Wirus UKASH

Wendor · 12 Sierpnia 2012

Komputer został zainfekowany poniżej wklejam logi i proszę o pomoc

Landuss · 12 Sierpnia 2012

Teraz jest jak powinno, przechodź do usuwania.

1. Uruchom OTL i w oknie Własne opcje skanowania/Skrypt wklej następujący tekst:

:OTL
IE - HKU\S-1-5-21-220523388-1364589140-682003330-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = "http://search.babylon.com/?AF=110004&tt=090212_noffx&babsrc=HP_ss&mntrId=f4451be500000000000000112fb33448"
[2012-02-09 00:16:29 | 000,000,000 | ---D | M] (Complitly - Speed up your search with your personal search suggestions tool) -- C:\Documents and Settings\1\Dane aplikacji\Mozilla\Firefox\Profiles\ktwtgw3s.default\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}
[2012-02-09 00:15:57 | 000,002,352 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKU\S-1-5-21-220523388-1364589140-682003330-1005..\Run: [ntddcocdtbnyfoe] C:\Documents and Settings\All Users\Dane aplikacji\ntddcocd.exe ()
 
:Files
C:\Documents and Settings\1\ms.exe
C:\Documents and Settings\1\0.3655727554070699.exe
C:\Documents and Settings\All Users\Dane aplikacji\uwhvkzurtggrmkd
C:\Documents and Settings\All Users\Dane aplikacji\tatcfkwevvfidll
 
:Commands
[emptytemp]

Adnotacja dla innych czytających: skrypt unikatowy - dopasowany tylko i wyłącznie pod ten system, proszę nie stosować na swoich systemach.

Kliknij w Wykonaj skrypt. Zatwierdź restart komputera.

2. Przez Panel sterowania odinstaluj: Complitly oraz FoxTab FLV Player (program adware)

3. Uruchamiasz OTL ponownie, tym razem wywołujesz opcję Skanuj. Pokazujesz nowy log z OTL (bez extras)

Wendor · 12 Sierpnia 2012

powtórzone - wszystko robiłem pod awaryjnym - doczytałem że chyba niedobrze, robie jeszcze raz pod normalnym

OTL.Txt

Landuss · 12 Sierpnia 2012

Wszystko poprawnie wykonane. Przejdź do finalizacji tematu:

1. Użyj opcji Sprzątanie z OTL.

2. Opróżnij przywracanie systemu: KLIK

3. Zaktualizuj wymienione programy do najnowszych wersji:

"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java 6 Update 31

"{AC76BA86-7AD7-1045-7B44-A95000000001}" = Adobe Reader 8.1.0 - Polish

Szczegóły aktualizacyjne: KLIK

4. Dla bezpieczeństwa zmień hasła logowania do serwisów w sieci.

Wendor · 12 Sierpnia 2012

Wszystko działa dziękuję za pomoc.

Wendor · 18 Października 2012

Witam poniżej wklejam logi i prosze o pomoc.

Extras.Txt

gmer.txt

OTL.Txt

picasso · 18 Października 2012

Ten log z GMER zrobiłeś w złych warunkach, przy czynnym sterowniku SPTD, nie zrestartowałeś systemu po jego usunięciu i nadal działał w pamięci (status "Running"):

DRV - File not found [Kernel | Disabled | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)

Zostawmy już to. System jest także zaśmiecony adware ...

1. Uruchom OTL i w sekcji Własne opcje skanowania / skrypt wklej:

:Files
C:\Documents and Settings\1\Menu Start\Programy\Autostart\ctfmon.lnk
C:\Documents and Settings\All Users\Dane aplikacji\lsass.exe
C:\Documents and Settings\All Users\Dane aplikacji\0tbpw.pad
C:\Documents and Settings\All Users\Dane aplikacji\Ask
C:\Documents and Settings\1\Ustawienia lokalne\Dane aplikacji\funmoods-speeddial_sf.crx
C:\Documents and Settings\1\Ustawienia lokalne\Dane aplikacji\funmoods.crx
C:\Documents and Settings\1\Dane aplikacji\Mozilla\Firefox\Profiles\ktwtgw3s.default\searchplugins\askcom.xml
C:\Documents and Settings\1\Dane aplikacji\Mozilla\Firefox\Profiles\ktwtgw3s.default\searchplugins\browsemngr.xml
C:\Documents and Settings\1\Dane aplikacji\Mozilla\Firefox\Profiles\ktwtgw3s.default\searchplugins\Funmoods.xml
C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
C:\Program Files\mozilla firefox\searchplugins\babylon.xml
 
:OTL
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = "http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1QzutDtDtCtCtB0F0BtAtAyEyEzztC0B0EyDtN0D0Tzu0CtBzzzytN1L2XzutBtFtBtFtDtFtAyEyE&cr=1491527727"
IE - HKU\S-1-5-21-220523388-1364589140-682003330-1005\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = "http://search.babylon.com/?q={searchTerms}&affID=110824&tt=4212_1&babsrc=SP_ss&mntrId=f4451be500000000000000112fb33448"
IE - HKU\S-1-5-21-220523388-1364589140-682003330-1005\..\SearchScopes\{19BBD949-EE09-C703-7172-1B61C9F70999}: "URL" = "http://search.babylon.com/?q={searchTerms}&affID=110824&tt=4212_1&babsrc=SP_ss&mntrId=f4451be500000000000000112fb33448"
IE - HKU\S-1-5-21-220523388-1364589140-682003330-1005\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = "https://isearch.avg.com/search?cid={988E4458-B487-4E74-9BDA-AE7F8E04C10C}&mid=c6d9da2b0aaf435cafdbca715d439ef5-3dc5eb8891382de01ed1afcda4f03d7918acb4ab&lang=pl&ds=ax011&pr=&d=2012-10-15 18:21:39&v=13.2.0.1&sap=dsp&q={searchTerms}"
IE - HKU\S-1-5-21-220523388-1364589140-682003330-1005\..\SearchScopes\{E10209F2-D3A3-4281-AD76-04231814F21E}: "URL" = "http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=crm&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=6E5AA367-2332-4E87-BDAF-007D6AF09496&apn_sauid=9B9DB87A-F7D5-4841-B69A-08AE1BB7E600"
 
:Reg
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes]
"bProtectorDefaultScope"=-
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"bProtector Start Page"=-
"Start Page"="about:blank"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
"Start Page"="about:blank"
[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions]
"avg@toolbar"=-
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{b64982b1-d112-42b5-b1e4-d3867c4533f8}"=-
[HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main]
"Search Bar"=-
"Start Page"=-
[HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main]
"Search Bar"=-
"Start Page"=-
[HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main]
"Search Bar"=-
"Start Page"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KernelFaultCheck"=-
"UserFaultCheck"=-
 
:Commands
[emptytemp]

Adnotacja dla innych czytających: skrypt unikatowy - dopasowany tylko i wyłącznie pod ten system, proszę nie stosować na swoich systemach.

Klik w Wykonaj skrypt. System zostanie zrestartowany i odblokowany. Kolejne operacje już w Trybie normalnym:

2. Przez Panel sterowania odinstaluj adware AVG Security Toolbar, Babylon toolbar, Browser Manager, Funmoods. Otwórz Firefox i powtórz w Dodatkach te co się powtarza z listy.

3. Uruchom AdwCleaner i zastosuj Delete. Na dysku C powstanie log z usuwania.

4. Wygeneruj nowy log OTL z opcji Skanuj (już bez Extras). Dołącz log z usuwania AdwCleaner z punktu 3.

.

Wendor · 18 Października 2012

Witam masz racje nie zrobiłem restart przepraszam

poniżej załaczam pliki po czyszczeniu

AdwCleanerS1.txt

OTL1.Txt

picasso · 18 Października 2012

Prawie wszystko zrobione, zostały poprawki:

1. Preferencje Firefox nadal zabrudzone adware, AdwCleaner tego nie ruszył. Wykonaj radykalny reset. Zamknij Firefox (nie może być uruchomiony) i przenieś na Pulpit ten plik:

C:\Documents and Settings\1\Dane aplikacji\Mozilla\Firefox\Profiles\ktwtgw3s.default\prefs.js

Uruchom Firefox (stworzy nowy czysty prefs.js). Wszystkie opcje będą domyślne i już ręcznie msisz sobie ustawić takie rzeczy jak np. strona startowa.

2. Drobna poprawka na wpisy rejestru. Uruchom OTL i w sekcji Własne opcje skanowania / skrypt wklej:

:Reg
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{A5CD82C8-9645-4FE3-9551-47333D7C3943}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{19BBD949-EE09-C703-7172-1B61C9F70999}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ROC_roc_ssl_v12"=-

Klik w Wykonaj skrypt. Tym razem nie będzie restartu.

3. Porządki po narzędziach: w AdwCleaner użyj Uninstall, w OTL uruchom Sprzątanie.

4. Wyczyść foldery Przywracania systemu: KLIK.

5. Zaktualizuj Adobe, Java, Silverlight Firefox: KLIK. W logu widać wersje:

========== HKEY_LOCAL_MACHINE Uninstall List ========== 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{26A24AE4-039D-4CA4-87B4-2F83216035FF}" = Java 6 Update 35
"{AC76BA86-7AD7-1045-7B44-A81000000003}" = Adobe Reader 8.1.0 - Polish
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX (wtyczka dla IE)
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin (wtyczka dla Firefox)
"Mozilla Firefox 15.0.1 (x86 pl)" = Mozilla Firefox 15.0.1 (x86 pl)
 
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)

PS. Gadu-Gadu 10 też widzę. Obejrzyj lżejsze alternatywne programy z obsługą Gadu: WTW, Kadu, Miranda, AQQ. Opisy: KLIK.

.

Wendor · 17 Listopada 2012

Witam zostałem zaatakowany przez wirus UKASH proszę o pomoc.

Extras.Txt

OTL.Txt

gmer.txt

picasso · 17 Listopada 2012

Wszystkie trzy Twoje tematy sklejam. Jesteś tu za często w tak krótkim czasie. Log z GMER robiłeś w złym środowisku, nie zdjąłeś emulatora SPTD (KLIK). Nie pierwszy raz o tym mówiłam. Ale zostaw to już.

1. Uruchom OTL i w sekcji Własne opcje skanowania / skrypt wklej:

:Files
C:\Documents and Settings\1\Menu Start\Programy\Autostart\ctfmon.lnk
C:\Documents and Settings\All Users\Dane aplikacji\lsass.exe
C:\Documents and Settings\All Users\Dane aplikacji\0tbpw.pad
C:\Documents and Settings\All Users\Dane aplikacji\Ask
 
:OTL
IE - HKU\S-1-5-21-220523388-1364589140-682003330-1005\..\SearchScopes\{64A07630-F4CB-41CF-9B62-AE593A2C0545}: "URL" = "http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=U3&apn_dtid=OSJ000YYPL&apn_uid=A9A798F2-8CC2-429F-A254-C384D52F2681&apn_sauid=91D1294A-178E-40DC-93E4-FC4520868ECD"
O3 - HKU\S-1-5-21-220523388-1364589140-682003330-1005\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [NWEReboot]  File not found
O16 - DPF: {CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA} "http://java.sun.com/update/1.5.0/jinstall-1_5_0_07-windows-i586.cab" (Reg Error: Key error.)
 
:Reg
[-HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes]
[-HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes]
[-HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes]
 
:Commands
[emptytemp]

Adnotacja dla innych czytających: skrypt unikatowy - dopasowany tylko i wyłącznie pod ten system, proszę nie stosować na swoich systemach.

Klik w Wykonaj skrypt. System zostanie zrestartowany i odblokowany.

2. Zrób nowy log OTL z opcji Skanuj (już bez Extras).

.

Wendor · 17 Listopada 2012

OTL logfile created on: 2012-11-17 18:16:11 - Run 2

OTL by OldTimer - Version 3.2.57.0 Folder = C:\Documents and Settings\1\Pulpit

Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1,50 Gb Total Physical Memory | 1,02 Gb Available Physical Memory | 68,15% Memory free

3,35 Gb Paging File | 2,98 Gb Available in Paging File | 88,89% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 97,89 Gb Total Space | 82,37 Gb Free Space | 84,14% Space Free | Partition Type: NTFS

Drive D: | 183,93 Gb Total Space | 46,62 Gb Free Space | 25,35% Space Free | Partition Type: NTFS

Drive E: | 183,93 Gb Total Space | 128,87 Gb Free Space | 70,06% Space Free | Partition Type: NTFS

Drive G: | 983,72 Mb Total Space | 730,41 Mb Free Space | 74,25% Space Free | Partition Type: FAT

Computer Name: 1-37BEF9935DF64 | User Name: 1 | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012-10-25 15:45:50 | 016,052,192 | ---- | M] (Google) -- C:\Program Files\Google\Drive\googledrivesync.exe

PRC - [2012-09-05 16:57:26 | 000,271,808 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\3.0.285\SSScheduler.exe

PRC - [2012-08-12 13:37:26 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\1\Pulpit\OTL.exe

PRC - [2012-06-18 15:17:48 | 000,088,576 | ---- | M] () -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe

PRC - [2012-06-08 01:02:04 | 000,087,368 | ---- | M] (Nero AG) -- C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe

PRC - [2012-06-07 18:12:14 | 000,160,944 | R--- | M] (Skype Technologies) -- C:\Program Files\Skype\Updater\Updater.exe

PRC - [2012-04-22 12:51:04 | 000,720,936 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

PRC - [2012-04-22 12:50:44 | 000,174,120 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe

PRC - [2012-04-22 12:50:36 | 000,126,504 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe

PRC - [2012-03-26 10:24:58 | 001,516,600 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe

PRC - [2008-04-14 18:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2007-09-11 00:45:04 | 000,124,832 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe

PRC - [2007-09-11 00:43:54 | 000,067,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe

PRC - [2007-08-23 01:03:00 | 000,028,672 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\V0350Mon.exe

PRC - [2005-10-31 10:51:52 | 000,057,344 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe

PRC - [2005-07-13 15:47:00 | 002,806,272 | ---- | M] (RealTek Semicoductor Corp.) -- C:\WINDOWS\ALCWZRD.EXE

PRC - [2005-06-21 15:09:00 | 000,090,112 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SoundMan.exe

PRC - [2004-06-02 11:34:16 | 000,724,992 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Program Files\ITE\ITE IT8212 ATA RAID Controller\RaidMgr.exe

PRC - [2004-01-08 19:10:10 | 001,392,640 | ---- | M] () -- C:\Program Files\B's CLiP\Win2K\BsCLiP.exe

PRC - [2003-12-08 17:35:14 | 000,032,768 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe

PRC - [2003-05-23 05:38:26 | 000,106,496 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\DVDRAMSV.exe

PRC - [2003-03-14 03:38:12 | 000,155,648 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\RAMASST.exe

========== Modules (No Company Name) ==========

MOD - [2012-11-17 18:14:12 | 001,169,408 | ---- | M] () -- C:\Documents and Settings\1\Ustawienia lokalne\Temp\_MEI3082\wx._core_.pyd

MOD - [2012-11-17 18:14:12 | 001,024,024 | ---- | M] () -- C:\Documents and Settings\1\Ustawienia lokalne\Temp\_MEI3082\windows._cacheinvalidation.pyd

MOD - [2012-11-17 18:14:12 | 000,807,424 | ---- | M] () -- C:\Documents and Settings\1\Ustawienia lokalne\Temp\_MEI3082\wx._windows_.pyd

MOD - [2012-11-17 18:14:12 | 000,792,576 | ---- | M] () -- C:\Documents and Settings\1\Ustawienia lokalne\Temp\_MEI3082\wx._gdi_.pyd

MOD - [2012-11-17 18:14:12 | 000,731,136 | ---- | M] () -- C:\Documents and Settings\1\Ustawienia lokalne\Temp\_MEI3082\wx._misc_.pyd

MOD - [2012-11-17 18:14:12 | 000,645,120 | ---- | M] () -- C:\Documents and Settings\1\Ustawienia lokalne\Temp\_MEI3082\_ssl.pyd

MOD - [2012-11-17 18:14:12 | 000,571,392 | ---- | M] () -- C:\Documents and Settings\1\Ustawienia lokalne\Temp\_MEI3082\pysqlite2._sqlite.pyd

MOD - [2012-11-17 18:14:12 | 000,354,304 | ---- | M] () -- C:\Documents and Settings\1\Ustawienia lokalne\Temp\_MEI3082\pythoncom26.dll

MOD - [2012-11-17 18:14:12 | 000,311,808 | ---- | M] () -- C:\Documents and Settings\1\Ustawienia lokalne\Temp\_MEI3082\_hashlib.pyd

MOD - [2012-11-17 18:14:12 | 000,263,168 | ---- | M] () -- C:\Documents and Settings\1\Ustawienia lokalne\Temp\_MEI3082\win32com.shell.shell.pyd

MOD - [2012-11-17 18:14:12 | 000,121,856 | ---- | M] () -- C:\Documents and Settings\1\Ustawienia lokalne\Temp\_MEI3082\wx._wizard.pyd

MOD - [2012-11-17 18:14:12 | 000,111,104 | ---- | M] () -- C:\Documents and Settings\1\Ustawienia lokalne\Temp\_MEI3082\win32file.pyd

MOD - [2012-11-17 18:14:12 | 000,110,592 | ---- | M] () -- C:\Documents and Settings\1\Ustawienia lokalne\Temp\_MEI3082\win32security.pyd

MOD - [2012-11-17 18:14:12 | 000,110,592 | ---- | M] () -- C:\Documents and Settings\1\Ustawienia lokalne\Temp\_MEI3082\PyWinTypes26.dll

MOD - [2012-11-17 18:14:12 | 000,096,256 | ---- | M] () -- C:\Documents and Settings\1\Ustawienia lokalne\Temp\_MEI3082\win32api.pyd

MOD - [2012-11-17 18:14:12 | 000,086,016 | ---- | M] () -- C:\Documents and Settings\1\Ustawienia lokalne\Temp\_MEI3082\_elementtree.pyd

MOD - [2012-11-17 18:14:12 | 000,073,728 | ---- | M] () -- C:\Documents and Settings\1\Ustawienia lokalne\Temp\_MEI3082\_ctypes.pyd

MOD - [2012-11-17 18:14:12 | 000,070,656 | ---- | M] () -- C:\Documents and Settings\1\Ustawienia lokalne\Temp\_MEI3082\wx._html2.pyd

MOD - [2012-11-17 18:14:12 | 000,040,448 | ---- | M] () -- C:\Documents and Settings\1\Ustawienia lokalne\Temp\_MEI3082\_socket.pyd

MOD - [2012-11-17 18:14:12 | 000,039,424 | ---- | M] () -- C:\Documents and Settings\1\Ustawienia lokalne\Temp\_MEI3082\win32inet.pyd

MOD - [2012-11-17 18:14:12 | 000,036,352 | ---- | M] () -- C:\Documents and Settings\1\Ustawienia lokalne\Temp\_MEI3082\win32process.pyd

MOD - [2012-11-17 18:14:12 | 000,023,040 | ---- | M] () -- C:\Documents and Settings\1\Ustawienia lokalne\Temp\_MEI3082\win32ts.pyd

MOD - [2012-11-17 18:14:12 | 000,022,528 | ---- | M] () -- C:\Documents and Settings\1\Ustawienia lokalne\Temp\_MEI3082\win32pdh.pyd

MOD - [2012-11-17 18:14:12 | 000,017,920 | ---- | M] () -- C:\Documents and Settings\1\Ustawienia lokalne\Temp\_MEI3082\win32profile.pyd

MOD - [2012-11-17 18:14:12 | 000,011,776 | ---- | M] () -- C:\Documents and Settings\1\Ustawienia lokalne\Temp\_MEI3082\win32crypt.pyd

MOD - [2012-11-17 18:14:10 | 001,056,256 | ---- | M] () -- C:\Documents and Settings\1\Ustawienia lokalne\Temp\_MEI3082\wx._controls_.pyd

MOD - [2012-11-17 18:14:10 | 000,585,728 | ---- | M] () -- C:\Documents and Settings\1\Ustawienia lokalne\Temp\_MEI3082\unicodedata.pyd

MOD - [2012-11-17 18:14:10 | 000,153,088 | ---- | M] () -- C:\Documents and Settings\1\Ustawienia lokalne\Temp\_MEI3082\pyexpat.pyd

MOD - [2012-11-17 18:14:10 | 000,017,920 | ---- | M] () -- C:\Documents and Settings\1\Ustawienia lokalne\Temp\_MEI3082\win32event.pyd

MOD - [2012-11-17 18:14:10 | 000,011,776 | ---- | M] () -- C:\Documents and Settings\1\Ustawienia lokalne\Temp\_MEI3082\select.pyd

MOD - [2012-09-06 09:39:10 | 000,045,480 | ---- | M] () -- C:\Program Files\HTC\HTC Sync Manager\NAdvLog.dll

MOD - [2012-09-06 09:39:08 | 000,035,776 | ---- | M] () -- C:\Program Files\HTC\HTC Sync Manager\NFileCacheDBAccess.dll

MOD - [2012-09-06 09:38:56 | 000,466,256 | ---- | M] () -- C:\Program Files\HTC\HTC Sync Manager\sqlite3.dll

MOD - [2012-09-06 09:38:28 | 000,024,496 | ---- | M] () -- C:\Program Files\HTC\HTC Sync Manager\DbAccess.dll

MOD - [2012-06-28 12:07:39 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\dbc413807cb7360b3e26ef3ca1d54f9a\System.Web.ni.dll

MOD - [2012-06-28 11:48:43 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll

MOD - [2012-06-28 11:48:24 | 001,592,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4cf0d0f5b30f6375c9b2\System.Drawing.ni.dll

MOD - [2012-06-28 11:46:34 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll

MOD - [2012-06-27 18:24:34 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll

MOD - [2012-06-27 18:24:20 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\016444dfc5f7e3d11c776f2fbc7a4594\Accessibility.ni.dll

MOD - [2012-06-27 18:21:20 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll

MOD - [2012-06-27 18:16:00 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll

MOD - [2012-06-27 18:15:41 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll

MOD - [2012-06-18 15:17:48 | 000,088,576 | ---- | M] () -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe

MOD - [2012-03-26 10:25:32 | 000,345,656 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtXml4.dll

MOD - [2012-03-26 10:25:32 | 000,282,168 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtSvg4.dll

MOD - [2012-03-26 10:25:26 | 008,197,176 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtGUI4.dll

MOD - [2012-03-26 10:25:26 | 002,302,008 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtCore4.dll

MOD - [2012-03-26 10:25:24 | 000,027,704 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\imageformats\qsvg4.dll

MOD - [2012-03-26 10:25:22 | 000,202,296 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\imageformats\qjpeg4.dll

MOD - [2012-01-17 17:08:19 | 000,290,816 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3693.42442__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll

MOD - [2012-01-17 17:08:19 | 000,204,800 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3693.42461__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll

MOD - [2012-01-17 17:08:19 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3693.42456__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll

MOD - [2012-01-17 17:08:19 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3693.42451__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll

MOD - [2012-01-17 17:08:19 | 000,011,776 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll

MOD - [2012-01-17 17:08:19 | 000,008,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll

MOD - [2012-01-17 17:08:19 | 000,007,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3693.42556__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.dll

MOD - [2012-01-17 17:08:19 | 000,007,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll

MOD - [2012-01-17 17:08:18 | 001,728,512 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3693.42460__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll

MOD - [2012-01-17 17:08:18 | 000,692,224 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.3693.42508__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll

MOD - [2012-01-17 17:08:18 | 000,491,520 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3693.42537__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll

MOD - [2012-01-17 17:08:18 | 000,364,544 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.3693.42522__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll

MOD - [2012-01-17 17:08:18 | 000,077,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3693.42517__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll

MOD - [2012-01-17 17:08:18 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3693.42450__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll

MOD - [2012-01-17 17:08:18 | 000,069,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3693.42499__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll

MOD - [2012-01-17 17:08:18 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3693.42486__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll

MOD - [2012-01-17 17:08:17 | 000,139,264 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3693.42537__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll

MOD - [2012-01-17 17:08:16 | 000,364,544 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3693.42504__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll

MOD - [2012-01-17 17:08:16 | 000,106,496 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.3693.42461__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll

MOD - [2012-01-17 17:08:16 | 000,094,208 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3693.42504__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll

MOD - [2012-01-17 17:08:16 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3693.42503__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll

MOD - [2012-01-17 17:08:16 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.3693.42460__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll

MOD - [2012-01-17 17:08:13 | 000,811,008 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3693.42488__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll

MOD - [2012-01-17 17:08:13 | 000,405,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3693.42512__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll

MOD - [2012-01-17 17:08:12 | 000,712,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3693.42452__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll

MOD - [2012-01-17 17:08:12 | 000,589,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3693.42462__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll

MOD - [2012-01-17 17:08:12 | 000,225,280 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3693.42462__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll

MOD - [2012-01-17 17:08:12 | 000,126,976 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3693.42496__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll

MOD - [2012-01-17 17:08:12 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll

MOD - [2012-01-17 17:08:12 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3693.42496__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll

MOD - [2012-01-17 17:08:11 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3693.42466__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll

MOD - [2012-01-17 17:08:10 | 000,798,720 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.3693.42518__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll

MOD - [2012-01-17 17:08:10 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3693.42497__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll

MOD - [2012-01-17 17:08:09 | 000,675,840 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.3693.42500__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll

MOD - [2012-01-17 17:08:09 | 000,450,560 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3693.42482__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll

MOD - [2012-01-17 17:08:09 | 000,438,272 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll

MOD - [2012-01-17 17:08:09 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3693.42486__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll

MOD - [2012-01-17 17:08:09 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll

MOD - [2012-01-17 17:08:07 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll

MOD - [2012-01-17 17:08:07 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3309.28608__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll

MOD - [2012-01-17 17:08:07 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3309.28629__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll

MOD - [2012-01-17 17:08:07 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3309.28627__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll

MOD - [2012-01-17 17:08:06 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3309.28645__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll

MOD - [2012-01-17 17:08:06 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll

MOD - [2012-01-17 17:08:06 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll

MOD - [2012-01-17 17:08:06 | 000,007,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll

MOD - [2012-01-17 17:08:05 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.3309.28604__90ba9c70f846762e\CLI.Foundation.dll

MOD - [2012-01-17 17:08:05 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3309.28618__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll

MOD - [2012-01-17 17:08:05 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll

MOD - [2012-01-17 17:08:05 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll

MOD - [2012-01-17 17:08:05 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.3309.28601__90ba9c70f846762e\LOG.Foundation.dll

MOD - [2012-01-17 17:08:05 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3309.28603__90ba9c70f846762e\NEWAEM.Foundation.dll

MOD - [2012-01-17 17:08:05 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3309.28669__90ba9c70f846762e\CLI.Foundation.XManifest.dll

MOD - [2012-01-17 17:08:05 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3309.28630__90ba9c70f846762e\DEM.OS.I0602.dll

MOD - [2012-01-17 17:08:05 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3309.28620__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll

MOD - [2012-01-17 17:08:05 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll

MOD - [2012-01-17 17:08:05 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3309.28611__90ba9c70f846762e\CLI.Component.Client.Shared.dll

MOD - [2012-01-17 17:08:05 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll

MOD - [2012-01-17 17:08:05 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.3309.28626__90ba9c70f846762e\MOM.Foundation.dll

MOD - [2012-01-17 17:08:05 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS\2.0.3309.28645__90ba9c70f846762e\DEM.OS.dll

MOD - [2012-01-17 17:08:05 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll

MOD - [2012-01-17 17:08:05 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.3309.28630__90ba9c70f846762e\DEM.Graphics.dll

MOD - [2012-01-17 17:08:05 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll

MOD - [2012-01-17 17:08:05 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll

MOD - [2012-01-17 17:08:05 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll

MOD - [2012-01-17 17:08:05 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll

MOD - [2012-01-17 17:08:04 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll

MOD - [2012-01-17 17:08:04 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll

MOD - [2012-01-17 17:08:04 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll

MOD - [2012-01-17 17:08:04 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll

MOD - [2012-01-17 17:08:04 | 000,049,152 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll

MOD - [2012-01-17 17:08:04 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll

MOD - [2012-01-17 17:08:04 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3309.28624__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll

MOD - [2012-01-17 17:08:04 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3309.28632__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll

MOD - [2012-01-17 17:08:04 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll

MOD - [2012-01-17 17:08:04 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3309.28627__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll

MOD - [2012-01-17 17:08:04 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3309.28635__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll

MOD - [2012-01-17 17:08:04 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll

MOD - [2012-01-17 17:08:04 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll

MOD - [2012-01-17 17:08:04 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.3309.28626__90ba9c70f846762e\APM.Foundation.dll

MOD - [2012-01-17 17:08:04 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Server.Shared.dll

MOD - [2012-01-17 17:08:03 | 000,503,808 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3693.42564__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll

MOD - [2012-01-17 17:08:03 | 000,106,496 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.3693.42531__90ba9c70f846762e\MOM.Implementation.dll

MOD - [2012-01-17 17:08:03 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3693.42545__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll

MOD - [2012-01-17 17:08:03 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3309.28612__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll

MOD - [2012-01-17 17:08:03 | 000,014,848 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll

MOD - [2012-01-17 17:08:03 | 000,013,312 | ---- | M] () -- C:\WINDOWS\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll

MOD - [2012-01-17 17:08:03 | 000,007,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3693.42437__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll

MOD - [2012-01-17 17:08:02 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3309.28614__90ba9c70f846762e\LOG.Foundation.Private.dll

MOD - [2012-01-17 17:08:01 | 000,544,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3693.42525__90ba9c70f846762e\CLI.Component.Systemtray.dll

MOD - [2012-01-17 17:08:01 | 000,405,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3693.42455__90ba9c70f846762e\CLI.Component.Wizard.dll

MOD - [2012-01-17 17:08:01 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3693.42440__90ba9c70f846762e\CLI.Component.Runtime.dll

MOD - [2012-01-17 17:08:01 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3693.42530__90ba9c70f846762e\LOG.Foundation.Implementation.dll

MOD - [2012-01-17 17:08:01 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3693.42441__90ba9c70f846762e\CLI.Component.SkinFactory.dll

MOD - [2012-01-17 17:08:01 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3309.28628__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll

MOD - [2012-01-17 17:08:01 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3309.28608__90ba9c70f846762e\CLI.Foundation.Private.dll

MOD - [2012-01-17 17:08:01 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3309.28627__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll

MOD - [2012-01-17 17:08:01 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3309.28626__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll

MOD - [2012-01-17 17:08:00 | 001,142,784 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3693.42446__90ba9c70f846762e\CLI.Component.Dashboard.dll

MOD - [2012-01-17 17:08:00 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.3693.42440__90ba9c70f846762e\ATIDEMOS.dll

MOD - [2012-01-17 17:08:00 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.3693.42439__90ba9c70f846762e\APM.Server.dll

MOD - [2012-01-17 17:08:00 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.3693.42438__90ba9c70f846762e\AEM.Server.dll

MOD - [2012-01-17 17:08:00 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3309.28621__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll

MOD - [2012-01-17 17:08:00 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll

MOD - [2012-01-17 17:08:00 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.3693.42531__90ba9c70f846762e\CCC.Implementation.dll

MOD - [2012-01-17 17:08:00 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3309.28624__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll

MOD - [2012-01-17 17:08:00 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3309.28637__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll

MOD - [2009-11-24 13:36:36 | 000,016,384 | R--- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll

MOD - [2007-09-11 00:45:04 | 000,124,832 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe

MOD - [2005-05-03 19:38:42 | 000,064,512 | ---- | M] () -- C:\WINDOWS\system32\P17.dll

MOD - [2004-02-26 09:05:08 | 000,012,288 | ---- | M] () -- C:\Program Files\ITE\ITE IT8212 ATA RAID Controller\RaidMgrMsg.dll

MOD - [2004-01-09 16:13:08 | 002,891,776 | ---- | M] () -- C:\Program Files\B's CLiP\Win2K\Res.dll

MOD - [2004-01-08 19:10:10 | 001,392,640 | ---- | M] () -- C:\Program Files\B's CLiP\Win2K\BsCLiP.exe

MOD - [2001-10-28 17:42:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\pdfcmnnt.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)

SRV - [2012-11-09 07:13:20 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2012-10-27 20:23:08 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2012-09-05 16:56:44 | 000,234,776 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.0.285\McCHSvc.exe -- (McComponentHostService)

SRV - [2012-06-18 15:17:48 | 000,088,576 | ---- | M] () [Auto | Running] -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)

SRV - [2012-06-08 01:02:04 | 000,087,368 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe -- (HTCMonitorService)

SRV - [2012-06-07 18:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2012-04-22 12:51:04 | 000,720,936 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)

SRV - [2012-01-14 21:09:15 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)

SRV - [2007-09-11 00:45:04 | 000,124,832 | ---- | M] () [Auto | Running] -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0)

SRV - [2003-05-23 05:38:26 | 000,106,496 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) [Auto | Running] -- C:\WINDOWS\system32\DVDRAMSV.exe -- (DVD-RAM_Service)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)

DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)

DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)

DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)

DRV - File not found [Kernel | System | Stopped] -- -- (Changer)

DRV - [2012-11-16 18:48:19 | 000,477,240 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)

DRV - [2012-04-22 12:51:38 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)

DRV - [2012-01-09 16:28:20 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)

DRV - [2012-01-09 16:28:20 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)

DRV - [2012-01-09 16:28:20 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)

DRV - [2012-01-09 16:28:20 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)

DRV - [2012-01-09 16:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)

DRV - [2012-01-09 16:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)

DRV - [2010-06-22 17:01:52 | 000,021,248 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\htcnprot.sys -- (htcnprot)

DRV - [2010-02-11 08:38:10 | 003,565,056 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)

DRV - [2009-06-10 14:49:32 | 000,024,576 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ANDROIDUSB.sys -- (HTCAND32)

DRV - [2008-04-30 15:43:42 | 000,160,768 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\V0350Afx.sys -- (V0350Afx)

DRV - [2008-04-13 20:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)

DRV - [2007-08-29 01:03:00 | 000,170,368 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\V0350Vid.sys -- (VF0350Vid)

DRV - [2007-03-05 18:45:04 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\V0350Vfx.sys -- (VF0350Vfx)

DRV - [2006-10-29 16:14:56 | 000,360,736 | R--- | M] (VidzMedia Pte Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vm7133.sys -- (Cap7134)

DRV - [2006-10-29 16:14:56 | 000,033,952 | R--- | M] (VidzMedia Pte. Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vmPhTune.sys -- (vmPhTune)

DRV - [2006-03-02 13:00:00 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)

DRV - [2005-09-01 11:50:48 | 000,827,008 | ---- | M] (Philips Semiconductors GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\3xHybrid.sys -- (3xHybrid)

DRV - [2005-07-13 17:26:00 | 003,851,264 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)

DRV - [2005-07-07 09:14:30 | 001,389,056 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\P17.sys -- (P17)

DRV - [2005-01-10 11:15:30 | 000,106,496 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)

DRV - [2005-01-10 11:15:24 | 000,138,752 | R--- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)

DRV - [2005-01-07 17:07:16 | 000,145,920 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)

DRV - [2004-10-27 07:24:00 | 000,223,104 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)

DRV - [2004-01-31 03:40:08 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)

DRV - [2004-01-08 16:41:30 | 000,394,496 | ---- | M] (B.H.A Co.,Ltd.) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\BsUDF.sys -- (BsUDF)

DRV - [2003-12-03 17:44:58 | 000,013,566 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdrbsvsd.sys -- (cdrbsvsd)

DRV - [2003-10-24 05:53:14 | 000,090,416 | ---- | M] (Matsushita Electric Industrial Co.,Ltd.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\meiudf.sys -- (meiudf)

DRV - [2002-06-06 01:07:00 | 000,009,344 | ---- | M] (B.H.A Co.,Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\BsStor.sys -- (BsStor)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKLM\..\SearchScopes,DefaultScope = {19BBD949-EE09-C703-7172-1B61C9F70999}

IE - HKLM\..\SearchScopes\{19BBD949-EE09-C703-7172-1B61C9F70999}: "URL" = "http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}"

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = "http://www.google.pl/"

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = "http://www.google.com"

IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKCU\..\SearchScopes\{A5CD82C8-9645-4FE3-9551-47333D7C3943}: "URL" = "http://www.bing.com/search?q={searchTerms}&r="

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll ()

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-10-27 20:23:08 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2012-01-11 18:44:05 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\1\Dane aplikacji\Mozilla\Extensions

[2012-10-23 21:30:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\1\Dane aplikacji\Mozilla\Firefox\Profiles\ktwtgw3s.default\extensions

[2012-10-27 20:23:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2012-10-27 20:23:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

[2012-10-27 20:23:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}

[2012-10-27 20:23:08 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2012-06-03 16:00:48 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml

[2012-06-03 16:00:48 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml

[2012-06-03 16:00:48 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml

[2012-06-03 16:00:48 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml

[2012-06-03 16:00:48 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml

[2012-06-03 16:00:48 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2006-03-02 13:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [AlcWzrd] C:\WINDOWS\ALCWZRD.EXE (RealTek Semicoductor Corp.)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [b'sCLiP] C:\Program Files\B's CLiP\Win2K\BsCLiP.exe ()

O4 - HKLM..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)

O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\HdAShCut.exe (Windows ® Server 2003 DDK provider)

O4 - HKLM..\Run: [NSU_agent] C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe ()

O4 - HKLM..\Run: [P17Helper] C:\WINDOWS\System32\P17.dll ()

O4 - HKLM..\Run: [Pinnacle WebUpdater] "C:\Program Files\Pinnacle\Shared Files\Programs\WebUpdater\WebUpdater.exe" -s -f=UpdateVersion.xml -url=http://cdn.pinnaclesys.com/SupportFiles File not found

O4 - HKLM..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg File not found

O4 - HKLM..\Run: [PMCRemote] C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe File not found

O4 - HKLM..\Run: [RemoteControl] C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe (Cyberlink Corp.)

O4 - HKLM..\Run: [soundMan] C:\WINDOWS\SoundMan.exe (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..\Run: [updReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)

O4 - HKLM..\Run: [V0350Mon.exe] C:\WINDOWS\V0350Mon.exe (Creative Technology Ltd.)

O4 - HKCU..\Run: [GG] C:\Documents and Settings\1\Ustawienia lokalne\Dane aplikacji\GG\Application\gghub.exe (GG Network S.A.)

O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files\Google\Drive\googledrivesync.exe (Google)

O4 - HKCU..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)

O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.285\SSScheduler.exe (McAfee, Inc.)

O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\RAID Manager.lnk = C:\Program Files\ITE\ITE IT8212 ATA RAID Controller\RaidMgr.exe (Integrated Technology Express, Inc.)

O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe (Matsushita Electric Industrial Co., Ltd.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} "http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab" (Java Plug-in 1.6.0_37)

O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} "http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab" (Java Plug-in 1.6.0_37)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab" (Java Plug-in 1.6.0_37)

O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} "http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab" (Creative Software AutoUpdate Support Package 2)

O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} "http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab" (Creative Software AutoUpdate 2)

O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} "http://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab" (Creative Software AutoUpdate Support Package)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6ACE4F63-AF9E-4035-A1FA-276C5B07BF77}: DhcpNameServer = 192.168.1.1 192.168.1.1

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)

O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home

O24 - Desktop WallPaper: C:\Documents and Settings\1\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\1\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2012-01-07 09:19:05 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O32 - AutoRun File - [2011-11-05 13:52:32 | 000,049,648 | ---- | M] () - G:\autoruns.chm -- [ FAT ]

O32 - AutoRun File - [2012-08-01 13:27:52 | 000,643,696 | ---- | M] (Sysinternals - www.sysinternals.com) - G:\autoruns.exe -- [ FAT ]

O32 - AutoRun File - [2012-08-01 13:27:52 | 000,561,264 | ---- | M] (Sysinternals - www.sysinternals.com) - G:\autorunsc.exe -- [ FAT ]

O33 - MountPoints2\{11fdd546-16dc-11e2-8163-00112fb33448}\Shell - "" = AutoRun

O33 - MountPoints2\{11fdd546-16dc-11e2-8163-00112fb33448}\Shell\AutoRun\command - "" = G:\HTC_Sync_Manager_PC.exe

O33 - MountPoints2\{9c550bf0-444f-11e1-9e22-00112fb33448}\Shell - "" = AutoRun

O33 - MountPoints2\{9c550bf0-444f-11e1-9e22-00112fb33448}\Shell\AutoRun\command - "" = G:\DTVP_Launcher.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012-11-17 18:17:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood

[2012-11-17 18:12:01 | 000,000,000 | ---D | C] -- C:\_OTL

[2012-11-16 18:51:35 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\1\Pulpit\OTL.exe

[2012-11-16 18:48:18 | 000,477,240 | ---- | C] (Duplex Secure Ltd.) -- C:\WINDOWS\System32\drivers\sptd.sys

[2012-11-07 21:53:35 | 000,000,000 | --SD | C] -- C:\Documents and Settings\1\Moje dokumenty\Dysk Google

[2012-11-07 21:52:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Google Drive

[2012-11-07 21:52:02 | 000,000,000 | ---D | C] -- C:\Program Files\Google

[2012-11-04 17:45:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\PrintMe Internet Printing

[2012-11-04 11:47:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\McAfee Security Scan Plus

[2012-11-04 11:14:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\McAfee Security Scan

[2012-11-04 11:14:55 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan

[2012-11-04 11:14:53 | 000,697,272 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe

[2012-11-04 11:14:53 | 000,073,656 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl

[2012-11-03 20:08:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\1\Moje dokumenty\My GOLD

[2012-11-03 20:00:56 | 000,306,688 | ---- | C] (InstallShield Software Corporation) -- C:\WINDOWS\IsUninst.exe

[2012-11-03 20:00:35 | 000,394,496 | ---- | C] (B.H.A Co.,Ltd.) -- C:\WINDOWS\System32\drivers\BsUDF.sys

[2012-11-03 20:00:35 | 000,131,072 | ---- | C] (B.H.A Corporation.) -- C:\WINDOWS\BsUnInst.exe

[2012-11-03 20:00:35 | 000,000,000 | ---D | C] -- C:\Program Files\B's CLiP

[2012-11-03 20:00:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\B.H.A

[2012-11-03 20:00:05 | 000,406,016 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\Ltkrn12n.dll

[2012-11-03 20:00:05 | 000,363,520 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\Ltdlg12n.dll

[2012-11-03 20:00:05 | 000,259,584 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\Ltdis12n.dll

[2012-11-03 20:00:05 | 000,208,384 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\Ltefx12n.dll

[2012-11-03 20:00:05 | 000,181,248 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\Lfpng12n.dll

[2012-11-03 20:00:05 | 000,164,864 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\Ltimg12n.dll

[2012-11-03 20:00:05 | 000,143,360 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\Ltscr12n.dll

[2012-11-03 20:00:05 | 000,131,072 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\Ltfil12n.dll

[2012-11-03 20:00:05 | 000,060,416 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfpct12n.dll

[2012-11-03 20:00:05 | 000,049,664 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfwmf12n.dll

[2012-11-03 20:00:05 | 000,049,152 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\Ltlst12n.dll

[2012-11-03 20:00:05 | 000,047,104 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfXpm12n.dll

[2012-11-03 20:00:05 | 000,045,568 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfXbm12n.dll

[2012-11-03 20:00:05 | 000,036,864 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfpsd12n.dll

[2012-11-03 20:00:05 | 000,035,840 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\Lttwn12n.dll

[2012-11-03 20:00:05 | 000,032,256 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\Lttmb12n.dll

[2012-11-03 20:00:05 | 000,031,744 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lflmb12n.dll

[2012-11-03 20:00:05 | 000,031,232 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\LFPNM12n.dll

[2012-11-03 20:00:05 | 000,030,208 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\Ltwnd12n.dll

[2012-11-03 20:00:05 | 000,029,184 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lflma12n.dll

[2012-11-03 20:00:05 | 000,027,648 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfiff12n.dll

[2012-11-03 20:00:05 | 000,026,112 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfxwd12n.dll

[2012-11-03 20:00:05 | 000,026,112 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfpcx12n.dll

[2012-11-03 20:00:05 | 000,020,992 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfwpg12n.dll

[2012-11-03 20:00:05 | 000,020,992 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lftga12n.dll

[2012-11-03 20:00:05 | 000,020,992 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfimg12n.dll

[2012-11-03 20:00:05 | 000,020,480 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfsgi12n.dll

[2012-11-03 20:00:05 | 000,019,968 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfwfx12n.dll

[2012-11-03 20:00:05 | 000,019,968 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfpcd12n.dll

[2012-11-03 20:00:05 | 000,019,968 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfitg12n.dll

[2012-11-03 20:00:05 | 000,019,456 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfras12n.dll

[2012-11-03 20:00:05 | 000,019,456 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfmsp12n.dll

[2012-11-03 20:00:05 | 000,018,944 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfmac12n.dll

[2012-11-03 20:00:05 | 000,000,000 | ---D | C] -- C:\Program Files\B's Recorder GOLD7

[2012-11-03 20:00:04 | 000,358,912 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\LFCMP12n.DLL

[2012-11-03 20:00:04 | 000,084,480 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lffpx12n.dll

[2012-11-03 20:00:04 | 000,073,728 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lffax12n.dll

[2012-11-03 20:00:04 | 000,048,128 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfica12n.dll

[2012-11-03 20:00:04 | 000,038,912 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfflc12n.dll

[2012-11-03 20:00:04 | 000,037,888 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfeps12n.dll

[2012-11-03 20:00:04 | 000,035,840 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfcal12n.dll

[2012-11-03 20:00:04 | 000,030,720 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfbmp12n.dll

[2012-11-03 20:00:04 | 000,028,672 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfclp12n.dll

[2012-11-03 20:00:04 | 000,026,112 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfani12n.dll

[2012-11-03 20:00:04 | 000,023,040 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfawd12n.dll

[2012-11-03 20:00:04 | 000,021,504 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfCUT12n.dll

[2012-11-03 20:00:04 | 000,018,944 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfavi12n.dll

[2012-11-03 19:59:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\DVD-RAM

[2012-11-03 19:59:42 | 000,090,416 | ---- | C] (Matsushita Electric Industrial Co.,Ltd.) -- C:\WINDOWS\System32\drivers\meiudf.sys

[2012-11-03 19:59:41 | 000,155,648 | ---- | C] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\System32\RAMASST.exe

[2012-11-03 19:59:41 | 000,135,168 | ---- | C] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\System32\DVDMenu.dll

[2012-11-03 19:59:41 | 000,106,496 | ---- | C] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\System32\DVDRAMSV.exe

[2012-11-03 19:59:41 | 000,000,000 | ---D | C] -- C:\Program Files\DVD-RAM

[2012-11-03 19:58:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\CyberLink DVD Solution

[2012-11-03 19:58:24 | 000,000,000 | ---D | C] -- C:\Program Files\CyberLink DVD Solution

[2012-11-03 19:46:40 | 000,009,344 | ---- | C] (B.H.A Co.,Ltd.) -- C:\WINDOWS\System32\drivers\BsStor.sys

[2012-11-03 19:46:08 | 000,013,566 | ---- | C] (B.H.A Corporation) -- C:\WINDOWS\System32\drivers\cdrbsvsd.sys

[2012-11-03 19:46:07 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:\WINDOWS\System32\Pcdlib32.dll

[2012-11-03 19:45:19 | 000,010,368 | ---- | C] (Padus, Inc.) -- C:\WINDOWS\System32\drivers\pfc.sys

[2012-11-03 19:44:45 | 000,000,000 | ---D | C] -- C:\ppwork

[2012-11-03 19:41:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\CyberLink

[2012-11-03 19:40:59 | 000,000,000 | ---D | C] -- C:\Program Files\CyberLink

[2012-11-03 09:34:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\1\Ustawienia lokalne\Dane aplikacji\IsolatedStorage

[2012-11-03 09:26:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\1\Moje dokumenty\InstantCDDVD

[2012-11-03 09:25:17 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MPE.sys

[2012-11-03 09:25:17 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpe.sys

[2012-11-03 09:24:36 | 000,000,000 | ---D | C] -- C:\Program Files\DivX

[2012-11-03 09:24:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\DivX

[2012-11-03 09:23:37 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdaplgin.ax

[2012-11-03 09:23:37 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\BdaPlgIn.ax

[2012-11-03 09:23:37 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\BdaSup.sys

[2012-11-03 09:23:37 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdasup.sys

[2012-11-03 09:23:33 | 000,827,008 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\drivers\3xHybrid.sys

[2012-11-03 09:22:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\1\Ustawienia lokalne\Dane aplikacji\ApplicationHistory

[2012-11-03 09:22:32 | 000,446,464 | ---- | C] (eHelp Corporation.) -- C:\WINDOWS\System32\HHActiveX.dll

[2012-11-03 09:22:28 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MFC71.dll

[2012-11-03 09:22:28 | 001,047,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MFC71u.dll

[2012-11-03 09:22:28 | 000,487,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSVCP70.DLL

[2012-11-03 09:22:28 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atl71.dll

[2012-11-03 09:22:28 | 000,000,000 | ---D | C] -- C:\Program Files\Pinnacle

[2012-11-03 09:18:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Pinnacle

[2012-10-27 20:22:58 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox

[2012-10-21 13:11:03 | 000,000,000 | --SD | C] -- C:\Documents and Settings\1\GG dysk

[2012-10-21 13:08:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\GG

[2012-10-21 13:08:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\1\Dane aplikacji\GG

[2012-10-21 13:08:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\1\Ustawienia lokalne\Dane aplikacji\GG

[2012-10-20 17:49:48 | 000,157,680 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe

[2012-10-20 17:49:48 | 000,149,488 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe

[2012-10-20 17:49:48 | 000,149,488 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe

========== Files - Modified Within 30 Days ==========

[2012-11-17 18:14:04 | 000,001,022 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2012-11-17 18:13:59 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2012-11-16 00:09:34 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk

[2012-11-15 23:57:00 | 000,001,026 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2012-11-15 23:43:00 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job

[2012-11-13 19:12:09 | 000,033,540 | ---- | M] () -- C:\Documents and Settings\1\Moje dokumenty\(Allegro.pl - Wi_352cej ni_277 aukcje. Najlepsze oferty na najwi_352kszej platformie handlowej.).pdf

[2012-11-13 18:57:30 | 000,013,744 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2012-11-11 15:24:25 | 000,143,360 | ---- | M] () -- C:\Documents and Settings\1\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012-11-10 08:46:49 | 000,500,142 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat

[2012-11-10 08:46:49 | 000,441,308 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2012-11-10 08:46:49 | 000,088,802 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat

[2012-11-10 08:46:49 | 000,071,244 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2012-11-09 07:13:20 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe

[2012-11-09 07:13:20 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl

[2012-11-04 21:19:57 | 000,001,757 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 6.0 CE.lnk

[2012-11-04 18:29:12 | 000,174,706 | ---- | M] () -- C:\Documents and Settings\1\Moje dokumenty\CURRICULUM VITAE_new.pdf

[2012-11-04 11:47:48 | 000,001,767 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\McAfee Security Scan Plus.lnk

[2012-11-04 11:47:48 | 000,001,761 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\McAfee Security Scan Plus.lnk

[2012-11-03 20:00:06 | 000,000,569 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\B's Recorder GOLD BASIC.lnk

[2012-11-03 19:59:43 | 000,001,497 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\RAMASST.lnk

[2012-11-03 19:58:28 | 000,001,900 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\CyberLink Multimedia Launcher.lnk

[2012-11-03 19:57:00 | 000,252,680 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2012-11-03 18:50:52 | 000,000,349 | ---- | M] () -- C:\Documents and Settings\All Users\Dokumenty\PCLECHAL.INI

[2012-11-03 09:22:59 | 000,000,126 | ---- | M] () -- C:\Documents and Settings\1\Ustawienia lokalne\Dane aplikacji\fusioncache.dat

[2012-10-26 12:04:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2012-10-21 13:11:03 | 000,001,599 | ---- | M] () -- C:\Documents and Settings\1\Pulpit\GG dysk.lnk

[2012-10-21 13:08:08 | 000,001,112 | ---- | M] () -- C:\Documents and Settings\1\Pulpit\GG.lnk

[2012-10-20 20:13:15 | 000,000,797 | ---- | M] () -- C:\WINDOWS\VPlayer.INI

[2012-10-20 20:13:15 | 000,000,021 | ---- | M] () -- C:\WINDOWS\VplayerINI.vpl

[2012-10-19 17:42:43 | 000,009,971 | ---- | M] () -- C:\Documents and Settings\1\Pulpit\prefs.js

========== Files Created - No Company Name ==========

[2012-11-13 19:12:08 | 000,033,540 | ---- | C] () -- C:\Documents and Settings\1\Moje dokumenty\(Allegro.pl - Wi_352cej ni_277 aukcje. Najlepsze oferty na najwi_352kszej platformie handlowej.).pdf

[2012-11-07 21:52:04 | 000,001,026 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2012-11-07 21:52:04 | 000,001,022 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2012-11-04 18:29:11 | 000,174,706 | ---- | C] () -- C:\Documents and Settings\1\Moje dokumenty\CURRICULUM VITAE_new.pdf

[2012-11-04 17:45:55 | 000,001,757 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 6.0 CE.lnk

[2012-11-04 17:45:54 | 000,002,427 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Reader 6.0 CE.lnk

[2012-11-04 11:14:56 | 000,001,767 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\McAfee Security Scan Plus.lnk

[2012-11-04 11:14:56 | 000,001,761 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\McAfee Security Scan Plus.lnk

[2012-11-04 11:14:54 | 000,000,930 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job

[2012-11-03 20:00:35 | 000,445,816 | ---- | C] () -- C:\WINDOWS\BsUDF.tbl

[2012-11-03 20:00:06 | 000,000,569 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\B's Recorder GOLD BASIC.lnk

[2012-11-03 20:00:05 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\Lfkodak.dll

[2012-11-03 20:00:04 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\Lffpx7.dll

[2012-11-03 19:59:43 | 000,001,497 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\RAMASST.lnk

[2012-11-03 19:59:07 | 000,033,820 | ---- | C] () -- C:\WINDOWS\WMPrfDEU.prx

[2012-11-03 19:58:28 | 000,001,900 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\CyberLink Multimedia Launcher.lnk

[2012-11-03 19:58:25 | 000,040,960 | ---- | C] () -- C:\Program Files\Uninstall_CDS.exe

[2012-11-03 09:23:39 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\PsisRndr.ax

[2012-11-03 09:23:39 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax

[2012-11-03 09:23:38 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll

[2012-11-03 09:23:38 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll

[2012-11-03 09:23:37 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\MSDvbNP.ax

[2012-11-03 09:23:37 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax

[2012-11-03 09:23:33 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\34CoInstaller.dll

[2012-11-03 09:22:59 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\1\Ustawienia lokalne\Dane aplikacji\fusioncache.dat

[2012-11-03 09:19:10 | 000,000,349 | ---- | C] () -- C:\Documents and Settings\All Users\Dokumenty\PCLECHAL.INI

[2012-10-21 13:11:03 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\1\Pulpit\GG dysk.lnk

[2012-10-21 13:08:08 | 000,001,112 | ---- | C] () -- C:\Documents and Settings\1\Pulpit\GG.lnk

[2012-10-21 13:08:06 | 000,001,118 | ---- | C] () -- C:\Documents and Settings\1\Menu Start\Programy\GG.lnk

[2012-10-20 20:13:15 | 000,000,797 | ---- | C] () -- C:\WINDOWS\VPlayer.INI

[2012-10-20 20:13:15 | 000,000,021 | ---- | C] () -- C:\WINDOWS\VplayerINI.vpl

[2012-10-19 17:42:43 | 000,009,971 | ---- | C] () -- C:\Documents and Settings\1\Pulpit\prefs.js

[2012-06-27 17:45:44 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll

[2012-01-19 14:51:21 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2012-01-11 18:35:47 | 000,143,360 | ---- | C] () -- C:\Documents and Settings\1\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012-01-08 09:25:22 | 000,005,627 | R--- | C] () -- C:\WINDOWS\System32\ludap17.ini

[2012-01-08 09:25:22 | 000,000,039 | R--- | C] () -- C:\WINDOWS\System32\ctzapxx.ini

[2012-01-08 08:47:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin

[2012-01-08 08:45:28 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe

[2012-01-07 10:04:47 | 000,040,960 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe

[2012-01-07 10:00:27 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2012-01-07 09:57:31 | 000,252,680 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2012-01-07 09:27:29 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2012-01-07 09:25:33 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini

[2012-01-07 09:16:17 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

< End of report >

picasso · 18 Listopada 2012

Jaki powód wklejenia raportu do posta a nie jako załącznik? Infekcja pomyślnie usunięta, kończymy:

1. Mini poprawka. Uruchom OTL i w sekcji Własne opcje skanowania / skrypt wklej:

:Reg
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{A5CD82C8-9645-4FE3-9551-47333D7C3943}"

Klik w Wykonaj skrypt. Tym razem nie będzie restartu,

2. W OTL uruchom Sprzątanie, które usunie z dysku OTL wraz z kwarantanną.

3. Odinstaluj McAfee Security Scan (sponsor paczek Adobe), starą Java, Adobe Reader i Silverlight.

========== HKEY_LOCAL_MACHINE Uninstall List ========== 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{3248F0A8-6813-11D6-A77B-00B0D0150070}" = J2SE Runtime Environment 5.0 Update 7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{AC76BA86-7AD7-1038-7646-CE0000000001}" = Adobe Reader 6.0 CE
 
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)

O Silverlight już dawno mówiłam, a tu nadal stara wersja widoczna. Na dodatek, wcześniej był Adobe Reader 8.1.0 (który miał być aktualizowany), a tu wstawiony teraz wymiennie dziurawy trup Adobe Reader 6.0 CE! Im starszy, tym więcej dziur i zagrożenie inekcyjne przez wklejki z www.

4. Wyczyść foldery Przywracania systemu: KLIK.

.

Zaloguj się

Wirus UKASH

Rekomendowane odpowiedzi

Wendor

Odnośnik do komentarza

Landuss

Odnośnik do komentarza

Wendor

Odnośnik do komentarza

Landuss

Odnośnik do komentarza

Wendor

Odnośnik do komentarza

Wendor

Odnośnik do komentarza

picasso

Odnośnik do komentarza

Wendor

Odnośnik do komentarza

picasso

Odnośnik do komentarza

Wendor

Odnośnik do komentarza

picasso

Odnośnik do komentarza

Wendor

Odnośnik do komentarza

picasso

Odnośnik do komentarza

Ostatnio przeglądający 0 użytkowników

Przeglądaj

Cała aktywność