegistry.exe -- (RalinkRegistryWriter)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012-12-24 14:10:52 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2012-11-27 16:09:44 | 000,077,056 | ---- | M] (VIA Technologies inc,.ltd) [Kernel | Boot | Running] -- D:\WINDOWS\system32\drivers\viasraid.sys -- (viasraid)
DRV - [2012-09-20 05:35:36 | 000,181,344 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2012-09-20 05:35:36 | 000,083,168 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2010-06-25 15:57:58 | 000,019,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\Scutum50.sys -- (Scutum50)
DRV - [2010-06-25 15:57:40 | 000,827,488 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\rt2870.sys -- (rt2870)
DRV - [2010-06-19 15:04:16 | 000,042,928 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\x3320001.sys -- (x3320001)
DRV - [2010-05-25 08:59:24 | 000,121,576 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2010-05-25 08:59:24 | 000,098,152 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ssadserd.sys -- (ssadserd)
DRV - [2010-05-25 08:59:24 | 000,096,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2010-05-25 08:59:24 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ssadadb.sys -- (androidusb)
DRV - [2010-05-25 08:59:24 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2010-04-27 03:25:20 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2010-04-27 03:25:20 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus)
DRV - [2010-04-27 03:25:20 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2009-03-18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2004-08-04 00:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2001-08-17 21:19:34 | 000,040,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\es1371mp.sys -- (es1371)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1644491937-1708537768-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://gazeta.pl/0,0.html?sc=1
IE - HKU\S-1-5-21-1644491937-1708537768-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1644491937-1708537768-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://youtube.pl/
IE - HKU\S-1-5-21-1644491937-1708537768-725345543-1004\..\SearchScopes,DefaultScope = {76F5E59B-E0C6-449A-BE54-B95DEFB48A5F}
IE - HKU\S-1-5-21-1644491937-1708537768-725345543-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1644491937-1708537768-725345543-1004\..\SearchScopes\{2BD85B96-6BF0-44AB-9016-0C6072942246}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1644491937-1708537768-725345543-1004\..\SearchScopes\{39B64B4E-05FF-45FF-B9BC-DDCE3F793B4A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1644491937-1708537768-725345543-1004\..\SearchScopes\{76F5E59B-E0C6-449A-BE54-B95DEFB48A5F}: "URL" = http://szukaj.gazeta.pl/portalSearch.do?s.si(navigation).navigationEnabled=true&s.sm.query={searchTerms}
IE - HKU\S-1-5-21-1644491937-1708537768-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1644491937-1708537768-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

IE - HKU\S-1-5-21-1644491937-1708537768-725345543-1005\..\SearchScopes,DefaultScope =


[color=#E56717]========== FireFox ==========[/color]

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: D:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: D:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: D:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: D:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: D:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: D:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\support@mozilla.com: D:\Documents and Settings\Grzenio\Dane aplikacji\support@mozilla.com [2012-12-11 18:39:15 | 000,000,000 | ---D | M]


[color=#E56717]========== Chrome ==========[/color]

CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = D:\Program Files\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = D:\Program Files\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = D:\Program Files\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = D:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = D:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = D:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = D:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll
CHR - Extension: Dysk Google = D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Battlefield Heroes = D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh\5.0.196.0_0\
CHR - Extension: Szukaj w Google = D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: AdBlock = D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.54_0\
CHR - Extension: Battlefield Play4Free = D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh\1.0.80.5_0\
CHR - Extension: Gmail = D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Dysk Google = D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Battlefield Heroes = D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh\5.0.196.0_0\
CHR - Extension: Szukaj w Google = D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: AdBlock = D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.54_0\
CHR - Extension: Battlefield Play4Free = D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh\1.0.80.5_0\
CHR - Extension: Gmail = D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2004-08-04 12:00:00 | 000,000,742 | ---- | M]) - D:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SimpleAdblock Class) - {FFCB3198-32F3-4E8B-9539-4324694ED664} - D:\Program Files\Common Files\Simple Adblock\SimpleAdblock.dll (Simple Adblock)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] D:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [NvCplDaemon] D:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] D:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] D:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
O4 - HKU\S-1-5-21-1644491937-1708537768-725345543-1004..\Run: [DAEMON Tools Lite] D:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1644491937-1708537768-725345543-1004..\Run: [KPeerNexonEU] D:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe (NEXON Inc.)
O4 - Startup: D:\Documents and Settings\All Users\Menu Start\Programy\Autostart\TP-LINK Wireless Utility.lnk = D:\Program Files\TP-LINK\COMMON\TWCU.exe (TP-LINK TECHNOLOGIES CO., LTD. )
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1644491937-1708537768-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1644491937-1708537768-725345543-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{065775D1-4E4D-49F9-B150-07BFD3DE1EB9}: DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (D:\WINDOWS\system32\userinit.exe) - D:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: D:\WINDOWS\Web\Wallpaper\Idylla.bmp
O24 - Desktop BackupWallPaper: D:\WINDOWS\Web\Wallpaper\Idylla.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012-11-27 18:02:38 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2012-12-25 01:37:08 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\Malwarebytes
[2012-12-25 01:36:52 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes' Anti-Malware
[2012-12-25 01:36:52 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
[2012-12-25 01:36:51 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- D:\WINDOWS\System32\drivers\mbam.sys
[2012-12-25 01:36:51 | 000,000,000 | ---D | C] -- D:\Program Files\Malwarebytes' Anti-Malware
[2012-12-25 01:30:10 | 000,000,000 | ---D | C] -- D:\_OTL
[2012-12-24 14:17:24 | 000,000,000 | -HSD | C] -- D:\WINDOWS\ftpcache
[2012-12-24 14:16:15 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\Activision
[2012-12-24 14:11:07 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\DAEMON Tools Lite
[2012-12-24 14:10:52 | 000,242,240 | ---- | C] (DT Soft Ltd) -- D:\WINDOWS\System32\drivers\dtsoftbus01.sys
[2012-12-24 14:10:48 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\DAEMON Tools Lite
[2012-12-24 14:10:45 | 000,000,000 | ---D | C] -- D:\Program Files\DAEMON Tools Lite
[2012-12-24 14:08:23 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2012-12-24 12:28:36 | 000,000,000 | ---D | C] -- D:\WINDOWS\Minidump
[2012-12-24 11:49:02 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\BitTorrent
[2012-12-24 11:28:34 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\WMTools Downloaded Files
[2012-12-24 11:25:23 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Grzenio\Moje dokumenty\Moje wideo
[2012-12-24 11:25:23 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Dokumenty\Moje wideo
[2012-12-23 10:03:48 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Pulpit\iBot
[2012-12-17 17:49:57 | 000,000,000 | ---D | C] -- D:\Program Files\Tibiacast
[2012-12-16 17:57:11 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\Tibiacast
[2012-12-16 17:55:39 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\Tibiacast
[2012-12-13 19:57:22 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\CPUID
[2012-12-12 21:56:16 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\%Installer_PublisherName%
[2012-12-12 20:55:07 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Nexon
[2012-12-12 20:17:57 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\Nexon
[2012-12-12 20:12:50 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\NexonEU
[2012-12-12 18:58:25 | 000,446,464 | ---- | C] (NEXON Inc.) -- D:\WINDOWS\NEXON_EU_DownloaderUpdater.exe
[2012-12-12 18:58:25 | 000,000,000 | ---D | C] -- D:\Nexon
[2012-12-11 18:42:15 | 000,000,000 | ---D | C] -- D:\Program Files\Microsoft.NET
[2012-12-11 18:39:15 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\support@mozilla.com
[2012-12-11 18:39:08 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Opera
[2012-12-11 18:39:08 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\Chrome_manager
[2012-12-10 17:57:45 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2012-12-10 16:20:49 | 000,121,576 | ---- | C] (MCCI Corporation) -- D:\WINDOWS\System32\drivers\ssadmdm.sys
[2012-12-10 16:20:49 | 000,098,152 | ---- | C] (MCCI Corporation) -- D:\WINDOWS\System32\drivers\ssadserd.sys
[2012-12-10 16:20:49 | 000,096,488 | ---- | C] (MCCI Corporation) -- D:\WINDOWS\System32\drivers\ssadbus.sys
[2012-12-10 16:20:49 | 000,012,776 | ---- | C] (MCCI Corporation) -- D:\WINDOWS\System32\drivers\ssadmdfl.sys
[2012-12-10 16:20:49 | 000,010,344 | ---- | C] (MCCI Corporation) -- D:\WINDOWS\System32\drivers\ssadcmnt.sys
[2012-12-10 16:20:49 | 000,010,216 | ---- | C] (MCCI Corporation) -- D:\WINDOWS\System32\drivers\ssadwhnt.sys
[2012-12-10 16:20:28 | 000,132,424 | ---- | C] (MCCI Corporation) -- D:\WINDOWS\System32\drivers\sscdmdm.sys
[2012-12-10 16:20:28 | 000,104,648 | ---- | C] (MCCI Corporation) -- D:\WINDOWS\System32\drivers\sscdbus.sys
[2012-12-10 16:20:28 | 000,014,920 | ---- | C] (MCCI Corporation) -- D:\WINDOWS\System32\drivers\sscdmdfl.sys
[2012-12-10 16:20:28 | 000,012,616 | ---- | C] (MCCI Corporation) -- D:\WINDOWS\System32\drivers\sscdcmnt.sys
[2012-12-10 16:20:28 | 000,012,616 | ---- | C] (MCCI Corporation) -- D:\WINDOWS\System32\drivers\sscdcm.sys
[2012-12-10 16:20:28 | 000,012,488 | ---- | C] (MCCI Corporation) -- D:\WINDOWS\System32\drivers\sscdwhnt.sys
[2012-12-10 16:20:28 | 000,012,488 | ---- | C] (MCCI Corporation) -- D:\WINDOWS\System32\drivers\sscdwh.sys
[2012-12-07 21:38:53 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\Samsung
[2012-12-07 21:38:45 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Moje dokumenty\samsung
[2012-12-07 21:36:31 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- D:\WINDOWS\System32\Redemption.dll
[2012-12-07 21:35:36 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers\umdf
[2012-12-07 21:34:25 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\XPSViewer
[2012-12-07 21:34:22 | 000,000,000 | ---D | C] -- D:\Program Files\MSBuild
[2012-12-07 21:34:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\en-US
[2012-12-07 21:34:15 | 000,000,000 | ---D | C] -- D:\Program Files\Reference Assemblies
[2012-12-07 21:33:31 | 000,000,000 | R-SD | C] -- D:\WINDOWS\assembly
[2012-12-07 21:33:13 | 000,000,000 | ---D | C] -- D:\WINDOWS\Microsoft.NET
[2012-12-07 21:32:46 | 000,000,000 | ---D | C] -- D:\Program Files\MSXML 6.0
[2012-12-07 21:31:27 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Downloaded Installations
[2012-12-07 21:31:19 | 000,000,000 | -H-D | C] -- D:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2012-12-07 21:18:17 | 000,181,344 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- D:\WINDOWS\System32\drivers\ssudmdm.sys
[2012-12-07 21:18:16 | 000,083,168 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- D:\WINDOWS\System32\drivers\ssudbus.sys
[2012-12-07 21:10:46 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\ExpressFiles
[2012-12-04 21:10:47 | 000,042,928 | ---- | C] (Your Corporation) -- D:\WINDOWS\System32\drivers\x3320001.sys
[2012-12-04 21:10:47 | 000,000,000 | ---D | C] -- D:\WINDOWS\USB_Vibration
[2012-12-04 21:10:41 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\InstallShield
[2012-12-04 21:10:39 | 000,000,000 | ---D | C] -- D:\Program Files\USB Vibartion
[2012-12-04 17:02:57 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\K-Lite Codec Pack
[2012-12-04 17:02:51 | 000,000,000 | ---D | C] -- D:\Program Files\K-Lite Codec Pack
[2012-12-01 21:57:15 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\Skype
[2012-12-01 21:57:09 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Skype
[2012-12-01 21:57:09 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\Skype
[2012-12-01 21:57:08 | 000,000,000 | R--D | C] -- D:\Program Files\Skype
[2012-12-01 21:57:05 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Skype
[2012-12-01 17:19:57 | 000,010,344 | ---- | C] (MCCI Corporation) -- D:\WINDOWS\System32\drivers\ssadcm.sys
[2012-12-01 17:19:57 | 000,010,216 | ---- | C] (MCCI Corporation) -- D:\WINDOWS\System32\drivers\ssadwh.sys
[2012-12-01 17:19:51 | 000,000,000 | ---D | C] -- D:\Program Files\SAMSUNG
[2012-12-01 17:19:46 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Samsung
[2012-12-01 17:08:03 | 000,000,000 | ---D | C] -- D:\WINDOWS\Sun
[2012-11-28 22:34:58 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Moje dokumenty\Battlefield Play4Free
[2012-11-28 21:50:04 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\PunkBuster
[2012-11-28 21:38:15 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Moje dokumenty\Battlefield Heroes
[2012-11-28 21:28:59 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\LogFiles
[2012-11-28 21:28:58 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Menu Start\Programy\EA Games
[2012-11-28 19:06:49 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\.gstreamer-0.10
[2012-11-28 19:06:36 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2012-11-28 19:06:34 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\OpenFM
[2012-11-28 19:01:09 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Moje dokumenty\Electronic Arts
[2012-11-28 14:17:18 | 000,569,344 | ---- | C] ((c) MusicCity) -- D:\WINDOWS\System32\muzdecode.ax
[2012-11-28 14:17:18 | 000,491,520 | ---- | C] (Musiccity Co.Ltd.) -- D:\WINDOWS\System32\muzapp.dll
[2012-11-28 14:17:18 | 000,352,256 | ---- | C] (Sample Corporation) -- D:\WINDOWS\System32\MSLUR71.dll
[2012-11-28 14:17:18 | 000,258,048 | ---- | C] ((c) PeeringPortal) -- D:\WINDOWS\System32\muzoggsp.ax
[2012-11-28 14:17:18 | 000,245,760 | ---- | C] (Teruten Inc.) -- D:\WINDOWS\System32\MSCLib.dll
[2012-11-28 14:17:18 | 000,200,704 | ---- | C] ( (c) MusicCity) -- D:\WINDOWS\System32\muzwmts.dll
[2012-11-28 14:17:18 | 000,172,032 | ---- | C] (Musiccity Co.Ltd.) -- D:\WINDOWS\System32\muzapp.exe
[2012-11-28 14:17:18 | 000,155,648 | ---- | C] (Teruten Inc.) -- D:\WINDOWS\System32\MSFLib.dll
[2012-11-28 14:17:18 | 000,135,168 | ---- | C] (Musiccity Co.Ltd.) -- D:\WINDOWS\System32\muzaf1.dll
[2012-11-28 14:17:18 | 000,131,072 | ---- | C] ((c) MusicCity) -- D:\WINDOWS\System32\muzmpgsp.ax
[2012-11-28 14:17:18 | 000,122,880 | ---- | C] ((c) MUSICCITY) -- D:\WINDOWS\System32\muzeffect.ax
[2012-11-28 14:17:18 | 000,118,784 | ---- | C] ((주)마크애니) -- D:\WINDOWS\System32\MaDRM.dll
[2012-11-28 14:17:18 | 000,110,592 | ---- | C] ((c) MusicCity) -- D:\WINDOWS\System32\muzmp4sp.ax
[2012-11-28 14:17:18 | 000,057,344 | ---- | C] (Marktek) -- D:\WINDOWS\System32\MK_Lyric.dll
[2012-11-28 14:17:18 | 000,057,344 | ---- | C] (Marktek Inc.) -- D:\WINDOWS\System32\MTXSYNCICON.dll
[2012-11-28 14:17:18 | 000,049,152 | ---- | C] ((주) 마크애니) -- D:\WINDOWS\System32\MaJGUILib.dll
[2012-11-28 14:17:18 | 000,045,320 | ---- | C] (MARKANY) -- D:\WINDOWS\System32\MAMACExtract.dll
[2012-11-28 14:17:18 | 000,045,056 | ---- | C] ((주) 마크애니) -- D:\WINDOWS\System32\MaXMLProto.dll
[2012-11-28 14:17:18 | 000,045,056 | ---- | C] ((주) 마크애니) -- D:\WINDOWS\System32\MACXMLProto.dll
[2012-11-28 14:17:18 | 000,040,960 | ---- | C] (Telechips Inc.,) -- D:\WINDOWS\System32\MTTELECHIP.dll
[2012-11-28 14:17:18 | 000,024,576 | ---- | C] ((주)마크애니) -- D:\WINDOWS\System32\MASetupCleaner.exe
[2012-11-27 19:44:26 | 000,000,000 | -HSD | C] -- D:\RECYCLER
[2012-11-27 19:44:21 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi
[2012-11-27 19:44:16 | 000,000,000 | ---D | C] -- D:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi
[2012-11-27 19:43:53 | 000,000,000 | ---D | C] -- D:\Program Files\LogMeIn Hamachi
[2012-11-27 19:43:53 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\LogMeIn Hamachi
[2012-11-27 19:43:16 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\Hoolapp for Android
[2012-11-27 19:43:15 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\HoolappforAndroid
[2012-11-27 19:17:13 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\LolClient
[2012-11-27 19:13:54 | 000,000,000 | ---D | C] -- D:\WINDOWS\Logs
[2012-11-27 19:12:15 | 000,000,000 | ---D | C] -- D:\Direxct
[2012-11-27 19:09:27 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\Asprate
[2012-11-27 19:09:25 | 000,000,000 | ---D | C] -- D:\Program Files\Asprate
[2012-11-27 19:09:00 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\Tibia
[2012-11-27 18:58:37 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Sun
[2012-11-27 18:55:18 | 000,000,000 | -HSD | C] -- D:\WINDOWS\Installer
[2012-11-27 18:55:18 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\ODBC
[2012-11-27 18:55:16 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\SpeechEngines
[2012-11-27 18:55:15 | 000,000,000 | R--D | C] -- D:\Program Files
[2012-11-27 18:55:15 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Microsoft Shared
[2012-11-27 18:55:15 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files
[2012-11-27 18:54:51 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Menu Start
[2012-11-27 18:54:51 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Dokumenty
[2012-11-27 18:54:51 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\Autostart
[2012-11-27 18:54:51 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\All Users\Szablony
[2012-11-27 18:54:51 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Ulubione
[2012-11-27 18:54:51 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Pulpit
[2012-11-27 18:54:31 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Identities
[2012-11-27 18:53:03 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\CatRoot2
[2012-11-27 18:53:03 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\CatRoot
[2012-11-27 18:52:58 | 000,000,000 | --SD | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Microsoft
[2012-11-27 18:52:58 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\All Users\Dane aplikacji
[2012-11-27 18:52:41 | 000,000,000 | ---D | C] -- D:\Documents and Settings
[2012-11-27 18:52:40 | 000,000,000 | -HSD | C] -- D:\System Volume Information
[2012-11-27 18:47:21 | 000,000,000 | R-SD | C] -- D:\WINDOWS\Fonts
[2012-11-27 18:47:21 | 000,000,000 | RHSD | C] -- D:\WINDOWS\System32\dllcache
[2012-11-27 18:47:21 | 000,000,000 | R--D | C] -- D:\WINDOWS\Web
[2012-11-27 18:47:21 | 000,000,000 | -H-D | C] -- D:\WINDOWS\inf
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\WinSxS
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\wins
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\wbem
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\usmt
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\twain_32
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\Temp
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\system32
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\system
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\spool
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\ShellExt
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\Setup
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\security
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\Resources
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\repair
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\ras
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\Provisioning
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\PeerNet
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\pchealth
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\oobe
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\npp
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\NLDRV
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\mui
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\mui
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\msapps
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\msagent
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\Media
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\java
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\inetsrv
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\IME
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\ime
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\icsxml
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\ias
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\Help
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\export
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers\etc
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\Driver Cache
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers\disdn
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\dhcp
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\Debug
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\Cursors
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\Connection Wizard
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\config
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\Config
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\AppPatch
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\addins
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\3com_dmi
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\3076
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\2052
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1054
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1045
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1042
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1041
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1037
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1033
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1031
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1028
[2012-11-27 18:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1025
[2012-11-27 18:28:47 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\TS3Client
[2012-11-27 18:28:14 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\NVIDIA
[2012-11-27 18:27:42 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\.minecraft
[2012-11-27 18:27:19 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\Tibia
[2012-11-27 18:26:23 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Menu Start\Programy\WinRAR
[2012-11-27 18:26:23 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\WinRAR
[2012-11-27 18:26:23 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\WinRAR
[2012-11-27 18:26:21 | 000,000,000 | ---D | C] -- D:\Program Files\WinRAR
[2012-11-27 18:26:01 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\TeamSpeak 3 Client
[2012-11-27 18:25:08 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Sun
[2012-11-27 18:25:08 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Java
[2012-11-27 18:24:47 | 000,000,000 | ---D | C] -- D:\Program Files\Java
[2012-11-27 18:23:42 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\Sun
[2012-11-27 18:21:45 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Simple Adblock
[2012-11-27 18:21:45 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\Simple Adblock
[2012-11-27 18:21:40 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\Gadu-Gadu 10
[2012-11-27 18:21:37 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2012-11-27 18:21:21 | 000,000,000 | ---D | C] -- D:\Program Files\Gadu-Gadu 10
[2012-11-27 18:20:29 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\Adobe
[2012-11-27 18:20:02 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Moje dokumenty\Downloads
[2012-11-27 18:19:24 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\Macromedia
[2012-11-27 18:17:26 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Adobe
[2012-11-27 18:17:23 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\Google Chrome
[2012-11-27 18:16:35 | 000,000,000 | ---D | C] -- D:\Program Files\Google
[2012-11-27 18:16:34 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Google
[2012-11-27 18:15:59 | 000,000,000 | -HSD | C] -- D:\Documents and Settings\Grzenio\IECompatCache
[2012-11-27 18:15:50 | 000,000,000 | -HSD | C] -- D:\Documents and Settings\Grzenio\PrivacIE
[2012-11-27 18:15:39 | 000,000,000 | -HSD | C] -- D:\Documents and Settings\Grzenio\IETldCache
[2012-11-27 18:14:35 | 000,000,000 | ---D | C] -- D:\WINDOWS\WBEM
[2012-11-27 18:14:24 | 000,000,000 | -H-D | C] -- D:\WINDOWS\ie8
[2012-11-27 18:14:24 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\pl-PL
[2012-11-27 18:10:26 | 000,796,032 | ---- | C] (Ralink Technology, Corp.) -- D:\WINDOWS\System32\Scutum.dll
[2012-11-27 18:10:26 | 000,200,704 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- D:\WINDOWS\System32\ssleay32.dll
[2012-11-27 18:10:26 | 000,180,224 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- D:\WINDOWS\System32\W32N55.dll
[2012-11-27 18:10:26 | 000,152,968 | ---- | C] (Ralink Tech) -- D:\WINDOWS\System32\RalinkGina.dll
[2012-11-27 18:10:25 | 001,085,440 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- D:\WINDOWS\System32\libeay32.dll
[2012-11-27 18:10:25 | 000,019,072 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- D:\WINDOWS\System32\drivers\Scutum50.sys
[2012-11-27 18:10:25 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\TP-LINK
[2012-11-27 18:10:24 | 000,827,488 | ---- | C] (Ralink Technology, Corp.) -- D:\WINDOWS\System32\drivers\rt2870.sys
[2012-11-27 18:10:24 | 000,000,000 | ---D | C] -- D:\Program Files\TP-LINK
[2012-11-27 18:10:24 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\DRVSTORE
[2012-11-27 18:10:22 | 000,000,000 | -H-D | C] -- D:\Program Files\InstallShield Installation Information
[2012-11-27 18:10:22 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\TP-LINK Driver
[2012-11-27 18:09:41 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\NVIDIA
[2012-11-27 18:09:39 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\NVIDIA Corporation
[2012-11-27 18:09:07 | 000,065,536 | ---- | C] (Khronos Group) -- D:\WINDOWS\System32\OpenCL.dll
[2012-11-27 18:08:43 | 000,000,000 | ---D | C] -- D:\Program Files\NVIDIA Corporation
[2012-11-27 18:08:21 | 000,000,000 | ---D | C] -- D:\NVIDIA
[2012-11-27 18:07:10 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\Identities
[2012-11-27 18:07:09 | 000,000,000 | -H-D | C] -- D:\Program Files\Uninstall Information
[2012-11-27 18:07:08 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Grzenio\Moje dokumenty\Moje obrazy
[2012-11-27 18:07:08 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Grzenio\Moje dokumenty\Moja muzyka
[2012-11-27 18:07:01 | 000,000,000 | --SD | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji\Microsoft
[2012-11-27 18:07:01 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\Grzenio\SendTo
[2012-11-27 18:07:01 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\Grzenio\Recent
[2012-11-27 18:07:01 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\Grzenio\Dane aplikacji
[2012-11-27 18:07:01 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Grzenio\Ulubione
[2012-11-27 18:07:01 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Grzenio\Moje dokumenty
[2012-11-27 18:07:01 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Grzenio\Menu Start
[2012-11-27 18:07:01 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Grzenio\Menu Start\Programy\Autostart
[2012-11-27 18:07:01 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Grzenio\Menu Start\Programy\Akcesoria
[2012-11-27 18:07:01 | 000,000,000 | -HSD | C] -- D:\Documents and Settings\Grzenio\Cookies
[2012-11-27 18:07:01 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\Grzenio\Ustawienia lokalne
[2012-11-27 18:07:01 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\Grzenio\Szablony
[2012-11-27 18:07:01 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\Grzenio\PrintHood
[2012-11-27 18:07:01 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\Grzenio\NetHood
[2012-11-27 18:07:01 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Pulpit
[2012-11-27 18:07:01 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\Microsoft
[2012-11-27 18:05:36 | 000,000,000 | --SD | C] -- D:\WINDOWS\System32\Microsoft
[2012-11-27 18:05:36 | 000,000,000 | ---D | C] -- D:\WINDOWS\SoftwareDistribution
[2012-11-27 18:05:36 | 000,000,000 | ---D | C] -- D:\WINDOWS\Prefetch
[2012-11-27 18:05:35 | 000,000,000 | --SD | C] -- D:\Documents and Settings\LocalService\Dane aplikacji\Microsoft
[2012-11-27 18:05:35 | 000,000,000 | ---D | C] -- D:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2012-11-27 18:04:56 | 000,000,000 | --SD | C] -- D:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[2012-11-27 18:04:56 | 000,000,000 | ---D | C] -- D:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2012-11-27 18:03:48 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- D:\WINDOWS\System32\dllcache\rwia330.dll
[2012-11-27 18:03:48 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- D:\WINDOWS\System32\dllcache\rwia001.dll
[2012-11-27 18:03:48 | 000,026,624 | ---- | C] (RICOH Co., Ltd.) -- D:\WINDOWS\System32\dllcache\rw330ext.dll
[2012-11-27 18:03:04 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- D:\WINDOWS\System32\dllcache\cap7146.sys
[2012-11-27 18:02:46 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\xircom
[2012-11-27 18:02:46 | 000,000,000 | ---D | C] -- D:\Program Files\xerox
[2012-11-27 18:02:46 | 000,000,000 | ---D | C] -- D:\Program Files\microsoft frontpage
[2012-11-27 18:02:04 | 000,000,000 | -HSD | C] -- D:\Documents and Settings\All Users\DRM
[2012-11-27 18:01:58 | 000,000,000 | --SD | C] -- D:\WINDOWS\Downloaded Program Files
[2012-11-27 18:01:58 | 000,000,000 | R--D | C] -- D:\WINDOWS\Offline Web Pages
[2012-11-27 18:01:52 | 000,000,000 | -H-D | C] -- D:\Program Files\WindowsUpdate
[2012-11-27 18:01:51 | 000,000,000 | ---D | C] -- D:\Program Files\Usługi online
[2012-11-27 18:01:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\DirectX
[2012-11-27 18:01:17 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Services
[2012-11-27 18:01:15 | 000,000,000 | --SD | C] -- D:\WINDOWS\Tasks
[2012-11-27 18:01:15 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\MSSoap
[2012-11-27 18:01:12 | 000,000,000 | ---D | C] -- D:\WINDOWS\srchasst
[2012-11-27 18:01:11 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\Macromed
[2012-11-27 18:01:05 | 000,000,000 | ---D | C] -- D:\Program Files\Movie Maker
[2012-11-27 18:00:59 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\Restore
[2012-11-27 18:00:55 | 000,000,000 | ---D | C] -- D:\Program Files\NetMeeting
[2012-11-27 18:00:53 | 000,000,000 | ---D | C] -- D:\Program Files\Outlook Express
[2012-11-27 18:00:48 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\System
[2012-11-27 18:00:47 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Dokumenty\Moje obrazy
[2012-11-27 18:00:47 | 000,000,000 | ---D | C] -- D:\Program Files\Internet Explorer
[2012-11-27 18:00:45 | 000,000,000 | ---D | C] -- D:\Program Files\ComPlus Applications
[2012-11-27 18:00:44 | 000,000,000 | ---D | C] -- D:\WINDOWS\Registration
[2012-11-27 18:00:43 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\Narzędzia administracyjne
[2012-11-27 18:00:28 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Dokumenty\Moja muzyka
[2012-11-27 18:00:28 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\Gry
[2012-11-27 18:00:28 | 000,000,000 | ---D | C] -- D:\Program Files\Windows Media Player
[2012-11-27 18:00:26 | 000,000,000 | ---D | C] -- D:\Program Files\Messenger
[2012-11-27 18:00:23 | 000,000,000 | ---D | C] -- D:\Program Files\MSN Gaming Zone
[2012-11-27 18:00:04 | 000,283,136 | ---- | C] (Cinematronics) -- D:\WINDOWS\System32\dllcache\pinball.exe
[2012-11-27 18:00:03 | 000,000,000 | ---D | C] -- D:\Program Files\Windows NT
[2012-11-27 18:00:00 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\MsDtc
[2012-11-27 17:59:59 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\Com
[2012-11-27 17:59:41 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\Akcesoria

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2012-12-25 12:35:08 | 000,002,267 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2012-12-25 12:34:57 | 000,001,034 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012-12-25 12:34:57 | 000,000,290 | ---- | M] () -- D:\WINDOWS\tasks\Express FilesUpdate.job
[2012-12-25 12:34:53 | 000,002,048 | --S- | M] () -- D:\WINDOWS\bootstat.dat
[2012-12-25 12:30:35 | 000,000,000 | ---- | M] () -- D:\Program Files\Common Files\userInit.dll
[2012-12-25 12:21:00 | 000,001,038 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012-12-25 12:17:00 | 000,000,930 | ---- | M] () -- D:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012-12-25 01:36:52 | 000,000,784 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Malwarebytes Anti-Malware.lnk
[2012-12-25 01:32:31 | 003,880,824 | ---- | M] () -- D:\_OTL.rar
[2012-12-25 01:31:28 | 000,013,694 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl
[2012-12-24 15:26:20 | 000,139,424 | ---- | M] () -- D:\WINDOWS\System32\drivers\PnkBstrK.sys
[2012-12-24 15:26:11 | 000,282,104 | ---- | M] () -- D:\WINDOWS\System32\PnkBstrB.xtr
[2012-12-24 14:16:17 | 000,000,451 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Call of Duty(R) 2 Singleplayer.lnk
[2012-12-24 14:16:17 | 000,000,451 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Call of Duty(R) 2 Multiplayer.lnk
[2012-12-24 14:16:15 | 000,000,266 | ---- | M] () -- D:\WINDOWS\game.ini
[2012-12-24 14:12:04 | 000,555,462 | ---- | M] () -- D:\WINDOWS\System32\perfh015.dat
[2012-12-24 14:12:04 | 000,493,190 | ---- | M] () -- D:\WINDOWS\System32\perfh009.dat
[2012-12-24 14:12:04 | 000,104,494 | ---- | M] () -- D:\WINDOWS\System32\perfc015.dat
[2012-12-24 14:12:04 | 000,083,734 | ---- | M] () -- D:\WINDOWS\System32\perfc009.dat
[2012-12-24 14:11:07 | 000,001,613 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\DAEMON Tools Lite.lnk
[2012-12-24 14:10:52 | 000,242,240 | ---- | M] (DT Soft Ltd) -- D:\WINDOWS\System32\drivers\dtsoftbus01.sys
[2012-12-24 11:53:05 | 000,004,608 | ---- | M] () -- D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-12-24 11:49:32 | 000,000,536 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\BitTorrent.lnk
[2012-12-24 11:25:57 | 000,223,060 | ---- | M] () -- D:\Documents and Settings\Grzenio\Pulpit\Tomorrowland_image_716x477.jpg
[2012-12-16 17:58:52 | 000,002,169 | ---- | M] () -- D:\Documents and Settings\Grzenio\Pulpit\Tibiacast.lnk
[2012-12-13 19:57:22 | 000,000,656 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\CPUID HWMonitor.lnk
[2012-12-12 20:17:58 | 000,000,630 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Combat Arms EU.lnk
[2012-12-12 18:58:25 | 000,446,464 | ---- | M] (NEXON Inc.) -- D:\WINDOWS\NEXON_EU_DownloaderUpdater.exe
[2012-12-12 18:58:25 | 000,000,235 | ---- | M] () -- D:\WINDOWS\System32\nxEuUninstall.bat
[2012-12-11 18:39:15 | 001,335,014 | ---- | M] () -- D:\Documents and Settings\Grzenio\Dane aplikacji\sqlite.jar
[2012-12-11 18:37:03 | 000,000,544 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Tibia.lnk
[2012-12-07 21:37:55 | 000,096,664 | ---- | M] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2012-12-07 21:35:50 | 000,000,000 | -H-- | M] () -- D:\WINDOWS\System32\drivers\umdf\MsftWdf_user_01_00_00.Wdf
[2012-12-07 21:35:39 | 000,001,374 | ---- | M] () -- D:\WINDOWS\imsins.BAK
[2012-12-07 21:35:38 | 000,316,640 | ---- | M] () -- D:\WINDOWS\WMSysPr9.prx
[2012-12-05 21:34:17 | 000,117,614 | ---- | M] () -- D:\Documents and Settings\Grzenio\Pulpit\lol.jpg
[2012-12-04 21:31:57 | 000,000,552 | ---- | M] () -- D:\Documents and Settings\Grzenio\Pulpit\LFS.lnk
[2012-12-04 21:10:51 | 000,100,896 | ---- | M] () -- D:\WINDOWS\System32\xinput1_3.dll
[2012-12-04 21:10:47 | 000,000,559 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\LS-USBMX 1 2 3 Steering Wheel W Vibration.lnk
[2012-12-04 20:21:29 | 000,282,104 | ---- | M] () -- D:\WINDOWS\System32\PnkBstrB.ex0
[2012-12-02 11:04:33 | 000,000,818 | ---- | M] () -- D:\Documents and Settings\Grzenio\Pulpit\The Sims 3.lnk
[2012-12-01 17:20:45 | 000,000,000 | -H-- | M] () -- D:\WINDOWS\System32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
[2012-12-01 17:20:45 | 000,000,000 | -H-- | M] () -- D:\WINDOWS\System32\drivers\Msft_Kernel_ssadadb_01005.Wdf
[2012-11-28 22:34:31 | 000,138,056 | ---- | M] () -- D:\Documents and Settings\Grzenio\Dane aplikacji\PnkBstrK.sys
[2012-11-28 14:18:54 | 004,659,712 | ---- | M] (Dmitry Streblechenko) -- D:\WINDOWS\System32\Redemption.dll
[2012-11-28 14:17:18 | 000,974,848 | ---- | M] () -- D:\WINDOWS\System32\cis-2.4.dll
[2012-11-28 14:17:18 | 000,569,344 | ---- | M] ((c) MusicCity) -- D:\WINDOWS\System32\muzdecode.ax
[2012-11-28 14:17:18 | 000,491,520 | ---- | M] (Musiccity Co.Ltd.) -- D:\WINDOWS\System32\muzapp.dll
[2012-11-28 14:17:18 | 000,352,256 | ---- | M] (Sample Corporation) -- D:\WINDOWS\System32\MSLUR71.dll
[2012-11-28 14:17:18 | 000,258,048 | ---- | M] ((c) PeeringPortal) -- D:\WINDOWS\System32\muzoggsp.ax
[2012-11-28 14:17:18 | 000,245,760 | ---- | M] (Teruten Inc.) -- D:\WINDOWS\System32\MSCLib.dll
[2012-11-28 14:17:18 | 000,200,704 | ---- | M] ( (c) MusicCity) -- D:\WINDOWS\System32\muzwmts.dll
[2012-11-28 14:17:18 | 000,172,032 | ---- | M] (Musiccity Co.Ltd.) -- D:\WINDOWS\System32\muzapp.exe
[2012-11-28 14:17:18 | 000,155,648 | ---- | M] (Teruten Inc.) -- D:\WINDOWS\System32\MSFLib.dll
[2012-11-28 14:17:18 | 000,143,360 | ---- | M] () -- D:\WINDOWS\System32\3DAudio.ax
[2012-11-28 14:17:18 | 000,135,168 | ---- | M] (Musiccity Co.Ltd.) -- D:\WINDOWS\System32\muzaf1.dll
[2012-11-28 14:17:18 | 000,131,072 | ---- | M] ((c) MusicCity) -- D:\WINDOWS\System32\muzmpgsp.ax
[2012-11-28 14:17:18 | 000,122,880 | ---- | M] ((c) MUSICCITY) -- D:\WINDOWS\System32\muzeffect.ax
[2012-11-28 14:17:18 | 000,118,784 | ---- | M] ((주)마크애니) -- D:\WINDOWS\System32\MaDRM.dll
[2012-11-28 14:17:18 | 000,110,592 | ---- | M] ((c) MusicCity) -- D:\WINDOWS\System32\muzmp4sp.ax
[2012-11-28 14:17:18 | 000,081,920 | ---- | M] () -- D:\WINDOWS\System32\issacapi_bs-2.3.dll
[2012-11-28 14:17:18 | 000,065,536 | ---- | M] () -- D:\WINDOWS\System32\issacapi_pe-2.3.dll
[2012-11-28 14:17:18 | 000,057,344 | ---- | M] (Marktek) -- D:\WINDOWS\System32\MK_Lyric.dll
[2012-11-28 14:17:18 | 000,057,344 | ---- | M] (Marktek Inc.) -- D:\WINDOWS\System32\MTXSYNCICON.dll
[2012-11-28 14:17:18 | 000,057,344 | ---- | M] () -- D:\WINDOWS\System32\issacapi_se-2.3.dll
[2012-11-28 14:17:18 | 000,049,152 | ---- | M] ((주) 마크애니) -- D:\WINDOWS\System32\MaJGUILib.dll
[2012-11-28 14:17:18 | 000,045,320 | ---- | M] (MARKANY) -- D:\WINDOWS\System32\MAMACExtract.dll
[2012-11-28 14:17:18 | 000,045,056 | ---- | M] ((주) 마크애니) -- D:\WINDOWS\System32\MaXMLProto.dll
[2012-11-28 14:17:18 | 000,045,056 | ---- | M] ((주) 마크애니) -- D:\WINDOWS\System32\MACXMLProto.dll
[2012-11-28 14:17:18 | 000,040,960 | ---- | M] (Telechips Inc.,) -- D:\WINDOWS\System32\MTTELECHIP.dll
[2012-11-28 14:17:18 | 000,024,576 | ---- | M] ((주)마크애니) -- D:\WINDOWS\System32\MASetupCleaner.exe
[2012-11-27 19:17:37 | 001,102,344 | ---- | M] () -- D:\WINDOWS\System32\nvdrsdb1.bin
[2012-11-27 19:17:37 | 000,000,001 | ---- | M] () -- D:\WINDOWS\System32\nvdrssel.bin
[2012-11-27 19:17:35 | 001,102,344 | ---- | M] () -- D:\WINDOWS\System32\nvdrsdb0.bin
[2012-11-27 19:17:02 | 000,000,678 | ---- | M] () -- D:\Documents and Settings\Grzenio\Pulpit\League Of Legends.lnk
[2012-11-27 19:09:27 | 000,001,838 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Tibia MULTI-IP Changer.lnk
[2012-11-27 18:26:23 | 000,000,694 | ---- | M] () -- D:\Documents and Settings\Grzenio\Pulpit\WinRAR.lnk
[2012-11-27 18:26:01 | 000,000,697 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\TeamSpeak 3 Client.lnk
[2012-11-27 18:24:09 | 000,263,186 | ---- | M] () -- D:\Documents and Settings\Grzenio\Pulpit\Minecraft.exe
[2012-11-27 18:21:37 | 000,000,791 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\OpenFM.lnk
[2012-11-27 18:21:37 | 000,000,762 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk
[2012-11-27 18:17:25 | 000,001,819 | ---- | M] () -- D:\Documents and Settings\Grzenio\Pulpit\Google Chrome.lnk
[2012-11-27 18:15:40 | 000,000,803 | ---- | M] () -- D:\Documents and Settings\Grzenio\Pulpit\Internet Explorer.lnk
[2012-11-27 18:13:55 | 000,013,694 | ---- | M] () -- D:\WINDOWS\System32\wpa.bak
[2012-11-27 18:10:25 | 000,001,630 | ---- | M] () -- D:\Documents and Settings\All Users\Menu Start\Programy\Autostart\TP-LINK Wireless Utility.lnk
[2012-11-27 18:10:25 | 000,001,612 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\TP-LINK Wireless Utility.lnk
[2012-11-27 18:09:03 | 000,000,000 | ---- | M] () -- D:\WINDOWS\System32\nvdrswr.lk
[2012-11-27 18:04:58 | 000,008,192 | ---- | M] () -- D:\WINDOWS\REGLOCS.OLD
[2012-11-27 18:04:07 | 000,000,261 | ---- | M] () -- D:\WINDOWS\System32\$winnt$.inf
[2012-11-27 18:02:38 | 000,002,596 | ---- | M] () -- D:\WINDOWS\System32\CONFIG.NT
[2012-11-27 18:02:31 | 000,023,392 | ---- | M] () -- D:\WINDOWS\System32\nscompat.tlb
[2012-11-27 18:02:31 | 000,016,832 | ---- | M] () -- D:\WINDOWS\System32\amcompat.tlb
[2012-11-27 18:02:27 | 000,004,293 | ---- | M] () -- D:\WINDOWS\ODBCINST.INI
[2012-11-27 18:00:46 | 000,021,856 | ---- | M] () -- D:\WINDOWS\System32\emptyregdb.dat

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-12-25 01:36:52 | 000,000,784 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Malwarebytes Anti-Malware.lnk
[2012-12-25 01:32:19 | 003,880,824 | ---- | C] () -- D:\_OTL.rar
[2012-12-24 14:16:17 | 000,000,451 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Call of Duty(R) 2 Singleplayer.lnk
[2012-12-24 14:16:17 | 000,000,451 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Call of Duty(R) 2 Multiplayer.lnk
[2012-12-24 14:16:15 | 000,000,266 | ---- | C] () -- D:\WINDOWS\game.ini
[2012-12-24 14:11:07 | 000,001,613 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\DAEMON Tools Lite.lnk
[2012-12-24 11:49:32 | 000,000,536 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\BitTorrent.lnk
[2012-12-24 11:25:56 | 000,223,060 | ---- | C] () -- D:\Documents and Settings\Grzenio\Pulpit\Tomorrowland_image_716x477.jpg
[2012-12-24 11:25:30 | 000,004,608 | ---- | C] () -- D:\Documents and Settings\Grzenio\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-12-16 17:55:39 | 000,002,169 | ---- | C] () -- D:\Documents and Settings\Grzenio\Pulpit\Tibiacast.lnk
[2012-12-13 19:57:22 | 000,000,656 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\CPUID HWMonitor.lnk
[2012-12-12 20:17:58 | 000,000,630 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Combat Arms EU.lnk
[2012-12-12 18:58:25 | 000,000,235 | ---- | C] () -- D:\WINDOWS\System32\nxEuUninstall.bat
[2012-12-11 18:39:10 | 001,335,014 | ---- | C] () -- D:\Documents and Settings\Grzenio\Dane aplikacji\sqlite.jar
[2012-12-07 21:35:50 | 000,000,000 | -H-- | C] () -- D:\WINDOWS\System32\drivers\umdf\MsftWdf_user_01_00_00.Wdf
[2012-12-07 21:34:37 | 000,062,304 | ---- | C] () -- D:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2012-12-07 21:10:46 | 000,000,290 | ---- | C] () -- D:\WINDOWS\tasks\Express FilesUpdate.job
[2012-12-05 21:34:16 | 000,117,614 | ---- | C] () -- D:\Documents and Settings\Grzenio\Pulpit\lol.jpg
[2012-12-04 21:31:57 | 000,000,552 | ---- | C] () -- D:\Documents and Settings\Grzenio\Pulpit\LFS.lnk
[2012-12-04 21:10:47 | 000,008,079 | ---- | C] () -- D:\WINDOWS\System32\drivers\x3320001.cat
[2012-12-04 21:10:47 | 000,000,559 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\LS-USBMX 1 2 3 Steering Wheel W Vibration.lnk
[2012-12-04 17:02:56 | 000,178,688 | ---- | C] () -- D:\WINDOWS\System32\unrar.dll
[2012-12-02 11:04:06 | 000,000,818 | ---- | C] () -- D:\Documents and Settings\Grzenio\Pulpit\The Sims 3.lnk
[2012-12-01 21:57:09 | 000,002,267 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2012-12-01 17:20:45 | 000,000,000 | -H-- | C] () -- D:\WINDOWS\System32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
[2012-12-01 17:20:45 | 000,000,000 | -H-- | C] () -- D:\WINDOWS\System32\drivers\Msft_Kernel_ssadadb_01005.Wdf
[2012-11-28 21:50:58 | 000,282,104 | ---- | C] () -- D:\WINDOWS\System32\PnkBstrB.xtr
[2012-11-28 21:29:44 | 000,139,424 | ---- | C] () -- D:\WINDOWS\System32\drivers\PnkBstrK.sys
[2012-11-28 21:29:44 | 000,138,056 | ---- | C] () -- D:\Documents and Settings\Grzenio\Dane aplikacji\PnkBstrK.sys
[2012-11-28 21:29:00 | 000,282,104 | ---- | C] () -- D:\WINDOWS\System32\PnkBstrB.exe
[2012-11-28 21:29:00 | 000,282,104 | ---- | C] () -- D:\WINDOWS\System32\PnkBstrB.ex0
[2012-11-28 21:28:59 | 000,076,888 | ---- | C] () -- D:\WINDOWS\System32\PnkBstrA.exe
[2012-11-28 14:17:18 | 000,974,848 | ---- | C] () -- D:\WINDOWS\System32\cis-2.4.dll
[2012-11-28 14:17:18 | 000,143,360 | ---- | C] () -- D:\WINDOWS\System32\3DAudio.ax
[2012-11-28 14:17:18 | 000,081,920 | ---- | C] () -- D:\WINDOWS\System32\issacapi_bs-2.3.dll
[2012-11-28 14:17:18 | 000,065,536 | ---- | C] () -- D:\WINDOWS\System32\issacapi_pe-2.3.dll
[2012-11-28 14:17:18 | 000,057,344 | ---- | C] () -- D:\WINDOWS\System32\issacapi_se-2.3.dll
[2012-11-28 07:38:50 | 000,000,000 | ---- | C] () -- D:\Program Files\Common Files\userInit.dll
[2012-11-27 19:16:47 | 000,000,678 | ---- | C] () -- D:\Documents and Settings\Grzenio\Pulpit\League Of Legends.lnk
[2012-11-27 19:14:06 | 000,100,896 | ---- | C] () -- D:\WINDOWS\System32\xinput1_3.dll
[2012-11-27 19:09:27 | 000,001,838 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Tibia MULTI-IP Changer.lnk
[2012-11-27 18:55:20 | 000,001,374 | ---- | C] () -- D:\WINDOWS\imsins.BAK
[2012-11-27 18:55:18 | 000,004,293 | ---- | C] () -- D:\WINDOWS\ODBCINST.INI
[2012-11-27 18:55:16 | 001,685,606 | ---- | C] () -- D:\WINDOWS\System32\dllcache\sam.spd
[2012-11-27 18:55:16 | 000,643,717 | ---- | C] () -- D:\WINDOWS\System32\dllcache\ltts1033.lxa
[2012-11-27 18:55:16 | 000,605,050 | ---- | C] () -- D:\WINDOWS\System32\dllcache\r1033tts.lxa
[2012-11-27 18:55:16 | 000,000,888 | ---- | C] () -- D:\WINDOWS\System32\dllcache\sam.sdf
[2012-11-27 18:54:58 | 000,001,734 | ---- | C] () -- D:\WINDOWS\System32\AUTOEXEC.NT
[2012-11-27 18:53:12 | 001,014,483 | ---- | C] () -- D:\WINDOWS\System32\dllcache\SP2.CAT
[2012-11-27 18:53:12 | 000,808,524 | ---- | C] () -- D:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2012-11-27 18:53:12 | 000,399,670 | ---- | C] () -- D:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2012-11-27 18:53:12 | 000,168,806 | ---- | C] () -- D:\WINDOWS\System32\dllcache\startoc.cat
[2012-11-27 18:53:12 | 000,037,509 | ---- | C] () -- D:\WINDOWS\System32\dllcache\MW770.CAT
[2012-11-27 18:53:12 | 000,030,983 | ---- | C] () -- D:\WINDOWS\System32\dllcache\FP4.CAT
[2012-11-27 18:53:12 | 000,014,043 | ---- | C] () -- D:\WINDOWS\System32\dllcache\IMS.CAT
[2012-11-27 18:53:12 | 000,013,497 | ---- | C] () -- D:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2012-11-27 18:53:12 | 000,009,581 | ---- | C] () -- D:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2012-11-27 18:53:12 | 000,008,599 | ---- | C] () -- D:\WINDOWS\System32\dllcache\IASNT4.CAT
[2012-11-27 18:53:12 | 000,007,407 | ---- | C] () -- D:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2012-11-27 18:53:12 | 000,007,334 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmerrenu.cat
[2012-11-27 18:53:12 | 000,007,245 | ---- | C] () -- D:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2012-11-27 18:53:11 | 001,896,400 | ---- | C] () -- D:\WINDOWS\System32\dllcache\NT5.CAT
[2012-11-27 18:53:11 | 000,523,392 | ---- | C] () -- D:\WINDOWS\System32\dllcache\NT5INF.CAT
[2012-11-27 18:52:40 | 000,096,664 | ---- | C] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2012-11-27 18:51:45 | 000,000,261 | ---- | C] () -- D:\WINDOWS\System32\$winnt$.inf
[2012-11-27 18:27:19 | 000,000,544 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Tibia.lnk
[2012-11-27 18:26:23 | 000,000,694 | ---- | C] () -- D:\Documents and Settings\Grzenio\Pulpit\WinRAR.lnk
[2012-11-27 18:26:01 | 000,000,697 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\TeamSpeak 3 Client.lnk
[2012-11-27 18:24:06 | 000,263,186 | ---- | C] () -- D:\Documents and Settings\Grzenio\Pulpit\Minecraft.exe
[2012-11-27 18:21:37 | 000,000,791 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\OpenFM.lnk
[2012-11-27 18:21:37 | 000,000,762 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk
[2012-11-27 18:21:26 | 000,000,680 | ---- | C] () -- D:\Documents and Settings\All Users\Menu Start\Programy\Gadu-Gadu 10.lnk
[2012-11-27 18:17:49 | 000,000,930 | ---- | C] () -- D:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012-11-27 18:17:25 | 000,001,819 | ---- | C] () -- D:\Documents and Settings\Grzenio\Pulpit\Google Chrome.lnk
[2012-11-27 18:16:35 | 000,001,038 | ---- | C] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012-11-27 18:16:35 | 000,001,034 | ---- | C] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012-11-27 18:13:56 | 000,013,694 | ---- | C] () -- D:\WINDOWS\System32\wpa.bak
[2012-11-27 18:10:26 | 000,001,191 | ---- | C] () -- D:\WINDOWS\System32\W32N55.INI
[2012-11-27 18:10:26 | 000,000,516 | ---- | C] () -- D:\WINDOWS\System32\DiagFunc.ini
[2012-11-27 18:10:25 | 000,147,456 | ---- | C] () -- D:\WINDOWS\System32\DiagFunc.dll
[2012-11-27 18:10:25 | 000,001,630 | ---- | C] () -- D:\Documents and Settings\All Users\Menu Start\Programy\Autostart\TP-LINK Wireless Utility.lnk
[2012-11-27 18:10:25 | 000,001,612 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\TP-LINK Wireless Utility.lnk
[2012-11-27 18:10:23 | 000,013,931 | ---- | C] () -- D:\WINDOWS\System32\RaCoInst.dat
[2012-11-27 18:09:03 | 001,102,344 | ---- | C] () -- D:\WINDOWS\System32\nvdrsdb1.bin
[2012-11-27 18:09:03 | 001,102,344 | ---- | C] () -- D:\WINDOWS\System32\nvdrsdb0.bin
[2012-11-27 18:09:03 | 000,000,001 | ---- | C] () -- D:\WINDOWS\System32\nvdrssel.bin
[2012-11-27 18:09:03 | 000,000,000 | ---- | C] () -- D:\WINDOWS\System32\nvdrswr.lk
[2012-11-27 18:08:53 | 002,811,988 | ---- | C] () -- D:\WINDOWS\System32\nvdata.data
[2012-11-27 18:08:53 | 000,012,210 | ---- | C] () -- D:\WINDOWS\System32\nvinfo.pb
[2012-11-27 18:07:10 | 000,000,738 | ---- | C] () -- D:\Documents and Settings\Grzenio\Menu Start\Programy\Outlook Express.lnk
[2012-11-27 18:07:09 | 000,000,803 | ---- | C] () -- D:\Documents and Settings\Grzenio\Pulpit\Internet Explorer.lnk
[2012-11-27 18:07:01 | 000,001,599 | ---- | C] () -- D:\Documents and Settings\Grzenio\Menu Start\Programy\Pomoc zdalna.lnk
[2012-11-27 18:07:01 | 000,000,792 | ---- | C] () -- D:\Documents and Settings\Grzenio\Menu Start\Programy\Windows Media Player.lnk
[2012-11-27 18:04:58 | 000,008,192 | ---- | C] () -- D:\WINDOWS\REGLOCS.OLD
[2012-11-27 18:04:07 | 000,002,048 | --S- | C] () -- D:\WINDOWS\bootstat.dat
[2012-11-27 18:03:44 | 000,175,104 | ---- | C] () -- D:\WINDOWS\System32\dllcache\pintlcsa.dll
[2012-11-27 18:03:32 | 001,158,818 | ---- | C] () -- D:\WINDOWS\System32\dllcache\korwbrkr.lex
[2012-11-27 18:03:28 | 000,059,392 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imscinst.exe
[2012-11-27 18:03:27 | 000,196,665 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imjpinst.exe
[2012-11-27 18:03:26 | 000,134,339 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imekr.lex
[2012-11-27 18:03:19 | 013,463,552 | ---- | C] () -- D:\WINDOWS\System32\dllcache\hwxjpn.dll
[2012-11-27 18:03:16 | 000,108,827 | ---- | C] () -- D:\WINDOWS\System32\dllcache\hanja.lex
[2012-11-27 18:03:13 | 000,094,208 | ---- | C] () -- D:\WINDOWS\System32\dllcache\fpencode.dll
[2012-11-27 18:03:06 | 000,173,568 | ---- | C] () -- D:\WINDOWS\System32\dllcache\chtskf.dll
[2012-11-27 18:02:38 | 000,002,596 | ---- | C] () -- D:\WINDOWS\System32\CONFIG.NT
[2012-11-27 18:02:31 | 000,023,392 | ---- | C] () -- D:\WINDOWS\System32\nscompat.tlb
[2012-11-27 18:02:31 | 000,016,832 | ---- | C] () -- D:\WINDOWS\System32\amcompat.tlb
[2012-11-27 18:02:30 | 000,316,640 | ---- | C] () -- D:\WINDOWS\WMSysPr9.prx
[2012-11-27 18:01:52 | 000,000,786 | ---- | C] () -- D:\Documents and Settings\All Users\Menu Start\Programy\Windows Movie Maker.lnk
[2012-11-27 18:01:47 | 004,399,505 | ---- | C] () -- D:\WINDOWS\System32\dllcache\nls302en.lex
[2012-11-27 18:01:25 | 000,048,680 | -HS- | C] () -- D:\WINDOWS\winnt256.bmp
[2012-11-27 18:01:25 | 000,048,680 | -HS- | C] () -- D:\WINDOWS\winnt.bmp
[2012-11-27 18:01:19 | 000,000,984 | ---- | C] () -- D:\WINDOWS\System32\dllcache\srframe.mmf
[2012-11-27 18:01:09 | 000,004,639 | ---- | C] () -- D:\WINDOWS\System32\dllcache\mplayer2.exe
[2012-11-27 18:01:00 | 000,379,904 | ---- | C] () -- D:\WINDOWS\System32\dllcache\msinfo.dll
[2012-11-27 18:00:46 | 000,021,856 | ---- | C] () -- D:\WINDOWS\System32\emptyregdb.dat
[2012-11-27 18:00:28 | 000,000,643 | ---- | C] () -- D:\Documents and Settings\All Users\Menu Start\Programy\Windows Messenger.lnk
[2012-11-27 18:00:13 | 000,009,522 | ---- | C] () -- D:\WINDOWS\Indiański pled.bmp
[2012-11-27 18:00:12 | 000,065,978 | ---- | C] () -- D:\WINDOWS\Bąbelki.bmp
[2012-11-27 18:00:12 | 000,065,954 | ---- | C] () -- D:\WINDOWS\Pod mikroskopem.bmp
[2012-11-27 18:00:12 | 000,065,832 | ---- | C] () -- D:\WINDOWS\Stiuk z Santa Fe.bmp
[2012-11-27 18:00:12 | 000,026,680 | ---- | C] () -- D:\WINDOWS\Wachlarze.bmp
[2012-11-27 18:00:12 | 000,026,582 | ---- | C] () -- D:\WINDOWS\Nefryt.bmp
[2012-11-27 18:00:12 | 000,017,362 | ---- | C] () -- D:\WINDOWS\Rododendron.bmp
[2012-11-27 18:00:12 | 000,017,336 | ---- | C] () -- D:\WINDOWS\Na rybkach.bmp
[2012-11-27 18:00:12 | 000,017,062 | ---- | C] () -- D:\WINDOWS\Kawa.bmp
[2012-11-27 18:00:12 | 000,016,730 | ---- | C] () -- D:\WINDOWS\Puch.bmp
[2012-11-27 18:00:12 | 000,001,272 | ---- | C] () -- D:\WINDOWS\Niebieska koronka 16.bmp
[2012-11-27 18:00:10 | 000,003,286 | ---- | C] () -- D:\WINDOWS\System32\tslabels.h
[2012-11-27 18:00:10 | 000,001,225 | ---- | C] () -- D:\WINDOWS\System32\usrlogon.cmd
[2012-11-27 18:00:09 | 000,000,768 | ---- | C] () -- D:\WINDOWS\System32\msdtcprf.h
[2012-11-27 18:00:04 | 000,063,488 | ---- | C] () -- D:\WINDOWS\System32\wmimgmt.msc

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2012-12-07 21:33:31 | 000,000,227 | RHS- | M] () -- D:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2009-01-07 18:21:32 | 001,497,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = D:\WINDOWS\system32\wbem\fastprox.dll -- [2004-08-04 12:00:00 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = D:\WINDOWS\system32\wbem\wbemess.dll -- [2004-08-04 12:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#E56717]========== LOP Check ==========[/color]

[2012-12-12 21:56:16 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\%Installer_PublisherName%
[2012-12-24 14:10:28 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2012-11-27 18:21:37 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2012-12-12 20:55:07 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Nexon
[2012-12-12 20:12:50 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\NexonEU
[2012-12-24 13:09:04 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2012-12-10 16:23:05 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Samsung
[2012-12-10 17:57:45 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2012-11-27 18:10:22 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\TP-LINK Driver
[2012-12-17 19:13:00 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Grzenio\Dane aplikacji\.minecraft
[2012-12-24 14:20:50 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Grzenio\Dane aplikacji\BitTorrent
[2012-12-11 18:39:08 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Grzenio\Dane aplikacji\Chrome_manager
[2012-12-24 14:11:23 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Grzenio\Dane aplikacji\DAEMON Tools Lite
[2012-12-07 21:10:48 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Grzenio\Dane aplikacji\ExpressFiles
[2012-11-27 18:21:40 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Grzenio\Dane aplikacji\Gadu-Gadu 10
[2012-11-27 19:44:00 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Grzenio\Dane aplikacji\HoolappforAndroid
[2012-11-27 19:17:13 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Grzenio\Dane aplikacji\LolClient
[2012-11-28 19:06:34 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Grzenio\Dane aplikacji\OpenFM
[2012-12-10 16:23:06 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Grzenio\Dane aplikacji\Samsung
[2012-12-21 20:35:05 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Grzenio\Dane aplikacji\Simple Adblock
[2012-12-11 18:39:15 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Grzenio\Dane aplikacji\support@mozilla.com
[2012-12-25 11:49:30 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Grzenio\Dane aplikacji\Tibia
[2012-12-16 18:38:52 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Grzenio\Dane aplikacji\Tibiacast
[2012-12-17 19:54:28 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Grzenio\Dane aplikacji\TS3Client

[color=#E56717]========== Purity Check ==========[/color]



< End of report >
[/log]
EXT
[log]OTL Extras logfile created on: 2012-12-25 12:50:29 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Documents and Settings\Grzenio\Moje dokumenty\Downloads
Windows XP Home Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,45 Gb Available Physical Memory | 72,37% Memory free
3,85 Gb Paging File | 3,39 Gb Available in Paging File | 88,11% Paging File free
Paging file location(s): D:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 109,99 Gb Total Space | 55,89 Gb Free Space | 50,82% Space Free | Partition Type: NTFS
Drive D: | 39,05 Gb Total Space | 30,50 Gb Free Space | 78,09% Space Free | Partition Type: NTFS

Computer Name: GRZYNIO | User Name: Grzenio | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_USERS\S-1-5-21-1644491937-1708537768-725345543-1004\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Gry\Combat Arms EU\CombatArms.exe" = C:\Gry\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon)
"C:\Gry\Combat Arms EU\Engine.exe" = C:\Gry\Combat Arms EU\Engine.exe:*Enabled:Engine.exe -- (Nexon)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"D:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" = D:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)
"D:\Program Files\Gadu-Gadu 10\gg.exe" = D:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.)
"D:\Program Files\Java\jre7\bin\javaw.exe" = D:\Program Files\Java\jre7\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Oracle Corporation)
"D:\WINDOWS\system32\PnkBstrA.exe" = D:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA -- ()
"D:\WINDOWS\system32\PnkBstrB.exe" = D:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB -- ()
"C:\Gry\BattleField Heros\BFHeroes.exe" = C:\Gry\BattleField Heros\BFHeroes.exe:*:Enabled:Battlefield Heroes -- (Easy)
"C:\Gry\Battlefield FreeToPlay\BFP4f.exe" = C:\Gry\Battlefield FreeToPlay\BFP4f.exe:*:Enabled:BFP4f -- (Easy)
"D:\Program Files\Skype\Phone\Skype.exe" = D:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"D:\Program Files\ExpressFiles\expressdl.exe" = D:\Program Files\ExpressFiles\expressdl.exe:*:Enabled:Express Files
"D:\Program Files\ExpressFiles\ExpressFiles.exe" = D:\Program Files\ExpressFiles\ExpressFiles.exe:*:Enabled:Express Files
"D:\WINDOWS\system32\msiexec.exe" = D:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup -- (Microsoft Corporation)
"D:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe" = D:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe:*:Enabled:SweetPacksUpdateManager
"D:\WINDOWS\system32\muzapp.exe" = D:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player -- (Musiccity Co.Ltd.)
"C:\Gry\Grzenio\LFS\LFS.exe" = C:\Gry\Grzenio\LFS\LFS.exe:*:Enabled:LFS -- ()
"D:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe" = [String data over 1000 bytes]
"D:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\NGM.exe" = D:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon)
"C:\Gry\Combat Arms EU\CombatArms.exe" = C:\Gry\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon)
"C:\Gry\Combat Arms EU\NMService.exe" = C:\Gry\Combat Arms EU\NMService.exe:*:Enabled:Nexon Messenger Core -- (Nexon Corp.)
"C:\Gry\Combat Arms EU\Engine.exe" = C:\Gry\Combat Arms EU\Engine.exe:*Enabled:Engine.exe -- (Nexon)
"C:\Program Files\Tibiacast\Tibiacast Client.exe" = C:\Program Files\Tibiacast\Tibiacast Client.exe:*:Enabled:Tibiacast Client
"D:\Program Files\Tibiacast\Tibiacast Client.exe" = D:\Program Files\Tibiacast\Tibiacast Client.exe:*:Enabled:Tibiacast Client -- (Silver Squirrel Software HB)
"C:\Program Files\BitTorrent\BitTorrent.exe" = C:\Program Files\BitTorrent\BitTorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
"C:\Gry\Call Of Duty 2\CoD2MP_s.exe" = C:\Gry\Call Of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s -- ()


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{289AC7E0-0AEE-4a7b-913C-709D9803D23E}" = Nexon Game Manager
"{2A558A06-A44E-400D-95AD-D9FAA89AFD36}" = LS-USBMX 1/2/3 Steering Wheel W/Vibration
"{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5C19E2DC-4CCF-3114-B40A-6E565987025F}" = Microsoft .NET Framework 4 Extended PLK Language Pack
"{65096D90-297A-495D-AD10-3A83F5904346}" = Tibiacast
"{6FFEF5E1-F7B0-40DD-838D-557BD7EE4301}" = TP-LINK Wireless Utility
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 306.81
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 306.81
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.28
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B4920103-09F6-4AD2-B150-CFC4474D2DDC}" = Simple Adblock
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CAE017F8-C238-4397-879B-7FBB915D9457}" = LogMeIn Hamachi
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{E9AA8EB9-FCD1-4829-AE3C-F2D211C67F42}" = Internet Explorer
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"BitTorrent" = BitTorrent
"Combat Arms EU" = Combat Arms EU
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.21
"DAEMON Tools Lite" = DAEMON Tools Lite
"Gadu-Gadu 10" = Gadu-Gadu 10
"Google Chrome" = Google Chrome
"ie8" = Windows Internet Explorer 8
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"KLiteCodecPack_is1" = K-Lite Codec Pack 9.5.5 (Full)
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.65.1.1000
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended
"PunkBusterSvc" = PunkBuster Services
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Tibia_is1" = Tibia
"TMIPC" = Tibia MULTI-ip changer
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"WinRAR archiver" = WinRAR 4.20 (32-bitowy)
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-1644491937-1708537768-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{87686C21-8A15-4b4d-A3F1-11141D9BE094}" = Battlefield Play4Free (Grzenio)
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes (Grzenio)

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2012-11-27 14:44:09 | Computer Name = GRZYNIO | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Określony serwer nie może wykonać żądanej operacji.

Error - 2012-11-27 14:44:09 | Computer Name = GRZYNIO | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Określony serwer nie może wykonać żądanej operacji.

Error - 2012-12-05 13:28:53 | Computer Name = GRZYNIO | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd bfp4f.exe, wersja 0.0.0.0, moduł powodujący
błąd ntdll.dll, wersja 5.1.2600.2180, adres błędu 0x00001010.

Error - 2012-12-07 16:39:15 | Computer Name = GRZYNIO | Source = .NET Runtime Optimization Service | ID = 1101
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Failed to compile: System.Xml, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
. Error code = 0x800706be

Error - 2012-12-10 11:23:14 | Computer Name = GRZYNIO | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd setup.exe, wersja 16.0.0.400, moduł powodujący
błąd unknown, wersja 0.0.0.0, adres błędu 0x4ec05846.

Error - 2012-12-13 13:01:07 | Computer Name = GRZYNIO | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd nexon_eu_downloader_engine.exe, wersja 2.5.10.0,
moduł powodujący błąd nexon_eu_downloader_engine.exe, wersja 2.5.10.0, adres błędu
0x0000c145.

Error - 2012-12-17 02:22:23 | Computer Name = GRZYNIO | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd nexon_eu_downloader_engine.exe, wersja 2.5.10.0,
moduł powodujący błąd nexon_eu_downloader_engine.exe, wersja 2.5.10.0, adres błędu
0x0000c145.

Error - 2012-12-18 15:46:19 | Computer Name = GRZYNIO | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd skype.exe, wersja 6.0.0.126, moduł powodujący
błąd kernel32.dll, wersja 5.1.2600.2180, adres błędu 0x000097d2.

Error - 2012-12-20 13:32:29 | Computer Name = GRZYNIO | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd nexon_eu_downloader_engine.exe, wersja 2.5.10.0,
moduł powodujący błąd nexon_eu_downloader_engine.exe, wersja 2.5.10.0, adres błędu
0x0000c145.

Error - 2012-12-22 15:49:34 | Computer Name = GRZYNIO | Source = MsiInstaller | ID = 11316
Description = Product: Tibiacast -- Error 1316. A network error occurred while attempting
to read from the file: D:\DOCUME~1\Grzenio\USTAWI~1\Temp\Rar$EXa0.726\Tibiacast
Installer.msi

[ System Events ]
Error - 2012-12-12 03:13:27 | Computer Name = GRZYNIO | Source = Service Control Manager | ID = 7023
Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący
błąd: %%126

Error - 2012-12-12 03:13:27 | Computer Name = GRZYNIO | Source = Service Control Manager | ID = 7023
Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący
błąd: %%126

Error - 2012-12-12 03:13:28 | Computer Name = GRZYNIO | Source = Service Control Manager | ID = 7023
Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący
błąd: %%126

Error - 2012-12-12 03:13:28 | Computer Name = GRZYNIO | Source = Service Control Manager | ID = 7023
Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący
błąd: %%126

Error - 2012-12-12 03:13:28 | Computer Name = GRZYNIO | Source = Service Control Manager | ID = 7023
Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący
błąd: %%126

Error - 2012-12-12 03:13:28 | Computer Name = GRZYNIO | Source = Service Control Manager | ID = 7023
Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący
błąd: %%126

Error - 2012-12-12 03:13:28 | Computer Name = GRZYNIO | Source = Service Control Manager | ID = 7023
Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący
błąd: %%126

Error - 2012-12-12 03:13:28 | Computer Name = GRZYNIO | Source = Service Control Manager | ID = 7023
Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący
błąd: %%126

Error - 2012-12-12 03:13:28 | Computer Name = GRZYNIO | Source = Service Control Manager | ID = 7023
Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący
błąd: %%126

Error - 2012-12-12 03:13:28 | Computer Name = GRZYNIO | Source = Service Control Manager | ID = 7023
Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący
błąd: %%126


< End of report >
[/log]

Gość
komentarz
komentarz

Jeszcze 1 skrypt do wykonania:
[code]
:Files
D:\Program Files\Common
Files\userInit.dll
[/code]
Mam nadzieje że to wszystko

  • Dobra wypowiedź 1
Grzenio95
komentarz
komentarz

Dać potem Logi?

wirusolog
komentarz
komentarz

Tylko notatnik który wyskoczy po usuwaniu.

Grzenio95
komentarz
komentarz

Proszę
[log]========== FILES ==========
File\Folder D:\Program Files\Common not found.
File\Folder Files\userInit.dll not found.

OTL by OldTimer - Version 3.2.69.0 log created on 12252012_140120
[/log]

wirusolog
komentarz
komentarz (edytowane)

Nawet nie potrafi jednej składni napisać... :o
[hr]
[b]1.[/b] Uruchom OTL i w sekcji [b]Własne opcje skanowania / skrypt[/b] wklej:

[code]:OTL
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\EagleXNt.sys -- (EagleXNt)

:Files
D:\WINDOWS\tasks\*.job
D:\Program Files\Common Files\userInit.dll[/code]
Klik w [b]Wykonaj skrypt[/b]. Wklej raport który wyskoczy.

  • Dobra wypowiedź 1
Grzenio95
komentarz
komentarz

Ok już daję.
[log]========== OTL ==========
Service EagleXNt stopped successfully!
Service EagleXNt deleted successfully!
File D:\WINDOWS\system32\drivers\EagleXNt.sys not found.
========== FILES ==========
D:\WINDOWS\tasks\Adobe Flash Player Updater.job moved successfully.
D:\WINDOWS\tasks\avast! Emergency Update.job moved successfully.
D:\WINDOWS\tasks\Express FilesUpdate.job moved successfully.
D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
D:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
D:\Program Files\Common Files\userInit.dll moved successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 12252012_160800
[/log]

wirusolog
komentarz
komentarz

Załatwione.

W OTL wciśnij [b]Sprzątanie[/b].

  • Dobra wypowiedź 1
Grzenio95
komentarz
komentarz

Dzięki za pomoc, pozdrawiam i wesołych świąt.

KotletSchabowy
komentarz
komentarz

[quote name='wirusolog' timestamp='1356446174' post='1652959']
Nawet nie potrafi jednej składni napisać... :o[/quote]
Myślisz idioto że kim on jest? Jest tylko człowiekiem i ma prawo do błędu. Poza tym nie jest zaje..nym nolifem jak ty, że siedzi 24/7 na forum i sprawdza logi.

wirusolog
komentarz
komentarz (edytowane)

[quote]Myślisz idioto że kim on jest? Jest tylko człowiekiem i ma prawo do błędu. Poza tym nie jest zaje..nym nolifem jak ty, że siedzi 24/7 na forum i sprawdza logi.[/quote]
Po pierwsze nie idioto, bo myśle, że mam większe wykształcenie niż Twoi rodzice razem wzięci.
Po drugie robi podstawowe błędy, jeżeli się na tym nie zna to po co logi sprawdza? Nie potrafi wkleić jednej linijki...
Po trzecie komputery to moja praca, mój komputer jest włączony 24/7 bo cały czas coś oblicza. Poza tym 12-letni chłopczyku mam rodzine i dzieci i takie rzeczy to możesz do kolegów mówić, widać, że nie zostałeś wychowany.

KotletSchabowy
komentarz
komentarz

No to widać, jak dbasz o rodzinę i dzieci skoro 24/7 spędzasz przed komputerem. Ja też jestem informatykiem i wypraszam sobie żeby ktoś taki jak ty obrażał mnie nazywając mnie dzieckiem. Moich rodziców w to nie mieszaj, twoi przynajmniej żyją.

wirusolog
komentarz
komentarz (edytowane)

[quote]
No to widać, jak dbasz o rodzinę i dzieci skoro 24/7 spędzasz przed komputerem.[/quote]
Gdzie napisałem, że spędzam 24 h przed komputerem? Człowieku, czytanie ze zrozumieniem, podstawówka.

[quote]
Ja też jestem informatykiem i wypraszam sobie żeby ktoś taki jak ty obrażał mnie nazywając mnie dzieckiem[/quote]
Wykształcenie? Gdzie pracujesz? Podaj WWW.

~PS: poza tym on nie powinnien w tym dziale pisać, są wyżej 4 osoby które mogą pomagać, on nie może. Nie jest polecany i widać jakie błędy robi. PODSTAWOWE.

KotletSchabowy
komentarz
komentarz (edytowane)

Wystarczy spojrzeć na aktywność na forum. Strony nie ma, lokalny sklep. Dawno temu ukończyłem studia informatyczne, jednak nie miałem dużych ambicji. Co prawda studiowałem zaocznie już w latach 90, jednak PRL to był istny koszmar.

wirusolog
komentarz
komentarz

Czyli tzw. nie mam nic do powiedzenia ale i tak się wypowiem? Powodzenia ;)

Gość
komentarz
komentarz (edytowane)

[quote name='wirusolog' timestamp='1356453138' post='1653062']
~PS:[b] poza tym on nie powinnien w tym dziale pisać, są wyżej 4 osoby które mogą pomagać[/b], on nie może. Nie jest polecany i widać jakie błędy robi. PODSTAWOWE.
[/quote]
O to żes mnie złapał a sam nawaliłes +500 postów zanim weszłeś na listę i zdaje mi się że to było całkiem nie dawno jak pojechałes mnie po tym że nie sprawdziłęm loga i zaleciłem salitykillera
2.Jestem krócej w tej tematyce od maja a ty już parę lat pewnie
3.Jeszcze pamiętam jak była fala live security platinum+zeroaccess i twoja gadka "to jest zbyt skomplikowane dla mnie" normalnie jak filutka78 i wysyłanie na fixitpc.pl(nic do tego forum nie mam) a ja jakoś brałem sie za tą infekcje i prawie wogóle nie zalecałem Combo w porównaniu do ciebie.
4.Nie było by mnie tu gdyby nie user Igorrodz który napisał mi na pclabie pw bo tutaj zbijali bąki i nikt nie odpowidał gdyby nie to pw to bym nie wiedział o tym forum.

@edit

Co tak paczysz i nie odpisujesz.
Brak słow czy przygotowujesz mi rozprawkę na temat "dlaczego powinienieś wypierdzielac z tego forum" ?
Pewnie z nerwów fapa przy fotka.tv

  • Dobra wypowiedź 1
wirusolog
komentarz
komentarz (edytowane)

[quote]
Pewnie z nerwów fapa przy fotka.tv[/quote]
Wytłumaczysz mi co to znaczy? Bo mam 38 lat i nie jestem biegły w tych waszych ,,szczeniackich wypowiedziach".

Zapraszam na PW.

  • Dobra wypowiedź 1
Gość
Ten temat został zamknięty. Brak możliwości dodania odpowiedzi.
Zarejestruj się lub zaloguj, aby dodać nowy temat albo zadaj pytanie bez logowania
×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.