x-kom hosting

Komputer wolno chodzi. Problemy z flash, audio itp. CPU 100%

kamo502
utworzono
utworzono (edytowane)

Witam

 

Strasznie zamula mi komputer  

 

Nie da sie jednoczesnie sluchac muzyki i przegladac internetu.

 

Mozecie sprawdzic czy cos siedzi?

Co poprawic? itp.

 

OTL

[log]OTL logfile created on: 2013-02-03 20:45:52 - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Gocejna\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
1023,48 Mb Total Physical Memory | 581,98 Mb Available Physical Memory | 56,86% Memory free
2,40 Gb Paging File | 1,95 Gb Available in Paging File | 81,02% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 7,55 Gb Total Space | 0,67 Gb Free Space | 8,91% Space Free | Partition Type: NTFS
Drive D: | 33,15 Gb Total Space | 16,73 Gb Free Space | 50,47% Space Free | Partition Type: NTFS
Drive E: | 33,85 Gb Total Space | 31,96 Gb Free Space | 94,42% Space Free | Partition Type: NTFS
Drive F: | 42,15 Gb Total Space | 42,08 Gb Free Space | 99,85% Space Free | Partition Type: NTFS
Drive G: | 34,17 Gb Total Space | 34,11 Gb Free Space | 99,81% Space Free | Partition Type: NTFS
 
Computer Name: STACJONARNY | User Name: Gocejna | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days
 
========== Processes (All) ==========
 
PRC - [2013-02-03 20:44:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Gocejna\Pulpit\OTL.exe
PRC - [2013-01-19 16:59:00 | 000,170,912 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013-01-18 09:07:04 | 001,248,208 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
PRC - [2012-11-22 16:58:14 | 001,522,312 | ---- | M] (pdfforge GbR) -- C:\Program Files\PDF Architect\HelperService.exe
PRC - [2012-11-22 16:56:10 | 000,905,864 | ---- | M] (pdfforge GbR) -- C:\Program Files\PDF Architect\ConversionService.exe
PRC - [2012-07-03 09:04:54 | 000,252,848 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2011-02-18 16:30:32 | 007,233,952 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\WiselinkPro.exe
PRC - [2011-02-18 16:30:26 | 000,428,088 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\http_ss_win_pro.exe
PRC - [2009-12-23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
PRC - [2009-10-16 18:45:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2009-10-16 18:45:00 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2009-10-16 18:45:00 | 000,139,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\taskmgr.exe
PRC - [2009-10-16 18:45:00 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe
PRC - [2009-10-16 18:45:00 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2009-10-16 18:45:00 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2009-10-16 18:45:00 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2009-10-16 18:45:00 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2009-10-16 18:45:00 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2009-10-16 18:45:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe  [RPCSS]
PRC - [2009-10-16 18:45:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe  [NETWORKSERVICE]
PRC - [2009-10-16 18:45:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe  [NETSVCS]
PRC - [2009-10-16 18:45:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe  [LOCALSERVICE]
PRC - [2009-10-16 18:45:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe  [LOCALSERVICE]
PRC - [2009-10-16 18:45:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe  [DCOMLAUNCH]
PRC - [2009-10-16 18:45:00 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2009-10-16 18:45:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2009-10-16 18:45:00 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2004-12-22 10:09:44 | 000,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
 
 
========== Modules (All) ==========
 
MOD - [2013-02-03 20:44:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Gocejna\Pulpit\OTL.exe
MOD - [2013-01-19 16:59:00 | 000,770,384 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Java\jre7\bin\msvcr100.dll
MOD - [2013-01-19 16:59:00 | 000,170,912 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
MOD - [2013-01-18 09:07:04 | 001,248,208 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
MOD - [2013-01-18 09:07:02 | 000,460,240 | ---- | M] () -- C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\24.0.1312.56\ppgooglenaclpluginchrome.dll
MOD - [2013-01-18 09:07:01 | 004,012,496 | ---- | M] () -- C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\24.0.1312.56\pdf.dll
MOD - [2013-01-18 09:06:14 | 009,962,960 | ---- | M] (The ICU Project) -- C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\24.0.1312.56\icudt.dll
MOD - [2013-01-18 09:06:13 | 001,552,848 | ---- | M] () -- C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\24.0.1312.56\ffmpegsumo.dll
MOD - [2013-01-18 09:06:09 | 042,904,528 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\24.0.1312.56\chrome.dll
MOD - [2012-11-24 15:48:41 | 000,057,856 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\lang.dll
MOD - [2012-11-22 16:58:14 | 001,522,312 | ---- | M] (pdfforge GbR) -- C:\Program Files\PDF Architect\HelperService.exe
MOD - [2012-11-22 16:56:10 | 000,905,864 | ---- | M] (pdfforge GbR) -- C:\Program Files\PDF Architect\ConversionService.exe
MOD - [2012-11-22 15:43:54 | 001,122,304 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\PDF Architect\libeay32.dll
MOD - [2012-11-22 15:43:54 | 000,299,008 | ---- | M] (The cURL library, http://curl.haxx.se/) -- C:\Program Files\PDF Architect\libcurl.dll
MOD - [2012-11-22 15:43:54 | 000,274,432 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\PDF Architect\ssleay32.dll
MOD - [2012-10-28 18:32:34 | 000,088,576 | ---- | M] (pdfforge GbR) -- C:\WINDOWS\system32\pdfcmon.dll
MOD - [2012-07-03 09:04:54 | 000,252,848 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
MOD - [2012-01-03 08:23:56 | 000,378,264 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll
MOD - [2011-02-18 16:30:32 | 007,233,952 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\WiselinkPro.exe
MOD - [2011-02-18 16:30:26 | 000,428,088 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\http_ss_win_pro.exe
MOD - [2010-12-18 11:02:02 | 000,672,782 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\avformat-52.dll
MOD - [2010-12-18 11:02:02 | 000,335,360 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\PCAutoChapterLib.dll
MOD - [2010-12-18 11:02:02 | 000,131,086 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\swscale-0.dll
MOD - [2010-12-18 11:02:00 | 004,434,958 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\avcodec-52.dll
MOD - [2010-12-18 11:02:00 | 000,069,134 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\avutil-50.dll
MOD - [2010-12-15 21:22:04 | 000,765,952 | ---- | M] (LIBGD Development Team) -- C:\Program Files\Samsung\AllShare\AllShareDMS\bgd.dll
MOD - [2010-12-15 21:22:04 | 000,015,936 | ---- | M] (Un4seen Developments) -- C:\Program Files\Samsung\AllShare\AllShareDMS\basswma.dll
MOD - [2010-12-15 21:22:02 | 000,573,440 | ---- | M] (http://www.id3lib.org/) -- C:\Program Files\Samsung\AllShare\AllShareDMS\id3lib.dll
MOD - [2010-12-15 21:22:02 | 000,147,456 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\libexpat.dll
MOD - [2010-12-15 21:22:02 | 000,098,872 | ---- | M] (Un4seen Developments) -- C:\Program Files\Samsung\AllShare\AllShareDMS\bass.dll
MOD - [2009-12-23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
MOD - [2009-10-16 18:45:00 | 011,069,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ieframe.dll
MOD - [2009-10-16 18:45:00 | 008,490,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2009-10-16 18:45:00 | 002,953,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\xpsp2res.dll
MOD - [2009-10-16 18:45:00 | 002,843,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msi.dll
MOD - [2009-10-16 18:45:00 | 001,986,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iertutil.dll
MOD - [2009-10-16 18:45:00 | 001,852,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\AcGenral.dll
MOD - [2009-10-16 18:45:00 | 001,748,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll
MOD - [2009-10-16 18:45:00 | 001,710,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netshell.dll
MOD - [2009-10-16 18:45:00 | 001,509,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shdocvw.dll
MOD - [2009-10-16 18:45:00 | 001,439,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\query.dll
MOD - [2009-10-16 18:45:00 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2009-10-16 18:45:00 | 001,267,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comsvcs.dll
MOD - [2009-10-16 18:45:00 | 001,209,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\urlmon.dll
MOD - [2009-10-16 18:45:00 | 001,135,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuaueng.dll
MOD - [2009-10-16 18:45:00 | 001,106,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msxml3.dll
MOD - [2009-10-16 18:45:00 | 001,092,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\esent.dll
MOD - [2009-10-16 18:45:00 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
MOD - [2009-10-16 18:45:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
MOD - [2009-10-16 18:45:00 | 001,025,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browseui.dll
MOD - [2009-10-16 18:45:00 | 001,020,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2009-10-16 18:45:00 | 001,000,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msgina.dll
MOD - [2009-10-16 18:45:00 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2009-10-16 18:45:00 | 000,981,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42u.dll
MOD - [2009-10-16 18:45:00 | 000,916,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wininet.dll
MOD - [2009-10-16 18:45:00 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2009-10-16 18:45:00 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2009-10-16 18:45:00 | 000,732,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsasrv.dll
MOD - [2009-10-16 18:45:00 | 000,723,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2009-10-16 18:45:00 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sxs.dll
MOD - [2009-10-16 18:45:00 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2009-10-16 18:45:00 | 000,675,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasdlg.dll
MOD - [2009-10-16 18:45:00 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dbghelp.dll
MOD - [2009-10-16 18:45:00 | 000,629,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netcfgx.dll
MOD - [2009-10-16 18:45:00 | 000,617,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comctl32.dll
MOD - [2009-10-16 18:45:00 | 000,602,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\crypt32.dll
MOD - [2009-10-16 18:45:00 | 000,586,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mlang.dll
MOD - [2009-10-16 18:45:00 | 000,585,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2009-10-16 18:45:00 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2009-10-16 18:45:00 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2009-10-16 18:45:00 | 000,539,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msftedit.dll
MOD - [2009-10-16 18:45:00 | 000,531,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemcore.dll
MOD - [2009-10-16 18:45:00 | 000,520,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptui.dll
MOD - [2009-10-16 18:45:00 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
MOD - [2009-10-16 18:45:00 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2009-10-16 18:45:00 | 000,483,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsvc.dll
MOD - [2009-10-16 18:45:00 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2009-10-16 18:45:00 | 000,473,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\fastprox.dll
MOD - [2009-10-16 18:45:00 | 000,453,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvsd.dll
MOD - [2009-10-16 18:45:00 | 000,439,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shimgvw.dll
MOD - [2009-10-16 18:45:00 | 000,430,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\vssapi.dll
MOD - [2009-10-16 18:45:00 | 000,428,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msdtcprx.dll
MOD - [2009-10-16 18:45:00 | 000,427,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samsrv.dll
MOD - [2009-10-16 18:45:00 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll
MOD - [2009-10-16 18:45:00 | 000,409,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\qmgr.dll
MOD - [2009-10-16 18:45:00 | 000,407,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netlogon.dll
MOD - [2009-10-16 18:45:00 | 000,406,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usp10.dll
MOD - [2009-10-16 18:45:00 | 000,401,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcss.dll
MOD - [2009-10-16 18:45:00 | 000,388,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\themeui.dll
MOD - [2009-10-16 18:45:00 | 000,354,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winhttp.dll
MOD - [2009-10-16 18:45:00 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\localspl.dll
MOD - [2009-10-16 18:45:00 | 000,346,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hnetcfg.dll
MOD - [2009-10-16 18:45:00 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2009-10-16 18:45:00 | 000,339,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netapi32.dll
MOD - [2009-10-16 18:45:00 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscui.dll
MOD - [2009-10-16 18:45:00 | 000,330,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipnathlp.dll
MOD - [2009-10-16 18:45:00 | 000,325,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scesrv.dll
MOD - [2009-10-16 18:45:00 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kerberos.dll
MOD - [2009-10-16 18:45:00 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll
MOD - [2009-10-16 18:45:00 | 000,296,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\termsrv.dll
MOD - [2009-10-16 18:45:00 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2009-10-16 18:45:00 | 000,285,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pdh.dll
MOD - [2009-10-16 18:45:00 | 000,284,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\portabledeviceapi.dll
MOD - [2009-10-16 18:45:00 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2009-10-16 18:45:00 | 000,273,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemess.dll
MOD - [2009-10-16 18:45:00 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oakley.dll
MOD - [2009-10-16 18:45:00 | 000,266,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\h323.tsp
MOD - [2009-10-16 18:45:00 | 000,253,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\es.dll
MOD - [2009-10-16 18:45:00 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapisrv.dll
MOD - [2009-10-16 18:45:00 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbc32.dll
MOD - [2009-10-16 18:45:00 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\esscli.dll
MOD - [2009-10-16 18:45:00 | 000,246,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mswsock.dll
MOD - [2009-10-16 18:45:00 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui1.dll
MOD - [2009-10-16 18:45:00 | 000,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasapi32.dll
MOD - [2009-10-16 18:45:00 | 000,236,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\webcheck.dll
MOD - [2009-10-16 18:45:00 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2009-10-16 18:45:00 | 000,214,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemcomn.dll
MOD - [2009-10-16 18:45:00 | 000,210,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasppp.dll
MOD - [2009-10-16 18:45:00 | 000,208,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsaenh.dll
MOD - [2009-10-16 18:45:00 | 000,207,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\unimdm.tsp
MOD - [2009-10-16 18:45:00 | 000,198,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netman.dll
MOD - [2009-10-16 18:45:00 | 000,197,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\certcli.dll
MOD - [2009-10-16 18:45:00 | 000,195,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msutb.dll
MOD - [2009-10-16 18:45:00 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schedsvc.dll
MOD - [2009-10-16 18:45:00 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\activeds.dll
MOD - [2009-10-16 18:45:00 | 000,186,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scecli.dll
MOD - [2009-10-16 18:45:00 | 000,186,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasmans.dll
MOD - [2009-10-16 18:45:00 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2009-10-16 18:45:00 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipsecsvc.dll
MOD - [2009-10-16 18:45:00 | 000,181,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapi32.dll
MOD - [2009-10-16 18:45:00 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winmm.dll
MOD - [2009-10-16 18:45:00 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\repdrvfs.dll
MOD - [2009-10-16 18:45:00 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTFIME.IME
MOD - [2009-10-16 18:45:00 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wintrust.dll
MOD - [2009-10-16 18:45:00 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\w32time.dll
MOD - [2009-10-16 18:45:00 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll
MOD - [2009-10-16 18:45:00 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srsvc.dll
MOD - [2009-10-16 18:45:00 | 000,166,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\portabledevicetypes.dll
MOD - [2009-10-16 18:45:00 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\credui.dll
MOD - [2009-10-16 18:45:00 | 000,163,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleacc.dll
MOD - [2009-10-16 18:45:00 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msdtcuiu.dll
MOD - [2009-10-16 18:45:00 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rastls.dll
MOD - [2009-10-16 18:45:00 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dnsapi.dll
MOD - [2009-10-16 18:45:00 | 000,147,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schannel.dll
MOD - [2009-10-16 18:45:00 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2009-10-16 18:45:00 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmisvc.dll
MOD - [2009-10-16 18:45:00 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprov.dll
MOD - [2009-10-16 18:45:00 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\onex.dll
MOD - [2009-10-16 18:45:00 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntshrui.dll
MOD - [2009-10-16 18:45:00 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imagehlp.dll
MOD - [2009-10-16 18:45:00 | 000,143,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\adsldpc.dll
MOD - [2009-10-16 18:45:00 | 000,140,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc_os.dll
MOD - [2009-10-16 18:45:00 | 000,139,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\taskmgr.exe
MOD - [2009-10-16 18:45:00 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dssenh.dll
MOD - [2009-10-16 18:45:00 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msv1_0.dll
MOD - [2009-10-16 18:45:00 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shsvcs.dll
MOD - [2009-10-16 18:45:00 | 000,134,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wkssvc.dll
MOD - [2009-10-16 18:45:00 | 000,133,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wpdshserviceobj.dll
MOD - [2009-10-16 18:45:00 | 000,133,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\upnp.dll
MOD - [2009-10-16 18:45:00 | 000,128,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advpack.dll
MOD - [2009-10-16 18:45:00 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eappcfg.dll
MOD - [2009-10-16 18:45:00 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe
MOD - [2009-10-16 18:45:00 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dhcpcsvc.dll
MOD - [2009-10-16 18:45:00 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll
MOD - [2009-10-16 18:45:00 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\umpnpmgr.dll
MOD - [2009-10-16 18:45:00 | 000,122,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\stobject.dll
MOD - [2009-10-16 18:45:00 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll
MOD - [2009-10-16 18:45:00 | 000,116,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mstlsapi.dll
MOD - [2009-10-16 18:45:00 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
MOD - [2009-10-16 18:45:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2009-10-16 18:45:00 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2009-10-16 18:45:00 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32spl.dll
MOD - [2009-10-16 18:45:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscdll.dll
MOD - [2009-10-16 18:45:00 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winscard.dll
MOD - [2009-10-16 18:45:00 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\loadperf.dll
MOD - [2009-10-16 18:45:00 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiutils.dll
MOD - [2009-10-16 18:45:00 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcint.dll
MOD - [2009-10-16 18:45:00 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\actxprxy.dll
MOD - [2009-10-16 18:45:00 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psbase.dll
MOD - [2009-10-16 18:45:00 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srvsvc.dll
MOD - [2009-10-16 18:45:00 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iphlpapi.dll
MOD - [2009-10-16 18:45:00 | 000,093,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wlnotify.dll
MOD - [2009-10-16 18:45:00 | 000,091,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mydocs.dll
MOD - [2009-10-16 18:45:00 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\trkwks.dll
MOD - [2009-10-16 18:45:00 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiaprpl.dll
MOD - [2009-10-16 18:45:00 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mprapi.dll
MOD - [2009-10-16 18:45:00 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2009-10-16 18:45:00 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2_32.dll
MOD - [2009-10-16 18:45:00 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui0.dll
MOD - [2009-10-16 18:45:00 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscsvc.dll
MOD - [2009-10-16 18:45:00 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\raschap.dll
MOD - [2009-10-16 18:45:00 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browser.dll
MOD - [2009-10-16 18:45:00 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\qutil.dll
MOD - [2009-10-16 18:45:00 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolss.dll
MOD - [2009-10-16 18:45:00 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetpp.dll
MOD - [2009-10-16 18:45:00 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mscms.dll
MOD - [2009-10-16 18:45:00 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.dll
MOD - [2009-10-16 18:45:00 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2009-10-16 18:45:00 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browselc.dll
MOD - [2009-10-16 18:45:00 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdsapi.dll
MOD - [2009-10-16 18:45:00 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mtxclu.dll
MOD - [2009-10-16 18:45:00 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shimeng.dll
MOD - [2009-10-16 18:45:00 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptnet.dll
MOD - [2009-10-16 18:45:00 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll
MOD - [2009-10-16 18:45:00 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptsvc.dll
MOD - [2009-10-16 18:45:00 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\authz.dll
MOD - [2009-10-16 18:45:00 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasqec.dll
MOD - [2009-10-16 18:45:00 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasman.dll
MOD - [2009-10-16 18:45:00 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\colbact.dll
MOD - [2009-10-16 18:45:00 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cabinet.dll
MOD - [2009-10-16 18:45:00 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mpr.dll
MOD - [2009-10-16 18:45:00 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\resutils.dll
MOD - [2009-10-16 18:45:00 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msasn1.dll
MOD - [2009-10-16 18:45:00 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\atl.dll
MOD - [2009-10-16 18:45:00 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rastapi.dll
MOD - [2009-10-16 18:45:00 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clusapi.dll
MOD - [2009-10-16 18:45:00 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
MOD - [2009-10-16 18:45:00 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ndptsp.tsp
MOD - [2009-10-16 18:45:00 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2009-10-16 18:45:00 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eventlog.dll
MOD - [2009-10-16 18:45:00 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdigest.dll
MOD - [2009-10-16 18:45:00 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winsta.dll
MOD - [2009-10-16 18:45:00 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42loc.dll
MOD - [2009-10-16 18:45:00 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsapi.dll
MOD - [2009-10-16 18:45:00 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
MOD - [2009-10-16 18:45:00 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\regapi.dll
MOD - [2009-10-16 18:45:00 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cnbjmon.dll
MOD - [2009-10-16 18:45:00 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msprivs.dll
MOD - [2009-10-16 18:45:00 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\ncprov.dll
MOD - [2009-10-16 18:45:00 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tcpmon.dll
MOD - [2009-10-16 18:45:00 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rtutils.dll
MOD - [2009-10-16 18:45:00 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlanman.dll
MOD - [2009-10-16 18:45:00 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemsvc.dll
MOD - [2009-10-16 18:45:00 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\audiosrv.dll
MOD - [2009-10-16 18:45:00 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfctrs.dll
MOD - [2009-10-16 18:45:00 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eappprxy.dll
MOD - [2009-10-16 18:45:00 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sens.dll
MOD - [2009-10-16 18:45:00 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\AcAdProc.dll
MOD - [2009-10-16 18:45:00 | 000,038,400 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
MOD - [2009-10-16 18:45:00 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ncobjapi.dll
MOD - [2009-10-16 18:45:00 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfproc.dll
MOD - [2009-10-16 18:45:00 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ssdpapi.dll
MOD - [2009-10-16 18:45:00 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pstorsvc.dll
MOD - [2009-10-16 18:45:00 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kmddsp.tsp
MOD - [2009-10-16 18:45:00 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptdll.dll
MOD - [2009-10-16 18:45:00 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winipsec.dll
MOD - [2009-10-16 18:45:00 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\traffic.dll
MOD - [2009-10-16 18:45:00 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eapolqec.dll
MOD - [2009-10-16 18:45:00 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hidphone.tsp
MOD - [2009-10-16 18:45:00 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mspatcha.dll
MOD - [2009-10-16 18:45:00 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\batmeter.dll
MOD - [2009-10-16 18:45:00 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\profmap.dll
MOD - [2009-10-16 18:45:00 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfdisk.dll
MOD - [2009-10-16 18:45:00 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\vdmdbg.dll
MOD - [2009-10-16 18:45:00 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\utildll.dll
MOD - [2009-10-16 18:45:00 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dot3api.dll
MOD - [2009-10-16 18:45:00 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\davclnt.dll
MOD - [2009-10-16 18:45:00 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shfolder.dll
MOD - [2009-10-16 18:45:00 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfos.dll
MOD - [2009-10-16 18:45:00 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcbcp.dll
MOD - [2009-10-16 18:45:00 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wsock32.dll
MOD - [2009-10-16 18:45:00 | 000,024,064 | ---- | M] (Microsoft Corp.) -- C:\WINDOWS\system32\dmserver.dll
MOD - [2009-10-16 18:45:00 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\normaliz.dll
MOD - [2009-10-16 18:45:00 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2009-10-16 18:45:00 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ersvc.dll
MOD - [2009-10-16 18:45:00 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lpk.dll
MOD - [2009-10-16 18:45:00 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.drv
MOD - [2009-10-16 18:45:00 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hid.dll
MOD - [2009-10-16 18:45:00 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2help.dll
MOD - [2009-10-16 18:45:00 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\linkinfo.dll
MOD - [2009-10-16 18:45:00 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wshtcpip.dll
MOD - [2009-10-16 18:45:00 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dimsntfy.dll
MOD - [2009-10-16 18:45:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemprox.dll
MOD - [2009-10-16 18:45:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2009-10-16 18:45:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\seclogon.dll
MOD - [2009-10-16 18:45:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\qmgrprxy.dll
MOD - [2009-10-16 18:45:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\midimap.dll
MOD - [2009-10-16 18:45:00 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wtsapi32.dll
MOD - [2009-10-16 18:45:00 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\nddeapi.dll
MOD - [2009-10-16 18:45:00 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfnet.dll
MOD - [2009-10-16 18:45:00 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\powrprof.dll
MOD - [2009-10-16 18:45:00 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipconf.tsp
MOD - [2009-10-16 18:45:00 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winrnr.dll
MOD - [2009-10-16 18:45:00 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usbmon.dll
MOD - [2009-10-16 18:45:00 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pjlmon.dll
MOD - [2009-10-16 18:45:00 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
MOD - [2009-10-16 18:45:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe
MOD - [2009-10-16 18:45:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drprov.dll
MOD - [2009-10-16 18:45:00 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
MOD - [2009-10-16 18:45:00 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uniplat.dll
MOD - [2009-10-16 18:45:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
MOD - [2009-10-16 18:45:00 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasctrs.dll
MOD - [2009-10-16 18:45:00 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfts.dll
MOD - [2009-10-16 18:45:00 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netrap.dll
MOD - [2009-10-16 18:45:00 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\icaapi.dll
MOD - [2009-10-16 18:45:00 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pschdprf.dll
MOD - [2009-10-16 18:45:00 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsvpperf.dll
MOD - [2009-10-16 18:45:00 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dot3dlg.dll
MOD - [2009-10-16 18:45:00 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlsapi.dll
MOD - [2009-10-16 18:45:00 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasadhlp.dll
MOD - [2009-10-16 18:45:00 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapres.dll
MOD - [2009-10-16 18:45:00 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sensapi.dll
MOD - [2009-10-16 18:45:00 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\bitsprx4.dll
MOD - [2009-10-16 18:45:00 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauserv.dll
MOD - [2009-10-16 18:45:00 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msidle.dll
MOD - [2009-10-16 18:45:00 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wmi.dll
MOD - [2009-10-16 18:45:00 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapiperf.dll
MOD - [2009-10-16 18:45:00 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc.dll
MOD - [2009-10-16 18:45:00 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msimg32.dll
MOD - [2009-02-27 19:04:20 | 000,311,296 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.POL
MOD - [2008-07-25 11:17:20 | 000,635,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll
MOD - [2008-07-25 11:17:02 | 000,088,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll
MOD - [2008-07-25 11:17:02 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netfxperf.dll
MOD - [2008-07-25 11:17:00 | 000,089,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
MOD - [2008-07-25 11:16:58 | 005,815,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
MOD - [2008-07-25 11:16:58 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mscoree.dll
MOD - [2008-07-25 11:16:40 | 000,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
MOD - [2008-07-06 13:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
MOD - [2008-04-14 19:51:58 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdmaud.drv
MOD - [2004-12-22 10:09:44 | 000,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2013-01-19 16:59:00 | 000,170,912 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012-11-22 16:58:14 | 001,522,312 | ---- | M] (pdfforge GbR) [Auto | Running] -- C:\Program Files\PDF Architect\HelperService.exe -- (PDF Architect Helper Service)
SRV - [2012-11-22 16:56:10 | 000,905,864 | ---- | M] (pdfforge GbR) [Auto | Running] -- C:\Program Files\PDF Architect\ConversionService.exe -- (PDF Architect Service)
SRV - [2012-01-05 16:42:34 | 000,075,624 | ---- | M] (Alcohol Soft Development Team) [Auto | Stopped] -- C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe -- (AxAutoMntSrv)
SRV - [2011-02-18 16:30:32 | 007,233,952 | ---- | M] () [Auto | Running] -- C:\Program Files\Samsung\AllShare\AllShareDMS\WiselinkPro.exe -- (SamsungAllShare)
SRV - [2011-02-18 16:30:22 | 000,022,464 | ---- | M] (Samsung Electronics) [Auto | Stopped] -- C:\Program Files\Samsung\AllShare\AllShareSlideShowService.exe -- (SimpleSlideShowServer)
SRV - [2009-12-23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - File not found [Kernel | On_Demand | Unknown] --  -- (akoxdk9c)
DRV - [2013-01-09 16:48:33 | 000,466,008 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2012-06-03 09:45:50 | 000,005,504 | ---- | M] () [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009-10-16 18:45:00 | 000,215,856 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\Si3132r5.sys -- (Si3132r5)
DRV - [2009-10-16 18:45:00 | 000,212,520 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\Si3531.sys -- (Si3531)
DRV - [2009-10-16 18:45:00 | 000,195,072 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\drivers\Si3114r5.sys -- (Si3114r5)
DRV - [2009-10-16 18:45:00 | 000,074,672 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\si3132.sys -- (Si3132)
DRV - [2009-10-16 18:45:00 | 000,069,248 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\si3124.sys -- (Si3124)
DRV - [2009-10-16 18:45:00 | 000,062,336 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\si3112.sys -- (Si3112)
DRV - [2009-03-15 13:17:02 | 000,014,720 | ---- | M] (SUPERAL Semiconductor, Inc. Co Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sr9usb.sys -- (SR9USB)
DRV - [2008-04-13 23:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008-04-13 21:05:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)
DRV - [2005-05-03 10:31:56 | 000,045,056 | ---- | M] (ULi Electronics Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\AGPKX.SYS -- (uliagpkx)
DRV - [2005-03-09 14:53:00 | 000,043,008 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2004-12-22 10:07:12 | 002,304,320 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM)
DRV - [2004-12-02 09:36:08 | 000,070,912 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2004-12-01 03:49:18 | 000,051,840 | ---- | M] (ULi Electronics Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\m5289.sys -- (m5289)
DRV - [2002-09-16 17:14:32 | 000,004,228 | ---- | M] (PowerQuest Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\PQNTDRV.sys -- (PQNTDrv)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000.10014&barid={AEE0A315-4391-11E2-BB2C-8E041AF50470}
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1757981266-1284227242-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000.10014&barid={AEE0A315-4391-11E2-BB2C-8E041AF50470}
IE - HKU\S-1-5-21-1757981266-1284227242-1801674531-1003\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKU\S-1-5-21-1757981266-1284227242-1801674531-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1757981266-1284227242-1801674531-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-21-1757981266-1284227242-1801674531-1003\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10014&barid={AEE0A315-4391-11E2-BB2C-8E041AF50470}
IE - HKU\S-1-5-21-1757981266-1284227242-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.11.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFPDFArchitectConverter@pdfarchitect.com: C:\Program Files\PDF Architect\FFPDFArchitectExt [2012-11-29 13:33:31 | 000,000,000 | ---D | M]
 
 
========== Chrome  ==========
 
CHR - homepage: http://www.google.pl/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.pl/
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\24.0.1312.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\24.0.1312.56\pdf.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - Extension: YouTube = C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Szukaj w Google = C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Photo Zoom for Facebook = C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi\1.1208.30.1_0\
CHR - Extension: AdBlock = C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.56_0\
CHR - Extension: Gmail = C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
CHR - Extension: YouTube = C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Szukaj w Google = C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Photo Zoom for Facebook = C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi\1.1208.30.1_0\
CHR - Extension: AdBlock = C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.56_0\
CHR - Extension: Gmail = C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2009-10-16 18:45:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (PDF Architect Helper) - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (PDF Architect Toolbar) - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files\PDF Architect\PDFIEPlugin.dll (pdfforge GbR)
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKU\S-1-5-21-1757981266-1284227242-1801674531-1003\..\Toolbar\WebBrowser: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1757981266-1284227242-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{435B20D0-D2F4-42CB-8CC0-32E2BCDF7E51}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012-10-01 19:08:42 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
NetSvcs: 6to4 -  File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: AlcoholAutomount - hkey= - key= - C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe (Alcohol Soft Development Team)
MsConfig - StartUpReg: ALi5289 - hkey= - key= - C:\Program Files\ULI5289\ALi5289.exe (ALi Corporation)
MsConfig - StartUpReg: AllShareAgent - hkey= - key= - C:\Program Files\Samsung\AllShare\AllShareAgent.exe (Samsung)
MsConfig - StartUpReg: ctfmon.exe - hkey= - key= -  File not found
MsConfig - StartUpReg: Google Update - hkey= - key= - C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe (Google Inc.)
MsConfig - StartUpReg: SweetIM - hkey= - key= - C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
MsConfig - StartUpReg: Sweetpacks Communicator - hkey= - key= - C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2
 
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
========== Files/Folders - Created Within 60 Days ==========
 
[2013-02-03 20:44:51 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Gocejna\Pulpit\OTL.exe
[2013-01-30 22:03:12 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Gocejna\Recent
[2013-01-26 12:25:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Help
[2013-01-26 12:25:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gocejna\Dane aplikacji\Help
[2013-01-26 12:15:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\PowerQuest PartitionMagic 8.0
[2013-01-26 12:15:45 | 000,000,000 | ---D | C] -- C:\Program Files\PowerQuest
[2013-01-19 17:04:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2013-01-19 17:04:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Sun
[2013-01-19 17:00:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sun
[2013-01-19 17:00:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013-01-19 16:59:36 | 000,859,552 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2013-01-19 16:59:36 | 000,780,192 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2013-01-19 16:59:36 | 000,261,024 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013-01-19 16:59:36 | 000,143,872 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013-01-19 16:59:15 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013-01-19 16:59:15 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013-01-19 16:59:15 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013-01-19 16:58:54 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013-01-19 16:57:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gocejna\Dane aplikacji\Sun
[2013-01-19 16:56:56 | 000,895,904 | ---- | C] (Oracle Corporation) -- C:\Documents and Settings\Gocejna\Pulpit\chromeinstall-7u11.exe
[2013-01-10 23:19:25 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Gocejna\Menu Start\Programy\Narzędzia administracyjne
[2013-01-09 18:34:00 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2013-01-09 17:24:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gocejna\Dane aplikacji\Canneverbe Limited
[2013-01-09 17:24:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Canneverbe Limited
[2013-01-09 17:24:19 | 000,000,000 | ---D | C] -- C:\Program Files\CDBurnerXP
[2013-01-09 16:49:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Alcohol 52%
[2013-01-09 16:49:37 | 000,000,000 | ---D | C] -- C:\Program Files\Alcohol Soft
[2013-01-09 16:48:33 | 000,466,008 | ---- | C] (Duplex Secure Ltd.) -- C:\WINDOWS\System32\drivers\sptd.sys
[2012-12-16 21:47:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gocejna\Pulpit\Eagle -podrecznik
[2012-12-16 16:24:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\CCleaner
[2012-12-16 16:24:56 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012-12-11 13:52:56 | 000,000,000 | ---D | C] -- C:\Program Files\SweetIM
[2012-12-11 13:52:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\SweetIM
[2012-12-11 13:52:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Pazera Free MP4 to AVI Converter
[2012-12-11 13:52:22 | 000,000,000 | ---D | C] -- C:\Program Files\pazera-software
[2012-12-11 13:37:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gocejna\Dane aplikacji\Media Player Classic
[2012-12-11 13:34:08 | 000,000,000 | ---D | C] -- C:\Program Files\SubEdit-Player
[2012-12-11 13:34:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\SubEdit-Player
[2012-12-11 13:32:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\ffdshow
[2012-12-11 13:32:05 | 000,000,000 | ---D | C] -- C:\Program Files\ffdshow
[2012-12-09 23:48:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\EAGLE Layout Editor 6.1.0
[2012-12-09 23:48:18 | 000,000,000 | ---D | C] -- C:\Program Files\EAGLE-6.1.0
[2012-12-09 23:34:03 | 000,000,000 | ---D | C] -- C:\Program Files\EAGLE-5.8.0
[2012-12-09 23:30:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gocejna\Moje dokumenty\Downloads
[2012-12-09 23:27:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gocejna\Moje dokumenty\eagle
[2012-12-09 23:21:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gocejna\Dane aplikacji\CadSoft
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 60 Days ==========
 
[2013-02-03 20:46:05 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\Gocejna\Pulpit\RSIT.exe
[2013-02-03 20:44:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Gocejna\Pulpit\OTL.exe
[2013-02-03 20:44:04 | 000,001,140 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1757981266-1284227242-1801674531-1003UA.job
[2013-02-03 20:35:22 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1757981266-1284227242-1801674531-1003Core.job
[2013-02-03 19:53:33 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013-02-03 19:53:32 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013-02-03 19:53:30 | 1073,270,784 | -HS- | M] () -- C:\hiberfil.sys
[2013-01-29 15:01:22 | 000,075,597 | ---- | M] () -- C:\Documents and Settings\Gocejna\Pulpit\cena.JPG
[2013-01-29 14:10:49 | 000,030,568 | ---- | M] () -- C:\Documents and Settings\Gocejna\Pulpit\jak2.jpg
[2013-01-28 16:43:36 | 000,003,584 | ---- | M] () -- C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013-01-27 12:35:26 | 000,002,318 | ---- | M] () -- C:\Documents and Settings\Gocejna\Pulpit\Google Chrome.lnk
[2013-01-22 13:15:40 | 000,068,942 | ---- | M] () -- C:\Documents and Settings\Gocejna\Pulpit\279316970-7.jpg
[2013-01-22 12:57:31 | 000,022,027 | ---- | M] () -- C:\Documents and Settings\Gocejna\Pulpit\przekaznik-przerywacza-pracy-wycieraczek-hella.jpg
[2013-01-22 12:55:41 | 000,052,261 | ---- | M] () -- C:\Documents and Settings\Gocejna\Pulpit\1.JPG
[2013-01-19 16:59:01 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013-01-19 16:58:59 | 000,859,552 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2013-01-19 16:58:59 | 000,780,192 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2013-01-19 16:58:59 | 000,261,024 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013-01-19 16:58:59 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013-01-19 16:58:59 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013-01-19 16:58:59 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013-01-19 16:56:58 | 000,895,904 | ---- | M] (Oracle Corporation) -- C:\Documents and Settings\Gocejna\Pulpit\chromeinstall-7u11.exe
[2013-01-15 17:36:29 | 000,067,276 | ---- | M] () -- C:\Documents and Settings\Gocejna\Pulpit\srrsr.JPG
[2013-01-09 17:21:54 | 000,000,221 | ---- | M] () -- C:\Documents and Settings\Gocejna\Moje dokumenty\ax_files.xml
[2012-12-16 20:59:19 | 000,096,664 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-12-16 16:24:57 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\CCleaner.lnk
[2012-12-16 16:19:57 | 033,948,218 | ---- | M] () -- C:\Documents and Settings\Gocejna\Pulpit\Elektronika Latwiejsza Niz przypuszczasz - Dieter Nuhrmann.pdf
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013-02-03 20:46:05 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\Gocejna\Pulpit\RSIT.exe
[2013-01-29 15:01:22 | 000,075,597 | ---- | C] () -- C:\Documents and Settings\Gocejna\Pulpit\cena.JPG
[2013-01-29 14:10:48 | 000,030,568 | ---- | C] () -- C:\Documents and Settings\Gocejna\Pulpit\jak2.jpg
[2013-01-28 16:43:36 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013-01-22 13:15:40 | 000,068,942 | ---- | C] () -- C:\Documents and Settings\Gocejna\Pulpit\279316970-7.jpg
[2013-01-22 12:55:41 | 000,052,261 | ---- | C] () -- C:\Documents and Settings\Gocejna\Pulpit\1.JPG
[2013-01-22 12:52:56 | 000,022,027 | ---- | C] () -- C:\Documents and Settings\Gocejna\Pulpit\przekaznik-przerywacza-pracy-wycieraczek-hella.jpg
[2013-01-15 17:36:29 | 000,067,276 | ---- | C] () -- C:\Documents and Settings\Gocejna\Pulpit\srrsr.JPG
[2013-01-09 17:24:21 | 000,001,556 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\CDBurnerXP.lnk
[2013-01-09 17:24:20 | 000,005,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2013-01-09 17:20:41 | 000,000,221 | ---- | C] () -- C:\Documents and Settings\Gocejna\Moje dokumenty\ax_files.xml
[2012-12-16 16:24:57 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\CCleaner.lnk
[2012-12-16 16:13:47 | 033,948,218 | ---- | C] () -- C:\Documents and Settings\Gocejna\Pulpit\Elektronika Latwiejsza Niz przypuszczasz - Dieter Nuhrmann.pdf
[2012-12-11 13:32:06 | 000,112,640 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2012-11-24 15:55:30 | 000,065,760 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2012-11-20 22:26:07 | 000,072,192 | ---- | C] () -- C:\WINDOWS\unlite3.exe
[2012-10-01 20:57:56 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012-10-01 20:55:09 | 000,096,664 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-10-01 19:24:39 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2012-10-01 19:24:33 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2012-10-01 19:24:33 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2012-10-01 19:23:52 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\unM5289.exe
[2012-10-01 19:23:47 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\UnAGP.exe
[2012-10-01 19:11:46 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012-10-01 19:04:24 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
 
========== ZeroAccess Check ==========
 
[2012-11-24 15:53:00 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2009-10-16 18:45:00 | 001,509,888 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009-10-16 18:45:00 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2009-10-16 18:45:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2013-01-09 17:24:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Canneverbe Limited
[2013-01-10 22:27:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SweetIM
[2012-11-29 13:34:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gocejna\Dane aplikacji\APP_NAME_NON_STRING
[2012-12-09 23:21:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gocejna\Dane aplikacji\CadSoft
[2013-01-09 17:24:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gocejna\Dane aplikacji\Canneverbe Limited
[2012-11-24 16:28:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gocejna\Dane aplikacji\GHISLER
[2012-11-29 13:34:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gocejna\Dane aplikacji\PDF Architect
[2012-11-29 13:33:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gocejna\Dane aplikacji\pdfforge
[2012-11-24 15:58:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gocejna\Dane aplikacji\Samsung
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %systemdrive%\*.* >
[2012-10-01 19:08:42 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2012-11-29 12:42:48 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2009-10-16 18:45:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2012-10-01 19:08:42 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2013-02-03 19:53:30 | 1073,270,784 | -HS- | M] () -- C:\hiberfil.sys
[2012-10-01 19:08:42 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2012-10-01 19:08:42 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2009-10-16 18:45:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2009-10-16 18:45:00 | 000,251,152 | RHS- | M] () -- C:\ntldr
[2013-02-03 19:53:30 | 1610,612,736 | -HS- | M] () -- C:\pagefile.sys
 
< MD5 for: AGP440.SYS  >
[2009-10-16 18:45:00 | 017,820,258 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys
 
< MD5 for: ATAPI.SYS  >
[2009-10-16 18:45:00 | 017,820,258 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008-04-13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
 
< MD5 for: BEEP.SYS  >
[2009-10-16 18:45:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2009-10-16 18:45:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys
 
< MD5 for: CDROM.SYS  >
[2009-10-16 18:45:00 | 017,820,258 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2009-10-16 18:45:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
 
< MD5 for: EVENTLOG.DLL  >
[2009-10-16 18:45:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2009-10-16 18:45:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll
 
< MD5 for: NDIS.SYS  >
[2009-10-16 18:45:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2009-10-16 18:45:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
 
< MD5 for: WINLOGON.EXE  >
[2009-10-16 18:45:00 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2009-10-16 18:45:00 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe
 
< End of report >
[/log]
 
 
Extras
 
[log]
OTL Extras logfile created on: 2013-02-03 20:45:52 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Gocejna\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
1023,48 Mb Total Physical Memory | 581,98 Mb Available Physical Memory | 56,86% Memory free
2,40 Gb Paging File | 1,95 Gb Available in Paging File | 81,02% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 7,55 Gb Total Space | 0,67 Gb Free Space | 8,91% Space Free | Partition Type: NTFS
Drive D: | 33,15 Gb Total Space | 16,73 Gb Free Space | 50,47% Space Free | Partition Type: NTFS
Drive E: | 33,85 Gb Total Space | 31,96 Gb Free Space | 94,42% Space Free | Partition Type: NTFS
Drive F: | 42,15 Gb Total Space | 42,08 Gb Free Space | 99,85% Space Free | Partition Type: NTFS
Drive G: | 34,17 Gb Total Space | 34,11 Gb Free Space | 99,81% Space Free | Partition Type: NTFS
 
Computer Name: STACJONARNY | User Name: Gocejna | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
 
[HKEY_USERS\S-1-5-21-1757981266-1284227242-1801674531-1003\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML.Z4NCB5CK62GCWQFKVNWFOI55CU] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Samsung\AllShare\AllShareSlideShowService.exe" = C:\Program Files\Samsung\AllShare\AllShareSlideShowService.exe:*:Enabled:SimpleSlideShowServer -- (Samsung Electronics)
"C:\Program Files\Samsung\AllShare\AllShare.exe" = C:\Program Files\Samsung\AllShare\AllShare.exe:*:Enabled:SamsungAllSharePCSW -- (Samsung Electronics Co., Ltd.)
"C:\Program Files\Samsung\AllShare\AllShareAgent.exe" = C:\Program Files\Samsung\AllShare\AllShareAgent.exe:*:Enabled:SamsungAllShareAgent -- (Samsung)
"C:\Program Files\Samsung\AllShare\AllShareDMS\WiselinkPro.exe" = C:\Program Files\Samsung\AllShare\AllShareDMS\WiselinkPro.exe:*:Enabled:SamsungAllShareServer -- ()
"C:\Program Files\Samsung\AllShare\AllShareDMS\http_ss_win_pro.exe" = C:\Program Files\Samsung\AllShare\AllShareDMS\http_ss_win_pro.exe:*:Enabled:SamsungAllShareHttpServer -- ()
"C:\totalcmd\TOTALCMD.EXE" = C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit -- (Ghisler Software GmbH)
"C:\WINDOWS\system32\msiexec.exe" = C:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup -- (Microsoft Corporation)
"C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe" = C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe:*:Enabled:SweetPacksUpdateManager -- (SweetIM Technologies Ltd.)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{26A24AE4-039D-4CA4-87B4-2F83217011FF}" = Java 7 Update 11
"{30B41B7A-3C9D-44DE-A7A1-949011F33CC3}" = PDF Architect
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{42442BC6-5A92-4BC2-9E0C-3D359D548A21}_is1" = Pazera Free MP4 to AVI Converter 1.6
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PartitionMagic
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver
"{953AA732-9AFB-49C9-84A4-7F96CA0A08DA}" = SweetPacks bundle uninstaller
"{9B3D7519-F678-49A4-B7D9-A7F56471C6EC}" = SR9600 Driver
"{A0C9DF2B-89B5-4483-8983-18A68200F1B4}" = SweetIM for Messenger 3.7
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1045-7B44-A95000000001}" = Adobe Reader 9.5.0 - Polish
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = Athlon 64 Processor Driver
"{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}" = Internet Explorer Toolbar 4.6 by SweetPacks
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare
"{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}" = Update Manager for SweetPacks 1.1
"{EC16B64A-38A7-4D7D-BA2E-671ED441304F}" = ULi PCI to AGP Controller Driver
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"Cascade DTP V4_is1" = Cascade DTP V4
"CCleaner" = CCleaner
"EAGLE 6.1.0" = EAGLE 6.1.0
"ESET Online Scanner" = ESET Online Scanner v3
"ffdshow_is1" = ffdshow v1.2.4494 [2012-11-28]
"InstallShield_{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PowerQuest PartitionMagic 8.0
"InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare
"Knights and Merchants TPR" = Knights and Merchants TPR
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"SubEdit-Player_is1" = SubEdit-Player
"TopStyle Lite (Version 3.0)" = TopStyle Lite (Version 3.0)
"Totalcmd" = Total Commander (Remove or Repair)
"ULi M5289 SATA Controller Driver" = ULi M5289 SATA Controller Driver
"WinRAR archiver" = WinRAR 4.20 (32-bitowy)
"Yenka" = Yenka
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-1757981266-1284227242-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 2013-01-26 07:14:56 | Computer Name = STACJONARNY | Source = MsiInstaller | ID = 1013
Description = Product: PartitionMagic -- 1: This installation can not be run by 
directly launching the MSI package; you must run setup.exe. 
 
Error - 2013-01-27 07:05:39 | Computer Name = STACJONARNY | Source = Service1 | ID = 0
Description = Service cannot be started. System.IndexOutOfRangeException: Index 
was outside the bounds of the array.     at AllShareSlideShowService.SlideShowService.OnStart(String[]
 args)     at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error - 2013-01-27 16:13:17 | Computer Name = STACJONARNY | Source = Service1 | ID = 0
Description = Service cannot be started. System.IndexOutOfRangeException: Index 
was outside the bounds of the array.     at AllShareSlideShowService.SlideShowService.OnStart(String[]
 args)     at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error - 2013-01-28 09:23:31 | Computer Name = STACJONARNY | Source = Service1 | ID = 0
Description = Service cannot be started. System.IndexOutOfRangeException: Index 
was outside the bounds of the array.     at AllShareSlideShowService.SlideShowService.OnStart(String[]
 args)     at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error - 2013-01-28 11:41:36 | Computer Name = STACJONARNY | Source = Service1 | ID = 0
Description = Service cannot be started. System.IndexOutOfRangeException: Index 
was outside the bounds of the array.     at AllShareSlideShowService.SlideShowService.OnStart(String[]
 args)     at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error - 2013-01-29 08:49:33 | Computer Name = STACJONARNY | Source = Service1 | ID = 0
Description = Service cannot be started. System.IndexOutOfRangeException: Index 
was outside the bounds of the array.     at AllShareSlideShowService.SlideShowService.OnStart(String[]
 args)     at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error - 2013-01-29 15:04:26 | Computer Name = STACJONARNY | Source = Service1 | ID = 0
Description = Service cannot be started. System.IndexOutOfRangeException: Index 
was outside the bounds of the array.     at AllShareSlideShowService.SlideShowService.OnStart(String[]
 args)     at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error - 2013-01-30 17:02:47 | Computer Name = STACJONARNY | Source = Service1 | ID = 0
Description = Service cannot be started. System.IndexOutOfRangeException: Index 
was outside the bounds of the array.     at AllShareSlideShowService.SlideShowService.OnStart(String[]
 args)     at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error - 2013-01-31 09:11:37 | Computer Name = STACJONARNY | Source = Service1 | ID = 0
Description = Service cannot be started. System.IndexOutOfRangeException: Index 
was outside the bounds of the array.     at AllShareSlideShowService.SlideShowService.OnStart(String[]
 args)     at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error - 2013-02-03 14:53:40 | Computer Name = STACJONARNY | Source = Service1 | ID = 0
Description = Service cannot be started. System.IndexOutOfRangeException: Index 
was outside the bounds of the array.     at AllShareSlideShowService.SlideShowService.OnStart(String[]
 args)     at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
[ System Events ]
Error - 2012-12-09 08:10:08 | Computer Name = STACJONARNY | Source = Dhcp | ID = 1002
Description = Adres IP połączenia 192.168.1.4 dla karty sieciowej o adresie A0001350A343
 został  zabroniony przez serwer DHCP 192.168.1.1 (Serwer DHCP wysłał komunikat DHCPNACK).
 
Error - 2012-12-09 08:13:48 | Computer Name = STACJONARNY | Source = Dhcp | ID = 1002
Description = Adres IP połączenia 192.168.1.3 dla karty sieciowej o adresie A0001350A343
 został  zabroniony przez serwer DHCP 192.168.1.1 (Serwer DHCP wysłał komunikat DHCPNACK).
 
Error - 2012-12-09 18:28:51 | Computer Name = STACJONARNY | Source = Dhcp | ID = 1002
Description = Adres IP połączenia 192.168.1.2 dla karty sieciowej o adresie A0001350A343
 został  zabroniony przez serwer DHCP 192.168.1.1 (Serwer DHCP wysłał komunikat DHCPNACK).
 
Error - 2012-12-11 08:05:35 | Computer Name = STACJONARNY | Source = Dhcp | ID = 1002
Description = Adres IP połączenia 192.168.1.2 dla karty sieciowej o adresie A0001350A343
 został  zabroniony przez serwer DHCP 192.168.1.1 (Serwer DHCP wysłał komunikat DHCPNACK).
 
Error - 2012-12-11 16:21:07 | Computer Name = STACJONARNY | Source = BROWSER | ID = 8032
Description = Usługa przeglądarki zbyt wiele razy nie zdołała pobrać listy kopii
 zapasowych w transporcie \Device\NetBT_Tcpip_{435B20D0-D2F4-42CB-8CC0-32E2BCDF7E51}.
Przeglądarka
 zapasowa jest zatrzymywana.
 
Error - 2012-12-24 17:32:00 | Computer Name = STACJONARNY | Source = Dhcp | ID = 1002
Description = Adres IP połączenia 192.168.1.8 dla karty sieciowej o adresie A0001350A343
 został  zabroniony przez serwer DHCP 192.168.1.1 (Serwer DHCP wysłał komunikat DHCPNACK).
 
Error - 2012-12-28 09:15:58 | Computer Name = STACJONARNY | Source = Dhcp | ID = 1002
Description = Adres IP połączenia 192.168.1.9 dla karty sieciowej o adresie A000A000A343
 został  zabroniony przez serwer DHCP 192.168.1.1 (Serwer DHCP wysłał komunikat DHCPNACK).
 
Error - 2012-12-30 18:06:40 | Computer Name = STACJONARNY | Source = Dhcp | ID = 1002
Description = Adres IP połączenia 192.168.1.10 dla karty sieciowej o adresie A0001350A343
 został  zabroniony przez serwer DHCP 192.168.1.1 (Serwer DHCP wysłał komunikat DHCPNACK).
 
Error - 2013-01-04 13:42:11 | Computer Name = STACJONARNY | Source = Dhcp | ID = 1002
Description = Adres IP połączenia 192.168.1.9 dla karty sieciowej o adresie A000A000A343
 został  zabroniony przez serwer DHCP 192.168.1.1 (Serwer DHCP wysłał komunikat DHCPNACK).
 
Error - 2013-01-05 08:54:58 | Computer Name = STACJONARNY | Source = Dhcp | ID = 1002
Description = Adres IP połączenia 192.168.1.9 dla karty sieciowej o adresie A0001350A343
 został  zabroniony przez serwer DHCP 192.168.1.1 (Serwer DHCP wysłał komunikat DHCPNACK).
 
 
< End of report >
[/log]
 
RSIT
 
[log]
Logfile of random's system information tool 1.09 (written by random/random)
Run by Gocejna at 2013-02-03 20:48:37
Microsoft Windows XP Professional Dodatek Service Pack 3
System drive C: has 689 MB (9%) free of 8 GB
Total RAM: 1023 MB (73% free)
 
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:48:42, on 2013-02-03
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
 
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\PDF Architect\HelperService.exe
C:\Program Files\PDF Architect\ConversionService.exe
C:\Program Files\Samsung\AllShare\AllShareDMS\WiselinkPro.exe
C:\Program Files\Samsung\AllShare\AllShareDMS\http_ss_win_pro.exe
C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Documents and Settings\Gocejna\Pulpit\RSIT.exe
C:\Program Files\trend micro\Gocejna.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000.10014&barid={AEE0A315-4391-11E2-BB2C-8E041AF50470}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000.10014&barid={AEE0A315-4391-11E2-BB2C-8E041AF50470}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files\PDF Architect\PDFIEPlugin.dll
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: PDF Architect Helper Service - pdfforge GbR - C:\Program Files\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GbR - C:\Program Files\PDF Architect\ConversionService.exe
O23 - Service: Samsung AllShare PC Service (SamsungAllShare) - Unknown owner - C:\Program Files\Samsung\AllShare\AllShareDMS\WiselinkPro.exe
O23 - Service: SimpleSlideShowServer - Samsung Electronics - C:\Program Files\Samsung\AllShare\AllShareSlideShowService.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
 
--
End of file - 5560 bytes
 
======Scheduled tasks folder======
 
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1757981266-1284227242-1801674531-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1757981266-1284227242-1801674531-1003UA.job
 
======Registry dump======
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 75200]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}]
PDF Architect Helper - C:\Program Files\PDF Architect\PDFIEHelper.dll [2012-11-22 91784]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-01-19 461216]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-01-19 170912]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetPacks Browser Helper - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-07-04 1310040]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{25A3A431-30BB-47C8-AD6A-E1063801134F} - PDF Architect Toolbar - C:\Program Files\PDF Architect\PDFIEPlugin.dll [2012-11-22 731784]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetPacks Toolbar for Internet Explorer - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-07-04 1310040]
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-12-22 77824]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2009-10-16 15360]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-01-03 37296]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [2012-01-05 75624]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ALi5289]
C:\Program Files\ULI5289\ALi5289.exe [2005-03-10 405504]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AllShareAgent]
C:\Program Files\Samsung\AllShare\AllShareAgent.exe [2011-02-18 250768]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2009-10-16 15360]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [2012-10-01 116648]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM]
C:\Program Files\SweetIM\Messenger\SweetIM.exe [2012-10-04 115032]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sweetpacks Communicator]
C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe [2012-08-15 231768]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2009-10-16 133632]
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
 
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Samsung\AllShare\AllShareSlideShowService.exe"="C:\Program Files\Samsung\AllShare\AllShareSlideShowService.exe:*:Enabled:SimpleSlideShowServer"
"C:\Program Files\Samsung\AllShare\AllShare.exe"="C:\Program Files\Samsung\AllShare\AllShare.exe:*:Enabled:SamsungAllSharePCSW"
"C:\Program Files\Samsung\AllShare\AllShareAgent.exe"="C:\Program Files\Samsung\AllShare\AllShareAgent.exe:*:Enabled:SamsungAllShareAgent"
"C:\Program Files\Samsung\AllShare\AllShareDMS\WiselinkPro.exe"="C:\Program Files\Samsung\AllShare\AllShareDMS\WiselinkPro.exe:*:Enabled:SamsungAllShareServer"
"C:\Program Files\Samsung\AllShare\AllShareDMS\http_ss_win_pro.exe"="C:\Program Files\Samsung\AllShare\AllShareDMS\http_ss_win_pro.exe:*:Enabled:SamsungAllShareHttpServer"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit"
"C:\WINDOWS\system32\msiexec.exe"="C:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup"
"C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe"="C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe:*:Enabled:SweetPacksUpdateManager"
 
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
 
======List of files/folders created in the last 1 month======
 
2013-02-03 20:48:38 ----D---- C:\Program Files\trend micro
2013-02-03 20:48:37 ----D---- C:\rsit
2013-01-26 12:25:42 ----D---- C:\Documents and Settings\Gocejna\Dane aplikacji\Help
2013-01-26 12:15:45 ----D---- C:\Program Files\PowerQuest
2013-01-19 17:04:28 ----D---- C:\WINDOWS\Sun
2013-01-19 17:00:16 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Sun
2013-01-19 17:00:15 ----D---- C:\Program Files\Common Files\Java
2013-01-19 16:59:36 ----A---- C:\WINDOWS\system32\npDeployJava1.dll
2013-01-19 16:59:36 ----A---- C:\WINDOWS\system32\javaws.exe
2013-01-19 16:59:36 ----A---- C:\WINDOWS\system32\deployJava1.dll
2013-01-19 16:59:15 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2013-01-19 16:59:15 ----A---- C:\WINDOWS\system32\javaw.exe
2013-01-19 16:59:15 ----A---- C:\WINDOWS\system32\java.exe
2013-01-19 16:58:54 ----D---- C:\Program Files\Java
2013-01-19 16:57:01 ----D---- C:\Documents and Settings\Gocejna\Dane aplikacji\Sun
2013-01-09 18:34:00 ----D---- C:\Program Files\ESET
2013-01-09 17:24:29 ----D---- C:\Documents and Settings\Gocejna\Dane aplikacji\Canneverbe Limited
2013-01-09 17:24:29 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Canneverbe Limited
2013-01-09 17:24:20 ----A---- C:\WINDOWS\system32\drivers\StarOpen.sys
2013-01-09 17:24:19 ----D---- C:\Program Files\CDBurnerXP
2013-01-09 16:49:37 ----D---- C:\Program Files\Alcohol Soft
2013-01-09 16:48:33 ----A---- C:\WINDOWS\system32\drivers\sptd.sys
 
======List of files/folders modified in the last 1 month======
 
2013-02-03 20:48:38 ----RD---- C:\Program Files
2013-02-03 20:48:27 ----D---- C:\WINDOWS\Prefetch
2013-02-03 19:53:51 ----D---- C:\WINDOWS\Temp
2013-01-31 19:34:09 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-01-31 14:11:45 ----D---- C:\WINDOWS
2013-01-26 12:25:51 ----D---- C:\WINDOWS\Help
2013-01-26 12:15:55 ----HD---- C:\Program Files\InstallShield Installation Information
2013-01-26 12:15:48 ----SHD---- C:\WINDOWS\Installer
2013-01-26 12:15:46 ----D---- C:\WINDOWS\system32\drivers
2013-01-26 12:15:46 ----D---- C:\WINDOWS\system32
2013-01-26 12:15:05 ----D---- C:\Program Files\Common Files\InstallShield
2013-01-23 20:58:21 ----D---- C:\WINDOWS\Network Diagnostic
2013-01-19 17:00:15 ----D---- C:\Program Files\Common Files
2013-01-15 09:36:49 ----D---- C:\WINDOWS\system32\CatRoot2
2013-01-10 22:27:12 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\SweetIM
2013-01-09 17:29:10 ----SD---- C:\Documents and Settings\Gocejna\Dane aplikacji\Microsoft
 
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
 
R0 m5289;m5289; C:\WINDOWS\system32\DRIVERS\m5289.sys [2004-12-01 51840]
R0 Si3112;Si3112; C:\WINDOWS\system32\drivers\Si3112.sys [2009-10-16 62336]
R0 Si3124;Si3124; C:\WINDOWS\system32\drivers\Si3124.sys [2009-10-16 69248]
R0 Si3132;Si3132; C:\WINDOWS\system32\drivers\Si3132.sys [2009-10-16 74672]
R0 Si3132r5;Si3132r5; C:\WINDOWS\system32\drivers\Si3132r5.sys [2009-10-16 215856]
R0 Si3531;Si3531; C:\WINDOWS\system32\drivers\Si3531.sys [2009-10-16 212520]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2013-01-09 466008]
R0 uliagpkx;ULi AGP Bus Filter Driver; C:\WINDOWS\system32\DRIVERS\agpkx.sys [2005-05-03 45056]
R1 AmdK8;Sterownik procesora AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 43008]
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
R2 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2012-06-03 5504]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-12-22 2304320]
R3 hidusb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2009-10-16 10368]
R3 mouhid;Sterownik myszy HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2009-10-16 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-04-13 1897408]
R3 SR9USB;SR9600 USB To Fast Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\sr9usb.sys [2009-03-15 14720]
S0 Si3114r5;Si3114r5; C:\WINDOWS\system32\drivers\Si3114r5.sys [2009-10-16 195072]
S3 akoxdk9c;akoxdk9c; C:\WINDOWS\system32\drivers\akoxdk9c.sys []
S3 RTL8023xp;Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2004-12-02 70912]
S3 rtl8139;Sterownik NT karty Realtek RTL8139(A/B/C)-based PCI Fast Ethernet; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-13 20992]
S3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-10-16 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-10-16 82944]
 
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
 
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-01-19 170912]
R2 PDF Architect Helper Service;PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [2012-11-22 1522312]
R2 PDF Architect Service;PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [2012-11-22 905864]
R2 SamsungAllShare;Samsung AllShare PC Service; C:\Program Files\Samsung\AllShare\AllShareDMS\WiselinkPro.exe [2011-02-18 7233952]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service; C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [2012-01-05 75624]
S2 SimpleSlideShowServer;SimpleSlideShowServer; C:\Program Files\Samsung\AllShare\AllShareSlideShowService.exe [2011-02-18 22464]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WMPNetworkSvc;Usługa udostępniania w sieci programu Windows Media Player; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-12-01 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2009-10-16 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
 
-----------------EOF-----------------
[/log]
 
INFO RSIT
 
[log]
Logfile of random's system information tool 1.09 (written by random/random)
Run by Gocejna at 2013-02-03 20:48:37
Microsoft Windows XP Professional Dodatek Service Pack 3
System drive C: has 689 MB (9%) free of 8 GB
Total RAM: 1023 MB (73% free)
 
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:48:42, on 2013-02-03
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
 
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\PDF Architect\HelperService.exe
C:\Program Files\PDF Architect\ConversionService.exe
C:\Program Files\Samsung\AllShare\AllShareDMS\WiselinkPro.exe
C:\Program Files\Samsung\AllShare\AllShareDMS\http_ss_win_pro.exe
C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Documents and Settings\Gocejna\Pulpit\RSIT.exe
C:\Program Files\trend micro\Gocejna.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000.10014&barid={AEE0A315-4391-11E2-BB2C-8E041AF50470}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000.10014&barid={AEE0A315-4391-11E2-BB2C-8E041AF50470}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files\PDF Architect\PDFIEPlugin.dll
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: PDF Architect Helper Service - pdfforge GbR - C:\Program Files\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GbR - C:\Program Files\PDF Architect\ConversionService.exe
O23 - Service: Samsung AllShare PC Service (SamsungAllShare) - Unknown owner - C:\Program Files\Samsung\AllShare\AllShareDMS\WiselinkPro.exe
O23 - Service: SimpleSlideShowServer - Samsung Electronics - C:\Program Files\Samsung\AllShare\AllShareSlideShowService.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
 
--
End of file - 5560 bytes
 
======Scheduled tasks folder======
 
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1757981266-1284227242-1801674531-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1757981266-1284227242-1801674531-1003UA.job
 
======Registry dump======
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 75200]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}]
PDF Architect Helper - C:\Program Files\PDF Architect\PDFIEHelper.dll [2012-11-22 91784]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-01-19 461216]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-01-19 170912]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetPacks Browser Helper - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-07-04 1310040]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{25A3A431-30BB-47C8-AD6A-E1063801134F} - PDF Architect Toolbar - C:\Program Files\PDF Architect\PDFIEPlugin.dll [2012-11-22 731784]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetPacks Toolbar for Internet Explorer - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-07-04 1310040]
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-12-22 77824]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2009-10-16 15360]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-01-03 37296]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [2012-01-05 75624]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ALi5289]
C:\Program Files\ULI5289\ALi5289.exe [2005-03-10 405504]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AllShareAgent]
C:\Program Files\Samsung\AllShare\AllShareAgent.exe [2011-02-18 250768]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2009-10-16 15360]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [2012-10-01 116648]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM]
C:\Program Files\SweetIM\Messenger\SweetIM.exe [2012-10-04 115032]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sweetpacks Communicator]
C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe [2012-08-15 231768]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2009-10-16 133632]
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
 
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Samsung\AllShare\AllShareSlideShowService.exe"="C:\Program Files\Samsung\AllShare\AllShareSlideShowService.exe:*:Enabled:SimpleSlideShowServer"
"C:\Program Files\Samsung\AllShare\AllShare.exe"="C:\Program Files\Samsung\AllShare\AllShare.exe:*:Enabled:SamsungAllSharePCSW"
"C:\Program Files\Samsung\AllShare\AllShareAgent.exe"="C:\Program Files\Samsung\AllShare\AllShareAgent.exe:*:Enabled:SamsungAllShareAgent"
"C:\Program Files\Samsung\AllShare\AllShareDMS\WiselinkPro.exe"="C:\Program Files\Samsung\AllShare\AllShareDMS\WiselinkPro.exe:*:Enabled:SamsungAllShareServer"
"C:\Program Files\Samsung\AllShare\AllShareDMS\http_ss_win_pro.exe"="C:\Program Files\Samsung\AllShare\AllShareDMS\http_ss_win_pro.exe:*:Enabled:SamsungAllShareHttpServer"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit"
"C:\WINDOWS\system32\msiexec.exe"="C:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup"
"C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe"="C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe:*:Enabled:SweetPacksUpdateManager"
 
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
 
======List of files/folders created in the last 1 month======
 
2013-02-03 20:48:38 ----D---- C:\Program Files\trend micro
2013-02-03 20:48:37 ----D---- C:\rsit
2013-01-26 12:25:42 ----D---- C:\Documents and Settings\Gocejna\Dane aplikacji\Help
2013-01-26 12:15:45 ----D---- C:\Program Files\PowerQuest
2013-01-19 17:04:28 ----D---- C:\WINDOWS\Sun
2013-01-19 17:00:16 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Sun
2013-01-19 17:00:15 ----D---- C:\Program Files\Common Files\Java
2013-01-19 16:59:36 ----A---- C:\WINDOWS\system32\npDeployJava1.dll
2013-01-19 16:59:36 ----A---- C:\WINDOWS\system32\javaws.exe
2013-01-19 16:59:36 ----A---- C:\WINDOWS\system32\deployJava1.dll
2013-01-19 16:59:15 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2013-01-19 16:59:15 ----A---- C:\WINDOWS\system32\javaw.exe
2013-01-19 16:59:15 ----A---- C:\WINDOWS\system32\java.exe
2013-01-19 16:58:54 ----D---- C:\Program Files\Java
2013-01-19 16:57:01 ----D---- C:\Documents and Settings\Gocejna\Dane aplikacji\Sun
2013-01-09 18:34:00 ----D---- C:\Program Files\ESET
2013-01-09 17:24:29 ----D---- C:\Documents and Settings\Gocejna\Dane aplikacji\Canneverbe Limited
2013-01-09 17:24:29 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Canneverbe Limited
2013-01-09 17:24:20 ----A---- C:\WINDOWS\system32\drivers\StarOpen.sys
2013-01-09 17:24:19 ----D---- C:\Program Files\CDBurnerXP
2013-01-09 16:49:37 ----D---- C:\Program Files\Alcohol Soft
2013-01-09 16:48:33 ----A---- C:\WINDOWS\system32\drivers\sptd.sys
 
======List of files/folders modified in the last 1 month======
 
2013-02-03 20:48:38 ----RD---- C:\Program Files
2013-02-03 20:48:27 ----D---- C:\WINDOWS\Prefetch
2013-02-03 19:53:51 ----D---- C:\WINDOWS\Temp
2013-01-31 19:34:09 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-01-31 14:11:45 ----D---- C:\WINDOWS
2013-01-26 12:25:51 ----D---- C:\WINDOWS\Help
2013-01-26 12:15:55 ----HD---- C:\Program Files\InstallShield Installation Information
2013-01-26 12:15:48 ----SHD---- C:\WINDOWS\Installer
2013-01-26 12:15:46 ----D---- C:\WINDOWS\system32\drivers
2013-01-26 12:15:46 ----D---- C:\WINDOWS\system32
2013-01-26 12:15:05 ----D---- C:\Program Files\Common Files\InstallShield
2013-01-23 20:58:21 ----D---- C:\WINDOWS\Network Diagnostic
2013-01-19 17:00:15 ----D---- C:\Program Files\Common Files
2013-01-15 09:36:49 ----D---- C:\WINDOWS\system32\CatRoot2
2013-01-10 22:27:12 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\SweetIM
2013-01-09 17:29:10 ----SD---- C:\Documents and Settings\Gocejna\Dane aplikacji\Microsoft
 
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
 
R0 m5289;m5289; C:\WINDOWS\system32\DRIVERS\m5289.sys [2004-12-01 51840]
R0 Si3112;Si3112; C:\WINDOWS\system32\drivers\Si3112.sys [2009-10-16 62336]
R0 Si3124;Si3124; C:\WINDOWS\system32\drivers\Si3124.sys [2009-10-16 69248]
R0 Si3132;Si3132; C:\WINDOWS\system32\drivers\Si3132.sys [2009-10-16 74672]
R0 Si3132r5;Si3132r5; C:\WINDOWS\system32\drivers\Si3132r5.sys [2009-10-16 215856]
R0 Si3531;Si3531; C:\WINDOWS\system32\drivers\Si3531.sys [2009-10-16 212520]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2013-01-09 466008]
R0 uliagpkx;ULi AGP Bus Filter Driver; C:\WINDOWS\system32\DRIVERS\agpkx.sys [2005-05-03 45056]
R1 AmdK8;Sterownik procesora AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 43008]
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
R2 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2012-06-03 5504]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-12-22 2304320]
R3 hidusb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2009-10-16 10368]
R3 mouhid;Sterownik myszy HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2009-10-16 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-04-13 1897408]
R3 SR9USB;SR9600 USB To Fast Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\sr9usb.sys [2009-03-15 14720]
S0 Si3114r5;Si3114r5; C:\WINDOWS\system32\drivers\Si3114r5.sys [2009-10-16 195072]
S3 akoxdk9c;akoxdk9c; C:\WINDOWS\system32\drivers\akoxdk9c.sys []
S3 RTL8023xp;Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2004-12-02 70912]
S3 rtl8139;Sterownik NT karty Realtek RTL8139(A/B/C)-based PCI Fast Ethernet; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-13 20992]
S3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-10-16 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-10-16 82944]
 
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
 
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-01-19 170912]
R2 PDF Architect Helper Service;PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [2012-11-22 1522312]
R2 PDF Architect Service;PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [2012-11-22 905864]
R2 SamsungAllShare;Samsung AllShare PC Service; C:\Program Files\Samsung\AllShare\AllShareDMS\WiselinkPro.exe [2011-02-18 7233952]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service; C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [2012-01-05 75624]
S2 SimpleSlideShowServer;SimpleSlideShowServer; C:\Program Files\Samsung\AllShare\AllShareSlideShowService.exe [2011-02-18 22464]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WMPNetworkSvc;Usługa udostępniania w sieci programu Windows Media Player; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-12-01 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2009-10-16 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
 
-----------------EOF-----------------
[/log]
 
Z gory dziekuje :)

Natsuki Kuga
komentarz
komentarz

1. Do OTL w sekcję Własne opcje skanowania/skrypt wklej:
[spoiler]
:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim....C-8E041AF50470}
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweeti...C-8E041AF50470}
IE - HKU\S-1-5-21-1757981266-1284227242-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim....C-8E041AF50470}
IE - HKU\S-1-5-21-1757981266-1284227242-1801674531-1003\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKU\S-1-5-21-1757981266-1284227242-1801674531-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKU\S-1-5-21-1757981266-1284227242-1801674531-1003\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweeti...C-8E041AF50470}
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKU\S-1-5-21-1757981266-1284227242-1801674531-1003\..\Toolbar\WebBrowser: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)

:Reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
[/spoiler]
Kliknij Wykonaj skrypt, pokaż raport.

2. Uruchom AdwCleaner z opcji Usuń. Pokaż raport.

3. Do SystemLook wklej:
[spoiler]
:service
akoxdk9c

:file
C:\WINDOWS\system32\drivers\akoxdk9c.sys
[/spoiler]
Look, pokaż raport.

4. Uaktualnij podaną pozycję do najnowszej wersji:

Adobe Reader 9.5.0 - Polish


5. Pokaż nowe logi z OTL oraz log z Gmer (w przyklejonych).

 

  • Dobra wypowiedź 1
kamo502
komentarz
komentarz

1. Log ze skryptu

 

[log]

 

========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847}\ not found.
HKU\S-1-5-21-1757981266-1284227242-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1757981266-1284227242-1801674531-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\{EEE6C35D-6118-11DC-9C72-001320C79847} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}\ not found.
File C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll not found.
Registry key HKEY_USERS\S-1-5-21-1757981266-1284227242-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1757981266-1284227242-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}\ not found.
File C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EEE6C35B-6118-11DC-9C72-001320C79847} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}\ not found.
File C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll not found.
Registry value HKEY_USERS\S-1-5-21-1757981266-1284227242-1801674531-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}\ not found.
File C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update\ deleted successfully.
 
OTL by OldTimer - Version 3.2.69.0 log created on 02042013_220922
 
[/log]
 
2. AdW 
 
[log]
[spoiler]
# AdwCleaner v2.110 - Log utworzony 04/02/2013 o 22:10:05
# Aktualizacja 03/02/2013 przez Xplode
# System operacyjny : Microsoft Windows XP Dodatek Service Pack 3 (32 bits)
# Użytkownik : Gocejna - STACJONARNY
# Tryb uruchomienia : Normalny
# Ścieżka : C:\Documents and Settings\Gocejna\Pulpit\adwcleaner.exe
# Opcja [Usuń]
 
***** [Usługi] *****
 
 
***** [Pliki / Foldery] *****
 
Folder Usunięto : C:\Documents and Settings\Gocejna\Dane aplikacji\pdfforge
Folder Usunięto : C:\WINDOWS\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Folder Usunięto : C:\WINDOWS\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}
 
***** [Rejestr] *****
 
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Klucz Usunięto : HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3
Klucz Usunięto : HKLM\Software\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B
Klucz Usunięto : HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B
Klucz Usunięto : HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3
Klucz Usunięto : HKLM\Software\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B
Klucz Usunięto : HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Klucz Usunięto : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Klucz Usunięto : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Klucz Usunięto : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Klucz Usunięto : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Klucz Usunięto : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Klucz Usunięto : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Klucz Usunięto : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Klucz Usunięto : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Klucz Usunięto : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SweetIM
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SweetPacks Communicator
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{953AA732-9AFB-49C9-84A4-7F96CA0A08DA}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12BF94BD06C95F343A77631402B9556A
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2124D8A8CF720FD44866190AF560228E
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\27A325ACED8CA4743A30127638591ADB
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\350D17402BD84234EAF7D32F08172D7C
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3EE8C5F419057E1478A654868CEE60B5
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4735D908D66E1BA46B6C2D7185A12B2B
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76D8378E2DDAED3428720A631F6E3BF0
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A001B259DB7D694E818BE29B973992C
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE2EC163C6A68A48921573E0E7E199D
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C06C6662FA5B04646829E4A460857770
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CEEB3E14ABE8270419B0FD762E18F7C6
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1B5E9A3BDB51349BF96E842C062D98
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FECBC2BC14DA6CD459BD59A041709836
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2FD9C0A5B9838449838816A28001F4B
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{953AA732-9AFB-49C9-84A4-7F96CA0A08DA}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}
 
***** [Przeglądarki Internetowe] *****
 
-\\ Internet Explorer v8.0.6001.18702
 
[OK] Rejestr w porządku.
 
-\\ Google Chrome v24.0.1312.57
 
Plik : C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Preferences
 
[OK] Plik w porządku.
 
*************************
 
AdwCleaner[S1].txt - [14948 octets] - [04/02/2013 22:10:05]
 
########## EOF - C:\AdwCleaner[S1].txt - [15009 octets] ##########
 
[/spoiler]
[/log]
 
 
3. System Look
 
[log]
 

SystemLook 30.07.11 by jpshortstuff
Log created at 22:13 on 04/02/2013 by Gocejna
Administrator - Elevation successful
 
========== service ==========
 
akoxdk9c - Unable to open Service Handle.
 
========== file ==========
 
C:\WINDOWS\system32\drivers\akoxdk9c.sys - Unable to find/read file.
 
-= EOF =-
 
[/log]
 
4. Uaktualniono.
 
5. OTL
 
[log]OTL logfile created on: 2013-02-04 22:23:09 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Gocejna\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
1023,48 Mb Total Physical Memory | 450,84 Mb Available Physical Memory | 44,05% Memory free
2,40 Gb Paging File | 1,73 Gb Available in Paging File | 71,83% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 7,55 Gb Total Space | 0,37 Gb Free Space | 4,85% Space Free | Partition Type: NTFS
Drive D: | 33,15 Gb Total Space | 16,73 Gb Free Space | 50,47% Space Free | Partition Type: NTFS
Drive E: | 33,85 Gb Total Space | 31,96 Gb Free Space | 94,42% Space Free | Partition Type: NTFS
Drive F: | 42,15 Gb Total Space | 42,08 Gb Free Space | 99,85% Space Free | Partition Type: NTFS
Drive G: | 34,17 Gb Total Space | 34,11 Gb Free Space | 99,81% Space Free | Partition Type: NTFS
 
Computer Name: STACJONARNY | User Name: Gocejna | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days
 
========== Processes (All) ==========
 
PRC - [2013-02-03 20:44:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Gocejna\Pulpit\OTL.exe
PRC - [2013-01-26 03:35:08 | 001,248,208 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
PRC - [2013-01-19 16:59:00 | 000,170,912 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2012-11-22 16:58:14 | 001,522,312 | ---- | M] (pdfforge GbR) -- C:\Program Files\PDF Architect\HelperService.exe
PRC - [2012-11-22 16:56:10 | 000,905,864 | ---- | M] (pdfforge GbR) -- C:\Program Files\PDF Architect\ConversionService.exe
PRC - [2012-11-13 14:08:12 | 003,487,240 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
PRC - [2012-11-13 14:08:08 | 003,825,176 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
PRC - [2012-11-13 14:07:20 | 001,369,624 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2012-11-13 14:07:16 | 001,103,392 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2011-02-18 16:30:32 | 007,233,952 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\WiselinkPro.exe
PRC - [2011-02-18 16:30:26 | 000,428,088 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\http_ss_win_pro.exe
PRC - [2009-12-23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
PRC - [2009-10-16 18:45:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2009-10-16 18:45:00 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2009-10-16 18:45:00 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe
PRC - [2009-10-16 18:45:00 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2009-10-16 18:45:00 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msiexec.exe
PRC - [2009-10-16 18:45:00 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2009-10-16 18:45:00 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2009-10-16 18:45:00 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2009-10-16 18:45:00 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2009-10-16 18:45:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe  [RPCSS]
PRC - [2009-10-16 18:45:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe  [NETWORKSERVICE]
PRC - [2009-10-16 18:45:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe  [NETSVCS]
PRC - [2009-10-16 18:45:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe  [LOCALSERVICE]
PRC - [2009-10-16 18:45:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe  [LOCALSERVICE]
PRC - [2009-10-16 18:45:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe  [DCOMLAUNCH]
PRC - [2009-10-16 18:45:00 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2009-10-16 18:45:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2009-10-16 18:45:00 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2004-12-22 10:09:44 | 000,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
 
 
========== Modules (All) ==========
 
MOD - [2013-02-03 20:44:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Gocejna\Pulpit\OTL.exe
MOD - [2013-01-26 03:35:08 | 001,248,208 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
MOD - [2013-01-26 03:35:06 | 000,460,240 | ---- | M] () -- C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\24.0.1312.57\ppgooglenaclpluginchrome.dll
MOD - [2013-01-26 03:35:04 | 004,012,496 | ---- | M] () -- C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\24.0.1312.57\pdf.dll
MOD - [2013-01-26 03:34:17 | 009,962,960 | ---- | M] (The ICU Project) -- C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\24.0.1312.57\icudt.dll
MOD - [2013-01-26 03:34:16 | 001,552,848 | ---- | M] () -- C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\24.0.1312.57\ffmpegsumo.dll
MOD - [2013-01-26 03:34:12 | 042,905,552 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\24.0.1312.57\chrome.dll
MOD - [2013-01-19 16:59:00 | 000,770,384 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Java\jre7\bin\msvcr100.dll
MOD - [2013-01-19 16:59:00 | 000,170,912 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
MOD - [2012-11-24 15:48:41 | 000,057,856 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\lang.dll
MOD - [2012-11-22 16:58:14 | 001,522,312 | ---- | M] (pdfforge GbR) -- C:\Program Files\PDF Architect\HelperService.exe
MOD - [2012-11-22 16:56:10 | 000,905,864 | ---- | M] (pdfforge GbR) -- C:\Program Files\PDF Architect\ConversionService.exe
MOD - [2012-11-22 15:43:54 | 001,122,304 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\PDF Architect\libeay32.dll
MOD - [2012-11-22 15:43:54 | 000,299,008 | ---- | M] (The cURL library, http://curl.haxx.se/) -- C:\Program Files\PDF Architect\libcurl.dll
MOD - [2012-11-22 15:43:54 | 000,274,432 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\PDF Architect\ssleay32.dll
MOD - [2012-11-13 14:08:12 | 003,487,240 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
MOD - [2012-11-13 14:08:08 | 003,825,176 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
MOD - [2012-11-13 14:07:20 | 001,369,624 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
MOD - [2012-11-13 14:07:16 | 001,103,392 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
MOD - [2012-11-13 14:07:04 | 000,597,552 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDFileScanLibrary.dll
MOD - [2012-11-13 14:07:00 | 002,628,632 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDResources.dll
MOD - [2012-11-13 14:06:52 | 003,214,392 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
MOD - [2012-11-13 14:06:46 | 000,129,080 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDECon32.dll
MOD - [2012-11-13 14:06:36 | 001,254,456 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDAdvancedCheckLibrary.dll
MOD - [2012-11-13 14:06:32 | 000,158,624 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
MOD - [2012-11-13 14:06:30 | 000,876,056 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\snlBase150.bpl
MOD - [2012-11-13 14:06:30 | 000,108,960 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2012-11-13 14:06:28 | 000,554,400 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl
MOD - [2012-11-13 14:06:28 | 000,528,288 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\JSDialogPack150.bpl
MOD - [2012-11-13 14:06:28 | 000,416,160 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
MOD - [2012-11-13 14:06:26 | 003,643,352 | ---- | M] (Project JEDI) -- C:\Program Files\Spybot - Search & Destroy 2\Jcl150.bpl
MOD - [2012-10-28 18:32:34 | 000,088,576 | ---- | M] (pdfforge GbR) -- C:\WINDOWS\system32\pdfcmon.dll
MOD - [2012-09-10 15:46:58 | 000,244,624 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\Spybot - Search & Destroy 2\ssleay32.dll
MOD - [2012-09-10 15:46:56 | 001,112,408 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\Spybot - Search & Destroy 2\libeay32.dll
MOD - [2012-09-05 11:43:24 | 000,715,720 | ---- | M] (Embarcadero Technologies, Inc.) -- C:\Program Files\Spybot - Search & Destroy 2\vclie150.bpl
MOD - [2012-08-23 09:45:18 | 000,329,120 | ---- | M] (Embarcadero Technologies, Inc.) -- C:\Program Files\Spybot - Search & Destroy 2\vclimg150.bpl
MOD - [2012-08-23 09:45:16 | 000,243,112 | ---- | M] (Embarcadero Technologies, Inc.) -- C:\Program Files\Spybot - Search & Destroy 2\vclx150.bpl
MOD - [2012-08-23 09:45:14 | 002,477,736 | ---- | M] (Embarcadero Technologies, Inc.) -- C:\Program Files\Spybot - Search & Destroy 2\vcl150.bpl
MOD - [2012-08-23 09:45:14 | 002,169,224 | ---- | M] (Embarcadero Technologies, Inc.) -- C:\Program Files\Spybot - Search & Destroy 2\rtl150.bpl
MOD - [2012-08-23 09:38:24 | 000,574,840 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
MOD - [2012-06-09 19:20:02 | 000,168,448 | ---- | M] (Alexander Roshal) -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2012-04-04 06:54:04 | 000,300,544 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.POL
MOD - [2012-04-04 06:53:54 | 000,394,136 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll
MOD - [2011-02-18 16:30:32 | 007,233,952 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\WiselinkPro.exe
MOD - [2011-02-18 16:30:26 | 000,428,088 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\http_ss_win_pro.exe
MOD - [2010-12-18 11:02:02 | 000,672,782 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\avformat-52.dll
MOD - [2010-12-18 11:02:02 | 000,335,360 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\PCAutoChapterLib.dll
MOD - [2010-12-18 11:02:02 | 000,131,086 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\swscale-0.dll
MOD - [2010-12-18 11:02:00 | 004,434,958 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\avcodec-52.dll
MOD - [2010-12-18 11:02:00 | 000,069,134 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\avutil-50.dll
MOD - [2010-12-15 21:22:04 | 000,765,952 | ---- | M] (LIBGD Development Team) -- C:\Program Files\Samsung\AllShare\AllShareDMS\bgd.dll
MOD - [2010-12-15 21:22:04 | 000,015,936 | ---- | M] (Un4seen Developments) -- C:\Program Files\Samsung\AllShare\AllShareDMS\basswma.dll
MOD - [2010-12-15 21:22:02 | 000,573,440 | ---- | M] (http://www.id3lib.org/) -- C:\Program Files\Samsung\AllShare\AllShareDMS\id3lib.dll
MOD - [2010-12-15 21:22:02 | 000,147,456 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\libexpat.dll
MOD - [2010-12-15 21:22:02 | 000,098,872 | ---- | M] (Un4seen Developments) -- C:\Program Files\Samsung\AllShare\AllShareDMS\bass.dll
MOD - [2009-12-23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
MOD - [2009-10-16 18:45:00 | 011,069,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ieframe.dll
MOD - [2009-10-16 18:45:00 | 008,490,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2009-10-16 18:45:00 | 002,953,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\xpsp2res.dll
MOD - [2009-10-16 18:45:00 | 002,843,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msi.dll
MOD - [2009-10-16 18:45:00 | 001,986,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iertutil.dll
MOD - [2009-10-16 18:45:00 | 001,852,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\AcGenral.dll
MOD - [2009-10-16 18:45:00 | 001,710,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netshell.dll
MOD - [2009-10-16 18:45:00 | 001,509,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shdocvw.dll
MOD - [2009-10-16 18:45:00 | 001,439,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\query.dll
MOD - [2009-10-16 18:45:00 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2009-10-16 18:45:00 | 001,267,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comsvcs.dll
MOD - [2009-10-16 18:45:00 | 001,209,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\urlmon.dll
MOD - [2009-10-16 18:45:00 | 001,135,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuaueng.dll
MOD - [2009-10-16 18:45:00 | 001,106,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msxml3.dll
MOD - [2009-10-16 18:45:00 | 001,092,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\esent.dll
MOD - [2009-10-16 18:45:00 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
MOD - [2009-10-16 18:45:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
MOD - [2009-10-16 18:45:00 | 001,025,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browseui.dll
MOD - [2009-10-16 18:45:00 | 001,020,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2009-10-16 18:45:00 | 001,000,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msgina.dll
MOD - [2009-10-16 18:45:00 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2009-10-16 18:45:00 | 000,981,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42u.dll
MOD - [2009-10-16 18:45:00 | 000,916,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wininet.dll
MOD - [2009-10-16 18:45:00 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2009-10-16 18:45:00 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2009-10-16 18:45:00 | 000,732,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsasrv.dll
MOD - [2009-10-16 18:45:00 | 000,723,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2009-10-16 18:45:00 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sxs.dll
MOD - [2009-10-16 18:45:00 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2009-10-16 18:45:00 | 000,675,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasdlg.dll
MOD - [2009-10-16 18:45:00 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dbghelp.dll
MOD - [2009-10-16 18:45:00 | 000,629,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netcfgx.dll
MOD - [2009-10-16 18:45:00 | 000,617,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comctl32.dll
MOD - [2009-10-16 18:45:00 | 000,602,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\crypt32.dll
MOD - [2009-10-16 18:45:00 | 000,586,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mlang.dll
MOD - [2009-10-16 18:45:00 | 000,585,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2009-10-16 18:45:00 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2009-10-16 18:45:00 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2009-10-16 18:45:00 | 000,545,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hhctrl.ocx
MOD - [2009-10-16 18:45:00 | 000,539,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msftedit.dll
MOD - [2009-10-16 18:45:00 | 000,531,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemcore.dll
MOD - [2009-10-16 18:45:00 | 000,520,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptui.dll
MOD - [2009-10-16 18:45:00 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
MOD - [2009-10-16 18:45:00 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2009-10-16 18:45:00 | 000,483,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsvc.dll
MOD - [2009-10-16 18:45:00 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2009-10-16 18:45:00 | 000,473,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\fastprox.dll
MOD - [2009-10-16 18:45:00 | 000,453,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvsd.dll
MOD - [2009-10-16 18:45:00 | 000,431,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuapi.dll
MOD - [2009-10-16 18:45:00 | 000,430,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\vssapi.dll
MOD - [2009-10-16 18:45:00 | 000,428,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msdtcprx.dll
MOD - [2009-10-16 18:45:00 | 000,427,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samsrv.dll
MOD - [2009-10-16 18:45:00 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll
MOD - [2009-10-16 18:45:00 | 000,409,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\qmgr.dll
MOD - [2009-10-16 18:45:00 | 000,407,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netlogon.dll
MOD - [2009-10-16 18:45:00 | 000,406,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usp10.dll
MOD - [2009-10-16 18:45:00 | 000,401,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcss.dll
MOD - [2009-10-16 18:45:00 | 000,388,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\themeui.dll
MOD - [2009-10-16 18:45:00 | 000,354,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winhttp.dll
MOD - [2009-10-16 18:45:00 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\localspl.dll
MOD - [2009-10-16 18:45:00 | 000,346,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hnetcfg.dll
MOD - [2009-10-16 18:45:00 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2009-10-16 18:45:00 | 000,339,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netapi32.dll
MOD - [2009-10-16 18:45:00 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscui.dll
MOD - [2009-10-16 18:45:00 | 000,330,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipnathlp.dll
MOD - [2009-10-16 18:45:00 | 000,325,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scesrv.dll
MOD - [2009-10-16 18:45:00 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kerberos.dll
MOD - [2009-10-16 18:45:00 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll
MOD - [2009-10-16 18:45:00 | 000,296,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\termsrv.dll
MOD - [2009-10-16 18:45:00 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2009-10-16 18:45:00 | 000,285,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pdh.dll
MOD - [2009-10-16 18:45:00 | 000,284,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\portabledeviceapi.dll
MOD - [2009-10-16 18:45:00 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2009-10-16 18:45:00 | 000,273,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemess.dll
MOD - [2009-10-16 18:45:00 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oakley.dll
MOD - [2009-10-16 18:45:00 | 000,266,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\h323.tsp
MOD - [2009-10-16 18:45:00 | 000,254,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\icm32.dll
MOD - [2009-10-16 18:45:00 | 000,253,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\es.dll
MOD - [2009-10-16 18:45:00 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapisrv.dll
MOD - [2009-10-16 18:45:00 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbc32.dll
MOD - [2009-10-16 18:45:00 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\esscli.dll
MOD - [2009-10-16 18:45:00 | 000,246,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mswsock.dll
MOD - [2009-10-16 18:45:00 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui1.dll
MOD - [2009-10-16 18:45:00 | 000,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasapi32.dll
MOD - [2009-10-16 18:45:00 | 000,236,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\webcheck.dll
MOD - [2009-10-16 18:45:00 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2009-10-16 18:45:00 | 000,214,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemcomn.dll
MOD - [2009-10-16 18:45:00 | 000,210,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasppp.dll
MOD - [2009-10-16 18:45:00 | 000,208,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsaenh.dll
MOD - [2009-10-16 18:45:00 | 000,207,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\unimdm.tsp
MOD - [2009-10-16 18:45:00 | 000,198,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netman.dll
MOD - [2009-10-16 18:45:00 | 000,197,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\certcli.dll
MOD - [2009-10-16 18:45:00 | 000,195,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msutb.dll
MOD - [2009-10-16 18:45:00 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schedsvc.dll
MOD - [2009-10-16 18:45:00 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\activeds.dll
MOD - [2009-10-16 18:45:00 | 000,186,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scecli.dll
MOD - [2009-10-16 18:45:00 | 000,186,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasmans.dll
MOD - [2009-10-16 18:45:00 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2009-10-16 18:45:00 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipsecsvc.dll
MOD - [2009-10-16 18:45:00 | 000,181,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapi32.dll
MOD - [2009-10-16 18:45:00 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winmm.dll
MOD - [2009-10-16 18:45:00 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\repdrvfs.dll
MOD - [2009-10-16 18:45:00 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTFIME.IME
MOD - [2009-10-16 18:45:00 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wintrust.dll
MOD - [2009-10-16 18:45:00 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\w32time.dll
MOD - [2009-10-16 18:45:00 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll
MOD - [2009-10-16 18:45:00 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srsvc.dll
MOD - [2009-10-16 18:45:00 | 000,166,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\portabledevicetypes.dll
MOD - [2009-10-16 18:45:00 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\credui.dll
MOD - [2009-10-16 18:45:00 | 000,163,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleacc.dll
MOD - [2009-10-16 18:45:00 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msdtcuiu.dll
MOD - [2009-10-16 18:45:00 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rastls.dll
MOD - [2009-10-16 18:45:00 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dnsapi.dll
MOD - [2009-10-16 18:45:00 | 000,147,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schannel.dll
MOD - [2009-10-16 18:45:00 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2009-10-16 18:45:00 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmisvc.dll
MOD - [2009-10-16 18:45:00 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprov.dll
MOD - [2009-10-16 18:45:00 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\onex.dll
MOD - [2009-10-16 18:45:00 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntshrui.dll
MOD - [2009-10-16 18:45:00 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imagehlp.dll
MOD - [2009-10-16 18:45:00 | 000,143,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\adsldpc.dll
MOD - [2009-10-16 18:45:00 | 000,140,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc_os.dll
MOD - [2009-10-16 18:45:00 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dssenh.dll
MOD - [2009-10-16 18:45:00 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msv1_0.dll
MOD - [2009-10-16 18:45:00 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shsvcs.dll
MOD - [2009-10-16 18:45:00 | 000,134,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wkssvc.dll
MOD - [2009-10-16 18:45:00 | 000,133,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wpdshserviceobj.dll
MOD - [2009-10-16 18:45:00 | 000,133,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\upnp.dll
MOD - [2009-10-16 18:45:00 | 000,128,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advpack.dll
MOD - [2009-10-16 18:45:00 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eappcfg.dll
MOD - [2009-10-16 18:45:00 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe
MOD - [2009-10-16 18:45:00 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dhcpcsvc.dll
MOD - [2009-10-16 18:45:00 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll
MOD - [2009-10-16 18:45:00 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\umpnpmgr.dll
MOD - [2009-10-16 18:45:00 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oledlg.dll
MOD - [2009-10-16 18:45:00 | 000,122,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\stobject.dll
MOD - [2009-10-16 18:45:00 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll
MOD - [2009-10-16 18:45:00 | 000,116,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mstlsapi.dll
MOD - [2009-10-16 18:45:00 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
MOD - [2009-10-16 18:45:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2009-10-16 18:45:00 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2009-10-16 18:45:00 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32spl.dll
MOD - [2009-10-16 18:45:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscdll.dll
MOD - [2009-10-16 18:45:00 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winscard.dll
MOD - [2009-10-16 18:45:00 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\loadperf.dll
MOD - [2009-10-16 18:45:00 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiutils.dll
MOD - [2009-10-16 18:45:00 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcint.dll
MOD - [2009-10-16 18:45:00 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\actxprxy.dll
MOD - [2009-10-16 18:45:00 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psbase.dll
MOD - [2009-10-16 18:45:00 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srvsvc.dll
MOD - [2009-10-16 18:45:00 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iphlpapi.dll
MOD - [2009-10-16 18:45:00 | 000,093,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wlnotify.dll
MOD - [2009-10-16 18:45:00 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\xactsrv.dll
MOD - [2009-10-16 18:45:00 | 000,091,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mydocs.dll
MOD - [2009-10-16 18:45:00 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\trkwks.dll
MOD - [2009-10-16 18:45:00 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mui\0015\hhctrlui.dll
MOD - [2009-10-16 18:45:00 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiaprpl.dll
MOD - [2009-10-16 18:45:00 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mprapi.dll
MOD - [2009-10-16 18:45:00 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2009-10-16 18:45:00 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2_32.dll
MOD - [2009-10-16 18:45:00 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui0.dll
MOD - [2009-10-16 18:45:00 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscsvc.dll
MOD - [2009-10-16 18:45:00 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\faultrep.dll
MOD - [2009-10-16 18:45:00 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\raschap.dll
MOD - [2009-10-16 18:45:00 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msiexec.exe
MOD - [2009-10-16 18:45:00 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browser.dll
MOD - [2009-10-16 18:45:00 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\qutil.dll
MOD - [2009-10-16 18:45:00 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolss.dll
MOD - [2009-10-16 18:45:00 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetpp.dll
MOD - [2009-10-16 18:45:00 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mscms.dll
MOD - [2009-10-16 18:45:00 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.dll
MOD - [2009-10-16 18:45:00 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2009-10-16 18:45:00 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browselc.dll
MOD - [2009-10-16 18:45:00 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdsapi.dll
MOD - [2009-10-16 18:45:00 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mtxclu.dll
MOD - [2009-10-16 18:45:00 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shimeng.dll
MOD - [2009-10-16 18:45:00 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptnet.dll
MOD - [2009-10-16 18:45:00 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll
MOD - [2009-10-16 18:45:00 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptsvc.dll
MOD - [2009-10-16 18:45:00 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\authz.dll
MOD - [2009-10-16 18:45:00 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasqec.dll
MOD - [2009-10-16 18:45:00 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasman.dll
MOD - [2009-10-16 18:45:00 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\colbact.dll
MOD - [2009-10-16 18:45:00 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cabinet.dll
MOD - [2009-10-16 18:45:00 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mpr.dll
MOD - [2009-10-16 18:45:00 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\resutils.dll
MOD - [2009-10-16 18:45:00 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msasn1.dll
MOD - [2009-10-16 18:45:00 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\atl.dll
MOD - [2009-10-16 18:45:00 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rastapi.dll
MOD - [2009-10-16 18:45:00 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clusapi.dll
MOD - [2009-10-16 18:45:00 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
MOD - [2009-10-16 18:45:00 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ndptsp.tsp
MOD - [2009-10-16 18:45:00 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2009-10-16 18:45:00 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eventlog.dll
MOD - [2009-10-16 18:45:00 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdigest.dll
MOD - [2009-10-16 18:45:00 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winsta.dll
MOD - [2009-10-16 18:45:00 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42loc.dll
MOD - [2009-10-16 18:45:00 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsapi.dll
MOD - [2009-10-16 18:45:00 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
MOD - [2009-10-16 18:45:00 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\regapi.dll
MOD - [2009-10-16 18:45:00 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cnbjmon.dll
MOD - [2009-10-16 18:45:00 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msprivs.dll
MOD - [2009-10-16 18:45:00 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\ncprov.dll
MOD - [2009-10-16 18:45:00 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tcpmon.dll
MOD - [2009-10-16 18:45:00 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rtutils.dll
MOD - [2009-10-16 18:45:00 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlanman.dll
MOD - [2009-10-16 18:45:00 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemsvc.dll
MOD - [2009-10-16 18:45:00 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\audiosrv.dll
MOD - [2009-10-16 18:45:00 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfctrs.dll
MOD - [2009-10-16 18:45:00 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eappprxy.dll
MOD - [2009-10-16 18:45:00 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sens.dll
MOD - [2009-10-16 18:45:00 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\AcAdProc.dll
MOD - [2009-10-16 18:45:00 | 000,038,400 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
MOD - [2009-10-16 18:45:00 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ncobjapi.dll
MOD - [2009-10-16 18:45:00 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfproc.dll
MOD - [2009-10-16 18:45:00 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ssdpapi.dll
MOD - [2009-10-16 18:45:00 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pstorsvc.dll
MOD - [2009-10-16 18:45:00 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kmddsp.tsp
MOD - [2009-10-16 18:45:00 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptdll.dll
MOD - [2009-10-16 18:45:00 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winipsec.dll
MOD - [2009-10-16 18:45:00 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\traffic.dll
MOD - [2009-10-16 18:45:00 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eapolqec.dll
MOD - [2009-10-16 18:45:00 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hidphone.tsp
MOD - [2009-10-16 18:45:00 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mspatcha.dll
MOD - [2009-10-16 18:45:00 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\batmeter.dll
MOD - [2009-10-16 18:45:00 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\profmap.dll
MOD - [2009-10-16 18:45:00 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfdisk.dll
MOD - [2009-10-16 18:45:00 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\utildll.dll
MOD - [2009-10-16 18:45:00 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dot3api.dll
MOD - [2009-10-16 18:45:00 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\jsproxy.dll
MOD - [2009-10-16 18:45:00 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\davclnt.dll
MOD - [2009-10-16 18:45:00 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shfolder.dll
MOD - [2009-10-16 18:45:00 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfos.dll
MOD - [2009-10-16 18:45:00 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcbcp.dll
MOD - [2009-10-16 18:45:00 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wsock32.dll
MOD - [2009-10-16 18:45:00 | 000,024,064 | ---- | M] (Microsoft Corp.) -- C:\WINDOWS\system32\dmserver.dll
MOD - [2009-10-16 18:45:00 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\normaliz.dll
MOD - [2009-10-16 18:45:00 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2009-10-16 18:45:00 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ersvc.dll
MOD - [2009-10-16 18:45:00 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lpk.dll
MOD - [2009-10-16 18:45:00 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.drv
MOD - [2009-10-16 18:45:00 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hid.dll
MOD - [2009-10-16 18:45:00 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2help.dll
MOD - [2009-10-16 18:45:00 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\linkinfo.dll
MOD - [2009-10-16 18:45:00 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wshtcpip.dll
MOD - [2009-10-16 18:45:00 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dimsntfy.dll
MOD - [2009-10-16 18:45:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemprox.dll
MOD - [2009-10-16 18:45:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2009-10-16 18:45:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\seclogon.dll
MOD - [2009-10-16 18:45:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\midimap.dll
MOD - [2009-10-16 18:45:00 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wtsapi32.dll
MOD - [2009-10-16 18:45:00 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\nddeapi.dll
MOD - [2009-10-16 18:45:00 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfnet.dll
MOD - [2009-10-16 18:45:00 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\powrprof.dll
MOD - [2009-10-16 18:45:00 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipconf.tsp
MOD - [2009-10-16 18:45:00 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winrnr.dll
MOD - [2009-10-16 18:45:00 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usbmon.dll
MOD - [2009-10-16 18:45:00 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pjlmon.dll
MOD - [2009-10-16 18:45:00 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
MOD - [2009-10-16 18:45:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe
MOD - [2009-10-16 18:45:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drprov.dll
MOD - [2009-10-16 18:45:00 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
MOD - [2009-10-16 18:45:00 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uniplat.dll
MOD - [2009-10-16 18:45:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
MOD - [2009-10-16 18:45:00 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasctrs.dll
MOD - [2009-10-16 18:45:00 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfts.dll
MOD - [2009-10-16 18:45:00 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netrap.dll
MOD - [2009-10-16 18:45:00 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\icaapi.dll
MOD - [2009-10-16 18:45:00 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pschdprf.dll
MOD - [2009-10-16 18:45:00 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsvpperf.dll
MOD - [2009-10-16 18:45:00 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dot3dlg.dll
MOD - [2009-10-16 18:45:00 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlsapi.dll
MOD - [2009-10-16 18:45:00 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasadhlp.dll
MOD - [2009-10-16 18:45:00 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapres.dll
MOD - [2009-10-16 18:45:00 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sensapi.dll
MOD - [2009-10-16 18:45:00 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauserv.dll
MOD - [2009-10-16 18:45:00 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msidle.dll
MOD - [2009-10-16 18:45:00 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wmi.dll
MOD - [2009-10-16 18:45:00 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapiperf.dll
MOD - [2009-10-16 18:45:00 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc.dll
MOD - [2009-10-16 18:45:00 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msimg32.dll
MOD - [2008-07-25 11:17:20 | 000,635,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll
MOD - [2008-07-25 11:17:02 | 000,088,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll
MOD - [2008-07-25 11:17:02 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netfxperf.dll
MOD - [2008-07-25 11:17:00 | 000,089,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
MOD - [2008-07-25 11:16:58 | 005,815,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
MOD - [2008-07-25 11:16:58 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mscoree.dll
MOD - [2008-07-25 11:16:40 | 000,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
MOD - [2008-07-06 13:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
MOD - [2008-04-14 19:51:58 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdmaud.drv
MOD - [2007-11-07 02:19:32 | 000,655,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcr90.dll
MOD - [2007-11-07 02:19:32 | 000,568,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcp90.dll
MOD - [2004-12-22 10:09:44 | 000,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] -- C:\Program Files\Spybot -- (SDWSCService)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDUpdateService)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDScannerService)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2013-01-19 16:59:00 | 000,170,912 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012-11-22 16:58:14 | 001,522,312 | ---- | M] (pdfforge GbR) [Auto | Running] -- C:\Program Files\PDF Architect\HelperService.exe -- (PDF Architect Helper Service)
SRV - [2012-11-22 16:56:10 | 000,905,864 | ---- | M] (pdfforge GbR) [Auto | Running] -- C:\Program Files\PDF Architect\ConversionService.exe -- (PDF Architect Service)
SRV - [2012-01-05 16:42:34 | 000,075,624 | ---- | M] (Alcohol Soft Development Team) [Auto | Stopped] -- C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe -- (AxAutoMntSrv)
SRV - [2011-02-18 16:30:32 | 007,233,952 | ---- | M] () [Auto | Running] -- C:\Program Files\Samsung\AllShare\AllShareDMS\WiselinkPro.exe -- (SamsungAllShare)
SRV - [2011-02-18 16:30:22 | 000,022,464 | ---- | M] (Samsung Electronics) [Auto | Stopped] -- C:\Program Files\Samsung\AllShare\AllShareSlideShowService.exe -- (SimpleSlideShowServer)
SRV - [2009-12-23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - File not found [Kernel | On_Demand | Unknown] --  -- (ahy13znn)
DRV - [2013-01-09 16:48:33 | 000,466,008 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2012-06-03 09:45:50 | 000,005,504 | ---- | M] () [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009-10-16 18:45:00 | 000,215,856 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\Si3132r5.sys -- (Si3132r5)
DRV - [2009-10-16 18:45:00 | 000,212,520 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\Si3531.sys -- (Si3531)
DRV - [2009-10-16 18:45:00 | 000,195,072 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\drivers\Si3114r5.sys -- (Si3114r5)
DRV - [2009-10-16 18:45:00 | 000,074,672 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\si3132.sys -- (Si3132)
DRV - [2009-10-16 18:45:00 | 000,069,248 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\si3124.sys -- (Si3124)
DRV - [2009-10-16 18:45:00 | 000,062,336 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\si3112.sys -- (Si3112)
DRV - [2009-03-15 13:17:02 | 000,014,720 | ---- | M] (SUPERAL Semiconductor, Inc. Co Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sr9usb.sys -- (SR9USB)
DRV - [2008-04-13 23:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008-04-13 21:05:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)
DRV - [2005-05-03 10:31:56 | 000,045,056 | ---- | M] (ULi Electronics Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\AGPKX.SYS -- (uliagpkx)
DRV - [2005-03-09 14:53:00 | 000,043,008 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2004-12-22 10:07:12 | 002,304,320 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM)
DRV - [2004-12-02 09:36:08 | 000,070,912 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2004-12-01 03:49:18 | 000,051,840 | ---- | M] (ULi Electronics Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\m5289.sys -- (m5289)
DRV - [2002-09-16 17:14:32 | 000,004,228 | ---- | M] (PowerQuest Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\PQNTDRV.sys -- (PQNTDrv)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-1757981266-1284227242-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
IE - HKU\S-1-5-21-1757981266-1284227242-1801674531-1003\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-1757981266-1284227242-1801674531-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1757981266-1284227242-1801674531-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1757981266-1284227242-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.11.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFPDFArchitectConverter@pdfarchitect.com: C:\Program Files\PDF Architect\FFPDFArchitectExt [2012-11-29 13:33:31 | 000,000,000 | ---D | M]
 
 
========== Chrome  ==========
 
CHR - homepage: http://www.google.pl/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.pl/
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\24.0.1312.57\pdf.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - Extension: YouTube = C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Szukaj w Google = C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Photo Zoom for Facebook = C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi\1.1208.30.1_0\
CHR - Extension: AdBlock = C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.58_0\
CHR - Extension: Gmail = C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
CHR - Extension: YouTube = C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Szukaj w Google = C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Photo Zoom for Facebook = C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi\1.1208.30.1_0\
CHR - Extension: AdBlock = C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.58_0\
CHR - Extension: Gmail = C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2009-10-16 18:45:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (PDF Architect Helper) - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (PDF Architect Toolbar) - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files\PDF Architect\PDFIEPlugin.dll (pdfforge GbR)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 [2013-02-04 22:09:36 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 [2013-02-04 22:09:36 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 [2013-02-04 22:09:36 | 000,000,000 | ---D | M]
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1757981266-1284227242-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{435B20D0-D2F4-42CB-8CC0-32E2BCDF7E51}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) -  File not found
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012-10-01 19:08:42 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
NetSvcs: 6to4 -  File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
MsConfig - StartUpReg: AlcoholAutomount - hkey= - key= - C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe (Alcohol Soft Development Team)
MsConfig - StartUpReg: ALi5289 - hkey= - key= - C:\Program Files\ULI5289\ALi5289.exe (ALi Corporation)
MsConfig - StartUpReg: AllShareAgent - hkey= - key= - C:\Program Files\Samsung\AllShare\AllShareAgent.exe (Samsung)
MsConfig - StartUpReg: ctfmon.exe - hkey= - key= -  File not found
MsConfig - StartUpReg: SDTray - hkey= - key= - C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2
 
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
========== Files/Folders - Created Within 60 Days ==========
 
[2013-02-04 22:17:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2013-02-04 22:17:57 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2013-02-04 22:17:45 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013-02-04 22:09:22 | 000,000,000 | ---D | C] -- C:\_OTL
[2013-02-04 22:08:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gocejna\Pulpit\1
[2013-02-04 20:05:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gocejna\Moje dokumenty\ProcAlyzer Dumps
[2013-02-04 17:51:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gocejna\Pulpit\Crocodile Clips v3.5
[2013-02-04 13:31:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Spybot - Search & Destroy
[2013-02-04 13:30:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Spybot - Search & Destroy 2
[2013-02-04 13:30:35 | 000,015,224 | ---- | C] (Safer Networking Limited) -- C:\WINDOWS\System32\sdnclean.exe
[2013-02-04 13:30:26 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy 2
[2013-02-04 13:27:40 | 055,454,464 | ---- | C] (Safer-Networking Ltd.                                       ) -- C:\Documents and Settings\Gocejna\Pulpit\SpybotSD2.exe
[2013-02-03 21:51:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Unity
[2013-02-03 20:48:38 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013-02-03 20:48:37 | 000,000,000 | ---D | C] -- C:\rsit
[2013-02-03 20:44:51 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Gocejna\Pulpit\OTL.exe
[2013-01-30 22:03:12 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Gocejna\Recent
[2013-01-26 12:25:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Help
[2013-01-26 12:25:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gocejna\Dane aplikacji\Help
[2013-01-26 12:15:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\PowerQuest PartitionMagic 8.0
[2013-01-26 12:15:45 | 000,000,000 | ---D | C] -- C:\Program Files\PowerQuest
[2013-01-19 17:04:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2013-01-19 17:04:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Sun
[2013-01-19 17:00:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sun
[2013-01-19 17:00:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013-01-19 16:59:36 | 000,859,552 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2013-01-19 16:59:36 | 000,780,192 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2013-01-19 16:59:36 | 000,261,024 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013-01-19 16:59:36 | 000,143,872 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013-01-19 16:59:15 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013-01-19 16:59:15 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013-01-19 16:59:15 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013-01-19 16:58:54 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013-01-19 16:57:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gocejna\Dane aplikacji\Sun
[2013-01-19 16:56:56 | 000,895,904 | ---- | C] (Oracle Corporation) -- C:\Documents and Settings\Gocejna\Pulpit\chromeinstall-7u11.exe
[2013-01-10 23:19:25 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Gocejna\Menu Start\Programy\Narzędzia administracyjne
[2013-01-09 18:34:00 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2013-01-09 17:24:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gocejna\Dane aplikacji\Canneverbe Limited
[2013-01-09 17:24:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Canneverbe Limited
[2013-01-09 17:24:19 | 000,000,000 | ---D | C] -- C:\Program Files\CDBurnerXP
[2013-01-09 16:49:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Alcohol 52%
[2013-01-09 16:49:37 | 000,000,000 | ---D | C] -- C:\Program Files\Alcohol Soft
[2013-01-09 16:48:33 | 000,466,008 | ---- | C] (Duplex Secure Ltd.) -- C:\WINDOWS\System32\drivers\sptd.sys
[2012-12-16 21:47:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gocejna\Pulpit\Eagle -podrecznik
[2012-12-16 16:24:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\CCleaner
[2012-12-16 16:24:56 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012-12-11 13:52:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Pazera Free MP4 to AVI Converter
[2012-12-11 13:52:22 | 000,000,000 | ---D | C] -- C:\Program Files\pazera-software
[2012-12-11 13:37:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gocejna\Dane aplikacji\Media Player Classic
[2012-12-11 13:34:08 | 000,000,000 | ---D | C] -- C:\Program Files\SubEdit-Player
[2012-12-11 13:34:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\SubEdit-Player
[2012-12-11 13:32:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\ffdshow
[2012-12-11 13:32:05 | 000,000,000 | ---D | C] -- C:\Program Files\ffdshow
[2012-12-09 23:48:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\EAGLE Layout Editor 6.1.0
[2012-12-09 23:48:18 | 000,000,000 | ---D | C] -- C:\Program Files\EAGLE-6.1.0
[2012-12-09 23:34:03 | 000,000,000 | ---D | C] -- C:\Program Files\EAGLE-5.8.0
[2012-12-09 23:30:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gocejna\Moje dokumenty\Downloads
[2012-12-09 23:27:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gocejna\Moje dokumenty\eagle
[2012-12-09 23:21:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gocejna\Dane aplikacji\CadSoft
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 60 Days ==========
 
[2013-02-04 22:18:13 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader X.lnk
[2013-02-04 22:17:39 | 000,365,568 | ---- | M] () -- C:\Documents and Settings\Gocejna\Pulpit\pzww8bso.exe
[2013-02-04 22:12:48 | 000,139,264 | ---- | M] () -- C:\Documents and Settings\Gocejna\Pulpit\SystemLook.exe
[2013-02-04 22:12:37 | 000,000,239 | -HS- | M] () -- C:\boot.ini
[2013-02-04 22:11:29 | 000,000,620 | ---- | M] () -- C:\WINDOWS\tasks\Check for updates (Spybot - Search & Destroy).job
[2013-02-04 22:11:23 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013-02-04 22:11:21 | 1073,270,784 | -HS- | M] () -- C:\hiberfil.sys
[2013-02-04 22:09:59 | 000,582,111 | ---- | M] () -- C:\Documents and Settings\Gocejna\Pulpit\adwcleaner.exe
[2013-02-04 21:35:00 | 000,001,140 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1757981266-1284227242-1801674531-1003UA.job
[2013-02-04 20:35:00 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1757981266-1284227242-1801674531-1003Core.job
[2013-02-04 20:33:42 | 000,000,020 | ---- | M] () -- C:\WINDOWS\CROCCLIP.INI
[2013-02-04 20:33:38 | 000,010,110 | ---- | M] () -- C:\Documents and Settings\Gocejna\Pulpit\schemat.JPG
[2013-02-04 15:37:28 | 000,087,448 | ---- | M] () -- C:\Documents and Settings\Gocejna\Pulpit\nowosci04.02.pdf
[2013-02-04 14:00:57 | 000,005,936 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2013-02-04 13:42:23 | 000,002,318 | ---- | M] () -- C:\Documents and Settings\Gocejna\Pulpit\Google Chrome.lnk
[2013-02-04 13:31:14 | 000,000,616 | ---- | M] () -- C:\WINDOWS\tasks\Refresh immunization (Spybot - Search & Destroy).job
[2013-02-04 13:31:14 | 000,000,446 | ---- | M] () -- C:\WINDOWS\tasks\Scan the system (Spybot - Search & Destroy).job
[2013-02-04 13:30:47 | 000,001,836 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Spybot-S&D Start Center.lnk
[2013-02-04 13:29:44 | 055,454,464 | ---- | M] (Safer-Networking Ltd.                                       ) -- C:\Documents and Settings\Gocejna\Pulpit\SpybotSD2.exe
[2013-02-03 20:46:05 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\Gocejna\Pulpit\RSIT.exe
[2013-02-03 20:44:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Gocejna\Pulpit\OTL.exe
[2013-02-03 19:53:33 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013-01-29 15:01:22 | 000,075,597 | ---- | M] () -- C:\Documents and Settings\Gocejna\Pulpit\cena.JPG
[2013-01-29 14:10:49 | 000,030,568 | ---- | M] () -- C:\Documents and Settings\Gocejna\Pulpit\jak2.jpg
[2013-01-28 16:43:36 | 000,003,584 | ---- | M] () -- C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013-01-22 13:15:40 | 000,068,942 | ---- | M] () -- C:\Documents and Settings\Gocejna\Pulpit\279316970-7.jpg
[2013-01-22 12:57:31 | 000,022,027 | ---- | M] () -- C:\Documents and Settings\Gocejna\Pulpit\przekaznik-przerywacza-pracy-wycieraczek-hella.jpg
[2013-01-22 12:55:41 | 000,052,261 | ---- | M] () -- C:\Documents and Settings\Gocejna\Pulpit\1.JPG
[2013-01-19 16:59:01 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013-01-19 16:58:59 | 000,859,552 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2013-01-19 16:58:59 | 000,780,192 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2013-01-19 16:58:59 | 000,261,024 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013-01-19 16:58:59 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013-01-19 16:58:59 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013-01-19 16:58:59 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013-01-19 16:56:58 | 000,895,904 | ---- | M] (Oracle Corporation) -- C:\Documents and Settings\Gocejna\Pulpit\chromeinstall-7u11.exe
[2013-01-15 17:36:29 | 000,067,276 | ---- | M] () -- C:\Documents and Settings\Gocejna\Pulpit\srrsr.JPG
[2013-01-09 17:21:54 | 000,000,221 | ---- | M] () -- C:\Documents and Settings\Gocejna\Moje dokumenty\ax_files.xml
[2012-12-16 20:59:19 | 000,096,664 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-12-16 16:24:57 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\CCleaner.lnk
[2012-12-16 16:19:57 | 033,948,218 | ---- | M] () -- C:\Documents and Settings\Gocejna\Pulpit\Elektronika Latwiejsza Niz przypuszczasz - Dieter Nuhrmann.pdf
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013-02-04 22:18:13 | 000,002,347 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Reader X.lnk
[2013-02-04 22:18:13 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader X.lnk
[2013-02-04 22:17:39 | 000,365,568 | ---- | C] () -- C:\Documents and Settings\Gocejna\Pulpit\pzww8bso.exe
[2013-02-04 22:12:47 | 000,139,264 | ---- | C] () -- C:\Documents and Settings\Gocejna\Pulpit\SystemLook.exe
[2013-02-04 22:09:58 | 000,582,111 | ---- | C] () -- C:\Documents and Settings\Gocejna\Pulpit\adwcleaner.exe
[2013-02-04 20:33:38 | 000,010,110 | ---- | C] () -- C:\Documents and Settings\Gocejna\Pulpit\schemat.JPG
[2013-02-04 18:13:44 | 000,000,020 | ---- | C] () -- C:\WINDOWS\CROCCLIP.INI
[2013-02-04 15:37:26 | 000,087,448 | ---- | C] () -- C:\Documents and Settings\Gocejna\Pulpit\nowosci04.02.pdf
[2013-02-04 14:00:48 | 000,005,936 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2013-02-04 13:31:09 | 000,000,446 | ---- | C] () -- C:\WINDOWS\tasks\Scan the system (Spybot - Search & Destroy).job
[2013-02-04 13:31:08 | 000,000,616 | ---- | C] () -- C:\WINDOWS\tasks\Refresh immunization (Spybot - Search & Destroy).job
[2013-02-04 13:31:07 | 000,000,620 | ---- | C] () -- C:\WINDOWS\tasks\Check for updates (Spybot - Search & Destroy).job
[2013-02-04 13:30:47 | 000,001,842 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Spybot-S&D Start Center.lnk
[2013-02-04 13:30:47 | 000,001,836 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Spybot-S&D Start Center.lnk
[2013-02-03 20:46:05 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\Gocejna\Pulpit\RSIT.exe
[2013-01-29 15:01:22 | 000,075,597 | ---- | C] () -- C:\Documents and Settings\Gocejna\Pulpit\cena.JPG
[2013-01-29 14:10:48 | 000,030,568 | ---- | C] () -- C:\Documents and Settings\Gocejna\Pulpit\jak2.jpg
[2013-01-28 16:43:36 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013-01-22 13:15:40 | 000,068,942 | ---- | C] () -- C:\Documents and Settings\Gocejna\Pulpit\279316970-7.jpg
[2013-01-22 12:55:41 | 000,052,261 | ---- | C] () -- C:\Documents and Settings\Gocejna\Pulpit\1.JPG
[2013-01-22 12:52:56 | 000,022,027 | ---- | C] () -- C:\Documents and Settings\Gocejna\Pulpit\przekaznik-przerywacza-pracy-wycieraczek-hella.jpg
[2013-01-15 17:36:29 | 000,067,276 | ---- | C] () -- C:\Documents and Settings\Gocejna\Pulpit\srrsr.JPG
[2013-01-09 17:24:21 | 000,001,556 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\CDBurnerXP.lnk
[2013-01-09 17:24:20 | 000,005,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2013-01-09 17:20:41 | 000,000,221 | ---- | C] () -- C:\Documents and Settings\Gocejna\Moje dokumenty\ax_files.xml
[2012-12-16 16:24:57 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\CCleaner.lnk
[2012-12-16 16:13:47 | 033,948,218 | ---- | C] () -- C:\Documents and Settings\Gocejna\Pulpit\Elektronika Latwiejsza Niz przypuszczasz - Dieter Nuhrmann.pdf
[2012-12-11 13:32:06 | 000,112,640 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2012-11-24 15:55:30 | 000,065,760 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2012-11-20 22:26:07 | 000,072,192 | ---- | C] () -- C:\WINDOWS\unlite3.exe
[2012-10-01 20:57:56 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012-10-01 20:55:09 | 000,096,664 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-10-01 19:24:39 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2012-10-01 19:24:33 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2012-10-01 19:24:33 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2012-10-01 19:23:52 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\unM5289.exe
[2012-10-01 19:23:47 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\UnAGP.exe
[2012-10-01 19:11:46 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012-10-01 19:04:24 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
 
========== ZeroAccess Check ==========
 
[2012-11-24 15:53:00 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2009-10-16 18:45:00 | 001,509,888 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009-10-16 18:45:00 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2009-10-16 18:45:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2013-01-09 17:24:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Canneverbe Limited
[2012-11-29 13:34:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gocejna\Dane aplikacji\APP_NAME_NON_STRING
[2012-12-09 23:21:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gocejna\Dane aplikacji\CadSoft
[2013-01-09 17:24:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gocejna\Dane aplikacji\Canneverbe Limited
[2012-11-24 16:28:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gocejna\Dane aplikacji\GHISLER
[2012-11-29 13:34:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gocejna\Dane aplikacji\PDF Architect
[2012-11-24 15:58:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gocejna\Dane aplikacji\Samsung
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %systemdrive%\*.* >
[2013-02-04 22:10:22 | 000,015,079 | ---- | M] () -- C:\AdwCleaner[S1].txt
[2012-10-01 19:08:42 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2013-02-04 22:12:37 | 000,000,239 | -HS- | M] () -- C:\boot.ini
[2009-10-16 18:45:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2012-10-01 19:08:42 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2013-02-04 22:11:21 | 1073,270,784 | -HS- | M] () -- C:\hiberfil.sys
[2012-10-01 19:08:42 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2012-10-01 19:08:42 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2009-10-16 18:45:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2009-10-16 18:45:00 | 000,251,152 | RHS- | M] () -- C:\ntldr
[2013-02-04 22:11:20 | 1610,612,736 | -HS- | M] () -- C:\pagefile.sys
 
< MD5 for: AGP440.SYS  >
[2009-10-16 18:45:00 | 017,820,258 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys
 
< MD5 for: ATAPI.SYS  >
[2009-10-16 18:45:00 | 017,820,258 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008-04-13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
 
< MD5 for: BEEP.SYS  >
[2009-10-16 18:45:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2009-10-16 18:45:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys
 
< MD5 for: CDROM.SYS  >
[2009-10-16 18:45:00 | 017,820,258 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2009-10-16 18:45:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
 
< MD5 for: EVENTLOG.DLL  >
[2009-10-16 18:45:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2009-10-16 18:45:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll
 
< MD5 for: NDIS.SYS  >
[2009-10-16 18:45:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2009-10-16 18:45:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
 
< MD5 for: WINLOGON.EXE  >
[2009-10-16 18:45:00 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2009-10-16 18:45:00 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe
 
< End of report >
 
[/log]
 
EXTRAS
[log]Nie utworzylo [/log]
 
GMER
[log]GMER 2.0.18454 - http://www.gmer.net
Rootkit quick scan 2013-02-04 22:30:23
Windows 5.1.2600 Dodatek Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4 SAMSUNG_SP0802N rev.TU100-23 74,56GB
Running: pzww8bso.exe; Driver: C:\DOCUME~1\Gocejna\USTAWI~1\Temp\axldipog.sys
 
 
---- Disk sectors - GMER 2.0 ----
 
Disk  \Device\Harddisk0\DR0  malicious Win32:MBRoot code @ sector 61
Disk  \Device\Harddisk0\DR0  PE file @ sector 156360645
 
---- EOF - GMER 2.0 ----
 
[/log]
 
Natsuki Kuga
komentarz
komentarz

[quote name='kamo502' timestamp='1360012865' post='1694405']

GMER 

[b]Rootkit quick scan[/b] [/quote]

Źle wykonany log z Gmera - zapoznaj się z instrukcją wykonywania raportu (w przyklejonych).

  • Dobra wypowiedź 1
kamo502
komentarz
komentarz

Poprawione :)

 

GMER

 

[log]GMER 2.0.18454 - http://www.gmer.net

Rootkit scan 2013-02-07 15:15:15
Windows 5.1.2600 Dodatek Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4 SAMSUNG_SP0802N rev.TU100-23 74,56GB
Running: pzww8bso.exe; Driver: C:\DOCUME~1\Gocejna\USTAWI~1\Temp\axldipog.sys
 
 
---- System - GMER 2.0 ----
 
INT 0x62  ?                                                                                                                                                                                865A4CC8
INT 0x82  ?                                                                                                                                                                                865A4CC8
INT 0x83  ?                                                                                                                                                                                865D4F00
INT 0x84  ?                                                                                                                                                                                862B4CC8
INT 0x94  ?                                                                                                                                                                                862B4CC8
INT 0xA4  ?                                                                                                                                                                                862B4CC8
INT 0xB4  ?                                                                                                                                                                                862B4CC8
 
---- Kernel code sections - GMER 2.0 ----
 
.sptd1    C:\WINDOWS\system32\drivers\sptd.sys                                                                                                                                             entry point in ".sptd1" section [0xF74C1346]
.text     USBPORT.SYS!DllUnload                                                                                                                                                            F6C7D8AC 5 Bytes  JMP 862B41D8 
?         C:\WINDOWS\System32\Drivers\adys1ufm.SYS                                                                                                                                         suspicious PE modification
 
---- User code sections - GMER 2.0 ----
 
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2184] ntdll.dll!NtCreateFile + 6                                        7C90D0B4 4 Bytes  [28, 6C, 85, 00] {SUB [EBP+EAX*4+0x0], CH}
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2184] ntdll.dll!NtCreateFile + B                                        7C90D0B9 1 Byte  [E2]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2184] ntdll.dll!NtMapViewOfSection + 6                                  7C90D524 4 Bytes  [28, 6F, 85, 00]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2184] ntdll.dll!NtMapViewOfSection + B                                  7C90D529 1 Byte  [E2]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2184] ntdll.dll!NtOpenFile + 6                                          7C90D5A4 4 Bytes  [68, 6C, 85, 00]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2184] ntdll.dll!NtOpenFile + B                                          7C90D5A9 1 Byte  [E2]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2184] ntdll.dll!NtOpenProcess + 6                                       7C90D604 4 Bytes  [A8, 6D, 85, 00] {TEST AL, 0x6d; TEST [EAX], EAX}
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2184] ntdll.dll!NtOpenProcess + B                                       7C90D609 1 Byte  [E2]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2184] ntdll.dll!NtOpenProcessToken + 6                                  7C90D614 4 Bytes  CALL 7B915B86 
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2184] ntdll.dll!NtOpenProcessToken + B                                  7C90D619 1 Byte  [E2]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2184] ntdll.dll!NtOpenProcessTokenEx + 6                                7C90D624 4 Bytes  [A8, 6E, 85, 00] {TEST AL, 0x6e; TEST [EAX], EAX}
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2184] ntdll.dll!NtOpenProcessTokenEx + B                                7C90D629 1 Byte  [E2]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2184] ntdll.dll!NtOpenThread + 6                                        7C90D664 4 Bytes  [68, 6D, 85, 00]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2184] ntdll.dll!NtOpenThread + B                                        7C90D669 1 Byte  [E2]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2184] ntdll.dll!NtOpenThreadToken + 6                                   7C90D674 4 Bytes  [68, 6E, 85, 00]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2184] ntdll.dll!NtOpenThreadToken + B                                   7C90D679 1 Byte  [E2]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2184] ntdll.dll!NtOpenThreadTokenEx + 6                                 7C90D684 4 Bytes  CALL 7B915BF7 
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2184] ntdll.dll!NtOpenThreadTokenEx + B                                 7C90D689 1 Byte  [E2]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2184] ntdll.dll!NtQueryAttributesFile + 6                               7C90D714 4 Bytes  [A8, 6C, 85, 00] {TEST AL, 0x6c; TEST [EAX], EAX}
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2184] ntdll.dll!NtQueryAttributesFile + B                               7C90D719 1 Byte  [E2]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2184] ntdll.dll!NtQueryFullAttributesFile + 6                           7C90D7B4 4 Bytes  CALL 7B915D25 
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2184] ntdll.dll!NtQueryFullAttributesFile + B                           7C90D7B9 1 Byte  [E2]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2184] ntdll.dll!NtSetInformationFile + 6                                7C90DC64 4 Bytes  [28, 6D, 85, 00]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2184] ntdll.dll!NtSetInformationFile + B                                7C90DC69 1 Byte  [E2]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2184] ntdll.dll!NtSetInformationThread + 6                              7C90DCB4 4 Bytes  [28, 6E, 85, 00]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2184] ntdll.dll!NtSetInformationThread + B                              7C90DCB9 1 Byte  [E2]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2184] ntdll.dll!NtUnmapViewOfSection + 6                                7C90DF14 4 Bytes  [68, 6F, 85, 00]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2184] ntdll.dll!NtUnmapViewOfSection + B                                7C90DF19 1 Byte  [E2]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3860] ntdll.dll!NtCreateFile + 6                                        7C90D0B4 4 Bytes  [28, 00, 55, 00]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3860] ntdll.dll!NtCreateFile + B                                        7C90D0B9 1 Byte  [E2]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3860] ntdll.dll!NtMapViewOfSection + 6                                  7C90D524 1 Byte  [28]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3860] ntdll.dll!NtMapViewOfSection + 6                                  7C90D524 4 Bytes  [28, 03, 55, 00]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3860] ntdll.dll!NtMapViewOfSection + B                                  7C90D529 1 Byte  [E2]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3860] ntdll.dll!NtOpenFile + 6                                          7C90D5A4 4 Bytes  [68, 00, 55, 00]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3860] ntdll.dll!NtOpenFile + B                                          7C90D5A9 1 Byte  [E2]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3860] ntdll.dll!NtOpenProcess + 6                                       7C90D604 4 Bytes  [A8, 01, 55, 00]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3860] ntdll.dll!NtOpenProcess + B                                       7C90D609 1 Byte  [E2]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3860] ntdll.dll!NtOpenProcessToken + 6                                  7C90D614 4 Bytes  CALL 7B912B1A 
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3860] ntdll.dll!NtOpenProcessToken + B                                  7C90D619 1 Byte  [E2]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3860] ntdll.dll!NtOpenProcessTokenEx + 6                                7C90D624 4 Bytes  [A8, 02, 55, 00]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3860] ntdll.dll!NtOpenProcessTokenEx + B                                7C90D629 1 Byte  [E2]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3860] ntdll.dll!NtOpenThread + 6                                        7C90D664 4 Bytes  [68, 01, 55, 00]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3860] ntdll.dll!NtOpenThread + B                                        7C90D669 1 Byte  [E2]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3860] ntdll.dll!NtOpenThreadToken + 6                                   7C90D674 4 Bytes  [68, 02, 55, 00]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3860] ntdll.dll!NtOpenThreadToken + B                                   7C90D679 1 Byte  [E2]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3860] ntdll.dll!NtOpenThreadTokenEx + 6                                 7C90D684 4 Bytes  CALL 7B912B8B 
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3860] ntdll.dll!NtOpenThreadTokenEx + B                                 7C90D689 1 Byte  [E2]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3860] ntdll.dll!NtQueryAttributesFile + 6                               7C90D714 4 Bytes  [A8, 00, 55, 00]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3860] ntdll.dll!NtQueryAttributesFile + B                               7C90D719 1 Byte  [E2]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3860] ntdll.dll!NtQueryFullAttributesFile + 6                           7C90D7B4 4 Bytes  CALL 7B912CB9 
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3860] ntdll.dll!NtQueryFullAttributesFile + B                           7C90D7B9 1 Byte  [E2]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3860] ntdll.dll!NtSetInformationFile + 6                                7C90DC64 4 Bytes  [28, 01, 55, 00]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3860] ntdll.dll!NtSetInformationFile + B                                7C90DC69 1 Byte  [E2]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3860] ntdll.dll!NtSetInformationThread + 6                              7C90DCB4 4 Bytes  [28, 02, 55, 00]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3860] ntdll.dll!NtSetInformationThread + B                              7C90DCB9 1 Byte  [E2]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3860] ntdll.dll!NtUnmapViewOfSection + 6                                7C90DF14 1 Byte  [68]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3860] ntdll.dll!NtUnmapViewOfSection + 6                                7C90DF14 4 Bytes  [68, 03, 55, 00]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3860] ntdll.dll!NtUnmapViewOfSection + B                                7C90DF19 1 Byte  [E2]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3868] ntdll.dll!NtCreateFile + 6                                        7C90D0B4 4 Bytes  [28, 50, E9, 00]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3868] ntdll.dll!NtCreateFile + B                                        7C90D0B9 1 Byte  [E2]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3868] ntdll.dll!NtMapViewOfSection + 6                                  7C90D524 4 Bytes  [28, 53, E9, 00]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3868] ntdll.dll!NtMapViewOfSection + B                                  7C90D529 1 Byte  [E2]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3868] ntdll.dll!NtOpenFile + 6                                          7C90D5A4 4 Bytes  [68, 50, E9, 00]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3868] ntdll.dll!NtOpenFile + B                                          7C90D5A9 1 Byte  [E2]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3868] ntdll.dll!NtOpenProcess + 6                                       7C90D604 4 Bytes  [A8, 51, E9, 00]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3868] ntdll.dll!NtOpenProcess + B                                       7C90D609 1 Byte  [E2]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3868] ntdll.dll!NtOpenProcessToken + 6                                  7C90D614 4 Bytes  CALL 7B91BF6A 
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3868] ntdll.dll!NtOpenProcessToken + B                                  7C90D619 1 Byte  [E2]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3868] ntdll.dll!NtOpenProcessTokenEx + 6                                7C90D624 4 Bytes  [A8, 52, E9, 00]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3868] ntdll.dll!NtOpenProcessTokenEx + B                                7C90D629 1 Byte  [E2]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3868] ntdll.dll!NtOpenThread + 6                                        7C90D664 4 Bytes  [68, 51, E9, 00]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3868] ntdll.dll!NtOpenThread + B                                        7C90D669 1 Byte  [E2]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3868] ntdll.dll!NtOpenThreadToken + 6                                   7C90D674 4 Bytes  [68, 52, E9, 00]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3868] ntdll.dll!NtOpenThreadToken + B                                   7C90D679 1 Byte  [E2]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3868] ntdll.dll!NtOpenThreadTokenEx + 6                                 7C90D684 4 Bytes  CALL 7B91BFDB 
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3868] ntdll.dll!NtOpenThreadTokenEx + B                                 7C90D689 1 Byte  [E2]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3868] ntdll.dll!NtQueryAttributesFile + 6                               7C90D714 4 Bytes  [A8, 50, E9, 00]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3868] ntdll.dll!NtQueryAttributesFile + B                               7C90D719 1 Byte  [E2]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3868] ntdll.dll!NtQueryFullAttributesFile + 6                           7C90D7B4 4 Bytes  CALL 7B91C109 
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3868] ntdll.dll!NtQueryFullAttributesFile + B                           7C90D7B9 1 Byte  [E2]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3868] ntdll.dll!NtSetInformationFile + 6                                7C90DC64 4 Bytes  [28, 51, E9, 00]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3868] ntdll.dll!NtSetInformationFile + B                                7C90DC69 1 Byte  [E2]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3868] ntdll.dll!NtSetInformationThread + 6                              7C90DCB4 4 Bytes  [28, 52, E9, 00]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3868] ntdll.dll!NtSetInformationThread + B                              7C90DCB9 1 Byte  [E2]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3868] ntdll.dll!NtUnmapViewOfSection + 6                                7C90DF14 4 Bytes  [68, 53, E9, 00]
.text     C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3868] ntdll.dll!NtUnmapViewOfSection + B                                7C90DF19 1 Byte  [E2]
 
---- Kernel IAT/EAT - GMER 2.0 ----
 
IAT       \WINDOWS\system32\DRIVERS\PCIIDEX.SYS[HAL.dll!WRITE_PORT_ULONG]                                                                                                                  [F73C7232] sptd.sys (SCSI Pass Through Direct Host/Duplex Secure Ltd.)
IAT       \WINDOWS\system32\DRIVERS\PCIIDEX.SYS[HAL.dll!READ_PORT_UCHAR]                                                                                                                   [F73C6730] sptd.sys (SCSI Pass Through Direct Host/Duplex Secure Ltd.)
IAT       \WINDOWS\system32\DRIVERS\PCIIDEX.SYS[HAL.dll!WRITE_PORT_UCHAR]                                                                                                                  [F73C6F12] sptd.sys (SCSI Pass Through Direct Host/Duplex Secure Ltd.)
IAT       atapi.sys[HAL.dll!READ_PORT_UCHAR]                                                                                                                                               [F73C6730] sptd.sys (SCSI Pass Through Direct Host/Duplex Secure Ltd.)
IAT       atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT]                                                                                                                                       [F73C6914] sptd.sys (SCSI Pass Through Direct Host/Duplex Secure Ltd.)
IAT       atapi.sys[HAL.dll!READ_PORT_USHORT]                                                                                                                                              [F73C6856] sptd.sys (SCSI Pass Through Direct Host/Duplex Secure Ltd.)
IAT       atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT]                                                                                                                                      [F73C70F0] sptd.sys (SCSI Pass Through Direct Host/Duplex Secure Ltd.)
IAT       atapi.sys[HAL.dll!WRITE_PORT_UCHAR]                                                                                                                                              [F73C6F12] sptd.sys (SCSI Pass Through Direct Host/Duplex Secure Ltd.)
IAT       \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR]                                                                                                               [F73DAF1E] sptd.sys (SCSI Pass Through Direct Host/Duplex Secure Ltd.)
 
---- User IAT/EAT - GMER 2.0 ----
 
IAT       C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2184] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW]  009C0010
IAT       C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3860] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW]  006C0010
IAT       C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3868] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW]  01000010
 
---- Registry - GMER 2.0 ----
 
Reg       HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04                                                                                                 
Reg       HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0                                                                                              C:\Program Files\Alcohol Soft\Alcohol 52\
Reg       HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0                                                                                              0
Reg       HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew                                                                                           0xAF 0xF5 0xC2 0xA8 ...
Reg       HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001                                                                                        
Reg       HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0                                                                                     0xA0 0x02 0x00 0x00 ...
Reg       HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew                                                                                  0x0E 0x50 0xA6 0x8A ...
Reg       HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40                                                                                 
Reg       HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew                                                                           0x14 0x7D 0x6D 0xBC ...
Reg       HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)                                                                             
Reg       HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0                                                                                                  C:\Program Files\Alcohol Soft\Alcohol 52\
Reg       HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0                                                                                                  0
Reg       HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew                                                                                               0xAF 0xF5 0xC2 0xA8 ...
Reg       HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet)                                                                    
Reg       HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0                                                                                         0xA0 0x02 0x00 0x00 ...
Reg       HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew                                                                                      0x0E 0x50 0xA6 0x8A ...
Reg       HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet)                                                             
Reg       HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew                                                                               0x14 0x7D 0x6D 0xBC ...
 
---- Disk sectors - GMER 2.0 ----
 
Disk      \Device\Harddisk0\DR0                                                                                                                                                            malicious Win32:MBRoot code @ sector 61
Disk      \Device\Harddisk0\DR0                                                                                                                                                            PE file @ sector 156360645
 
---- EOF - GMER 2.0 ----
 

[/log]

Natsuki Kuga
komentarz
komentarz

[quote]

.sptd1    C:\WINDOWS\system32\drivers\sptd.sys                                                                                                                                             entry point in ".sptd1" section [0xF74C1346]

[/quote]

Ciągle źle - musisz wyłączyć najpierw sterownik emulatora dysków (patrz punkt 1 w instrukcji).

kamo502
komentarz
komentarz (edytowane)

Mam nadzieje ze teraz jest OK

(nie mialem zainstalowanego zadnego emulatora dysku, chyba ze ktos instalowal cos)

 

GMER

[log]GMER 2.0.18454 - http://www.gmer.net

Rootkit scan 2013-02-08 23:08:01
Windows 5.1.2600 Dodatek Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4 SAMSUNG_SP0802N rev.TU100-23 74,56GB
Running: pzww8bso.exe; Driver: C:\DOCUME~1\Gocejna\USTAWI~1\Temp\axldipog.sys
 
 
---- User code sections - GMER 2.0 ----
 
.text  C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3520] ntdll.dll!NtCreateFile + 6                                        7C90D0B4 4 Bytes  [28, D8, D1, 00] {SUB AL, BL; ROL DWORD [EAX], 0x1}
.text  C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3520] ntdll.dll!NtCreateFile + B                                        7C90D0B9 1 Byte  [E2]
.text  C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3520] ntdll.dll!NtMapViewOfSection + 6                                  7C90D524 4 Bytes  [28, DB, D1, 00] {SUB BL, BL; ROL DWORD [EAX], 0x1}
.text  C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3520] ntdll.dll!NtMapViewOfSection + B                                  7C90D529 1 Byte  [E2]
.text  C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3520] ntdll.dll!NtOpenFile + 6                                          7C90D5A4 4 Bytes  [68, D8, D1, 00]
.text  C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3520] ntdll.dll!NtOpenFile + B                                          7C90D5A9 1 Byte  [E2]
.text  C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3520] ntdll.dll!NtOpenProcess + 6                                       7C90D604 4 Bytes  [A8, D9, D1, 00] {TEST AL, 0xd9; ROL DWORD [EAX], 0x1}
.text  C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3520] ntdll.dll!NtOpenProcess + B                                       7C90D609 1 Byte  [E2]
.text  C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3520] ntdll.dll!NtOpenProcessToken + 6                                  7C90D614 4 Bytes  CALL 7B91A7F2 
.text  C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3520] ntdll.dll!NtOpenProcessToken + B                                  7C90D619 1 Byte  [E2]
.text  C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3520] ntdll.dll!NtOpenProcessTokenEx + 6                                7C90D624 4 Bytes  [A8, DA, D1, 00] {TEST AL, 0xda; ROL DWORD [EAX], 0x1}
.text  C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3520] ntdll.dll!NtOpenProcessTokenEx + B                                7C90D629 1 Byte  [E2]
.text  C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3520] ntdll.dll!NtOpenThread + 6                                        7C90D664 4 Bytes  [68, D9, D1, 00]
.text  C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3520] ntdll.dll!NtOpenThread + B                                        7C90D669 1 Byte  [E2]
.text  C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3520] ntdll.dll!NtOpenThreadToken + 6                                   7C90D674 4 Bytes  [68, DA, D1, 00]
.text  C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3520] ntdll.dll!NtOpenThreadToken + B                                   7C90D679 1 Byte  [E2]
.text  C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3520] ntdll.dll!NtOpenThreadTokenEx + 6                                 7C90D684 4 Bytes  CALL 7B91A863 
.text  C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3520] ntdll.dll!NtOpenThreadTokenEx + B                                 7C90D689 1 Byte  [E2]
.text  C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3520] ntdll.dll!NtQueryAttributesFile + 6                               7C90D714 4 Bytes  [A8, D8, D1, 00] {TEST AL, 0xd8; ROL DWORD [EAX], 0x1}
.text  C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3520] ntdll.dll!NtQueryAttributesFile + B                               7C90D719 1 Byte  [E2]
.text  C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3520] ntdll.dll!NtQueryFullAttributesFile + 6                           7C90D7B4 4 Bytes  CALL 7B91A991 
.text  C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3520] ntdll.dll!NtQueryFullAttributesFile + B                           7C90D7B9 1 Byte  [E2]
.text  C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3520] ntdll.dll!NtSetInformationFile + 6                                7C90DC64 4 Bytes  [28, D9, D1, 00] {SUB CL, BL; ROL DWORD [EAX], 0x1}
.text  C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3520] ntdll.dll!NtSetInformationFile + B                                7C90DC69 1 Byte  [E2]
.text  C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3520] ntdll.dll!NtSetInformationThread + 6                              7C90DCB4 4 Bytes  [28, DA, D1, 00] {SUB DL, BL; ROL DWORD [EAX], 0x1}
.text  C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3520] ntdll.dll!NtSetInformationThread + B                              7C90DCB9 1 Byte  [E2]
.text  C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3520] ntdll.dll!NtUnmapViewOfSection + 6                                7C90DF14 4 Bytes  [68, DB, D1, 00]
.text  C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3520] ntdll.dll!NtUnmapViewOfSection + B                                7C90DF19 1 Byte  [E2]
.text  C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3532] ntdll.dll!NtCreateFile + 6                                        7C90D0B4 4 Bytes  [28, A8, 5D, 00]
.text  C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3532] ntdll.dll!NtCreateFile + B                                        7C90D0B9 1 Byte  [E2]
.text  C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3532] ntdll.dll!NtMapViewOfSection + 6                                  7C90D524 4 Bytes  [28, AB, 5D, 00]
.text  C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3532] ntdll.dll!NtMapViewOfSection + B                                  7C90D529 1 Byte  [E2]
.text  C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3532] ntdll.dll!NtOpenFile + 6                                          7C90D5A4 4 Bytes  [68, A8, 5D, 00]
.text  C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3532] ntdll.dll!NtOpenFile + B                                          7C90D5A9 1 Byte  [E2]
.text  C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3532] ntdll.dll!NtOpenProcess + 6                                       7C90D604 4 Bytes  [A8, A9, 5D, 00]
.text  C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3532] ntdll.dll!NtOpenProcess + B                                       7C90D609 1 Byte  [E2]
.text  C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3532] ntdll.dll!NtOpenProcessToken + 6                                  7C90D614 4 Bytes  CALL 7B9133C2 
.text  C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3532] ntdll.dll!NtOpenProcessToken + B                                  7C90D619 1 Byte  [E2]
.text  C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3532] ntdll.dll!NtOpenProcessTokenEx + 6                                7C90D624 4 Bytes  [A8, AA, 5D, 00]
.text  C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3532] ntdll.dll!NtOpenProcessTokenEx + B                                7C90D629 1 Byte  [E2]
.text  C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3532] ntdll.dll!NtOpenThread + 6                                        7C90D664 4 Bytes  [68, A9, 5D, 00]
.text  C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3532] ntdll.dll!NtOpenThread + B                                        7C90D669 1 Byte  [E2]
.text  C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3532] ntdll.dll!NtOpenThreadToken + 6                                   7C90D674 4 Bytes  [68, AA, 5D, 00]
.text  C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3532] ntdll.dll!NtOpenThreadToken + B                                   7C90D679 1 Byte  [E2]
.text  C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3532] ntdll.dll!NtOpenThreadTokenEx + 6                                 7C90D684 4 Bytes  CALL 7B913433 
.text  C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3532] ntdll.dll!NtOpenThreadTokenEx + B                                 7C90D689 1 Byte  [E2]
.text  C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3532] ntdll.dll!NtQueryAttributesFile + 6                               7C90D714 4 Bytes  [A8, A8, 5D, 00]
.text  C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3532] ntdll.dll!NtQueryAttributesFile + B                               7C90D719 1 Byte  [E2]
.text  C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3532] ntdll.dll!NtQueryFullAttributesFile + 6                           7C90D7B4 4 Bytes  CALL 7B913561 
.text  C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3532] ntdll.dll!NtQueryFullAttributesFile + B                           7C90D7B9 1 Byte  [E2]
.text  C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3532] ntdll.dll!NtSetInformationFile + 6                                7C90DC64 4 Bytes  [28, A9, 5D, 00]
.text  C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3532] ntdll.dll!NtSetInformationFile + B                                7C90DC69 1 Byte  [E2]
.text  C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3532] ntdll.dll!NtSetInformationThread + 6                              7C90DCB4 4 Bytes  [28, AA, 5D, 00]
.text  C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3532] ntdll.dll!NtSetInformationThread + B                              7C90DCB9 1 Byte  [E2]
.text  C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3532] ntdll.dll!NtUnmapViewOfSection + 6                                7C90DF14 4 Bytes  [68, AB, 5D, 00]
.text  C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3532] ntdll.dll!NtUnmapViewOfSection + B                                7C90DF19 1 Byte  [E2]
 
---- User IAT/EAT - GMER 2.0 ----
 
IAT    C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3520] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW]  00E80010
IAT    C:\Documents and Settings\Gocejna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3532] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW]  00740010
 
---- Registry - GMER 2.0 ----
 
Reg    HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04                                                                                                 
Reg    HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0                                                                                              C:\Program Files\Alcohol Soft\Alcohol 52\
Reg    HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0                                                                                              0
Reg    HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew                                                                                           0xAF 0xF5 0xC2 0xA8 ...
Reg    HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001                                                                                        
Reg    HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0                                                                                     0xA0 0x02 0x00 0x00 ...
Reg    HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew                                                                                  0x0E 0x50 0xA6 0x8A ...
Reg    HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40                                                                                 
Reg    HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew                                                                           0x14 0x7D 0x6D 0xBC ...
Reg    HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)                                                                             
Reg    HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0                                                                                                  C:\Program Files\Alcohol Soft\Alcohol 52\
Reg    HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0                                                                                                  0
Reg    HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew                                                                                               0xAF 0xF5 0xC2 0xA8 ...
Reg    HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet)                                                                    
Reg    HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0                                                                                         0xA0 0x02 0x00 0x00 ...
Reg    HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew                                                                                      0x0E 0x50 0xA6 0x8A ...
Reg    HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet)                                                             
Reg    HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew                                                                               0x14 0x7D 0x6D 0xBC ...
 
---- Disk sectors - GMER 2.0 ----
 
Disk   \Device\Harddisk0\DR0                                                                                                                                                            malicious Win32:MBRoot code @ sector 61
Disk   \Device\Harddisk0\DR0                                                                                                                                                            PE file @ sector 156360645
 
---- EOF - GMER 2.0 ----
 

[/log]

  • 4 tygodnie później...
kamo502
komentarz
komentarz

Cos, ktos???

 

Czy format????

Tomek01
komentarz
komentarz

Nie odinstalowałeś spdt.sys. http://www.disc-tools.com/download/sptd

kamo502
komentarz
komentarz

Chyba odinstalowane

 

Wchodze w link, ktory podales. Pobieram aplikacje i mam tylko "Instal". Odinstalowanie nieaktywne..

Zayfi
komentarz
komentarz

Twój problem polega na małej ilości wolnego miejsca na dysku C

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 7,55 Gb Total Space | 0,67 Gb Free Space | 8,91% Space Free | Partition Type: NTFS

kamo502
komentarz
komentarz

moze i byl to problem

 

logi robione w miare dawno a ostatnio zwiekszylem partycje.

Zayfi
komentarz
komentarz

logi robione w miare dawno a ostatnio zwiekszylem partycje.

To zrób logi z obecnego stanu bo to co było przed misiącem ma się nijak do rzeczywistości.

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.