NIe uruchamia się płyta z CD Action

potus · Listopad 3, 2009

Wkładam do napędu. Coś tam pokręci i nie uruchamia się . W "Moim komputerze" widać ikonkę płyty, mogę wejść w płytkę przez Total Commandera i np rozpakować Bonus ale płyta się nie samostartuje. Mam Vistę na laptopie Acer Aspire 7730 G. Co robić ??

Cragir · Listopad 3, 2009

Może masz wyłączone autoodtwarzanie? Jeśli tak to nawet lepiej, mniejsze ryzyko złapania jakiegoś paskudztwa po podłączeniu jakiegoś pendriva.

Evunio · Listopad 3, 2009

Wejdź na mój komputer i ręcznie.

VTony · Listopad 3, 2009

Nie za bardzo rozumiem twój problem... Chodzi ci o auto-odtwarzanie czy w ogóle płyta się nie uruchamia?

Ale może za aktualizuj sterownik.

Aha i pytanie: ten napęd masz od samego początku i miałeś go od razu z komputerem. I czy się nie grzebałeś w okolicach kabli napędu?

potus · Listopad 3, 2009

Laptop na gwarancji .

Alladyn · Listopad 3, 2009

po pierwsze sprawdź czy u kogo innego ta płytka działa

potus · Listopad 3, 2009

Działa na innym kompie

Gofer · Listopad 3, 2009

Ale nie działa tylko autostart, czy podwójny klik też? Jeśli to drugie, to możliwe, że masz wirusa. Przesłantk komputer Malwarebytes' Anti-Malware i DrWeb CureIt! , pozwól naprawić co znajdą i wklej logi z ich działania. Powiedz też, jakiego programu antywirusowego używasz.

potus · Listopad 3, 2009

ani autostart ani na "moim komputerze" , a używam antywirusa "Avast!" .

Gofer · Listopad 3, 2009

Więc wykonaj skany podanymi przeze mnie programami i pozwól naprawić co znajdą, po tym skan programem RSIT, wszystkie logi wklej w temacie. A Avasta zmien na Comodo Internet Security, lub zestaw Avira/AVG + Comodo Firewall.

potus · Listopad 3, 2009

Po naprawie ponad 200 problemów daję pierwszy log .

Malwarebytes' Anti-Malware 1.41

Wersja bazy definicji: 3092

Windows 6.0.6002 Service Pack 2

2009-11-03 19:05:23

mbam-log-2009-11-03 (19-05-03).txt

Typ skanowania: Szybkie skanowanie

Przeskanowane obiekty: 102844

Upłynęło: 10 minute(s), 37 second(s)

Zainfekowane procesy w pamięci: 0

Zainfekowane moduły pamięci: 0

Zainfekowane klucze rejestru: 0

Zainfekowane wartości rejestru: 0

Zainfekowane pliki rejestru: 0

Zainfekowane foldery: 2

Zainfekowane pliki: 0

Zainfekowane procesy w pamięci:

(Nie wykryto groźnych plików)

Zainfekowane moduły pamięci:

(Nie wykryto groźnych plików)

Zainfekowane klucze rejestru:

(Nie wykryto groźnych plików)

Zainfekowane wartości rejestru:

(Nie wykryto groźnych plików)

Zainfekowane pliki rejestru:

(Nie wykryto groźnych plików)

Zainfekowane foldery:

C:\Program Files\MyWebSearch (Adware.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar (Adware.MyWebSearch) -> No action taken.

Zainfekowane pliki:

(Nie wykryto groźnych plików)

potus · Listopad 3, 2009

info.txt logfile of random's system information tool 1.06 2009-11-03 19:29:58

======Uninstall list======

-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0

-->MsiExec /X{DD1865F0-AD73-40FB-B23E-1822E02396FF}

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A450831D-25F6-4F42-9662-D000B25E0D82}\Setup.exe" -uninstall

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AA4BF92B-2AAF-11DA-9D78-000129760D75}\Setup.exe" -uninstall

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0415-0000-0000000FF1CE} /uninstall {72776234-19F1-4688-9312-85FAF07143F4}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0415-0000-0000000FF1CE} /uninstall {72776234-19F1-4688-9312-85FAF07143F4}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0415-0000-0000000FF1CE} /uninstall {72776234-19F1-4688-9312-85FAF07143F4}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0415-0000-0000000FF1CE} /uninstall {2D1F88C2-ADAE-47C4-8648-6EA8F7E6EB2D}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0415-0000-0000000FF1CE} /uninstall {94A4609B-0414-4427-81F3-0FD282A2D0D3}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-0415-0000-0000000FF1CE} /uninstall {72776234-19F1-4688-9312-85FAF07143F4}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}

4Story 1.5-->"D:\Gry\4Story\unins000.exe"

7-Zip 4.42-->"C:\Program Files\7-Zip\Uninstall.exe"

Acer Arcade Deluxe-->"C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\Setup.exe" /z-uninstall

Acer Bio Protection

AAA 6.0.00.13-->"C:\Program Files\Acer\Acer Bio Protection\uninstall.exe"

Acer Crystal Eye Webcam 2.0.8-->C:\Program Files\InstallShield Installation Information\{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}\setup.exe -runfromtemp -l0x0009 -removeonly

Acer Crystal Eye webcam Ver:1.1.59.528-->C:\Program Files\InstallShield Installation Information\{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}\setup.exe -runfromtemp -l0x0009 -removeonly

Acer Crystal Eye Webcam-->C:\Program Files\InstallShield Installation Information\{DD1DED37-2486-4F56-8F89-56AA814003F5}\setup.exe -runfromtemp -l0x0009 -removeonly

Acer eDataSecurity Management-->C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSnstHelper.exe -Operation UNINSTALL

Acer Empowering Technology-->"C:\Program Files\InstallShield Installation Information\{8F1B6239-FEA0-450A-A950-B05276CE177C}\setup.exe" -runfromtemp -l0x0015 -removeonly

Acer ePower Management-->"C:\Program Files\InstallShield Installation Information\{58E5844B-7CE2-413D-83D1-99294BF6C74F}\setup.exe" -runfromtemp -l0x0015 -removeonly

Acer eRecovery Management-->"C:\Program Files\InstallShield Installation Information\{7F811A54-5A09-4579-90E1-C93498E230D9}\setup.exe" -runfromtemp -l0x0015 -removeonly

Acer eSettings Management-->"C:\Program Files\InstallShield Installation Information\{13D85C14-2B85-419F-AC41-C7F21E68B25D}\setup.exe" -runfromtemp -l0x0015 -removeonly

Acer GameZone Console 2.0.1.1-->"C:\Program Files\Acer GameZone\GameConsole\unins000.exe"

Acer GridVista-->C:\Windows\GVUni.exe GridV.UNI

Acer Mobility Center Plug-In-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11316260-6666-467B-AC34-183FCB5D4335}\setup.exe" -l0x15 -removeonly

Acer Product Registration-->"C:\Program Files\InstallShield Installation Information\{DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E}\setup.exe" -runfromtemp -l0x0015 -removeonly

Acer ScreenSaver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}\setup.exe" -l0x9 -removeonly

Adobe Acrobat 5.0 CE-->C:\WINDOWS\ISUN0415.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 5.0 CE\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 5.0 CE\NT\Uninst.dll"

Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe

Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe

Adobe Reader 9.1 - Polish-->MsiExec.exe /I{AC76BA86-7AD7-1045-7B44-A91000000001}

Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"

Agatha Christie Death on the Nile-->"C:\Program Files\Acer GameZone\Agatha Christie Death on the Nile\Uninstall.exe" "C:\Program Files\Acer GameZone\Agatha Christie Death on the Nile\install.log"

Agere Systems HDA Modem-->agrsmdel

Alice Greenfingers-->"C:\Program Files\Acer GameZone\Alice Greenfingers\Uninstall.exe" "C:\Program Files\Acer GameZone\Alice Greenfingers\install.log"

ArtCursors-->"D:\Gry\aRTkU\ArtCursors\uninstall.exe"

Asystent rejestracji usługi Windows Live-->MsiExec.exe /I{12D899B3-E5BC-40DC-B3A9-5303AAF88620}

AuthenTec Fingerprint Sensor Minimum Install-->MsiExec.exe /X{31A5ED9F-E07B-4F6E-8179-27325BAAC502}

avast! Antivirus-->rundll32 C:\PROGRA~1\ALWILS~1\Avast4\Setup\setiface.dll,RunSetup

Azada-->"C:\Program Files\Acer GameZone\Azada\Uninstall.exe" "C:\Program Files\Acer GameZone\Azada\install.log"

Backspin Billiards-->"C:\Program Files\Acer GameZone\Backspin Billiards\Uninstall.exe" "C:\Program Files\Acer GameZone\Backspin Billiards\install.log"

Big Kahuna Reef-->"C:\Program Files\Acer GameZone\Big Kahuna Reef\Uninstall.exe" "C:\Program Files\Acer GameZone\Big Kahuna Reef\install.log"

Black and White-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E51B4CD9-A0A6-4324-B26A-31B3F2DE26CE}\Setup.exe"

blueconnect-->C:\Program Files\blueconnect\uninst.exe

Bookworm Deluxe-->"C:\Program Files\Acer GameZone\Bookworm Deluxe\Uninstall.exe" "C:\Program Files\Acer GameZone\Bookworm Deluxe\install.log"

Bricks of Egypt-->"C:\Program Files\Acer GameZone\Bricks of Egypt\Uninstall.exe" "C:\Program Files\Acer GameZone\Bricks of Egypt\install.log"

Broadcom Gigabit Integrated Controller-->MsiExec.exe /X{A64A5576-D862-44F8-89DC-2B17FCC9B86E}

Cake Mania-->"C:\Program Files\Acer GameZone\Cake Mania\Uninstall.exe" "C:\Program Files\Acer GameZone\Cake Mania\install.log"

Call of Duty-->C:\PROGRA~1\CALLOF~1\Uninstall\Unwise.exe /u C:\PROGRA~1\CALLOF~1\Uninstall\Install.log

Ceville-->D:\Gry\Caville\Ceville\uninstaller.exe

Chicken Invaders 3-->"C:\Program Files\Acer GameZone\Chicken Invaders 3\Uninstall.exe" "C:\Program Files\Acer GameZone\Chicken Invaders 3\install.log"

Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}

Chuzzle-->"C:\Program Files\Acer GameZone\Chuzzle\Uninstall.exe" "C:\Program Files\Acer GameZone\Chuzzle\install.log"

Crashday v1.1-->"C:\Program Files\OniGames\Crashday\unins000.exe"

CyberLink PowerDirector-->"C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe" /z-uninstall

Dark Sector-->"D:\Gry\DarkSector\Dark Sector\unins000.exe"

Diner Dash Flo on the Go-->"C:\Program Files\Acer GameZone\Diner Dash Flo on the Go\Uninstall.exe" "C:\Program Files\Acer GameZone\Diner Dash Flo on the Go\install.log"

eSobi v2-->C:\Program Files\InstallShield Installation Information\{15D967B5-A4BE-42AE-9E84-64CD062B25AA}\setup.exe -runfromtemp -l0x0409

Flip Words 2-->"C:\Program Files\Acer GameZone\Flip Words 2\Uninstall.exe" "C:\Program Files\Acer GameZone\Flip Words 2\install.log"

Gadu-Gadu 7.7-->C:\Program Files\Gadu-Gadu\Setup.exe

Galeria fotografii usługi Windows Live-->MsiExec.exe /X{40CC0CC6-C1BA-476D-98CF-5430DA439B4F}

GameSpy Arcade-->C:\PROGRA~1\GAMESP~1\UNWISE.EXE C:\PROGRA~1\GAMESP~1\INSTALL.LOG

Giants-->C:\Windows\IsUn0415.exe -f"d:\gry\giant !!!!!!\Uninst.isu"

HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""

IDM Trader-->MsiExec.exe /X{4AA1054E-3369-4677-93FF-192B827AD3FB}

Intel? Matrix Storage Manager-->C:\Program Files\Intel\Intel Matrix Storage Manager\Uninstall\imsmudlg.exe -uninstall

InterplayGames.com-->"D:\Gry\Giants - dodatek do sieci czy coś\InterplayGames\System\UNWISE32.EXE" /a D:\Gry\GIANTS~1\INTERP~1\System\install.log

ipla 2.0.2-->C:\Program Files\ipla\uninst.exe

IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe

J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}

Jade Empire-->C:\Windows\Uninstall Jade Empire.exe

Java 6 Update 16-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}

Jewel Quest Solitaire-->"C:\Program Files\Acer GameZone\Jewel Quest Solitaire\Uninstall.exe" "C:\Program Files\Acer GameZone\Jewel Quest Solitaire\install.log"

JMicron JMB38X Flash Media Controller-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{26604C7E-A313-4D12-867F-7C6E7820BE4C}\setup.exe" -l0x9 -removeonly

Junk Mail filter update-->MsiExec.exe /I{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}

Kalendarz XP v29.85-->C:\Program Files\Kalendarz XP\uninstall.exe

Kick N Rush-->"C:\Program Files\Acer GameZone\Kick N Rush\Uninstall.exe" "C:\Program Files\Acer GameZone\Kick N Rush\install.log"

Kraina Gier-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F2B18845-4B26-4AE0-983E-DE5A5A6DBD01}\setup.exe" -l0x15

LastChaosPoland-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A56028FC-1F40-4369-9941-7AAAC6ACE924}\setup.exe" -l0x9 -removeonly

Launch Manager-->C:\Windows\UnInst32.exe QtZgAcer.UNI

Mahjong Escape Ancient China-->"C:\Program Files\Acer GameZone\Mahjong Escape Ancient China\Uninstall.exe" "C:\Program Files\Acer GameZone\Mahjong Escape Ancient China\install.log"

Mahjongg Artifacts-->"C:\Program Files\Acer GameZone\Mahjongg Artifacts\Uninstall.exe" "C:\Program Files\Acer GameZone\Mahjongg Artifacts\install.log"

Malwarebytes' Anti-Malware-->"C:\Skanery\Malwarebytes' Anti-Malware\unins000.exe"

Microsoft .NET Framework 3.5 Language Pack SP1 - plk-->MsiExec.exe /I{9EFDFBA8-9174-3C61-8645-28376C5CA994}

Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe

Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}

Microsoft Office Excel MUI (Polish) 2007-->MsiExec.exe /X{90120000-0016-0415-0000-0000000FF1CE}

Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL

Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}

Microsoft Office OneNote MUI (Polish) 2007-->MsiExec.exe /X{90120000-00A1-0415-0000-0000000FF1CE}

Microsoft Office PowerPoint MUI (Polish) 2007-->MsiExec.exe /X{90120000-0018-0415-0000-0000000FF1CE}

Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}

Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}

Microsoft Office Proof (Polish) 2007-->MsiExec.exe /X{90120000-001F-0415-0000-0000000FF1CE}

Microsoft Office Proofing (Polish) 2007-->MsiExec.exe /X{90120000-002C-0415-0000-0000000FF1CE}

Microsoft Office Shared MUI (Polish) 2007-->MsiExec.exe /X{90120000-006E-0415-0000-0000000FF1CE}

Microsoft Office Suite Activation Assistant-->MsiExec.exe /X{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}

Microsoft Office Word MUI (Polish) 2007-->MsiExec.exe /X{90120000-001B-0415-0000-0000000FF1CE}

Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}

Microsoft Works-->MsiExec.exe /I{E9AD90C1-6281-45AB-9458-098D2EF770A1}

Mozilla Firefox (3.5)-->D:\Firefox\uninstall\helper.exe

MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}

MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

Mystery Case Files - Huntsville-->"C:\Program Files\Acer GameZone\Mystery Case Files - Huntsville\Uninstall.exe" "C:\Program Files\Acer GameZone\Mystery Case Files - Huntsville\install.log"

Mystery Solitaire - Secret Island-->"C:\Program Files\Acer GameZone\Mystery Solitaire - Secret Island\Uninstall.exe" "C:\Program Files\Acer GameZone\Mystery Solitaire - Secret Island\install.log"

Narzędzie do przekazywania usługi Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}

Need for Speed? Carbon-->C:\Program Files\Electronic Arts\Need for Speed Carbon\EAUninstall.exe

Need for Speed? Most Wanted-->C:\Program Files\EA GAMES\Need for Speed Most Wanted\EAUninstall.exe

Norton Security Scan-->C:\Program Files\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\2.3.0.44\InstStub.exe /X

NTI Backup Now 5-->C:\Program Files\InstallShield Installation Information\{12EFA1A4-AC3B-443C-8143-237EDE760403}\setup.exe -runfromtemp -l0x0415

NTI Media Maker 8-->C:\Program Files\InstallShield Installation Information\{2413930C-8309-47A6-BC61-5EF27A4222BC}\setup.exe -runfromtemp -l0x0415

NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI

NVIDIA PhysX-->MsiExec.exe /X{DD1865F0-AD73-40FB-B23E-1822E02396FF}

OpenOffice.org 3.1-->MsiExec.exe /I{D2D3D146-67BC-43D0-9015-2E7BAC2E032B}

Orion-->MsiExec.exe /X{5B63A470-9334-44D1-AF61-6CE2DB565AE9}

Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 ? PLK-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - plk\setup.exe

PDFCreator-->C:\Program Files\PDFCreator\unins000.exe

pdfforge Toolbar v1.1.1-->MsiExec.exe /X{4EF8BE6A-899C-4196-94E7-297C5F7A203E}

Pet Beauty Salon-->"C:\Program Files\Pet Beauty Salon\unins000.exe"

Pivot Stickfigure Animator-->MsiExec.exe /I{BEAD39CD-901D-4267-8B8B-EAA83CB4B70D}

Poczta usługi Windows Live-->MsiExec.exe /I{DB4690C5-9015-401D-A96C-A49909B7C372}

Podstawowe programy Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe

Podstawowe programy Windows Live-->MsiExec.exe /I{0B63BF75-9F0A-4E93-A69D-BDCC6A26C4B1}

QuickTime-->C:\Windows\unvise32qt.exe C:\Windows\system32\QuickTime\Uninstall.log

RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0

Sąsiedzi z Piekła Rodem 1 i 2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6AAF923E-077E-4543-BA1C-42A75BB03677}\setup.exe" -l0x15

Sitting Ducks-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{C51047F8-86B2-4807-A1E7-C8820AEF5661}

Skype? 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}

SPORE? Fabryka stworów, wersja próbna-->"C:\Program Files\InstallShield Installation Information\{ECEE0279-785F-4CB3-9F28-E69813234BF8}\SCCSetup.exe" -runfromtemp -l0x0015 -removeonly

Star Sword-->"D:\Gry\Star Sword\unins000.exe"

Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall

The Sims 2 Na studiach-->C:\Program Files\EA GAMES\The Sims 2 Na studiach\EAUninstall.exe

The Sims 2-->C:\Program Files\EA GAMES\The Sims 2\EAUninstall.exe

Tony Hawks Pro Skater 4-->MsiExec.exe /X{E0F07676-2C60-4465-A727-20DE3BFCABAC}

Total Commander (Remove or Repair)-->c:\totalcmd\tcuninst.exe

Total Commander Ultima Prime 4.8.0.0-->"C:\Program Files\TC UP\un_TC UP.exe"

TrackMania Nations ESWC 0.1.7.5-->"D:\Gry\TM\TrackMania Nations ESWC\unins000.exe"

Turbo Pizza-->"C:\Program Files\Acer GameZone\Turbo Pizza\Uninstall.exe" "C:\Program Files\Acer GameZone\Turbo Pizza\install.log"

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""

Update for Office 2007 (KB946691)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}

Vista Codec Package-->MsiExec.exe /I{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}

Winbond CIR Device Drivers-->MsiExec.exe /I{10F498FF-5392-4DF3-8F73-FE172A9F3800}

Windows Live Communications Platform-->MsiExec.exe /I{F69E83CF-B440-43F8-89E6-6EA80712109B}

Windows Live Messenger-->MsiExec.exe /X{2A5FBE73-76DA-4A31-BD86-1B0E01DC33F8}

Windows Live Sync-->MsiExec.exe /X{C3335EFB-008F-44DB-A87A-9EC8EE53D045}

Windows Live Writer-->MsiExec.exe /X{DD49053A-0140-44EF-AE75-C4BC1FDB8286}

Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}

Windows Movie Maker 2.6-->MsiExec.exe /X{B3DAF54F-DB25-4586-9EF1-96D24BB14088}

Worms 3D-->C:\Program Files\InstallShield Installation Information\{8874FD36-7C9D-4573-8956-E368D6753D90}\setup.exe -runfromtemp -l0x0015 -removeonly

Zuma Deluxe-->"C:\Program Files\Acer GameZone\Zuma Deluxe\Uninstall.exe" "C:\Program Files\Acer GameZone\Zuma Deluxe\install.log"

======Security center information======

AV: avast! antivirus 4.7.942 [VPS 091103-0]

AS: Windows Defender

======System event log======

Computer Name: Wiktor-PC

Event Code: 4383

Message: Obsługa systemu Windows ukończyła proces zmieniania stanu aktualizacji 948609-94_neutral_GDR z pakietu KB948609(Update) na Przemieszczanie(Staging).

Record Number: 53032

Source Name: Microsoft-Windows-Servicing

Time Written: 20090816055507.000000-000

Event Type: Informacje

User: ZARZĄDZANIE NT\SYSTEM

Computer Name: Wiktor-PC

Event Code: 4383

Message: Obsługa systemu Windows ukończyła proces zmieniania stanu aktualizacji 948609-93_neutral_LDR z pakietu KB948609(Update) na Przemieszczanie(Staging).

Record Number: 53031

Source Name: Microsoft-Windows-Servicing

Time Written: 20090816055507.000000-000

Event Type: Informacje

User: ZARZĄDZANIE NT\SYSTEM

Computer Name: Wiktor-PC

Event Code: 4383

Message: Obsługa systemu Windows ukończyła proces zmieniania stanu aktualizacji 948609-92_neutral_GDR z pakietu KB948609(Update) na Przemieszczanie(Staging).

Record Number: 53030

Source Name: Microsoft-Windows-Servicing

Time Written: 20090816055507.000000-000

Event Type: Informacje

User: ZARZĄDZANIE NT\SYSTEM

Computer Name: Wiktor-PC

Event Code: 4383

Message: Obsługa systemu Windows ukończyła proces zmieniania stanu aktualizacji 948609-91_neutral_LDR z pakietu KB948609(Update) na Przemieszczanie(Staging).

Record Number: 53029

Source Name: Microsoft-Windows-Servicing

Time Written: 20090816055507.000000-000

Event Type: Informacje

User: ZARZĄDZANIE NT\SYSTEM

Computer Name: Wiktor-PC

Event Code: 4383

Message: Obsługa systemu Windows ukończyła proces zmieniania stanu aktualizacji 948609-90_neutral_GDR z pakietu KB948609(Update) na Przemieszczanie(Staging).

Record Number: 53028

Source Name: Microsoft-Windows-Servicing

Time Written: 20090816055507.000000-000

Event Type: Informacje

User: ZARZĄDZANIE NT\SYSTEM

=====Application event log=====

Computer Name: WIN-W50SIDWHDUC

Event Code: 1003

Message: Usługa licencjonowania oprogramowania ukończyła sprawdzanie stanu licencjonowania.

Identyfikator aplikacji=55c92734-d682-4d71-983e-d6ec3f16059f

Stan licencji=

{1,[3a1d44e2-bede-46fb-8a02-0cd485a1db8b, 8, 0xC004F014,0x0]}

{1,[9e042223-03bf-49ae-808f-ff37f128d40d, 8, 0xC004F014,0x0]}

{1,[a3481201-436e-4fc9-88b4-34ccf7f81789, 8, 0xC004F014,0x0]}

{1,[a4eec485-e375-48b4-8f51-80d13a4086b6, 8, 0xC004F014,0x0]}

{1,[b6795467-dc45-4acf-af87-e948ee3f15f4, 8, 0xC004F014,0x0]}

{1,[bffdc375-bbd5-499d-8ef1-4f37b61c895f, 0, 0x0,0x0],[0x0,0x0,0x0,0,0,0x0],[0x0,0xFFFFFFFF,0x0,0,0,0x0],[0x0,0xFFFFFFFF,0x0,

0,0,0x0],[0,0,0x0]}

{1,[c3505bd0-004a-49b9-84db-a1a4869eddf1, 8, 0xC004F014,0x0]}

{1,[c5d8ec70-e2ae-42d8-aaa9-eec3772438ee, 8, 0xC004F014,0x0]}

{1,[f3acdd3c-119a-4932-a3d7-0b6f33a1dca9, 8, 0xC004F014,0x0]}

{1,[afd5f68f-b70f-4000-a21d-28dbc8be8b07, 8, 0xC004F014,0x0]}

Record Number: 994

Source Name: Microsoft-Windows-Security-Licensing-SLC

Time Written: 20090111103334.000000-000

Event Type: Informacje

User:

Computer Name: WIN-W50SIDWHDUC

Event Code: 1033

Message: Te zasady są wykluczane, ponieważ są zdefiniowane tylko z atrybutem pozwalającym wyłącznie na zastępowanie.

Nazwy=(IIS-W3SVC-MaxConcurrentRequests) (Telnet-Client-EnableTelnetClient) (Telnet-Client-EnableTelnetClient_w) (Telnet-Server-EnableTelnetServer) (Telnet-Server-EnableTelnetServer_w)

Identyfikator aplikacji=55c92734-d682-4d71-983e-d6ec3f16059f

Identyfikator SKU=bffdc375-bbd5-499d-8ef1-4f37b61c895f

Record Number: 993

Source Name: Microsoft-Windows-Security-Licensing-SLC

Time Written: 20090111103334.000000-000

Event Type: Informacje

User:

Computer Name: WIN-W50SIDWHDUC

Event Code: 12305

Message: Błąd Usługi kopiowania woluminów w tle: wolumin/dysk jest niepodłączony lub nie został odnaleziony. Kontekst błędu: DeviceIoControl(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy20 - 0000016C,0x00530190,00000000,0,010137F8,4096,[0]).

Operacja:

Badaj kopie w tle

Record Number: 992

Source Name: VSS

Time Written: 20090111103303.000000-000

Event Type: Błąd

User:

Computer Name: WIN-W50SIDWHDUC

Event Code: 103

Message: Windows (1832) Windows: Aparat bazy danych zatrzymał wystąpienie (0).

Record Number: 991

Source Name: ESENT

Time Written: 20090111103123.000000-000

Event Type: Informacje

User:

Computer Name: WIN-W50SIDWHDUC

Event Code: 1013

Message: Usługa Windows Search została normalnie zatrzymana.

Record Number: 990

Source Name: Microsoft-Windows-Search

Time Written: 20090111103123.000000-000

Event Type: Informacje

User:

=====Security event log=====

Computer Name: WIN-W50SIDWHDUC

Event Code: 4648

Message: Podjęto próbę logowania przy użyciu jawnych poświadczeń.

Podmiot:

Identyfikator zabezpieczeń: S-1-5-18

Nazwa konta: WIN-W50SIDWHDUC$

Domena konta: WORKGROUP

Identyfikator logowania: 0x3e7

Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000}

Konto, którego poświadczenia zostały użyte:

Nazwa konta: SYSTEM

Domena konta: ZARZĄDZANIE NT

Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000}

Serwer docelowy:

Nazwa serwera docelowego: localhost

Informacje dodatkowe: localhost

Informacje o procesie:

Identyfikator procesu: 0x28c

Nazwa procesu: C:\Windows\System32\services.exe

Informacje o sieci:

Adres sieciowy: -

Port: -

To zdarzenie jest generowane, gdy proces podejmie próbę zalogowania się na koncie, określając w sposób jawny poświadczenia konta. To zdarzenie najczęściej występuje w konfiguracjach wsadowych, takich jak zaplanowane zadania, lub podczas używania polecenia RUNAS.

Record Number: 1391

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20090111103124.558411-000

Event Type: Sukces inspekcji

User:

Computer Name: WIN-W50SIDWHDUC

Event Code: 4672

Message: Przypisano specjalne uprawnienia do nowego logowania.

Podmiot:

Identyfikator zabezpieczeń: S-1-5-18

Nazwa konta: SYSTEM

Domena konta: ZARZĄDZANIE NT

Identyfikator logowania: 0x3e7

Uprawnienia: SeAssignPrimaryTokenPrivilege

SeTcbPrivilege

SeSecurityPrivilege

SeTakeOwnershipPrivilege

SeLoadDriverPrivilege

SeBackupPrivilege

SeRestorePrivilege

SeDebugPrivilege

SeAuditPrivilege

SeSystemEnvironmentPrivilege

SeImpersonatePrivilege

Record Number: 1390

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20090111103124.418011-000

Event Type: Sukces inspekcji

User:

Computer Name: WIN-W50SIDWHDUC

Event Code: 4624

Message: Użytkownik pomyślnie zalogował się na koncie.

Podmiot:

Identyfikator zabezpieczeń: S-1-5-18

Nazwa konta: WIN-W50SIDWHDUC$

Domena konta: WORKGROUP

Identyfikator logowania: 0x3e7

Typ logowania: 5

Nowe logowanie:

Identyfikator zabezpieczeń: S-1-5-18

Nazwa konta: SYSTEM

Domena konta: ZARZĄDZANIE NT

Identyfikator logowania: 0x3e7

Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000}

Informacje o procesie:

Identyfikator procesu: 0x28c

Nazwa procesu: C:\Windows\System32\services.exe

Informacje o sieci:

Nazwa stacji roboczej:

Adres źródłowy sieci: -

Port źródłowy: -

Szczegółowe informacje o uwierzytelnianiu:

Proces logowania: Advapi

Pakiet uwierzytelniania: Negotiate

Usługi przejściowe: -

Nazwa pakietu (tylko NTLM): -

Długość klucza: 0

To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do którego został uzyskany dostęp.

Pola podmiotu wskazują konto w systemie lokalnym, które zażądało logowania. Najczęściej jest to usługa, na przykład usługa Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe.

Pole typu logowania wskazuje rodzaj zaistniałego logowania. Najczęstsze typy to 2 (interakcyjne) i 3 (sieciowe).

Pola nowego logowania wskazują konto, dla którego zostało utworzone nowe logowanie, czyli konto, które zostało zalogowane.

Pola sieci wskazują lokalizację, z której pochodziło zdalne żądanie logowania. Nazwa stacji roboczej nie zawsze jest dostępna i w niektórych przypadkach może być pusta.

Pola informacji o uwierzytelnianiu zawierają szczegółowe informacje o tym konkretnym żądaniu logowania.

- Identyfikator GUID logowania to unikatowy identyfikator, za pomocą którego można skorelować to zdarzenie ze zdarzeniem centrum dystrybucji kluczy.

- Usługi przejściowe wskazują, które usługi pośrednie uczestniczyły w tym żądaniu logowania.

- Nazwa pakietu wskazuje, który protokół podrzędny spośród protokołów NTLM został użyty.

- Długość klucza wskazuje długość wygenerowanego klucza sesji. Jeśli nie zażądano klucza sesji, jest to wartość 0.

Record Number: 1389

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20090111103124.418011-000

Event Type: Sukces inspekcji

User:

Computer Name: WIN-W50SIDWHDUC

Event Code: 4648

Message: Podjęto próbę logowania przy użyciu jawnych poświadczeń.

Podmiot:

Identyfikator zabezpieczeń: S-1-5-18

Nazwa konta: WIN-W50SIDWHDUC$

Domena konta: WORKGROUP

Identyfikator logowania: 0x3e7

Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000}

Konto, którego poświadczenia zostały użyte:

Nazwa konta: SYSTEM

Domena konta: ZARZĄDZANIE NT

Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000}

Serwer docelowy:

Nazwa serwera docelowego: localhost

Informacje dodatkowe: localhost

Informacje o procesie:

Identyfikator procesu: 0x28c

Nazwa procesu: C:\Windows\System32\services.exe

Informacje o sieci:

Adres sieciowy: -

Port: -

To zdarzenie jest generowane, gdy proces podejmie próbę zalogowania się na koncie, określając w sposób jawny poświadczenia konta. To zdarzenie najczęściej występuje w konfiguracjach wsadowych, takich jak zaplanowane zadania, lub podczas używania polecenia RUNAS.

Record Number: 1388

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20090111103124.418011-000

Event Type: Sukces inspekcji

User:

Computer Name: WIN-W50SIDWHDUC

Event Code: 1102

Message: Dziennik inspekcji został wyczyszczony.

Podmiot:

Identyfikator zabezpieczeń: S-1-5-21-3907955340-2988205487-989959060-500

Nazwa konta: Administrator

Nazwa domeny: WIN-W50SIDWHDUC

Identyfikator logowania: 0x33680

Record Number: 1387

Source Name: Microsoft-Windows-Eventlog

Time Written: 20090111103114.574411-000

Event Type: Sukces inspekcji

User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Acer\Empowering Technology\eDataSecurity\;C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86;C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64;C:\Program Files\TC UP\PLUGINS\Library

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC

"PROCESSOR_ARCHITECTURE"=x86

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"USERNAME"=SYSTEM

"windir"=%SystemRoot%

"PROCESSOR_LEVEL"=6

"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 10, GenuineIntel

"PROCESSOR_REVISION"=170a

"NUMBER_OF_PROCESSORS"=2

"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat

"DFSTRACINGON"=FALSE

"Pathtem"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Acer\Empowering Technology\eDataSecurity\;C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86;C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64

"NTIPath"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Acer\Empowering Technology\eDataSecurity\;C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86;C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64;C:\Program Files\NewTech Infosystems\NTI Backup Now 5\;

-----------------EOF-----------------

Gofer · Listopad 3, 2009

Widzę, że nie użyłeś DrWeba, a prosiłem. W logu nic złego nie widzę, ale niestety moje zdolności czytania w nim są mocno ograniczone. Ale i tak Użyj DrWeba i zmień Avasta na Comodo Internet Security, AVG lub Avire.

Sevard · Listopad 3, 2009

To nie ten log i pewnie dlatego nic nie widzisz. RSIT generuje dwa logi, poproszę o ten drugi.

^^" - GFR

potus · Listopad 3, 2009

Użyłem tego Dr.Weba Tyle tylko że nic już nie wykrył. Jest tylko ilość plików i same zera w statystyce po skanowaniu

Drugi log.

Logfile of random's system information tool 1.06 (written by random/random)

Run by Wiktor at 2009-11-03 19:29:30

Microsoft? Windows Vista? Home Premium Service Pack 2

System drive C: has 69 GB (47%) free of 146 GB

Total RAM: 3066 MB (30% free)

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 19:29:49, on 2009-11-03

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v7.00 (7.00.6002.18005)

Boot mode: Normal

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe

C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe

C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files\Launch Manager\QtZgAcer.EXE

C:\Windows\PLFSetI.exe

C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe

C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe

C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe

C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Program Files\Alwil Software\Avast4\ashDisp.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Gadu-Gadu\gg.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\ipla\ipla.exe

C:\Program Files\Convesoft\Orion\Messenger.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\OpenOffice.org 3\program\soffice.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\OpenOffice.org 3\program\soffice.bin

D:\Firefox\firefox.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Users\Wiktor\AppData\Local\Temp\dc51341961\nxwpjk.exe

C:\Users\Wiktor\AppData\Local\Temp\dc51341961\752rzXP.exe

C:\Program Files\TC UP\totalcmd.exe

C:\Users\Wiktor\Desktop\RSIT.exe

C:\Program Files\trend micro\Wiktor.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&a...;m=aspire_7730g

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.mywebsearch.com/mywebsearch/...LpkPBwJyKiHINvQ

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&a...;m=aspire_7730g

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&a...;m=aspire_7730g

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll

O1 - Hosts: ::1 localhost

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll

O2 - BHO: Pomocnik rejestracji usługi Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll

O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll

O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe

O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe

O4 - HKLM\..\Run: [bkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"

O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE

O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe

O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"

O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"

O4 - HKLM\..\Run: [ZPdtWzdVitaKey MC3000] "C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe" show

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [searchSettings] C:\Program Files\pdfforge Toolbar\SearchSettings.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Skanery\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter

O4 - HKCU\..\Run: [ProductReg] "C:\Program Files\Acer\WR_PopUp\ProductReg.exe"

O4 - HKCU\..\Run: [Google Update] "C:\Users\Wiktor\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent

O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe

O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [iGoD] "C:\Users\Wiktor\Desktop\iGoDr022.exe" /tray

O4 - HKCU\..\Run: [iPLA!] C:\Program Files\ipla\ipla.exe /autorun

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'USŁUGA LOKALNA')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'USŁUGA LOKALNA')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'USŁUGA SIECIOWA')

O4 - HKUS\S-1-5-21-993344782-977236109-1894507152-501\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Gość')

O4 - HKUS\S-1-5-21-993344782-977236109-1894507152-501\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray (User 'Gość')

O4 - HKUS\S-1-5-21-993344782-977236109-1894507152-501\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (User 'Gość')

O4 - HKUS\S-1-5-21-993344782-977236109-1894507152-501\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'Gość')

O4 - HKUS\S-1-5-21-993344782-977236109-1894507152-501\..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe -silent (User 'Gość')

O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe

O4 - Startup: Orion.lnk = C:\Program Files\Convesoft\Orion\Messenger.exe

O4 - Startup: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe

O9 - Extra 'Tools' menuitem: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe

O9 - Extra button: Wpis w blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Wpis w blogu w Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O13 - Gopher Prefix:

O17 - HKLM\System\CCS\Services\Tcpip\..\{322CCD15-225D-41D1-AE55-75F304E333ED}: NameServer = 192.168.1.1

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll

O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe

O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe

O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe

O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iGroupTec Service (IGBASVC) - Unknown owner - C:\Program Files\Acer\Acer Bio Protection\BASVC.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe

O23 - Service: My Web Search Service (MyWebSearchService) - Unknown owner - C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwssvc.exe (file missing)

O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe

O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe

--

End of file - 12605 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-993344782-977236109-1894507152-1000Core.job

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-993344782-977236109-1894507152-1000UA.job

C:\Windows\tasks\Norton Security Scan for Wiktor.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]

Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2009-02-27 61816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]

RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-07-23 312928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}]

ShowBarObj Class - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll [2008-03-04 312880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Pomocnik rejestracji usługi Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]

pdfforge Toolbar - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll [2009-07-31 698880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-31 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]

C:\Program Files\pdfforge Toolbar\SearchSettings.dll [2009-07-29 1153024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll [2008-03-04 142896]

{B922D405-6D13-4A2B-AE89-08A030DA4402} - pdfforge Toolbar - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll [2009-07-31 698880]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]

"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-01-18 1033512]

"eDataSecurity Loader"=C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [2008-03-04 526896]

"ePower_DMC"=C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe [2008-04-23 397312]

"BkupTray"=C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [2008-04-06 34040]

"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-07-20 182808]

"LManager"=C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE [2008-07-02 821768]

"PLFSetI"=C:\Windows\PLFSetI.exe [2007-10-23 200704]

"eRecoveryService"= []

"ArcadeDeluxeAgent"=C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [2008-05-12 147456]

"PlayMovie"=C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe [2008-05-12 167936]

"ZPdtWzdVitaKey MC3000"=C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe [2009-05-13 3607040]

"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-04-30 13781536]

"CLMLServer"=C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe [2009-03-18 173352]

"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-07-23 198160]

"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2007-01-15 108160]

"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]

"SearchSettings"=C:\Program Files\pdfforge Toolbar\SearchSettings.exe [2009-07-29 1024512]

"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-31 149280]

"Malwarebytes Anti-Malware (reboot)"=C:\Skanery\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"WindowsWelcomeCenter"=oobefldr.dll,ShowWelcomeCenter []

"ProductReg"=C:\Program Files\Acer\WR_PopUp\ProductReg.exe [2008-11-17 135168]

"Google Update"=C:\Users\Wiktor\AppData\Local\Google\Update\GoogleUpdate.exe [2009-06-24 133104]

"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]

"EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe -silent []

"MyWebSearch Email Plugin"=C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe []

"Gadu-Gadu"=C:\Program Files\Gadu-Gadu\gg.exe [2008-03-20 2127296]

"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

"iGoD"=C:\Users\Wiktor\Desktop\iGoDr022.exe /tray []

"IPLA!"=C:\Program Files\ipla\ipla.exe [2009-10-13 6039960]

C:\Users\Wiktor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

OpenOffice.org 3.1.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

Orion.lnk - C:\Program Files\Convesoft\Orion\Messenger.exe

Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AWinNotifyVitaKey MC3000]

C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll [2009-05-13 2972160]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]

"notification packages"=scecli

C:\Program Files\Acer\Acer Bio Protection\PwdFilter

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5ea1b87d-78e8-11de-a268-00238b92ab2f}]

shell\AutoRun\command - F:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5ea1b87f-78e8-11de-a268-00238b92ab2f}]

shell\AutoRun\command - F:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6fda0082-751e-11de-a8d3-00238b92ab2f}]

shell\AutoRun\command - F:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6fda00aa-751e-11de-a8d3-00238b92ab2f}]

shell\AutoRun\command - F:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a7b94954-8af5-11de-9acf-00238b92ab2f}]

shell\AutoRun\command - F:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b40084e2-7f30-11de-9698-00238b92ab2f}]

shell\AutoRun\command - F:\AutoRun.exe

======List of files/folders created in the last 3 months======

2009-11-03 19:29:32 ----D---- C:\Program Files\trend micro

2009-11-03 19:29:30 ----D---- C:\rsit

2009-11-03 18:39:12 ----D---- C:\Users\Wiktor\AppData\Roaming\Malwarebytes

2009-11-03 18:39:03 ----D---- C:\ProgramData\Malwarebytes

2009-11-03 18:38:13 ----D---- C:\Skanery

2009-11-01 19:55:56 ----D---- C:\Program Files\directx

2009-11-01 19:43:46 ----A---- C:\Windows\_delis32.ini

2009-10-28 07:53:32 ----A---- C:\Windows\system32\wmp.dll

2009-10-28 07:53:28 ----A---- C:\Windows\system32\unregmp2.exe

2009-10-28 07:53:24 ----A---- C:\Windows\system32\wmploc.DLL

2009-10-27 08:07:24 ----A---- C:\Windows\system32\wups2.dll

2009-10-27 08:07:24 ----A---- C:\Windows\system32\wucltux.dll

2009-10-27 08:07:24 ----A---- C:\Windows\system32\wuauclt.exe

2009-10-27 08:07:23 ----A---- C:\Windows\system32\wuaueng.dll

2009-10-27 08:06:58 ----A---- C:\Windows\system32\wups.dll

2009-10-27 08:06:58 ----A---- C:\Windows\system32\wudriver.dll

2009-10-27 08:06:58 ----A---- C:\Windows\system32\wuapi.dll

2009-10-27 08:06:50 ----A---- C:\Windows\system32\wuwebv.dll

2009-10-27 08:06:50 ----A---- C:\Windows\system32\wuapp.exe

2009-10-25 09:36:14 ----D---- C:\Users\Wiktor\AppData\Roaming\ipla

2009-10-25 09:36:14 ----D---- C:\ProgramData\ipla

2009-10-25 09:36:02 ----D---- C:\Program Files\ipla

2009-10-21 07:07:08 ----A---- C:\Windows\system32\javaws.exe

2009-10-21 07:07:08 ----A---- C:\Windows\system32\javaw.exe

2009-10-21 07:07:08 ----A---- C:\Windows\system32\java.exe

2009-10-20 21:44:22 ----D---- C:\Program Files\pdfforge Toolbar

2009-10-20 21:43:40 ----A---- C:\Windows\system32\pdfcmnnt.dll

2009-10-20 21:43:37 ----D---- C:\Program Files\PDFCreator

2009-10-20 21:43:37 ----A---- C:\Windows\system32\MSMPIDE.DLL

2009-10-19 13:25:29 ----D---- C:\Program Files\Movie Maker 2.6

2009-10-17 20:14:46 ----D---- C:\ProgramData\Arcade Lab

2009-10-17 06:54:55 ----D---- C:\Users\Wiktor\AppData\Roaming\iWin

2009-10-14 07:27:02 ----A---- C:\Windows\system32\msv1_0.dll

2009-10-14 07:26:52 ----A---- C:\Windows\system32\wininet.dll

2009-10-14 07:26:50 ----A---- C:\Windows\system32\urlmon.dll

2009-10-14 07:26:50 ----A---- C:\Windows\system32\mshtml.dll

2009-10-14 07:26:47 ----A---- C:\Windows\system32\ieframe.dll

2009-10-14 07:26:45 ----A---- C:\Windows\system32\ieui.dll

2009-10-14 07:26:43 ----A---- C:\Windows\system32\ieencode.dll

2009-10-14 07:26:41 ----A---- C:\Windows\system32\ieapfltr.dll

2009-10-14 07:26:26 ----A---- C:\Windows\system32\ntoskrnl.exe

2009-10-14 07:26:26 ----A---- C:\Windows\system32\ntkrnlpa.exe

2009-10-14 07:25:40 ----A---- C:\Windows\system32\msasn1.dll

2009-10-14 07:25:34 ----A---- C:\Windows\system32\WMSPDMOD.DLL

2009-10-13 13:19:28 ----D---- C:\Windows\RegisteredPackages

2009-10-13 13:19:27 ----D---- C:\TEMP

2009-10-03 00:34:57 ----N---- C:\Windows\system32\MpSigStub.exe

2009-09-30 21:14:53 ----D---- C:\Users\Wiktor\AppData\Roaming\Dark Sector

2009-09-30 21:14:49 ----A---- C:\Windows\system32\XAPOFX1_1.dll

2009-09-30 21:14:48 ----A---- C:\Windows\system32\XAudio2_2.dll

2009-09-30 21:14:48 ----A---- C:\Windows\system32\xactengine3_2.dll

2009-09-30 21:14:47 ----A---- C:\Windows\system32\d3dx10_39.dll

2009-09-30 21:14:47 ----A---- C:\Windows\system32\D3DCompiler_39.dll

2009-09-28 18:20:28 ----D---- C:\Users\Wiktor\AppData\Roaming\HEXelon

2009-09-28 18:19:02 ----D---- C:\Program Files\TC UP

2009-09-28 09:35:34 ----D---- C:\Users\Wiktor\AppData\Roaming\FUEL Demo

2009-09-28 09:33:46 ----A---- C:\Windows\system32\D3DX9_39.dll

2009-09-28 09:31:18 ----D---- C:\Users\Wiktor\AppData\Roaming\InstallShield Installation Information

2009-09-27 17:48:06 ----A---- C:\Windows\bestplayer.ini

2009-09-27 17:47:26 ----D---- C:\ProgramData\WindowsSearch

2009-09-27 16:50:11 ----D---- C:\Users\Wiktor\AppData\Roaming\Download Manager

2009-09-25 23:15:31 ----D---- C:\Windows\system32\eu-ES

2009-09-25 23:15:31 ----D---- C:\Windows\system32\ca-ES

2009-09-25 23:15:30 ----D---- C:\Windows\system32\vi-VN

2009-09-25 08:02:22 ----D---- C:\Windows\system32\EventProviders

2009-09-24 10:05:14 ----D---- C:\Program Files\Common Files\Symantec Shared

2009-09-24 09:21:50 ----D---- C:\ProgramData\Symantec

2009-09-24 09:21:50 ----D---- C:\ProgramData\Norton

2009-09-24 09:21:50 ----D---- C:\Program Files\Norton Security Scan

2009-09-24 09:21:47 ----D---- C:\ProgramData\NortonInstaller

2009-09-24 09:21:47 ----D---- C:\Program Files\NortonInstaller

2009-09-24 07:01:50 ----A---- C:\Windows\system32\NlsLexicons0007.dll

2009-09-24 07:01:47 ----A---- C:\Windows\system32\SLsvc.exe

2009-09-24 07:01:47 ----A---- C:\Windows\system32\SLCExt.dll

2009-09-24 07:01:44 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll

2009-09-24 07:01:44 ----A---- C:\Windows\system32\DevicePairingWizard.exe

2009-09-24 07:01:42 ----A---- C:\Windows\system32\NlsLexicons0009.dll

2009-09-24 07:01:40 ----A---- C:\Windows\system32\mssrch.dll

2009-09-24 07:01:38 ----A---- C:\Windows\system32\tquery.dll

2009-09-24 07:01:36 ----A---- C:\Windows\system32\PresentationNative_v0300.dll

2009-09-24 07:01:35 ----A---- C:\Windows\system32\scavenge.dll

2009-09-24 07:01:35 ----A---- C:\Windows\system32\RMActivate_isv.exe

2009-09-24 07:01:35 ----A---- C:\Windows\system32\RMActivate.exe

2009-09-24 07:01:34 ----A---- C:\Windows\system32\msi.dll

2009-09-24 07:01:33 ----A---- C:\Windows\system32\imapi2fs.dll

2009-09-24 07:01:31 ----A---- C:\Windows\system32\WscEapPr.dll

2009-09-24 07:01:31 ----A---- C:\Windows\system32\wcnwiz2.dll

2009-09-24 07:01:31 ----A---- C:\Windows\system32\secproc_isv.dll

2009-09-24 07:01:30 ----A---- C:\Windows\system32\sysmain.dll

2009-09-24 07:01:29 ----A---- C:\Windows\system32\icardagt.exe

2009-09-24 07:01:28 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll

2009-09-24 07:01:27 ----A---- C:\Windows\system32\EhStorShell.dll

2009-09-24 07:01:26 ----A---- C:\Windows\system32\spreview.exe

2009-09-24 07:01:26 ----A---- C:\Windows\system32\spinstall.exe

2009-09-24 07:01:26 ----A---- C:\Windows\system32\drmv2clt.dll

2009-09-24 07:01:24 ----A---- C:\Windows\system32\spwizui.dll

2009-09-24 07:01:24 ----A---- C:\Windows\system32\secproc.dll

2009-09-24 07:01:24 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll

2009-09-24 07:01:23 ----A---- C:\Windows\system32\shell32.dll

2009-09-24 07:01:23 ----A---- C:\Windows\system32\p2psvc.dll

2009-09-24 07:01:22 ----A---- C:\Windows\system32\SearchIndexer.exe

2009-09-24 07:01:22 ----A---- C:\Windows\system32\mssvp.dll

2009-09-24 07:01:21 ----A---- C:\Windows\system32\MSMPEG2VDEC.DLL

2009-09-24 07:01:21 ----A---- C:\Windows\system32\mscoree.dll

2009-09-24 07:01:20 ----A---- C:\Windows\system32\mssphtb.dll

2009-09-24 07:01:20 ----A---- C:\Windows\system32\mssph.dll

2009-09-24 07:01:20 ----A---- C:\Windows\system32\imapi2.dll

2009-09-24 07:01:19 ----A---- C:\Windows\system32\sdohlp.dll

2009-09-24 07:01:18 ----A---- C:\Windows\system32\IMJP10K.DLL

2009-09-24 07:01:18 ----A---- C:\Windows\system32\esent.dll

2009-09-24 07:01:17 ----A---- C:\Windows\system32\DevicePairing.dll

2009-09-24 07:01:16 ----A---- C:\Windows\system32\wevtsvc.dll

2009-09-24 07:01:16 ----A---- C:\Windows\system32\sperror.dll

2009-09-24 07:01:16 ----A---- C:\Windows\system32\RMActivate_ssp.exe

2009-09-24 07:01:16 ----A---- C:\Windows\system32\korwbrkr.dll

2009-09-24 07:01:15 ----A---- C:\Windows\system32\SLC.dll

2009-09-24 07:01:15 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe

2009-09-24 07:01:15 ----A---- C:\Windows\system32\PresentationHostProxy.dll

2009-09-24 07:01:14 ----A---- C:\Windows\system32\msshsq.dll

2009-09-24 07:01:13 ----A---- C:\Windows\system32\msjet40.dll

2009-09-24 07:01:12 ----A---- C:\Windows\system32\MPSSVC.dll

2009-09-24 07:01:11 ----A---- C:\Windows\system32\msxml6.dll

2009-09-24 07:01:10 ----A---- C:\Windows\system32\Query.dll

2009-09-24 07:01:10 ----A---- C:\Windows\system32\qmgr.dll

2009-09-24 07:01:09 ----A---- C:\Windows\system32\msexch40.dll

2009-09-24 07:01:08 ----A---- C:\Windows\system32\P2PGraph.dll

2009-09-24 07:01:08 ----A---- C:\Windows\system32\ole32.dll

2009-09-24 07:01:08 ----A---- C:\Windows\system32\IasMigReader.exe

2009-09-24 07:01:08 ----A---- C:\Windows\system32\diagperf.dll

2009-09-24 07:01:07 ----A---- C:\Windows\system32\srchadmin.dll

2009-09-24 07:01:07 ----A---- C:\Windows\system32\ntdll.dll

2009-09-24 07:01:07 ----A---- C:\Windows\system32\msxml3.dll

2009-09-24 07:01:06 ----A---- C:\Windows\system32\winload.exe

2009-09-24 07:01:06 ----A---- C:\Windows\system32\uDWM.dll

2009-09-24 07:01:06 ----A---- C:\Windows\system32\mmc.exe

2009-09-24 07:01:06 ----A---- C:\Windows\system32\mblctr.exe

2009-09-24 07:01:06 ----A---- C:\Windows\system32\EncDec.dll

2009-09-24 07:01:05 ----A---- C:\Windows\system32\riched20.dll

2009-09-24 07:01:05 ----A---- C:\Windows\system32\IasMigPlugin.dll

2009-09-24 07:01:05 ----A---- C:\Windows\system32\dfsr.exe

2009-09-24 07:01:04 ----A---- C:\Windows\system32\RacEngn.dll

2009-09-24 07:01:04 ----A---- C:\Windows\system32\fdBth.dll

2009-09-24 07:01:03 ----A---- C:\Windows\system32\kernel32.dll

2009-09-24 07:01:02 ----A---- C:\Windows\system32\spoolss.dll

2009-09-24 07:01:02 ----A---- C:\Windows\system32\SearchProtocolHost.exe

2009-09-24 07:01:02 ----A---- C:\Windows\system32\SearchFilterHost.exe

2009-09-24 07:01:02 ----A---- C:\Windows\system32\milcore.dll

2009-09-24 07:01:02 ----A---- C:\Windows\system32\EhStorAPI.dll

2009-09-24 07:01:02 ----A---- C:\Windows\system32\CertEnroll.dll

2009-09-24 07:01:01 ----A---- C:\Windows\system32\schedsvc.dll

2009-09-24 07:01:01 ----A---- C:\Windows\system32\NaturalLanguage6.dll

2009-09-24 07:01:00 ----A---- C:\Windows\system32\msvcp60.dll

2009-09-24 07:01:00 ----A---- C:\Windows\system32\msjtes40.dll

2009-09-24 07:01:00 ----A---- C:\Windows\system32\gpedit.dll

2009-09-24 07:01:00 ----A---- C:\Windows\system32\fsquirt.exe

2009-09-24 07:01:00 ----A---- C:\Windows\system32\AuxiliaryDisplayDriverLib.dll

2009-09-24 07:00:59 ----A---- C:\Windows\system32\infocardapi.dll

2009-09-24 07:00:58 ----A---- C:\Windows\system32\WinSAT.exe

2009-09-24 07:00:58 ----A---- C:\Windows\system32\PresentationSettings.exe

2009-09-24 07:00:58 ----A---- C:\Windows\system32\es.dll

2009-09-24 07:00:57 ----A---- C:\Windows\system32\mstext40.dll

2009-09-24 07:00:57 ----A---- C:\Windows\system32\Magnify.exe

2009-09-24 07:00:57 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll

2009-09-24 07:00:57 ----A---- C:\Windows\system32\advapi32.dll

2009-09-24 07:00:55 ----A---- C:\Windows\system32\WMPhoto.dll

2009-09-24 07:00:55 ----A---- C:\Windows\system32\WebClnt.dll

2009-09-24 07:00:55 ----A---- C:\Windows\system32\slwmi.dll

2009-09-24 07:00:55 ----A---- C:\Windows\system32\msexcl40.dll

2009-09-24 07:00:55 ----A---- C:\Windows\system32\comsvcs.dll

2009-09-24 07:00:54 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll

2009-09-24 07:00:54 ----A---- C:\Windows\system32\vssapi.dll

2009-09-24 07:00:54 ----A---- C:\Windows\system32\msxbde40.dll

2009-09-24 07:00:53 ----A---- C:\Windows\system32\msfeeds.dll

2009-09-24 07:00:53 ----A---- C:\Windows\system32\authui.dll

2009-09-24 07:00:52 ----A---- C:\Windows\system32\vbscript.dll

2009-09-24 07:00:52 ----A---- C:\Windows\system32\PresentationHost.exe

2009-09-24 07:00:52 ----A---- C:\Windows\system32\NetProjW.dll

2009-09-24 07:00:52 ----A---- C:\Windows\system32\msrepl40.dll

2009-09-24 07:00:51 ----A---- C:\Windows\system32\propsys.dll

2009-09-24 07:00:51 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll

2009-09-24 07:00:51 ----A---- C:\Windows\system32\newdev.dll

2009-09-24 07:00:51 ----A---- C:\Windows\system32\iasrecst.dll

2009-09-24 07:00:51 ----A---- C:\Windows\system32\gpsvc.dll

2009-09-24 07:00:50 ----A---- C:\Windows\system32\rpcss.dll

2009-09-24 07:00:50 ----A---- C:\Windows\system32\iedkcs32.dll

2009-09-24 07:00:50 ----A---- C:\Windows\system32\eudcedit.exe

2009-09-24 07:00:50 ----A---- C:\Windows\system32\crypt32.dll

2009-09-24 07:00:50 ----A---- C:\Windows\explorer.exe

2009-09-24 07:00:49 ----A---- C:\Windows\system32\setupapi.dll

2009-09-24 07:00:49 ----A---- C:\Windows\system32\mspbde40.dll

2009-09-24 07:00:48 ----A---- C:\Windows\system32\msltus40.dll

2009-09-24 07:00:48 ----A---- C:\Windows\system32\davclnt.dll

2009-09-24 07:00:48 ----A---- C:\Windows\system32\d3d9.dll

2009-09-24 07:00:47 ----A---- C:\Windows\system32\shlwapi.dll

2009-09-24 07:00:47 ----A---- C:\Windows\system32\msrd3x40.dll

2009-09-24 07:00:47 ----A---- C:\Windows\system32\mfc42.dll

2009-09-24 07:00:47 ----A---- C:\Windows\system32\EhStorPwdMgr.dll

2009-09-24 07:00:47 ----A---- C:\Windows\system32\EhStorAuthn.dll

2009-09-24 07:00:46 ----A---- C:\Windows\system32\wevtapi.dll

2009-09-24 07:00:46 ----A---- C:\Windows\system32\msdtctm.dll

2009-09-24 07:00:46 ----A---- C:\Windows\system32\browseui.dll

2009-09-24 07:00:45 ----A---- C:\Windows\system32\photowiz.dll

2009-09-24 07:00:45 ----A---- C:\Windows\system32\nlhtml.dll

2009-09-24 07:00:44 ----A---- C:\Windows\system32\user32.dll

2009-09-24 07:00:43 ----A---- C:\Windows\system32\win32spl.dll

2009-09-24 07:00:43 ----A---- C:\Windows\system32\samsrv.dll

2009-09-24 07:00:43 ----A---- C:\Windows\system32\quartz.dll

2009-09-24 07:00:43 ----A---- C:\Windows\system32\ci.dll

2009-09-24 07:00:42 ----A---- C:\Windows\system32\WcnNetsh.dll

2009-09-24 07:00:42 ----A---- C:\Windows\system32\SLCommDlg.dll

2009-09-24 07:00:42 ----A---- C:\Windows\system32\oleaut32.dll

2009-09-24 07:00:41 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe

2009-09-24 07:00:41 ----A---- C:\Windows\system32\netshell.dll

2009-09-24 07:00:41 ----A---- C:\Windows\system32\IKEEXT.DLL

2009-09-24 07:00:41 ----A---- C:\Windows\system32\compcln.exe

2009-09-24 07:00:40 ----A---- C:\Windows\system32\winhttp.dll

2009-09-24 07:00:40 ----A---- C:\Windows\system32\mswstr10.dll

2009-09-24 07:00:40 ----A---- C:\Windows\system32\apds.dll

2009-09-24 07:00:39 ----A---- C:\Windows\system32\xmlfilter.dll

2009-09-24 07:00:39 ----A---- C:\Windows\system32\msctf.dll

2009-09-24 07:00:39 ----A---- C:\Windows\system32\emdmgmt.dll

2009-09-24 07:00:39 ----A---- C:\Windows\system32\audiosrv.dll

2009-09-24 07:00:38 ----A---- C:\Windows\system32\QAGENTRT.DLL

2009-09-24 07:00:38 ----A---- C:\Windows\system32\msvcrt.dll

2009-09-24 07:00:38 ----A---- C:\Windows\system32\gdi32.dll

2009-09-24 07:00:37 ----A---- C:\Windows\system32\VSSVC.exe

2009-09-24 07:00:37 ----A---- C:\Windows\system32\SLUI.exe

2009-09-24 07:00:37 ----A---- C:\Windows\system32\mfc42u.dll

2009-09-24 07:00:37 ----A---- C:\Windows\system32\iphlpsvc.dll

2009-09-24 07:00:37 ----A---- C:\Windows\system32\eapphost.dll

2009-09-24 07:00:36 ----A---- C:\Windows\system32\sqlsrv32.dll

2009-09-24 07:00:36 ----A---- C:\Windows\system32\msrd2x40.dll

2009-09-24 07:00:35 ----A---- C:\Windows\system32\winresume.exe

2009-09-24 07:00:35 ----A---- C:\Windows\system32\propdefs.dll

2009-09-24 07:00:35 ----A---- C:\Windows\system32\odbc32.dll

2009-09-24 07:00:34 ----A---- C:\Windows\system32\shdocvw.dll

2009-09-24 07:00:33 ----A---- C:\Windows\system32\wevtutil.exe

2009-09-24 07:00:33 ----A---- C:\Windows\system32\mssitlb.dll

2009-09-24 07:00:33 ----A---- C:\Windows\system32\dbgeng.dll

2009-09-24 07:00:32 ----A---- C:\Windows\system32\WsmSvc.dll

2009-09-24 07:00:32 ----A---- C:\Windows\system32\swprv.dll

2009-09-24 07:00:32 ----A---- C:\Windows\system32\mmcndmgr.dll

2009-09-24 07:00:31 ----A---- C:\Windows\system32\usp10.dll

2009-09-24 07:00:30 ----A---- C:\Windows\system32\vds.exe

2009-09-24 07:00:30 ----A---- C:\Windows\system32\mshtmled.dll

2009-09-24 07:00:30 ----A---- C:\Windows\system32\fdBthProxy.dll

2009-09-24 07:00:30 ----A---- C:\Windows\system32\drvinst.exe

2009-09-24 07:00:30 ----A---- C:\Windows\system32\devmgr.dll

2009-09-24 07:00:29 ----A---- C:\Windows\system32\netlogon.dll

2009-09-24 07:00:29 ----A---- C:\Windows\system32\msscb.dll

2009-09-24 07:00:29 ----A---- C:\Windows\system32\msctfp.dll

2009-09-24 07:00:29 ----A---- C:\Windows\system32\DevicePairingProxy.dll

2009-09-24 07:00:29 ----A---- C:\Windows\system32\BFE.DLL

2009-09-24 07:00:29 ----A---- C:\Windows\system32\adsldpc.dll

2009-09-24 07:00:28 ----A---- C:\Windows\system32\WSDApi.dll

2009-09-24 07:00:28 ----A---- C:\Windows\system32\Wldap32.dll

2009-09-24 07:00:28 ----A---- C:\Windows\system32\wcnwiz.dll

2009-09-24 07:00:28 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll

2009-09-24 07:00:28 ----A---- C:\Windows\system32\evr.dll

2009-09-24 07:00:27 ----A---- C:\Windows\system32\WMVSDECD.DLL

2009-09-24 07:00:27 ----A---- C:\Windows\system32\WindowsCodecs.dll

2009-09-24 07:00:26 ----A---- C:\Windows\system32\wercon.exe

2009-09-24 07:00:26 ----A---- C:\Windows\system32\services.exe

2009-09-24 07:00:26 ----A---- C:\Windows\system32\iertutil.dll

2009-09-24 07:00:26 ----A---- C:\Windows\system32\comdlg32.dll

2009-09-24 07:00:26 ----A---- C:\Windows\system32\adtschema.dll

2009-09-24 07:00:25 ----A---- C:\Windows\system32\wcncsvc.dll

2009-09-24 07:00:25 ----A---- C:\Windows\system32\PortableDeviceApi.dll

2009-09-24 07:00:25 ----A---- C:\Windows\system32\msdrm.dll

2009-09-24 07:00:25 ----A---- C:\Windows\system32\mimefilt.dll

2009-09-24 07:00:25 ----A---- C:\Windows\system32\certcli.dll

2009-09-24 07:00:24 ----A---- C:\Windows\system32\umpnpmgr.dll

2009-09-24 07:00:24 ----A---- C:\Windows\system32\taskeng.exe

2009-09-24 07:00:24 ----A---- C:\Windows\system32\rtffilt.dll

2009-09-24 07:00:24 ----A---- C:\Windows\system32\reg.exe

2009-09-24 07:00:24 ----A---- C:\Windows\system32\mswdat10.dll

2009-09-24 07:00:24 ----A---- C:\Windows\system32\msjter40.dll

2009-09-24 07:00:24 ----A---- C:\Windows\system32\msdtcprx.dll

2009-09-24 07:00:24 ----A---- C:\Windows\system32\ipsmsnap.dll

2009-09-24 07:00:24 ----A---- C:\Windows\system32\dnsapi.dll

2009-09-24 07:00:23 ----A---- C:\Windows\system32\WMNetMgr.dll

2009-09-24 07:00:23 ----A---- C:\Windows\system32\certutil.exe

2009-09-24 07:00:22 ----A---- C:\Windows\system32\w32time.dll

2009-09-24 07:00:22 ----A---- C:\Windows\system32\msshooks.dll

2009-09-24 07:00:22 ----A---- C:\Windows\system32\msscntrs.dll

2009-09-24 07:00:22 ----A---- C:\Windows\system32\IPSECSVC.DLL

2009-09-24 07:00:22 ----A---- C:\Windows\system32\bthserv.dll

2009-09-24 07:00:22 ----A---- C:\Windows\system32\bcrypt.dll

2009-09-24 07:00:21 ----A---- C:\Windows\system32\TsWpfWrp.exe

2009-09-24 07:00:21 ----A---- C:\Windows\system32\rsaenh.dll

2009-09-24 07:00:21 ----A---- C:\Windows\system32\msihnd.dll

2009-09-24 07:00:21 ----A---- C:\Windows\system32\MMDevAPI.dll

2009-09-24 07:00:20 ----A---- C:\Windows\system32\netapi32.dll

2009-09-24 07:00:20 ----A---- C:\Windows\system32\msstrc.dll

2009-09-24 07:00:20 ----A---- C:\Windows\system32\inetcomm.dll

2009-09-24 07:00:20 ----A---- C:\Windows\system32\dfshim.dll

2009-09-24 07:00:19 ----A---- C:\Windows\system32\mtxclu.dll

2009-09-24 07:00:19 ----A---- C:\Windows\system32\mscories.dll

2009-09-24 07:00:19 ----A---- C:\Windows\system32\inetpp.dll

2009-09-24 07:00:19 ----A---- C:\Windows\system32\hidserv.dll

2009-09-24 07:00:19 ----A---- C:\Windows\system32\fundisc.dll

2009-09-24 07:00:19 ----A---- C:\Windows\system32\cryptsvc.dll

2009-09-24 07:00:18 ----A---- C:\Windows\system32\wmicmiplugin.dll

2009-09-24 07:00:18 ----A---- C:\Windows\system32\dhcpcsvc6.dll

2009-09-24 07:00:17 ----A---- C:\Windows\system32\termsrv.dll

2009-09-24 07:00:17 ----A---- C:\Windows\system32\profsvc.dll

2009-09-24 07:00:16 ----A---- C:\Windows\system32\wdc.dll

2009-09-24 07:00:16 ----A---- C:\Windows\system32\shsvcs.dll

2009-09-24 07:00:16 ----A---- C:\Windows\system32\msiexec.exe

2009-09-24 07:00:16 ----A---- C:\Windows\system32\imapi.dll

2009-09-24 07:00:15 ----A---- C:\Windows\system32\rasmans.dll

2009-09-24 07:00:15 ----A---- C:\Windows\system32\iassdo.dll

2009-09-24 07:00:15 ----A---- C:\Windows\system32\chsbrkr.dll

2009-09-24 07:00:14 ----A---- C:\Windows\system32\spoolsv.exe

2009-09-24 07:00:14 ----A---- C:\Windows\system32\pnidui.dll

2009-09-24 07:00:14 ----A---- C:\Windows\system32\icardres.dll

2009-09-24 07:00:14 ----A---- C:\Windows\system32\autofmt.exe

2009-09-24 07:00:13 ----A---- C:\Windows\system32\wersvc.dll

2009-09-24 07:00:13 ----A---- C:\Windows\system32\slmgr.vbs

2009-09-24 07:00:13 ----A---- C:\Windows\system32\scrrun.dll

2009-09-24 07:00:13 ----A---- C:\Windows\system32\PSHED.DLL

2009-09-24 07:00:12 ----A---- C:\Windows\system32\pdh.dll

2009-09-24 07:00:12 ----A---- C:\Windows\system32\dhcpcsvc.dll

2009-09-24 07:00:12 ----A---- C:\Windows\system32\azroles.dll

2009-09-24 07:00:10 ----A---- C:\Windows\system32\CertEnrollUI.dll

2009-09-24 07:00:09 ----A---- C:\Windows\system32\pidgenx.dll

2009-09-24 07:00:08 ----A---- C:\Windows\system32\wmpmde.dll

2009-09-24 07:00:08 ----A---- C:\Windows\system32\winlogon.exe

2009-09-24 07:00:08 ----A---- C:\Windows\system32\SyncCenter.dll

2009-09-24 07:00:06 ----A---- C:\Windows\system32\SLUINotify.dll

2009-09-24 07:00:06 ----A---- C:\Windows\system32\ncrypt.dll

2009-09-24 07:00:06 ----A---- C:\Windows\system32\msjetoledb40.dll

2009-09-24 07:00:06 ----A---- C:\Windows\system32\comuid.dll

2009-09-24 07:00:06 ----A---- C:\Windows\system32\certmgr.dll

2009-09-24 07:00:05 ----A---- C:\Windows\system32\WindowsCodecsExt.dll

2009-09-24 07:00:05 ----A---- C:\Windows\system32\untfs.dll

2009-09-24 07:00:05 ----A---- C:\Windows\system32\spp.dll

2009-09-24 07:00:05 ----A---- C:\Windows\system32\sethc.exe

2009-09-24 07:00:05 ----A---- C:\Windows\system32\scrobj.dll

2009-09-24 07:00:05 ----A---- C:\Windows\system32\rtutils.dll

2009-09-24 07:00:05 ----A---- C:\Windows\system32\kd1394.dll

2009-09-24 07:00:05 ----A---- C:\Windows\system32\iassam.dll

2009-09-24 07:00:04 ----A---- C:\Windows\system32\wisptis.exe

2009-09-24 07:00:04 ----A---- C:\Windows\system32\taskcomp.dll

2009-09-24 07:00:04 ----A---- C:\Windows\system32\dwm.exe

2009-09-24 07:00:04 ----A---- C:\Windows\system32\autochk.exe

2009-09-24 07:00:03 ----A---- C:\Windows\system32\printui.dll

2009-09-24 07:00:03 ----A---- C:\Windows\system32\iasnap.dll

2009-09-24 07:00:02 ----A---- C:\Windows\system32\autoconv.exe

2009-09-24 07:00:01 ----A---- C:\Windows\system32\winsrv.dll

2009-09-24 07:00:01 ----A---- C:\Windows\system32\cscript.exe

2009-09-24 07:00:00 ----A---- C:\Windows\system32\wow32.dll

2009-09-24 07:00:00 ----A---- C:\Windows\system32\userenv.dll

2009-09-24 07:00:00 ----A---- C:\Windows\system32\osk.exe

2009-09-24 07:00:00 ----A---- C:\Windows\system32\onex.dll

2009-09-24 07:00:00 ----A---- C:\Windows\system32\kdcom.dll

2009-09-24 07:00:00 ----A---- C:\Windows\system32\basecsp.dll

2009-09-24 07:00:00 ----A---- C:\Windows\system32\audiodg.exe

2009-09-24 06:59:59 ----A---- C:\Windows\system32\mswsock.dll

2009-09-24 06:59:58 ----A---- C:\Windows\system32\WinSCard.dll

2009-09-24 06:59:58 ----A---- C:\Windows\system32\winmm.dll

2009-09-24 06:59:58 ----A---- C:\Windows\system32\WerFaultSecure.exe

2009-09-24 06:59:58 ----A---- C:\Windows\system32\RelMon.dll

2009-09-24 06:59:58 ----A---- C:\Windows\system32\rdpencom.dll

2009-09-24 06:59:58 ----A---- C:\Windows\system32\msftedit.dll

2009-09-24 06:59:58 ----A---- C:\Windows\system32\kdusb.dll

2009-09-24 06:59:57 ----A---- C:\Windows\system32\spcmsg.dll

2009-09-24 06:59:57 ----A---- C:\Windows\system32\offfilt.dll

2009-09-24 06:59:57 ----A---- C:\Windows\system32\dnsrslvr.dll

2009-09-24 06:59:56 ----A---- C:\Windows\system32\wsepno.dll

2009-09-24 06:59:56 ----A---- C:\Windows\system32\WerFault.exe

2009-09-24 06:59:56 ----A---- C:\Windows\system32\Utilman.exe

2009-09-24 06:59:56 ----A---- C:\Windows\system32\stobject.dll

2009-09-24 06:59:56 ----A---- C:\Windows\system32\secproc_ssp_isv.dll

2009-09-24 06:59:56 ----A---- C:\Windows\system32\secproc_ssp.dll

2009-09-24 06:59:56 ----A---- C:\Windows\system32\mfplat.dll

2009-09-24 06:59:55 ----A---- C:\Windows\system32\SndVol.exe

2009-09-24 06:59:55 ----A---- C:\Windows\system32\prnntfy.dll

2009-09-24 06:59:55 ----A---- C:\Windows\system32\msnetobj.dll

2009-09-24 06:59:55 ----A---- C:\Windows\system32\mscms.dll

2009-09-24 06:59:55 ----A---- C:\Windows\system32\mcmde.dll

2009-09-24 06:59:55 ----A---- C:\Windows\system32\diskraid.exe

2009-09-24 06:59:55 ----A---- C:\Windows\system32\apphelp.dll

2009-09-24 06:59:55 ----A---- C:\Windows\system32\adsmsext.dll

2009-09-24 06:59:54 ----A---- C:\Windows\system32\wscript.exe

2009-09-24 06:59:54 ----A---- C:\Windows\system32\wiaservc.dll

2009-09-24 06:59:54 ----A---- C:\Windows\system32\ulib.dll

2009-09-24 06:59:54 ----A---- C:\Windows\system32\sysclass.dll

2009-09-24 06:59:54 ----A---- C:\Windows\system32\odbccp32.dll

2009-09-24 06:59:54 ----A---- C:\Windows\system32\iasdatastore.dll

2009-09-24 06:59:53 ----A---- C:\Windows\system32\rastapi.dll

2009-09-24 06:59:53 ----A---- C:\Windows\system32\IPHLPAPI.DLL

2009-09-24 06:59:53 ----A---- C:\Windows\system32\dsound.dll

2009-09-24 06:59:53 ----A---- C:\Windows\system32\cryptui.dll

2009-09-24 06:59:52 ----A---- C:\Windows\system32\wscntfy.dll

2009-09-24 06:59:52 ----A---- C:\Windows\system32\wlangpui.dll

2009-09-24 06:59:52 ----A---- C:\Windows\system32\pnpsetup.dll

2009-09-24 06:59:52 ----A---- C:\Windows\system32\ipsecsnp.dll

2009-09-24 06:59:52 ----A---- C:\Windows\system32\fdProxy.dll

2009-09-24 06:59:52 ----A---- C:\Windows\system32\diskpart.exe

2009-09-24 06:59:52 ----A---- C:\Windows\system32\brcpl.dll

2009-09-24 06:59:51 ----A---- C:\Windows\system32\wscsvc.dll

2009-09-24 06:59:51 ----A---- C:\Windows\system32\vdsdyn.dll

2009-09-24 06:59:51 ----A---- C:\Windows\system32\rastls.dll

2009-09-24 06:59:51 ----A---- C:\Windows\system32\logman.exe

2009-09-24 06:59:51 ----A---- C:\Windows\system32\iepeers.dll

2009-09-24 06:59:51 ----A---- C:\Windows\system32\iashlpr.dll

2009-09-24 06:59:51 ----A---- C:\Windows\system32\gpapi.dll

2009-09-24 06:59:50 ----A---- C:\Windows\system32\wusa.exe

2009-09-24 06:59:50 ----A---- C:\Windows\system32\WMVENCOD.DLL

2009-09-24 06:59:50 ----A---- C:\Windows\system32\regsvc.dll

2009-09-24 06:59:50 ----A---- C:\Windows\system32\rasapi32.dll

2009-09-24 06:59:50 ----A---- C:\Windows\system32\ntprint.dll

2009-09-24 06:59:50 ----A---- C:\Windows\system32\mscorier.dll

2009-09-24 06:59:49 ----A---- C:\Windows\system32\zipfldr.dll

2009-09-24 06:59:49 ----A---- C:\Windows\system32\wshext.dll

2009-09-24 06:59:49 ----A---- C:\Windows\system32\wpccpl.dll

2009-09-24 06:59:49 ----A---- C:\Windows\system32\iasrad.dll

2009-09-24 06:59:49 ----A---- C:\Windows\system32\findstr.exe

2009-09-24 06:59:48 ----A---- C:\Windows\system32\webcheck.dll

2009-09-24 06:59:48 ----A---- C:\Windows\system32\rasdlg.dll

2009-09-24 06:59:48 ----A---- C:\Windows\system32\netcenter.dll

2009-09-24 06:59:47 ----A---- C:\Windows\system32\wsnmp32.dll

2009-09-24 06:59:47 ----A---- C:\Windows\system32\wer.dll

2009-09-24 06:59:47 ----A---- C:\Windows\system32\themecpl.dll

2009-09-24 06:59:47 ----A---- C:\Windows\system32\iassvcs.dll

2009-09-24 06:59:46 ----A---- C:\Windows\system32\uxsms.dll

2009-09-24 06:59:46 ----A---- C:\Windows\system32\srvsvc.dll

2009-09-24 06:59:46 ----A---- C:\Windows\system32\mssprxy.dll

2009-09-24 06:59:45 ----A---- C:\Windows\system32\tsbyuv.dll

2009-09-24 06:59:45 ----A---- C:\Windows\system32\slcc.dll

2009-09-24 06:59:45 ----A---- C:\Windows\system32\scansetting.dll

2009-09-24 06:59:45 ----A---- C:\Windows\system32\ntmarta.dll

2009-09-24 06:59:45 ----A---- C:\Windows\system32\msutb.dll

2009-09-24 06:59:45 ----A---- C:\Windows\system32\mstlsapi.dll

2009-09-24 06:59:45 ----A---- C:\Windows\system32\iasads.dll

2009-09-24 06:59:44 ----A---- C:\Windows\system32\powrprof.dll

2009-09-24 06:59:44 ----A---- C:\Windows\system32\networkmap.dll

2009-09-24 06:59:44 ----A---- C:\Windows\system32\mstsc.exe

2009-09-24 06:59:44 ----A---- C:\Windows\system32\iasacct.dll

2009-09-24 06:59:43 ----A---- C:\Windows\system32\powercpl.dll

2009-09-24 06:59:43 ----A---- C:\Windows\system32\PerfCenterCPL.dll

2009-09-24 06:59:43 ----A---- C:\Windows\system32\authz.dll

2009-09-24 06:59:42 ----A---- C:\Windows\system32\systemcpl.dll

2009-09-24 06:59:42 ----A---- C:\Windows\system32\sud.dll

2009-09-24 06:59:42 ----A---- C:\Windows\system32\newdev.exe

2009-09-24 06:59:42 ----A---- C:\Windows\system32\dot3svc.dll

2009-09-24 06:59:42 ----A---- C:\Windows\system32\connect.dll

2009-09-24 06:59:41 ----A---- C:\Windows\system32\themeui.dll

2009-09-24 06:59:41 ----A---- C:\Windows\system32\samlib.dll

2009-09-24 06:59:41 ----A---- C:\Windows\system32\pcaui.dll

2009-09-24 06:59:41 ----A---- C:\Windows\system32\mmci.dll

2009-09-24 06:59:41 ----A---- C:\Windows\system32\accessibilitycpl.dll

2009-09-24 06:59:40 ----A---- C:\Windows\system32\usercpl.dll

2009-09-24 06:59:40 ----A---- C:\Windows\system32\qdvd.dll

2009-09-24 06:59:40 ----A---- C:\Windows\system32\autoplay.dll

2009-09-24 06:59:39 ----A---- C:\Windows\system32\wpcao.dll

2009-09-24 06:59:39 ----A---- C:\Windows\system32\wlanpref.dll

2009-09-24 06:59:39 ----A---- C:\Windows\system32\rpchttp.dll

2009-09-24 06:59:39 ----A---- C:\Windows\system32\regapi.dll

2009-09-24 06:59:39 ----A---- C:\Windows\system32\msinfo32.exe

2009-09-24 06:59:39 ----A---- C:\Windows\system32\ieaksie.dll

2009-09-24 06:59:38 ----A---- C:\Windows\system32\vdsutil.dll

2009-09-24 06:59:38 ----A---- C:\Windows\system32\tapisrv.dll

2009-09-24 06:59:38 ----A---- C:\Windows\system32\scksp.dll

2009-09-24 06:59:38 ----A---- C:\Windows\system32\scesrv.dll

2009-09-24 06:59:38 ----A---- C:\Windows\system32\mpr.dll

2009-09-24 06:59:38 ----A---- C:\Windows\system32\feclient.dll

2009-09-24 06:59:37 ----A---- C:\Windows\system32\wscisvif.dll

2009-09-24 06:59:37 ----A---- C:\Windows\system32\rekeywiz.exe

2009-09-24 06:59:37 ----A---- C:\Windows\system32\psisdecd.dll

2009-09-24 06:59:37 ----A---- C:\Windows\system32\oleprn.dll

2009-09-24 06:59:37 ----A---- C:\Windows\system32\imm32.dll

2009-09-24 06:59:37 ----A---- C:\Windows\system32\iaspolcy.dll

2009-09-24 06:59:37 ----A---- C:\Windows\system32\Faultrep.dll

2009-09-24 06:59:37 ----A---- C:\Windows\system32\dot3msm.dll

2009-09-24 06:59:37 ----A---- C:\Windows\system32\AudioSes.dll

2009-09-24 06:59:36 ----A---- C:\Windows\system32\sdclt.exe

2009-09-24 06:59:36 ----A---- C:\Windows\system32\qedit.dll

2009-09-24 06:59:36 ----A---- C:\Windows\system32\perfdisk.dll

2009-09-24 06:59:36 ----A---- C:\Windows\system32\ncryptui.dll

2009-09-24 06:59:36 ----A---- C:\Windows\system32\dpapimig.exe

2009-09-24 06:59:36 ----A---- C:\Windows\system32\DeviceEject.exe

2009-09-24 06:59:35 ----A---- C:\Windows\system32\scecli.dll

2009-09-24 06:59:35 ----A---- C:\Windows\system32\rasgcw.dll

2009-09-24 06:59:35 ----A---- C:\Windows\system32\pnpui.dll

2009-09-24 06:59:35 ----A---- C:\Windows\system32\hdwwiz.exe

2009-09-24 06:59:35 ----A---- C:\Windows\system32\FWPUCLNT.DLL

2009-09-24 06:59:35 ----A---- C:\Windows\system32\extmgr.dll

2009-09-24 06:59:35 ----A---- C:\Windows\system32\certreq.exe

2009-09-24 06:59:34 ----A---- C:\Windows\system32\TSTheme.exe

2009-09-24 06:59:34 ----A---- C:\Windows\system32\tcpipcfg.dll

2009-09-24 06:59:34 ----A---- C:\Windows\system32\spwinsat.dll

2009-09-24 06:59:34 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll

2009-09-24 06:59:34 ----A---- C:\Windows\system32\rasplap.dll

2009-09-24 06:59:33 ----A---- C:\Windows\system32\whealogr.dll

2009-09-24 06:59:33 ----A---- C:\Windows\system32\tcpmon.dll

2009-09-24 06:59:33 ----A---- C:\Windows\system32\PnPUnattend.exe

2009-09-24 06:59:33 ----A---- C:\Windows\system32\fdWSD.dll

2009-09-24 06:59:33 ----A---- C:\Windows\system32\cmmon32.exe

2009-09-24 06:59:32 ----A---- C:\Windows\system32\srcore.dll

2009-09-24 06:59:32 ----A---- C:\Windows\system32\SnippingTool.exe

2009-09-24 06:59:32 ----A---- C:\Windows\system32\SCardSvr.dll

2009-09-24 06:59:32 ----A---- C:\Windows\system32\raschap.dll

2009-09-24 06:59:32 ----A---- C:\Windows\system32\conime.exe

2009-09-24 06:59:32 ----A---- C:\Windows\system32\cmdial32.dll

2009-09-24 06:59:31 ----A---- C:\Windows\system32\wiaaut.dll

2009-09-24 06:59:31 ----A---- C:\Windows\system32\MSVidCtl.dll

2009-09-24 06:59:31 ----A---- C:\Windows\system32\fontext.dll

2009-09-24 06:59:30 ----A---- C:\Windows\system32\WMVXENCD.DLL

2009-09-24 06:59:30 ----A---- C:\Windows\system32\wlanui.dll

2009-09-24 06:59:30 ----A---- C:\Windows\system32\shwebsvc.dll

2009-09-24 06:59:30 ----A---- C:\Windows\system32\rasppp.dll

2009-09-24 06:59:30 ----A---- C:\Windows\system32\PnPutil.exe

2009-09-24 06:59:30 ----A---- C:\Windows\system32\dsprop.dll

2009-09-24 06:59:29 ----A---- C:\Windows\system32\shsetup.dll

2009-09-24 06:59:29 ----A---- C:\Windows\system32\oobefldr.dll

2009-09-24 06:59:29 ----A---- C:\Windows\system32\occache.dll

2009-09-24 06:59:29 ----A---- C:\Windows\system32\dimsroam.dll

2009-09-24 06:59:28 ----A---- C:\Windows\system32\rasmontr.dll

2009-09-24 06:59:28 ----A---- C:\Windows\system32\mscandui.dll

2009-09-24 06:59:28 ----A---- C:\Windows\system32\modemui.dll

2009-09-24 06:59:28 ----A---- C:\Windows\system32\chtbrkr.dll

2009-09-24 06:59:27 ----A---- C:\Windows\system32\wmdrmsdk.dll

2009-09-24 06:59:27 ----A---- C:\Windows\system32\wlgpclnt.dll

2009-09-24 06:59:27 ----A---- C:\Windows\system32\dataclen.dll

2009-09-24 06:59:27 ----A---- C:\Windows\system32\blackbox.dll

2009-09-24 06:59:26 ----A---- C:\Windows\system32\WSDMon.dll

2009-09-24 06:59:26 ----A---- C:\Windows\system32\wmpeffects.dll

2009-09-24 06:59:26 ----A---- C:\Windows\system32\smss.exe

2009-09-24 06:59:26 ----A---- C:\Windows\system32\rdpwsx.dll

2009-09-24 06:59:26 ----A---- C:\Windows\system32\netplwiz.dll

2009-09-24 06:59:26 ----A---- C:\Windows\system32\credui.dll

2009-09-24 06:59:25 ----A---- C:\Windows\system32\mstime.dll

2009-09-24 06:59:25 ----A---- C:\Windows\system32\certprop.dll

2009-09-24 06:59:24 ----A---- C:\Windows\system32\wscapi.dll

2009-09-24 06:59:24 ----A---- C:\Windows\system32\wpcsvc.dll

2009-09-24 06:59:24 ----A---- C:\Windows\system32\networkexplorer.dll

2009-09-24 06:59:24 ----A---- C:\Windows\system32\msscp.dll

2009-09-24 06:59:24 ----A---- C:\Windows\system32\msrating.dll

2009-09-24 06:59:24 ----A---- C:\Windows\system32\msimtf.dll

2009-09-24 06:59:24 ----A---- C:\Windows\system32\logagent.exe

2009-09-24 06:59:24 ----A---- C:\Windows\system32\InkEd.dll

2009-09-24 06:59:24 ----A---- C:\Windows\system32\ifmon.dll

2009-09-24 06:59:24 ----A---- C:\Windows\system32\gpresult.exe

2009-09-24 06:59:24 ----A---- C:\Windows\system32\cipher.exe

2009-09-24 06:59:23 ----A---- C:\Windows\system32\thawbrkr.dll

2009-09-24 06:59:23 ----A---- C:\Windows\system32\softkbd.dll

2009-09-24 06:59:23 ----A---- C:\Windows\system32\sendmail.dll

2009-09-24 06:59:22 ----A---- C:\Windows\system32\olepro32.dll

2009-09-24 06:59:22 ----A---- C:\Windows\system32\msctfui.dll

2009-09-24 06:59:22 ----A---- C:\Windows\system32\MediaMetadataHandler.dll

2009-09-24 06:59:22 ----A---- C:\Windows\system32\dmsynth.dll

2009-09-24 06:59:21 ----A---- C:\Windows\system32\puiapi.dll

2009-09-24 06:59:21 ----A---- C:\Windows\system32\input.dll

2009-09-24 06:59:21 ----A---- C:\Windows\system32\drmmgrtn.dll

2009-09-24 06:59:21 ----A---- C:\Windows\system32\cdd.dll

2009-09-24 06:59:20 ----A---- C:\Windows\system32\wshbth.dll

2009-09-24 06:59:20 ----A---- C:\Windows\system32\version.dll

2009-09-24 06:59:20 ----A---- C:\Windows\system32\SLLUA.exe

2009-09-24 06:59:20 ----A---- C:\Windows\system32\msisip.dll

2009-09-24 06:59:20 ----A---- C:\Windows\system32\mprapi.dll

2009-09-24 06:59:20 ----A---- C:\Windows\system32\fc.exe

2009-09-24 06:59:20 ----A---- C:\Windows\system32\ExplorerFrame.dll

2009-09-24 06:59:19 ----A---- C:\Windows\system32\MsCtfMonitor.dll

2009-09-24 06:59:19 ----A---- C:\Windows\system32\fdSSDP.dll

2009-09-24 06:59:19 ----A---- C:\Windows\system32\dmusic.dll

2009-09-24 06:59:18 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll

2009-09-24 06:59:18 ----A---- C:\Windows\system32\msjint40.dll

2009-09-24 06:59:18 ----A---- C:\Windows\system32\l2nacp.dll

2009-09-24 06:59:18 ----A---- C:\Windows\system32\ftp.exe

2009-09-24 06:59:18 ----A---- C:\Windows\system32\eapp3hst.dll

2009-09-24 06:59:18 ----A---- C:\Windows\system32\cscapi.dll

2009-09-24 06:59:17 ----A---- C:\Windows\system32\wsdchngr.dll

2009-09-24 06:59:17 ----A---- C:\Windows\system32\SMBHelperClass.dll

2009-09-24 06:59:17 ----A---- C:\Windows\system32\PortableDeviceTypes.dll

2009-09-24 06:59:17 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll

2009-09-24 06:59:17 ----A---- C:\Windows\system32\cscdll.dll

2009-09-24 06:59:17 ----A---- C:\Windows\system32\bthci.dll

2009-09-24 06:59:16 ----A---- C:\Windows\system32\Storprop.dll

2009-09-24 06:59:16 ----A---- C:\Windows\system32\rasdial.exe

2009-09-24 06:59:16 ----A---- C:\Windows\system32\rasdiag.dll

2009-09-24 06:59:16 ----A---- C:\Windows\system32\msfeedsbs.dll

2009-09-24 06:59:16 ----A---- C:\Windows\system32\ipconfig.exe

2009-09-24 06:59:16 ----A---- C:\Windows\system32\fdWCN.dll

2009-09-24 06:59:16 ----A---- C:\Windows\system32\eappcfg.dll

2009-09-24 06:59:16 ----A---- C:\Windows\system32\dot3cfg.dll

2009-09-24 06:59:16 ----A---- C:\Windows\system32\bthudtask.exe

2009-09-24 06:59:15 ----A---- C:\Windows\system32\tscupgrd.exe

2009-09-24 06:59:15 ----A---- C:\Windows\system32\slcinst.dll

2009-09-24 06:59:15 ----A---- C:\Windows\system32\nslookup.exe

2009-09-24 06:59:15 ----A---- C:\Windows\system32\networkitemfactory.dll

2009-09-24 06:59:15 ----A---- C:\Windows\system32\eappgnui.dll

2009-09-24 06:59:15 ----A---- C:\Windows\system32\CHxReadingStringIME.dll

2009-09-24 06:59:14 ----A---- C:\Windows\system32\ocsetup.exe

2009-09-24 06:59:14 ----A---- C:\Windows\system32\mmcico.dll

2009-09-24 06:59:14 ----A---- C:\Windows\system32\hbaapi.dll

2009-09-24 06:59:14 ----A---- C:\Windows\system32\FwRemoteSvr.dll

2009-09-24 06:59:14 ----A---- C:\Windows\system32\fdeploy.dll

2009-09-24 06:59:13 ----A---- C:\Windows\system32\PNPXAssoc.dll

2009-09-24 06:59:13 ----A---- C:\Windows\system32\gpupdate.exe

2009-09-24 06:59:12 ----A---- C:\Windows\system32\iscsilog.dll

2009-09-24 06:59:12 ----A---- C:\Windows\system32\csrstub.exe

2009-09-24 06:59:12 ----A---- C:\Windows\system32\cbsra.exe

2009-09-24 06:59:12 ----A---- C:\Windows\system32\bitsigd.dll

2009-09-24 06:59:11 ----A---- C:\Windows\system32\vdmdbg.dll

2009-09-24 06:59:11 ----A---- C:\Windows\system32\odbcconf.dll

2009-09-24 06:59:11 ----A---- C:\Windows\system32\NcdProp.dll

2009-09-24 06:59:10 ----A---- C:\Windows\system32\winrnr.dll

2009-09-24 06:59:10 ----A---- C:\Windows\system32\slwga.dll

2009-09-24 06:59:10 ----A---- C:\Windows\system32\midimap.dll

2009-09-24 06:59:10 ----A---- C:\Windows\system32\inetppui.dll

2009-09-24 06:59:06 ----A---- C:\Windows\system32\msimsg.dll

2009-09-24 06:59:06 ----A---- C:\Windows\system32\f3ahvoas.dll

2009-09-24 06:58:33 ----A---- C:\Windows\system32\SmiEngine.dll

2009-09-24 06:58:15 ----A---- C:\Windows\system32\wdscore.dll

2009-09-24 06:58:15 ----A---- C:\Windows\system32\PkgMgr.exe

2009-09-24 06:57:26 ----A---- C:\Windows\system32\drvstore.dll

2009-09-21 10:38:12 ----A---- C:\Windows\Uninstall Jade Empire.exe

2009-09-16 09:32:10 ----D---- C:\Program Files\Metin2_PL

2009-09-15 20:21:27 ----D---- C:\Program Files\Adobe

2009-09-13 07:26:43 ----D---- C:\Users\Wiktor\AppData\Roaming\PeerNetworking

2009-09-10 06:53:39 ----A---- C:\Windows\TextSpy.ini

2009-09-09 10:19:53 ----A---- C:\Windows\system32\netiohlp.dll

2009-09-09 10:19:52 ----A---- C:\Windows\system32\TCPSVCS.EXE

2009-09-09 10:19:52 ----A---- C:\Windows\system32\ROUTE.EXE

2009-09-09 10:19:52 ----A---- C:\Windows\system32\NETSTAT.EXE

2009-09-09 10:19:52 ----A---- C:\Windows\system32\MRINFO.EXE

2009-09-09 10:19:52 ----A---- C:\Windows\system32\HOSTNAME.EXE

2009-09-09 10:19:52 ----A---- C:\Windows\system32\finger.exe

2009-09-09 10:19:52 ----A---- C:\Windows\system32\ARP.EXE

2009-09-09 10:19:51 ----A---- C:\Windows\system32\netevent.dll

2009-09-09 10:18:45 ----A---- C:\Windows\system32\wlansvc.dll

2009-09-09 10:18:45 ----A---- C:\Windows\system32\wlansec.dll

2009-09-09 10:18:45 ----A---- C:\Windows\system32\wlanmsm.dll

2009-09-09 10:18:45 ----A---- C:\Windows\system32\wlanhlp.dll

2009-09-09 10:18:45 ----A---- C:\Windows\system32\L2SecHC.dll

2009-09-09 10:18:44 ----A---- C:\Windows\system32\wlanapi.dll

2009-09-09 10:18:40 ----A---- C:\Windows\system32\WMVCORE.DLL

2009-09-09 10:18:39 ----A---- C:\Windows\system32\mf.dll

2009-09-09 10:18:38 ----A---- C:\Windows\system32\rrinstaller.exe

2009-09-09 10:18:38 ----A---- C:\Windows\system32\mfps.dll

2009-09-09 10:18:38 ----A---- C:\Windows\system32\mfpmp.exe

2009-09-09 10:18:37 ----A---- C:\Windows\system32\mferror.dll

2009-09-09 10:18:28 ----A---- C:\Windows\system32\jscript.dll

2009-09-09 07:44:50 ----A---- C:\Windows\system32\aswBoot.exe

2009-09-09 07:44:47 ----D---- C:\Program Files\Alwil Software

2009-09-09 07:39:27 ----D---- C:\Program Files\Panda Software

2009-09-06 20:10:51 ----A---- C:\Windows\system32\lsasrv.dll

2009-09-06 20:10:51 ----A---- C:\Windows\system32\kerberos.dll

2009-09-06 20:10:50 ----A---- C:\Windows\system32\wdigest.dll

2009-09-06 20:10:49 ----A---- C:\Windows\system32\schannel.dll

2009-09-06 20:10:47 ----A---- C:\Windows\system32\secur32.dll

2009-09-06 20:10:47 ----A---- C:\Windows\system32\lsass.exe

2009-09-03 05:43:37 ----A---- C:\Windows\system32\Apphlpdm.dll

2009-09-03 05:43:36 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll

2009-09-02 18:04:16 ----D---- C:\PLIKI TATY - NIE KASOWAĆ

2009-08-31 19:43:47 ----D---- C:\Users\Wiktor\AppData\Roaming\OpenOffice.org

2009-08-31 19:14:55 ----D---- C:\Program Files\JRE

2009-08-31 19:14:40 ----D---- C:\Program Files\OpenOffice.org 3

2009-08-31 19:13:57 ----A---- C:\Windows\system32\deploytk.dll

2009-08-29 08:54:00 ----D---- C:\Users\Wiktor\AppData\Roaming\VistaCodecs

2009-08-29 08:53:55 ----D---- C:\Program Files\VistaCodecPack

2009-08-29 08:53:07 ----D---- C:\ProgramData\VistaCodecs

2009-08-28 20:48:35 ----D---- C:\Windows\Sun

2009-08-28 20:48:35 ----D---- C:\Users\Wiktor\AppData\Roaming\Sun

2009-08-27 21:28:55 ----D---- C:\Users\Wiktor\AppData\Roaming\Gadu-Gadu

2009-08-27 20:55:30 ----D---- C:\Program Files\Java

2009-08-27 20:52:38 ----D---- C:\Program Files\Common Files\Java

2009-08-27 08:42:13 ----A---- C:\Windows\system32\tzres.dll

2009-08-26 11:44:10 ----A---- C:\Windows\system32\gameux.dll

2009-08-16 06:50:49 ----A---- C:\Windows\system32\netfxperf.dll

2009-08-15 13:26:22 ----A---- C:\Windows\system32\atl.dll

2009-08-15 13:26:13 ----A---- C:\Windows\system32\wmpdxm.dll

2009-08-15 13:26:12 ----A---- C:\Windows\system32\dxmasf.dll

2009-08-15 13:26:11 ----A---- C:\Windows\system32\spwmp.dll

2009-08-15 13:19:35 ----A---- C:\Windows\system32\tsgqec.dll

2009-08-15 13:19:35 ----A---- C:\Windows\system32\mstscax.dll

2009-08-15 13:19:35 ----A---- C:\Windows\system32\aaclient.dll

2009-08-15 12:57:24 ----A---- C:\Windows\system32\wkssvc.dll

2009-08-15 12:18:23 ----A---- C:\Windows\system32\avifil32.dll

2009-08-07 14:05:33 ----D---- C:\Windows\Minidump

======List of files/folders modified in the last 3 months======

2009-11-03 19:29:45 ----D---- C:\Windows\Prefetch

2009-11-03 19:29:36 ----D---- C:\Windows\Temp

2009-11-03 19:29:32 ----RD---- C:\Program Files

2009-11-03 18:59:16 ----D---- C:\Windows\System32

2009-11-03 18:59:16 ----A---- C:\Windows\system32\PerfStringBackup.INI

2009-11-03 18:59:15 ----D---- C:\Windows\inf

2009-11-03 18:39:06 ----D---- C:\Windows\system32\drivers

2009-11-03 18:39:03 ----HD---- C:\ProgramData

2009-11-03 06:56:26 ----SHD---- C:\System Volume Information

2009-11-02 14:35:05 ----D---- C:\Windows

2009-11-02 12:55:55 ----HD---- C:\Program Files\InstallShield Installation Information

2009-11-02 12:41:38 ----SHD---- C:\Windows\Installer

2009-11-01 19:54:28 ----D---- C:\Windows\system

2009-10-29 07:30:28 ----D---- C:\Windows\rescache

2009-10-29 07:12:56 ----D---- C:\Windows\system32\pl-PL

2009-10-29 07:12:56 ----D---- C:\Program Files\Windows Media Player

2009-10-29 06:57:37 ----D---- C:\Windows\winsxs

2009-10-28 07:50:59 ----D---- C:\Windows\system32\catroot

2009-10-28 07:50:57 ----D---- C:\Windows\system32\catroot2

2009-10-17 20:37:06 ----SHD---- C:\Users\Wiktor\AppData\Roaming\.#

2009-10-17 20:35:41 ----AD---- C:\ProgramData\Temp

2009-10-16 15:24:36 ----D---- C:\Windows\Cursors

2009-10-15 22:14:09 ----D---- C:\Users\Wiktor\AppData\Roaming\Skype

2009-10-15 19:18:44 ----D---- C:\Users\Wiktor\AppData\Roaming\skypePM

2009-10-15 14:01:50 ----D---- C:\Program Files\Movie Maker

2009-10-15 07:04:59 ----D---- C:\Windows\Microsoft.NET

2009-10-15 07:04:48 ----RSD---- C:\Windows\assembly

2009-10-15 06:24:17 ----D---- C:\Windows\ehome

2009-10-15 06:24:17 ----D---- C:\Program Files\Windows Mail

2009-10-02 19:01:57 ----A---- C:\Windows\system32\mrt.exe

2009-09-27 12:43:07 ----D---- C:\Windows\system32\Macromed

2009-09-25 23:28:25 ----D---- C:\ProgramData\NVIDIA

2009-09-25 23:23:50 ----SHD---- C:\Boot

2009-09-25 23:16:24 ----D---- C:\Program Files\Windows Calendar

2009-09-25 23:16:23 ----D---- C:\Program Files\Windows Sidebar

2009-09-25 23:16:23 ----D---- C:\Program Files\Windows Photo Gallery

2009-09-25 23:16:23 ----D---- C:\Program Files\Windows Journal

2009-09-25 23:16:23 ----D---- C:\Program Files\Windows Collaboration

2009-09-25 23:16:23 ----D---- C:\Program Files\Internet Explorer

2009-09-25 23:16:23 ----D---- C:\Program Files\Common Files\System

2009-09-25 23:16:20 ----D---- C:\Windows\servicing

2009-09-25 23:16:20 ----D---- C:\Program Files\Windows Defender

2009-09-25 23:16:12 ----D---- C:\Windows\system32\XPSViewer

2009-09-25 23:16:12 ----D---- C:\Windows\system32\sk-SK

2009-09-25 23:16:12 ----D---- C:\Windows\system32\lv-LV

2009-09-25 23:16:12 ----D---- C:\Windows\system32\ko-KR

2009-09-25 23:16:12 ----D---- C:\Windows\system32\it-IT

2009-09-25 23:16:12 ----D---- C:\Windows\system32\hr-HR

2009-09-25 23:16:12 ----D---- C:\Windows\system32\et-EE

2009-09-25 23:16:12 ----D---- C:\Windows\system32\en-US

2009-09-25 23:16:12 ----D---- C:\Windows\system32\el-GR

2009-09-25 23:16:12 ----D---- C:\Windows\system32\de-DE

2009-09-25 23:16:12 ----D---- C:\Windows\system32\da-DK

2009-09-25 23:16:12 ----D---- C:\Windows\IME

2009-09-25 23:16:11 ----D---- C:\Windows\system32\oobe

2009-09-25 23:16:11 ----D---- C:\Windows\system32\migration

2009-09-25 23:16:10 ----D---- C:\Windows\system32\sv-SE

2009-09-25 23:16:10 ----D---- C:\Windows\system32\SLUI

2009-09-25 23:16:10 ----D---- C:\Windows\system32\setup

2009-09-25 23:16:10 ----D---- C:\Windows\system32\ru-RU

2009-09-25 23:16:10 ----D---- C:\Windows\system32\pt-PT

2009-09-25 23:16:10 ----D---- C:\Windows\system32\hu-HU

2009-09-25 23:16:10 ----D---- C:\Windows\system32\he-IL

2009-09-25 23:16:10 ----D---- C:\Windows\system32\fr-FR

2009-09-25 23:16:10 ----D---- C:\Windows\system32\fi-FI

2009-09-25 23:16:10 ----D---- C:\Windows\system32\cs-CZ

2009-09-25 23:16:10 ----D---- C:\Windows\system32\AdvancedInstallers

2009-09-25 23:16:09 ----D---- C:\Windows\system32\zh-TW

2009-09-25 23:16:09 ----D---- C:\Windows\system32\zh-CN

2009-09-25 23:16:09 ----D---- C:\Windows\system32\uk-UA

2009-09-25 23:16:09 ----D---- C:\Windows\system32\sr-Latn-CS

2009-09-25 23:16:09 ----D---- C:\Windows\system32\sl-SI

2009-09-25 23:16:09 ----D---- C:\Windows\system32\manifeststore

2009-09-25 23:16:09 ----D---- C:\Windows\system32\es-ES

2009-09-25 23:16:06 ----D---- C:\Windows\system32\ro-RO

2009-09-25 23:16:06 ----D---- C:\Windows\system32\ja-JP

2009-09-25 23:16:06 ----D---- C:\Windows\system32\bg-BG

2009-09-25 23:16:05 ----D---- C:\Windows\system32\tr-TR

2009-09-25 23:16:05 ----D---- C:\Windows\system32\th-TH

2009-09-25 23:16:04 ----D---- C:\Windows\system32\wbem

2009-09-25 23:16:03 ----D---- C:\Windows\system32\nl-NL

2009-09-25 23:16:03 ----D---- C:\Windows\system32\nb-NO

2009-09-25 23:16:03 ----D---- C:\Windows\system32\migwiz

2009-09-25 23:16:03 ----D---- C:\Windows\system32\lt-LT

2009-09-25 23:16:03 ----D---- C:\Windows\system32\ar-SA

2009-09-25 23:16:02 ----D---- C:\Windows\system32\pt-BR

2009-09-25 23:15:38 ----RSD---- C:\Windows\Fonts

2009-09-25 23:15:38 ----D---- C:\Windows\AppPatch

2009-09-25 23:15:30 ----D---- C:\Windows\system32\Boot

2009-09-24 10:05:14 ----D---- C:\Program Files\Common Files

2009-09-24 09:22:10 ----D---- C:\Windows\Tasks

2009-09-24 09:22:01 ----D---- C:\Windows\system32\Tasks

2009-09-15 20:21:34 ----D---- C:\ProgramData\Adobe

2009-09-15 20:21:28 ----D---- C:\Program Files\Common Files\Adobe

2009-09-13 11:32:44 ----D---- C:\Program Files\Cyberlink

2009-09-10 10:48:35 ----D---- C:\Program Files\Google

2009-09-10 06:32:42 ----D---- C:\ProgramData\Google

2009-09-10 06:31:27 ----D---- C:\ProgramData\Electronic Arts

2009-09-09 07:48:54 ----SD---- C:\Users\Wiktor\AppData\Roaming\Microsoft

2009-09-09 07:48:54 ----SD---- C:\ProgramData\Microsoft

2009-09-09 07:41:47 ----D---- C:\ProgramData\McAfee

2009-09-05 14:10:34 ----D---- C:\Users\Wiktor\AppData\Roaming\SPORE Creature Creator

2009-09-05 01:05:14 ----D---- C:\Windows\system32\WDI

2009-08-28 12:31:37 ----D---- C:\Users\Wiktor\AppData\Roaming\BESTplayer

2009-08-27 21:22:15 ----D---- C:\Program Files\Gadu-Gadu

2009-08-26 08:40:46 ----D---- C:\river

2009-08-17 13:29:55 ----D---- C:\Windows\ModemLogs

2009-08-09 11:22:42 ----D---- C:\Users\Wiktor\AppData\Roaming\CyberLink

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2007-01-15 23352]

R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2007-01-15 43176]

R1 VD_FileDisk;VD_FileDisk; C:\Windows\system32\drivers\VD_FileDisk.sys [2006-01-13 15872]

R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; \??\C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl [2008-05-09 61424]

R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2007-01-15 44376]

R2 int15;int15; \??\C:\Windows\system32\drivers\int15.sys [2007-01-26 69632]

R2 NTIPPKernel;NTIPPKernel; \??\C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [2008-01-16 122368]

R2 PSDNServ;PSDNServ; C:\Windows\system32\DRIVERS\PSDNServ.sys [2008-03-04 16944]

R2 psdvdisk;PSDVdisk; C:\Windows\system32\DRIVERS\PSDVdisk.sys [2008-03-04 60464]

R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2008-02-29 1202560]

R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2008-03-28 210432]

R3 CmBatt;Sterownik baterii Microsoft o metodzie kontroli ACPI; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]

R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2008-07-02 21264]

R3 HdAudAddService;Sterownik funkcji Microsoft 1.1 UAA dla usługi standardu High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]

R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2008-04-21 81296]

R3 NETw5v32;Sterownik karty Intel® Wireless WiFi Link dla systemu Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-04-27 3658752]

R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-01-30 14848]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2009-01-22 52768]

R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-04-30 9850016]

R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-01-18 196784]

R3 usbvideo;Urządzenie wideo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]

R3 winbondcir;Winbond IR Transceiver; C:\Windows\system32\DRIVERS\winbondcir.sys [2007-03-28 43008]

R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]

S3 BthAvrcp;Profil AVRCP Bluetooth; C:\Windows\system32\DRIVERS\BthAvrcp.sys [2008-07-10 15872]

S3 BthEnum;Sterownik Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]

S3 BthPan;Urządzenie Bluetooth (sieć osobista); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]

S3 BTHPORT;Sterownik portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904]

S3 BTHUSB;Sterownik USB odbiornika radiowego Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]

S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]

S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Users\Wiktor\AppData\Local\Temp\RarSFX0\kerneld.wnt []

S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2008-04-17 101632]

S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys []

S3 MSKSSRV;Serwer proxy usługi Microsoft Streaming; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]

S3 MSPCLOCK;Serwer proxy zegara Microsoft Streaming; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]

S3 MSPQM;Serwer proxy menedżera jakości Microsoft Streaming; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]

S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]

S3 RFCOMM;Urządzenie Bluetooth (Protokół TDI RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]

S3 usbscan;Sterownik skanera USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]

S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]

S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]

S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2008-03-18 13312]

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2007-01-15 59008]

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2007-01-15 132736]

R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]

R2 BUNAgentSvc;NTI Backup Now 5 Agent Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384]

R2 CLHNService;CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [2008-01-16 81504]

R2 eDataSecurity Service;eDataSecurity Service; C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [2008-03-04 500784]

R2 ETService;Empowering Technology Service; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [2008-03-21 24576]

R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-07-20 354840]

R2 IGBASVC;iGroupTec Service; C:\Program Files\Acer\Acer Bio Protection\BASVC.exe [2009-05-13 3471360]

R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]

R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2007-12-06 110592]

R2 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-06 50424]

R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-04 131072]

R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-04-30 211488]

R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\Cyberlink\Shared files\RichVideo.exe [2007-01-09 272024]

R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2007-01-15 255616]

R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2007-01-15 370304]

S2 MyWebSearchService;My Web Search Service; C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwssvc.exe []

S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------

Sevard · Listopad 3, 2009

Widzę co najmniej ślady po infekcji (w tym takie, które zmieniają autostart). Jutro sprawdzę ten log dokładnie i napiszę co zrobić, bo teraz już nie mam sił.

potus · Listopad 3, 2009

Sprawdziłem. Już działa. Ale loga jeśli możecie to i tak sprawdźcie.

Sevard · Listopad 4, 2009

Otwórz notatnik wklej do niego to:

Windows Registry Editor Version 5.00


[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5ea1b87d-78e8-11de-a268-00238b92ab2f}]


[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5ea1b87f-78e8-11de-a268-00238b92ab2f}]


[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6fda0082-751e-11de-a8d3-00238b92ab2f}]


[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6fda00aa-751e-11de-a8d3-00238b92ab2f}]


[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a7b94954-8af5-11de-9acf-00238b92ab2f}]


[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b40084e2-7f30-11de-9698-00238b92ab2f}]

zapisz to jako fix.reg i uruchom.

Ponadto pliki:

C:\Users\Wiktor\AppData\Local\Temp\dc51341961\nxwpjk.exe

C:\Users\Wiktor\AppData\Local\Temp\dc51341961\752rzXP.exe

sprawdź na VirusTotal.

Poza tym system wygląda na czysty.

I zmień antywirusa... - Gofer

Zaloguj się

Zarchiwizowany

NIe uruchamia się płyta z CD Action

Polecane posty

Link do komentarza

Udostępnij na innych stronach

Link do komentarza

Udostępnij na innych stronach

Link do komentarza

Udostępnij na innych stronach

Link do komentarza

Udostępnij na innych stronach

Link do komentarza

Udostępnij na innych stronach

Link do komentarza

Udostępnij na innych stronach

Link do komentarza

Udostępnij na innych stronach

Link do komentarza

Udostępnij na innych stronach

Link do komentarza

Udostępnij na innych stronach

Link do komentarza

Udostępnij na innych stronach

Link do komentarza

Udostępnij na innych stronach

Link do komentarza

Udostępnij na innych stronach

Link do komentarza

Udostępnij na innych stronach

Link do komentarza

Udostępnij na innych stronach

Link do komentarza

Udostępnij na innych stronach

Link do komentarza

Udostępnij na innych stronach

Link do komentarza

Udostępnij na innych stronach

Link do komentarza

Udostępnij na innych stronach

Kto przegląda 0 użytkowników