Win32.parite + niedziałający menedżer zadań

**Posty:** 6 · przez **dawid6** 27 Lip 2011, 16:32

Witam, mam taki problem: miałem na dysku wirusa Win32.parite i zrobiony był format. Niedawno jednak wirus znowu się pojawił. Pojawiają się błedy drwtsn32.exe i explorer.exe. Po ich wystąpieniu komputer się zawiesza i trzeba go resetować. W dodatku nie działa menedżer zadań. Proszę o pomoc. Z góry dziękuję wszystkim za dobre chęci.

**Posty:** 12734 · przez **Mikou@j** 27 Lip 2011, 16:49

Najpierw przeczytaj uważnie obowiazkowe-zasady-wstawiania-logow-wazne-vt117887.html i wstaw dwa logi z OTL i GMER.

**Posty:** 2183 · przez **NieWiem** 27 Lip 2011, 20:39

Na parite nie pomoże zrobienie logów - kolejne badziewie jedzące sobie pliki wykonywalne i zwyczajnie brechtające z usera.

Możemy spróbować jeszcze czegoś takiego, ale nie gwarantuje za skuteczność:
Pobierasz te trzy pliki i zapisujesz je wszystkie na pulpicie, przy czym plik z rozszerzeniem .exe musi zostać pobrany jako ostatni.
*.nt, *.dos, *.exe
Od razu uruchamiasz plik z rozszerzeniem *.exe.

Potem jakiś skanerek online albo np. Dr Web i mówisz czy się udało.

**Posty:** 6 · przez **dawid6** 29 Lip 2011, 08:42

Próbowałem wcześniej rmparite (przed formatem), ale spróbuję jeszcze raz.

**Posty:** 2183 · przez **NieWiem** 29 Lip 2011, 09:09

To spróbuj jeszcze Dr Weba, on ma dobre wyniki w starciach z infekcjami wykonywalnych:
Pobierz Dr Web Cure It
mirror

Kliknij dwukrotnie na ikonę, aby uruchomić program (użytkownicy systemów Vista oraz Se7en => prawoklik oraz wybrać opcję Uruchom jako Administrator).
Kliknij Scan żeby odpalić szybkie skanowanie, w wyskakującym okienku wciśnij OK.
Jeśli coś zostanie znalezione, kliknij Yes żeby wyleczyć/usunąć.
Po szybkim skanowaniu wybierz opcję Complete Scan.
Po prawej stronie kliknij zieloną strzałkę.
Jeśli zostaniesz poproszony w trakcie skanowania, kliknij Yes to all (automatyczne leczenie i/lub usuwanie).
Ten skan może trwać bardzo długo - zalecam, żeby odpalić go na noc, zostawiając komputer włączonym!
Po ukończeniu skanowania, wybierz Menu File => Save Report list.
Plik zapisz na pulpicie. Będzie nazywał się DrWeb.cvs
Zrestartuj komputer - to bardzo ważne, ponieważ Dr Web niektóre pliki będzie mógł wyleczyć/usunąć dopiero po restarcie!
Za pomocą notatnika otwórz plik DrWeb.csv i wklej jego zawartość na forum w znacznikach [code] na forum, albo na stronie http://www.wklej.org, a w poście daj tylko linka.

Autor postu otrzymał pochwałę

**Posty:** 6 · przez **dawid6** 29 Lip 2011, 09:30

Logi:
Exstras.txt:

Kod: Zaznacz wszystko: OTL Extras logfile created on: 2011-07-29 08:55:52 - Run 2 OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\dom.K-060021CD86A64\Pulpit\Antywiry Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1,25 Gb Total Physical Memory | 0,42 Gb Available Physical Memory | 33,95% Memory free 2,98 Gb Paging File | 2,42 Gb Available in Paging File | 81,01% Paging File free Paging file location(s): C:\pagefile.sys 1920 3840 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 45,69 Gb Total Space | 21,62 Gb Free Space | 47,33% Space Free | Partition Type: NTFS Drive D: | 22,46 Gb Total Space | 4,71 Gb Free Space | 20,97% Space Free | Partition Type: NTFS Drive L: | 3,75 Gb Total Space | 1,33 Gb Free Space | 35,40% Space Free | Partition Type: FAT32 Drive M: | 533,03 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: K-060021CD86A64 | User Name: dom | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (All) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation) .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation) .hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation) .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) .inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation) .ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation) .url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l .js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation) .jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation) .reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation) .txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation) .vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation) .vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation) .wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation) .wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

OTL.txt:

Kod: Zaznacz wszystko: OTL logfile created on: 2011-07-29 08:55:52 - Run 2 OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\dom.K-060021CD86A64\Pulpit\Antywiry Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1,25 Gb Total Physical Memory | 0,42 Gb Available Physical Memory | 33,95% Memory free 2,98 Gb Paging File | 2,42 Gb Available in Paging File | 81,01% Paging File free Paging file location(s): C:\pagefile.sys 1920 3840 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 45,69 Gb Total Space | 21,62 Gb Free Space | 47,33% Space Free | Partition Type: NTFS Drive D: | 22,46 Gb Total Space | 4,71 Gb Free Space | 20,97% Space Free | Partition Type: NTFS Drive L: | 3,75 Gb Total Space | 1,33 Gb Free Space | 35,40% Space Free | Partition Type: FAT32 Drive M: | 533,03 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: K-060021CD86A64 | User Name: dom | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2011-07-07 06:47:11 | 000,757,212 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\dom.K-060021CD86A64\Pulpit\Antywiry\OTL.exe PRC - [2011-06-24 13:59:22 | 001,103,322 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2011-06-24 13:59:20 | 000,194,518 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe PRC - [2009-12-08 08:51:50 | 000,774,144 | ---- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe PRC - [2009-11-18 16:13:18 | 000,054,576 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP Software Update\hpwuschd2.exe PRC - [2009-11-18 04:42:52 | 000,275,072 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe PRC - [2009-11-18 04:02:34 | 000,563,840 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqbam08.exe PRC - [2009-11-18 04:02:34 | 000,173,696 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqste08.exe PRC - [2009-11-17 20:49:08 | 000,366,720 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqgpc01.exe PRC - [2006-11-03 11:01:16 | 000,319,488 | ---- | M] (PixArt Imaging Incorporation) -- C:\WINDOWS\PixArt\Pac7302\Monitor.exe PRC - [2006-09-13 18:22:36 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2006-09-13 18:20:26 | 001,694,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe PRC - [2005-07-21 20:52:02 | 000,278,528 | R--- | M] (Conexant Systems, Inc.) -- C:\Program Files\ZTE Corporation\ZXDSL852\CnxDslTb.exe PRC - [2005-07-21 08:33:00 | 000,804,320 | ---- | M] (France Télécom R&D) -- C:\Program Files\Neostrada TP\NeostradaTP.exe PRC - [2005-07-21 08:33:00 | 000,378,328 | ---- | M] (France Télécom R&D) -- C:\Program Files\Neostrada TP\ComComp.exe PRC - [2005-07-21 08:33:00 | 000,198,112 | ---- | M] (France Télécom R&D) -- C:\Program Files\Neostrada TP\Watch.exe PRC - [2005-07-21 08:33:00 | 000,053,248 | ---- | M] (France Télécom R&D) -- C:\Program Files\Neostrada TP\TaskBarIcon.exe PRC - [2004-08-04 02:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2004-08-04 02:44:30 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe PRC - [2004-08-04 02:44:28 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2004-08-04 02:44:28 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2004-08-04 02:44:28 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe PRC - [2004-08-04 02:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [WUDFSERVICEGROUP] PRC - [2004-08-04 02:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2004-08-04 02:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2004-08-04 02:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2004-08-04 02:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2004-08-04 02:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC] PRC - [2004-08-04 02:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPZ12] PRC - [2004-08-04 02:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPZ12] PRC - [2004-08-04 02:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPDEVMGMT] PRC - [2004-08-04 02:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2004-08-04 02:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2004-08-04 02:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2004-08-04 02:44:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe PRC - [2004-08-04 02:44:20 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2004-08-04 02:44:18 | 000,183,262 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cisvc.exe PRC - [2004-08-04 02:44:18 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe PRC - [2003-04-06 02:17:18 | 000,147,456 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe PRC - [2003-04-06 01:45:10 | 000,286,720 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe PRC - [2003-04-06 01:06:58 | 000,028,672 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe PRC - [2003-04-06 00:55:04 | 000,311,296 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposts08.exe PRC - [2001-10-26 21:29:48 | 000,185,810 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cidaemon.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2011-07-29 06:21:15 | 000,176,128 | ---- | M] () -- C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Temp\jja1.tmp MOD - [2011-07-07 06:47:11 | 000,757,212 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\dom.K-060021CD86A64\Pulpit\Antywiry\OTL.exe MOD - [2006-09-13 18:35:43 | 008,486,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2006-09-13 18:32:56 | 001,013,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2006-09-13 18:30:33 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2006-09-13 18:30:21 | 001,286,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2006-09-13 18:29:48 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2006-09-13 18:21:29 | 000,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2006-06-23 13:27:02 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2004-08-04 02:44:32 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2004-08-04 02:44:16 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2_32.dll MOD - [2004-08-04 02:44:16 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wsock32.dll MOD - [2004-08-04 02:44:16 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2help.dll MOD - [2004-08-04 02:44:14 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2004-08-04 02:44:14 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll MOD - [2004-08-04 02:44:12 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2004-08-04 02:44:10 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2004-08-04 02:44:10 | 000,581,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2004-08-04 02:44:10 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2004-08-04 02:44:10 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2004-08-04 02:44:08 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2004-08-04 02:44:08 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2004-08-04 02:44:06 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2004-08-04 02:44:04 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll MOD - [2004-08-04 02:44:04 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mpr.dll MOD - [2004-08-04 02:43:58 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2004-08-04 02:43:56 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2004-08-04 02:43:56 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2004-08-04 02:43:52 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2004-08-04 02:43:48 | 000,716,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2004-08-04 02:42:34 | 001,050,624 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll MOD - [2004-08-04 01:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx [color=#E56717]========== Win32 Services (All) ==========[/color] SRV - File not found [Disabled | Stopped] -- -- (HidServ) SRV - [2010-08-06 11:13:54 | 000,053,760 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.dll -- (Pml Driver HPZ12) SRV - [2010-08-06 11:13:54 | 000,044,032 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\WINDOWS\system32\HPZinw12.dll -- (Net Driver HPZ12) SRV - [2009-11-18 04:42:52 | 000,253,568 | ---- | M] (Hewlett-Packard Co.) [On_Demand | Running] -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08) SRV - [2009-11-18 04:16:42 | 000,137,344 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc) SRV - [2006-10-18 21:47:16 | 000,027,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\mspmsnsv.dll -- (WmdmPmSN) SRV - [2006-09-28 18:56:14 | 000,055,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\WudfSvc.dll -- (WudfSvc) SRV - [2006-09-13 19:13:16 | 000,359,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wzcsvc.dll -- (WZCSVC) SRV - [2006-09-13 18:31:04 | 000,111,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dhcpcsvc.dll -- (Dhcp) SRV - [2006-09-13 18:30:25 | 000,398,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (RpcSs) Zdalne wywoływanie procedur (RPC) SRV - [2006-09-13 18:30:25 | 000,398,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (DcomLaunch) SRV - [2006-09-13 18:30:03 | 000,243,200 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\es.dll -- (EventSystem) SRV - [2006-09-13 18:28:07 | 000,068,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\webclnt.dll -- (WebClient) SRV - [2006-09-13 18:27:40 | 000,180,736 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\rasmans.dll -- (RasMan) SRV - [2006-09-13 18:26:16 | 000,197,632 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\netman.dll -- (Netman) SRV - [2006-09-13 18:22:36 | 000,057,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler) SRV - [2006-09-13 18:21:55 | 000,249,344 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\tapisrv.dll -- (TapiSrv) SRV - [2006-09-13 18:20:47 | 000,096,768 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srvsvc.dll -- (lanmanserver) SRV - [2006-09-13 17:51:19 | 000,256,474 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\msiexec.exe -- (MSIServer) SRV - [2005-09-23 07:28:56 | 000,244,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2005-09-23 07:28:32 | 000,207,836 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state) SRV - [2004-08-04 02:44:30 | 000,469,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\vssvc.exe -- (VSS) SRV - [2004-08-04 02:44:30 | 000,304,094 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\wbem\wmiapsrv.exe -- (WmiApSrv) SRV - [2004-08-04 02:44:30 | 000,196,062 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ups.exe -- (UPS) Zasilacz awaryjny (UPS) SRV - [2004-08-04 02:44:28 | 000,319,446 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\sessmgr.exe -- (RDSessMgr) SRV - [2004-08-04 02:44:28 | 000,275,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\scardsvr.exe -- (SCardSvr) SRV - [2004-08-04 02:44:28 | 000,268,766 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\smlogsvc.exe -- (SysmonLog) SRV - [2004-08-04 02:44:28 | 000,252,892 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\tlntsvr.exe -- (TlntSvr) SRV - [2004-08-04 02:44:28 | 000,108,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (PlugPlay) SRV - [2004-08-04 02:44:28 | 000,108,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (Eventlog) SRV - [2004-08-04 02:44:26 | 000,292,316 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDEdsdm) SRV - [2004-08-04 02:44:26 | 000,292,316 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDE) SRV - [2004-08-04 02:44:24 | 000,183,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\msdtc.exe -- (MSDTC) SRV - [2004-08-04 02:44:22 | 000,327,644 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\imapi.exe -- (ImapiService) SRV - [2004-08-04 02:44:22 | 000,252,894 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\locator.exe -- (RpcLocator) Lokalizator usługi zdalnego wywołania procedury (RPC) SRV - [2004-08-04 02:44:22 | 000,210,396 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\mnmsrvc.exe -- (mnmsrvc) SRV - [2004-08-04 02:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (SamSs) SRV - [2004-08-04 02:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (ProtectedStorage) SRV - [2004-08-04 02:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (PolicyAgent) SRV - [2004-08-04 02:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (NtLmSsp) SRV - [2004-08-04 02:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (Netlogon) SRV - [2004-08-04 02:44:20 | 000,402,902 | ---- | M] (Microsoft Corp., Veritas Software) [On_Demand | Stopped] -- C:\WINDOWS\System32\dmadmin.exe -- (dmadmin) SRV - [2004-08-04 02:44:20 | 000,182,740 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (SwPrv) SRV - [2004-08-04 02:44:20 | 000,182,740 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (COMSysApp) SRV - [2004-08-04 02:44:18 | 000,210,906 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\clipsrv.exe -- (ClipSrv) SRV - [2004-08-04 02:44:18 | 000,183,262 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\cisvc.exe -- (CiSvc) SRV - [2004-08-04 02:44:18 | 000,129,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\xmlprov.dll -- (xmlprov) SRV - [2004-08-04 02:44:18 | 000,044,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\alg.exe -- (ALG) SRV - [2004-08-04 02:44:16 | 000,333,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc) Windows Image Acquisition (WIA) SRV - [2004-08-04 02:44:16 | 000,145,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt) SRV - [2004-08-04 02:44:16 | 000,132,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wkssvc.dll -- (lanmanworkstation) SRV - [2004-08-04 02:44:16 | 000,081,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wscsvc.dll -- (wscsvc) SRV - [2004-08-04 02:44:16 | 000,006,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv) SRV - [2004-08-04 02:44:14 | 000,296,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\termsrv.dll -- (TermService) SRV - [2004-08-04 02:44:14 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\upnphost.dll -- (upnphost) SRV - [2004-08-04 02:44:14 | 000,175,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\w32time.dll -- (W32Time) SRV - [2004-08-04 02:44:14 | 000,090,624 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\trkwks.dll -- (TrkWks) SRV - [2004-08-04 02:44:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\w3ssl.dll -- (HTTPFilter) SRV - [2004-08-04 02:44:12 | 000,171,008 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srsvc.dll -- (srservice) SRV - [2004-08-04 02:44:12 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (Themes) SRV - [2004-08-04 02:44:12 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (ShellHWDetection) SRV - [2004-08-04 02:44:12 | 000,135,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (FastUserSwitchingCompatibility) SRV - [2004-08-04 02:44:12 | 000,071,680 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\ssdpsrv.dll -- (SSDPSRV) SRV - [2004-08-04 02:44:10 | 000,382,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\qmgr.dll -- (BITS) SRV - [2004-08-04 02:44:10 | 000,192,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\schedsvc.dll -- (Schedule) SRV - [2004-08-04 02:44:10 | 000,089,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rasauto.dll -- (RasAuto) SRV - [2004-08-04 02:44:10 | 000,059,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\regsvc.dll -- (RemoteRegistry) SRV - [2004-08-04 02:44:10 | 000,038,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\sens.dll -- (SENS) SRV - [2004-08-04 02:44:10 | 000,018,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon) SRV - [2004-08-04 02:44:08 | 000,435,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc) SRV - [2004-08-04 02:44:08 | 000,038,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc) SRV - [2004-08-04 02:44:06 | 000,246,784 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\mswsock.dll -- (Nla) Rozpoznawanie lokalizacji w sieci (NLA) SRV - [2004-08-04 02:44:06 | 000,033,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\msgsvc.dll -- (Messenger) SRV - [2004-08-04 02:44:02 | 000,331,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ipnathlp.dll -- (SharedAccess) SRV - [2004-08-04 02:44:02 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lmhsvc.dll -- (LmHosts) SRV - [2004-08-04 02:43:58 | 000,023,040 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ersvc.dll -- (ERSvc) SRV - [2004-08-04 02:43:56 | 000,060,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc) SRV - [2004-08-04 02:43:56 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dnsrslvr.dll -- (Dnscache) SRV - [2004-08-04 02:43:56 | 000,024,064 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\WINDOWS\system32\dmserver.dll -- (dmserver) SRV - [2004-08-04 02:43:54 | 000,172,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\appmgmts.dll -- (AppMgmt) SRV - [2004-08-04 02:43:54 | 000,077,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\browser.dll -- (Browser) SRV - [2004-08-04 02:43:54 | 000,042,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\audiosrv.dll -- (AudioSrv) SRV - [2004-08-04 02:43:54 | 000,017,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter) SRV - [2004-08-04 02:43:52 | 000,686,080 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\advapi32.dll -- (Wmi) SRV - [2001-10-26 21:30:02 | 000,310,242 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rsvp.exe -- (RSVP) SRV - [2001-10-26 21:29:36 | 000,049,152 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\mprdim.dll -- (RemoteAccess) [color=#E56717]========== Driver Services (All) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | Disabled | Stopped] -- -- (ultra) DRV - File not found [Kernel | Disabled | Stopped] -- -- (TosIde) DRV - File not found [Kernel | Disabled | Stopped] -- -- (symc8xx) DRV - File not found [Kernel | Disabled | Stopped] -- -- (symc810) DRV - File not found [Kernel | Disabled | Stopped] -- -- (sym_u3) DRV - File not found [Kernel | Disabled | Stopped] -- -- (sym_hi) DRV - File not found [Kernel | Disabled | Stopped] -- -- (Sparrow) DRV - File not found [Kernel | Disabled | Stopped] -- -- (Simbad) DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql1280) DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql1240) DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql12160) DRV - File not found [Kernel | Disabled | Stopped] -- -- (Ql10wnt) DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql1080) DRV - File not found [Kernel | Disabled | Stopped] -- -- (perc2hib) DRV - File not found [Kernel | Disabled | Stopped] -- -- (perc2) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | Disabled | Stopped] -- -- (PCIIde) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | Disabled | Stopped] -- -- (mraid35x) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | Disabled | Stopped] -- -- (IntelIde) DRV - File not found [Kernel | Disabled | Stopped] -- -- (ini910u) DRV - File not found [Kernel | Disabled | Stopped] -- -- (i2omp) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | Disabled | Stopped] -- -- (hpn) DRV - File not found [Kernel | Disabled | Stopped] -- -- (dpti2o) DRV - File not found [Kernel | Disabled | Stopped] -- -- (dac960nt) DRV - File not found [Kernel | Disabled | Stopped] -- -- (Cpqarray) DRV - File not found [Kernel | Disabled | Stopped] -- -- (CmdIde) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | Disabled | Stopped] -- -- (cd20xrnt) DRV - File not found [Kernel | Disabled | Stopped] -- -- (Atdisk) DRV - File not found [Kernel | Disabled | Stopped] -- -- (asc3550) DRV - File not found [Kernel | Disabled | Stopped] -- -- (asc3350p) DRV - File not found [Kernel | Disabled | Stopped] -- -- (asc) DRV - File not found [Kernel | Disabled | Stopped] -- -- (amsint) DRV - File not found [Kernel | Disabled | Stopped] -- -- (AliIde) DRV - File not found [Kernel | Disabled | Stopped] -- -- (aic78xx) DRV - File not found [Kernel | Disabled | Stopped] -- -- (aic78u2) DRV - File not found [Kernel | Disabled | Stopped] -- -- (Aha154x) DRV - File not found [Kernel | Disabled | Stopped] -- -- (adpu160m) DRV - File not found [Kernel | Disabled | Stopped] -- -- (abp480n5) DRV - File not found [Kernel | Disabled | Stopped] -- -- (Abiosdsk) DRV - [2011-07-27 08:44:51 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV - [2011-06-16 10:30:09 | 000,082,380 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K) DRV - [2010-01-29 11:40:04 | 000,082,320 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files\UltraISO\drivers\ISODrive.sys -- (ISODrive) DRV - [2009-11-19 15:06:46 | 000,098,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039bus.sys -- (s1039bus) Sony Ericsson Device 1039 driver (WDM) DRV - [2009-11-19 15:06:46 | 000,025,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039nd5.sys -- (s1039nd5) Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS) DRV - [2009-11-19 15:06:45 | 000,124,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mdm.sys -- (s1039mdm) DRV - [2009-11-19 15:06:45 | 000,123,504 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039unic.sys -- (s1039unic) Sony Ericsson Device 1039 USB Ethernet Emulation (WDM) DRV - [2009-11-19 15:06:45 | 000,117,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mgmt.sys -- (s1039mgmt) Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM) DRV - [2009-11-19 15:06:45 | 000,113,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039obex.sys -- (s1039obex) DRV - [2009-11-19 15:06:44 | 000,014,960 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mdfl.sys -- (s1039mdfl) DRV - [2008-10-28 11:27:07 | 000,049,920 | R--- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HPZid412.sys -- (HPZid412) DRV - [2008-10-28 11:27:07 | 000,021,568 | R--- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HPZius12.sys -- (HPZius12) DRV - [2008-10-28 11:27:07 | 000,016,496 | R--- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HPZipr12.sys -- (HPZipr12) DRV - [2007-06-14 15:29:08 | 000,457,856 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PAC7302.SYS -- (PAC7302) DRV - [2006-10-18 20:00:00 | 000,038,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wpdusb.sys -- (WpdUsb) DRV - [2006-09-28 19:00:34 | 000,082,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WudfRd.sys -- (WudfRd) DRV - [2006-09-28 18:55:50 | 000,077,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\WudfPf.sys -- (WudfPf) DRV - [2006-09-13 20:19:12 | 000,685,056 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFCXTS2.sys -- (winachsf) DRV - [2006-09-13 20:19:12 | 000,011,868 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdmxsdk.sys -- (mdmxsdk) DRV - [2006-09-13 20:19:10 | 000,044,672 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\uagp35.sys -- (uagp35) DRV - [2006-09-13 20:19:04 | 000,220,032 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFBS2S2.sys -- (HSFHWBS2) DRV - [2006-09-13 20:19:02 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2006-09-13 20:18:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2006-09-13 20:18:40 | 001,041,536 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFDPSP2.sys -- (HSF_DP) DRV - [2006-09-13 20:18:38 | 000,058,624 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\redbook.sys -- (redbook) DRV - [2006-09-13 20:16:32 | 000,009,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hidusb.sys -- (HidUsb) DRV - [2006-09-13 20:16:20 | 000,027,165 | ---- | M] (VIA Technologies, Inc. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\fetnd5.sys -- (FETNDIS) DRV - [2006-09-13 20:14:58 | 000,003,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\audstub.sys -- (audstub) DRV - [2006-09-13 19:13:16 | 000,080,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\parport.sys -- (Parport) DRV - [2006-09-13 19:13:16 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\amdk7.sys -- (AmdK7) DRV - [2006-09-13 19:13:16 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\modem.sys -- (Modem) DRV - [2006-09-13 19:13:16 | 000,015,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mssmbios.sys -- (mssmbios) DRV - [2006-09-13 19:13:16 | 000,012,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndisuio.sys -- (Ndisuio) DRV - [2006-09-13 19:13:16 | 000,004,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\swenum.sys -- (swenum) DRV - [2006-09-13 19:07:37 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\cdaudio.sys -- (Cdaudio) DRV - [2006-09-13 18:35:57 | 000,128,768 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\fltMgr.sys -- (FltMgr) DRV - [2006-09-13 18:33:22 | 000,020,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbuhci.sys -- (usbuhci) DRV - [2006-09-13 18:33:19 | 000,030,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbehci.sys -- (usbehci) DRV - [2006-09-13 18:33:14 | 000,360,576 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip.sys -- (Tcpip) DRV - [2006-09-13 18:33:07 | 000,136,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ipnat.sys -- (IpNat) DRV - [2006-09-13 18:32:40 | 000,332,800 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\srv.sys -- (Srv) DRV - [2006-09-13 18:32:34 | 000,262,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\http.sys -- (HTTP) DRV - [2006-09-13 18:31:15 | 000,174,592 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\rdbss.sys -- (Rdbss) DRV - [2006-09-13 18:31:13 | 000,454,400 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\mrxsmb.sys -- (MRxSmb) DRV - [2006-09-13 18:23:26 | 000,139,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\rdpwd.sys -- (RDPWD) DRV - [2006-09-13 18:19:51 | 000,209,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\update.sys -- (Update) DRV - [2006-09-13 18:19:10 | 000,005,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MSPCLOCK.sys -- (MSPCLOCK) DRV - [2006-09-13 18:19:08 | 000,026,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBSTOR.SYS -- (USBSTOR) DRV - [2006-09-13 18:19:04 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Sterownik audio USB (WDM) DRV - [2006-09-13 18:19:04 | 000,007,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MSKSSRV.sys -- (MSKSSRV) DRV - [2006-09-13 18:19:02 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MSTEE.sys -- (MSTEE) DRV - [2006-09-13 18:19:00 | 000,196,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rdpdr.sys -- (rdpdr) DRV - [2006-09-13 18:19:00 | 000,085,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NABTSFEC.sys -- (NABTSFEC) DRV - [2006-09-13 18:19:00 | 000,082,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wdmaud.sys -- (wdmaud) DRV - [2006-09-13 18:19:00 | 000,052,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DMusic.sys -- (DMusic) DRV - [2006-09-13 18:19:00 | 000,023,296 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mouclass.sys -- (Mouclass) DRV - [2006-09-13 18:19:00 | 000,015,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbscan.sys -- (usbscan) DRV - [2006-09-13 18:18:54 | 000,142,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aec.sys -- (aec) DRV - [2006-09-13 18:18:50 | 000,019,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WSTCODEC.SYS -- (WSTCODEC) DRV - [2006-09-13 18:18:50 | 000,011,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SLIP.sys -- (SLIP) DRV - [2006-09-13 18:18:48 | 000,040,840 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\termdd.sys -- (TermDD) DRV - [2006-09-13 18:18:48 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\StreamIP.sys -- (streamip) DRV - [2006-09-13 18:18:46 | 000,172,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\kmixer.sys -- (kmixer) DRV - [2006-09-13 18:18:46 | 000,060,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sysaudio.sys -- (sysaudio) DRV - [2006-09-13 18:18:44 | 000,006,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\splitter.sys -- (splitter) DRV - [2006-09-13 18:18:44 | 000,004,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MSPQM.sys -- (MSPQM) DRV - [2006-09-13 18:18:38 | 000,025,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbprint.sys -- (usbprint) DRV - [2006-09-13 18:18:38 | 000,017,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CCDECODE.sys -- (CCDECODE) DRV - [2006-09-13 18:18:38 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\drmkaud.sys -- (drmkaud) DRV - [2006-09-13 18:18:36 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbccgp.sys -- (usbccgp) DRV - [2006-09-13 18:18:36 | 000,010,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NdisIP.sys -- (NdisIP) DRV - [2006-09-13 18:18:02 | 000,054,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swmidi.sys -- (swmidi) DRV - [2006-09-13 18:17:18 | 000,012,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mouhid.sys -- (mouhid) DRV - [2005-05-20 18:28:04 | 000,052,736 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CnxTgNW.sys -- (CnxTgNW) DRV - [2005-05-20 18:27:58 | 000,618,112 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CnxEtU.sys -- (CnxEtU) DRV - [2005-05-20 18:27:54 | 000,131,072 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CnxEtP.sys -- (CnxEtP) DRV - [2004-08-04 02:44:40 | 000,021,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\tdtcp.sys -- (TDTCP) DRV - [2004-08-04 02:44:40 | 000,012,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\tdpipe.sys -- (TDPIPE) DRV - [2004-08-04 02:39:38 | 000,073,472 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sr.sys -- (sr) DRV - [2004-08-04 02:38:16 | 000,153,856 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\dmio.sys -- (dmio) DRV - [2004-08-04 02:38:14 | 000,800,000 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot) DRV - [2004-08-04 02:38:00 | 000,024,960 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kbdclass.sys -- (Kbdclass) DRV - [2004-08-04 02:36:36 | 000,052,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\volsnap.sys -- (VolSnap) DRV - [2004-08-04 02:36:34 | 000,065,664 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\serial.sys -- (Serial) DRV - [2004-08-04 02:36:16 | 000,053,504 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\i8042prt.sys -- (i8042prt) DRV - [2004-08-04 02:34:16 | 000,120,064 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\pcmcia.sys -- (Pcmcia) DRV - [2004-08-04 02:34:12 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\pci.sys -- (PCI) DRV - [2004-08-04 02:34:10 | 000,188,672 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ACPI.sys -- (ACPI) DRV - [2004-08-04 01:15:22 | 000,107,904 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\mup.sys -- (Mup) DRV - [2004-08-04 01:15:10 | 000,574,592 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\ntfs.sys -- (Ntfs) DRV - [2004-08-04 01:14:38 | 000,162,816 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\netbt.sys -- (NetBT) DRV - [2004-08-04 01:14:32 | 000,091,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndiswan.sys -- (NdisWan) DRV - [2004-08-04 01:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\ndis.sys -- (NDIS) DRV - [2004-08-04 01:14:30 | 000,074,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ipsec.sys -- (IPSec) DRV - [2004-08-04 01:14:28 | 000,048,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspptp.sys -- (PptpMiniport) WAN Miniport (PPTP) DRV - [2004-08-04 01:14:24 | 000,051,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rasl2tp.sys -- (Rasl2tp) WAN Miniport (L2TP) DRV - [2004-08-04 01:14:18 | 000,143,360 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\fastfat.sys -- (Fastfat) DRV - [2004-08-04 01:14:16 | 000,138,496 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\afd.sys -- (AFD) DRV - [2004-08-04 01:14:12 | 000,063,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\cdfs.sys -- (Cdfs) DRV - [2004-08-04 01:08:44 | 000,057,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbhub.sys -- (usbhub) DRV - [2004-08-04 01:07:08 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\vga.sys -- (VgaSave) DRV - [2004-08-04 01:05:08 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspppoe.sys -- (RasPppoe) DRV - [2004-08-04 01:05:04 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\asyncmac.sys -- (AsyncMac) DRV - [2004-08-04 01:04:58 | 000,034,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanarp.sys -- (Wanarp) DRV - [2004-08-04 01:04:46 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ipinip.sys -- (IpInIp) DRV - [2004-08-04 01:04:20 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psched.sys -- (PSched) DRV - [2004-08-04 01:04:14 | 000,035,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msgpc.sys -- (Gpc) DRV - [2004-08-04 01:03:22 | 000,034,560 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\netbios.sys -- (NetBIOS) DRV - [2004-08-04 01:00:58 | 000,181,248 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mrxdav.sys -- (MRxDAV) DRV - [2004-08-04 01:00:48 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irenum.sys -- (IRENUM) DRV - [2004-08-04 01:00:44 | 000,030,848 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\npfs.sys -- (Npfs) DRV - [2004-08-04 01:00:42 | 000,019,072 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\msfs.sys -- (Msfs) DRV - [2004-08-04 01:00:32 | 000,066,176 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\udfs.sys -- (Udfs) DRV - [2004-08-04 01:00:16 | 000,041,856 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\imapi.sys -- (Imapi) DRV - [2004-08-04 01:00:08 | 000,029,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ip6fw.sys -- (Ip6Fw) DRV - [2004-08-04 00:59:56 | 000,036,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\disk.sys -- (Disk) DRV - [2004-08-04 00:59:56 | 000,011,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\sfloppy.sys -- (Sfloppy) DRV - [2004-08-04 00:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cdrom.sys -- (Cdrom) DRV - [2004-08-04 00:59:48 | 000,092,032 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\ksecdd.sys -- (KSecDD) DRV - [2004-08-04 00:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\atapi.sys -- (atapi) DRV - [2004-08-04 00:59:44 | 000,005,376 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\viaide.sys -- (ViaIde) DRV - [2004-08-04 00:59:28 | 000,027,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\fdc.sys -- (Fdc) DRV - [2004-08-04 00:59:28 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\flpydisk.sys -- (Flpydisk) DRV - [2004-08-04 00:59:08 | 000,015,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\serenum.sys -- (serenum) DRV - [2004-08-04 00:58:32 | 000,059,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atmarpc.sys -- (Atmarpc) DRV - [2004-08-04 00:58:32 | 000,042,240 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\mountmgr.sys -- (MountMgr) DRV - [2004-07-17 13:36:38 | 000,027,440 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv) DRV - [2004-01-08 06:37:02 | 000,812,416 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cmuda.sys -- (cmuda) DRV - [2001-10-26 20:59:38 | 000,125,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ftdisk.sys -- (Ftdisk) DRV - [2001-10-26 20:58:42 | 000,035,072 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\fips.sys -- (Fips) DRV - [2001-10-26 20:55:30 | 000,006,912 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\parvdm.sys -- (ParVdm) DRV - [2001-10-26 20:47:26 | 000,036,224 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\isapnp.sys -- (isapnp) DRV - [2001-10-26 20:46:18 | 000,012,032 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\acpiec.sys -- (ACPIEC) DRV - [2001-08-18 10:24:36 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\partmgr.sys -- (PartMgr) DRV - [2001-08-18 01:58:18 | 000,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\dmload.sys -- (dmload) DRV - [2001-08-18 01:57:30 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\mnmdd.sys -- (mnmdd) DRV - [2001-08-18 01:55:40 | 000,008,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\rasacd.sys -- (RasAcd) DRV - [2001-08-18 01:55:32 | 000,016,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspti.sys -- (Raspti) DRV - [2001-08-18 01:55:30 | 000,038,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\ndproxy.sys -- (NDProxy) DRV - [2001-08-18 01:55:28 | 000,009,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndistapi.sys -- (NdisTapi) DRV - [2001-08-18 01:55:06 | 000,032,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ipfltdrv.sys -- (IpFilterDriver) DRV - [2001-08-18 01:54:10 | 000,032,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwlnkfwd.sys -- (NwlnkFwd) DRV - [2001-08-18 01:54:06 | 000,012,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwlnkflt.sys -- (NwlnkFlt) DRV - [2001-08-18 01:52:06 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\cbidf2k.sys -- (cbidf2k) DRV - [2001-08-18 01:49:56 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink) DRV - [2001-08-18 01:47:40 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\null.sys -- (Null) DRV - [2001-08-18 01:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\beep.sys -- (Beep) DRV - [2001-08-18 01:46:56 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\rdpcdd.sys -- (RDPCDD) [color=#E56717]========== Standard Registry (All) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.neostrada.pl IE - HKCU\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Neostrada TP\SearchPageURL.dll () IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "www.allegro.pl|www.youtube.pl" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-06-22 14:43:54 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-06-24 13:59:23 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-06-22 14:43:54 | 000,000,000 | ---D | M] [2011-06-14 21:20:12 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\dom.K-060021CD86A64\Dane aplikacji\Mozilla\Extensions [2011-07-20 08:40:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\dom.K-060021CD86A64\Dane aplikacji\Mozilla\Firefox\Profiles\1yowl9jm.default\extensions [2011-07-05 18:38:48 | 000,000,000 | ---D | M] (iMacros for Firefox) -- C:\Documents and Settings\dom.K-060021CD86A64\Dane aplikacji\Mozilla\Firefox\Profiles\1yowl9jm.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2011-06-22 05:34:57 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\dom.K-060021CD86A64\Dane aplikacji\Mozilla\Firefox\Profiles\1yowl9jm.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2011-06-22 17:55:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2011-06-22 17:55:34 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2011-06-24 13:59:23 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} File not found (No name found) -- () (No name found) -- C:\DOCUMENTS AND SETTINGS\DOM.K-060021CD86A64\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\1YOWL9JM.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI () (No name found) -- C:\DOCUMENTS AND SETTINGS\DOM.K-060021CD86A64\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\1YOWL9JM.DEFAULT\EXTENSIONS\{DDC359D1-844A-42A7-9AA1-88A850A938A8}.XPI () (No name found) -- C:\DOCUMENTS AND SETTINGS\DOM.K-060021CD86A64\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\1YOWL9JM.DEFAULT\EXTENSIONS\{EF4E370E-D9F0-4E00-B93E-A4F274CFDD5A}.XPI [2011-06-24 13:59:22 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2010-01-01 10:00:00 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2010-01-01 10:00:00 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2010-01-01 10:00:00 | 000,002,364 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml [2010-01-01 10:00:00 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2010-01-01 10:00:00 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2010-01-01 10:00:00 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2010-01-01 10:00:00 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2001-10-26 19:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\Hewlett-Packard\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\Hewlett-Packard\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.) O3 - HKCU\..\Toolbar\ShellBrowser: (&Adres) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (&Adres) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (&Łącza) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Cmaudio] File not found O4 - HKLM..\Run: [CnxDslTaskBar] File not found O4 - HKLM..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\hpwuschd2.exe (Hewlett-Packard) O4 - HKLM..\Run: [PAC7302_Monitor] C:\WINDOWS\PixArt\Pac7302\Monitor.exe (PixArt Imaging Incorporation) O4 - HKLM..\Run: [WOOTASKBARICON] C:\Program Files\Neostrada TP\TaskBarIcon.exe (France Télécom R&D) O4 - HKLM..\Run: [WOOWATCH] C:\Program Files\Neostrada TP\Watch.exe (France Télécom R&D) O4 - HKCU..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation) O4 - HKCU..\Run: [DAEMON Tools Lite] File not found O4 - HKCU..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O4 - HKCU..\Run: [Sony Ericsson PC Companion] C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson Mobile Communications AB) O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\Autostart\HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\Autostart\hp psc 1000 series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe (Hewlett-Packard Co.) O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\Autostart\hpoddt01.exe.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe (Hewlett-Packard) O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\Autostart\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data] O8 - Extra context menu item: E&ksport do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Pokaż lub ukryj HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\Hewlett-Packard\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.) O9 - Extra Button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation) O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation) O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation) O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: UIHost - (logonui.exe) - File not found O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation) O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation) O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation) O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation) O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation) O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation) O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation) O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Moduł wstępnego ładowania interfejsu Browseui - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Demon buforu kategorii składników - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\dom.K-060021CD86A64\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\dom.K-060021CD86A64\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation) O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation) O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation) O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-02-16 12:58:42 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2011-07-23 10:47:40 | 000,000,000 | ---D | M] - C:\Autologon Tool -- [ NTFS ] O32 - AutoRun File - [2006-02-28 11:14:42 | 000,000,050 | R--- | M] () - M:\AUTORUN.INF -- [ CDFS ] O32 - AutoRun File - [2003-05-12 13:51:18 | 000,036,864 | R--- | M] () - M:\Autorun.exe -- [ CDFS ] O33 - MountPoints2\{0ba737af-9ce8-11e0-be7b-00d0d08a4f23}\Shell\AutoRun\command - "" = M:\pccompanion\Startme.exe O33 - MountPoints2\{0ba737af-9ce8-11e0-be7b-00d0d08a4f23}\Shell\menu1\command - "" = M:\pccompanion\Startme.exe O33 - MountPoints2\{8bc9ab9e-9971-11e0-be70-00d0d08a4f23}\Shell - "" = AutoRun O33 - MountPoints2\{8bc9ab9e-9971-11e0-be70-00d0d08a4f23}\Shell\AutoRun\command - "" = L:\Startme.exe O33 - MountPoints2\{f234ada2-b81b-11e0-bed7-00d0d08a4f23}\Shell - "" = AutoRun O33 - MountPoints2\{f234ada2-b81b-11e0-bed7-00d0d08a4f23}\Shell\AutoRun\command - "" = M:\Autorun.exe -- [2003-05-12 13:51:18 | 000,036,864 | R--- | M] () O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011-07-27 08:43:32 | 000,218,688 | ---- | C] (DT Soft Ltd) -- C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2011-07-27 08:43:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\DAEMON Tools Lite [2011-07-27 08:42:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dom.K-060021CD86A64\Dane aplikacji\DAEMON Tools Lite [2011-07-27 08:42:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\DAEMON Tools Lite [2011-07-26 18:59:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dom.K-060021CD86A64\Menu Start\Programy\Ashampoo [2011-07-26 18:59:46 | 000,000,000 | ---D | C] -- C:\Program Files\Ashampoo [2011-07-26 10:57:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dom.K-060021CD86A64\Pulpit\DAWID komunia [2011-07-25 12:55:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dom.K-060021CD86A64\Menu Start\Programy\HP [2011-07-23 19:22:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\nLite [2011-07-23 19:22:18 | 000,000,000 | ---D | C] -- C:\Program Files\nLite [2011-07-23 16:03:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTemp [2011-07-23 10:47:40 | 000,000,000 | ---D | C] -- C:\Autologon Tool [2011-07-22 07:34:29 | 000,000,000 | ---D | C] -- C:\Program Files\Emsisoft Anti-Malware [2011-07-19 08:08:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\InterAction studios [2011-07-19 08:07:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\Chicken Invaders 4 The Ultimate Omelette [2011-07-19 08:07:44 | 000,000,000 | ---D | C] -- C:\Program Files\Chicken Invaders 4 The Ultimate Omelette [2011-07-18 20:52:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\GhostXP Config v2009 [2011-07-18 20:51:59 | 000,000,000 | ---D | C] -- C:\Program Files\GhostXP Config [2011-07-14 12:04:56 | 000,000,000 | ---D | C] -- C:\Program Files\Absolute GIF Optimizer [2011-07-14 12:04:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\Absolute GIF Optimizer [2011-07-13 13:44:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\Easy GIF Animator [2011-07-13 13:44:33 | 000,000,000 | ---D | C] -- C:\Program Files\Easy GIF Animator [2011-07-13 13:10:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\PY_Software [2011-07-13 13:10:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dom.K-060021CD86A64\Menu Start\Programy\PY Software [2011-07-13 13:10:07 | 000,000,000 | ---D | C] -- C:\Program Files\2D and 3D Animator [2011-07-12 20:17:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Imagine [2011-07-12 15:21:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dom.K-060021CD86A64\Menu Start\Programy\CreateInstall Free [2011-07-12 15:21:38 | 000,000,000 | ---D | C] -- C:\Program Files\CreateInstall Free [2011-07-12 15:15:00 | 000,000,000 | ---D | C] -- C:\Program Files\GNU [2011-07-09 15:28:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dom.K-060021CD86A64\Dane aplikacji\AquaSoft [2011-07-09 15:27:01 | 000,000,000 | R--D | C] -- C:\Documents and Settings\dom.K-060021CD86A64\Menu Start\Programy\Narzędzia administracyjne [2011-07-03 20:16:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dom.K-060021CD86A64\Menu Start\Programy\AidemMedia [2011-07-02 10:20:26 | 000,000,000 | ---D | C] -- C:\Program Files\AidemMedia [2011-07-02 10:20:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\AidemMedia [2011-06-29 16:20:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dom.K-060021CD86A64\Dane aplikacji\gtk-2.0 [2011-06-29 10:32:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\avi2divx [2011-06-29 10:32:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\codec [2011-06-29 10:32:03 | 000,000,000 | ---D | C] -- C:\Program Files\avi2divx [2011-06-29 09:23:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\Multimedialny Świat [2011-06-29 09:23:28 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WING32.DLL [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011-07-29 06:27:50 | 000,457,678 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2011-07-29 06:27:50 | 000,401,064 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011-07-29 06:27:50 | 000,079,188 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2011-07-29 06:27:50 | 000,062,344 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011-07-29 06:21:14 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011-07-29 06:21:13 | 1341,706,240 | -HS- | M] () -- C:\hiberfil.sys [2011-07-27 15:59:54 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011-07-27 08:44:51 | 000,218,688 | ---- | M] (DT Soft Ltd) -- C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2011-07-26 18:59:48 | 000,000,812 | ---- | M] () -- C:\Documents and Settings\dom.K-060021CD86A64\Pulpit\Ashampoo Internet Accelerator 3.lnk [2011-07-26 13:10:25 | 000,000,215 | ---- | M] () -- C:\WINDOWS\Tuwim.ini [2011-07-23 19:22:19 | 000,000,638 | ---- | M] () -- C:\Documents and Settings\dom.K-060021CD86A64\Pulpit\nLite.lnk [2011-07-23 08:28:34 | 000,176,128 | ---- | M] () -- C:\WINDOWS\System32\5¸XľN€ [2011-07-22 20:55:08 | 000,176,128 | ---- | M] () -- C:\WINDOWS\System32\é´XľN€ [2011-07-22 06:58:18 | 000,176,128 | ---- | M] () -- C:\WINDOWS\System32\T¶XľN€ [2011-07-21 22:56:44 | 000,176,128 | ---- | M] () -- C:\WINDOWS\System32\)¶XľN€ [2011-07-21 14:37:49 | 000,176,128 | ---- | M] () -- C:\WINDOWS\System32\Ý·XľN€ [2011-07-21 14:33:11 | 000,176,128 | ---- | M] () -- C:\WINDOWS\System32\¶XľN€ [2011-07-18 21:02:29 | 000,001,509 | ---- | M] () -- C:\WINDOWS\ghost_config.ini [2011-07-16 17:55:58 | 000,034,596 | ---- | M] () -- C:\Documents and Settings\dom.K-060021CD86A64\.recently-used.xbel [2011-07-16 10:30:04 | 000,000,386 | ---- | M] () -- C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1308213019.job [2011-07-14 11:55:55 | 000,000,601 | ---- | M] () -- C:\WINDOWS\ago.INI [2011-07-14 10:56:54 | 000,636,422 | ---- | M] () -- C:\Documents and Settings\dom.K-060021CD86A64\Pulpit\20110714244.JPG [2011-07-14 10:56:38 | 000,409,319 | ---- | M] () -- C:\Documents and Settings\dom.K-060021CD86A64\Pulpit\20110714243.JPG [2011-07-14 10:56:06 | 000,427,440 | ---- | M] () -- C:\Documents and Settings\dom.K-060021CD86A64\Pulpit\20110714242.JPG [2011-07-13 13:44:35 | 000,000,656 | ---- | M] () -- C:\Documents and Settings\dom.K-060021CD86A64\Pulpit\Easy GIF Animator.lnk [2011-07-12 20:17:25 | 002,541,648 | ---- | M] () -- C:\WINDOWS\System32\exeImagine.IMD [2011-07-12 20:17:25 | 000,399,872 | ---- | M] () -- C:\WINDOWS\System32\nxImagine.ocx [2011-07-12 10:13:08 | 000,767,664 | ---- | M] () -- C:\Documents and Settings\dom.K-060021CD86A64\Pulpit\20110712241.JPG [2011-07-04 12:09:38 | 000,061,553 | ---- | M] () -- C:\Documents and Settings\dom.K-060021CD86A64\Pulpit\DSC00154.JPG [2011-07-04 12:08:58 | 000,072,895 | ---- | M] () -- C:\Documents and Settings\dom.K-060021CD86A64\Pulpit\DSC00152.JPG [2011-07-04 12:08:21 | 000,077,481 | ---- | M] () -- C:\Documents and Settings\dom.K-060021CD86A64\Pulpit\DSC00151.JPG [2011-06-29 11:11:38 | 000,006,144 | ---- | M] () -- C:\Documents and Settings\dom.K-060021CD86A64\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-06-29 10:55:48 | 000,000,018 | ---- | M] () -- C:\WINDOWS\avi2divx.INI [2011-06-29 09:25:32 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2011-06-29 09:23:30 | 000,001,514 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Pulpit\Julian Tuwim.lnk [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-07-26 18:59:48 | 000,000,812 | ---- | C] () -- C:\Documents and Settings\dom.K-060021CD86A64\Pulpit\Ashampoo Internet Accelerator 3.lnk [2011-07-23 19:22:19 | 000,000,638 | ---- | C] () -- C:\Documents and Settings\dom.K-060021CD86A64\Pulpit\nLite.lnk [2011-07-23 08:28:34 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\5¸XľN€ [2011-07-22 20:55:08 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\é´XľN€ [2011-07-22 06:58:18 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\T¶XľN€ [2011-07-21 22:56:44 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\)¶XľN€ [2011-07-21 14:37:49 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\Ý·XľN€ [2011-07-21 14:33:11 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\¶XľN€ [2011-07-18 16:10:20 | 000,001,509 | ---- | C] () -- C:\WINDOWS\ghost_config.ini [2011-07-17 13:16:35 | 000,427,440 | ---- | C] () -- C:\Documents and Settings\dom.K-060021CD86A64\Pulpit\20110714242.JPG [2011-07-17 13:16:32 | 000,409,319 | ---- | C] () -- C:\Documents and Settings\dom.K-060021CD86A64\Pulpit\20110714243.JPG [2011-07-17 13:16:29 | 000,636,422 | ---- | C] () -- C:\Documents and Settings\dom.K-060021CD86A64\Pulpit\20110714244.JPG [2011-07-16 17:55:58 | 000,034,596 | ---- | C] () -- C:\Documents and Settings\dom.K-060021CD86A64\.recently-used.xbel [2011-07-15 12:23:42 | 000,767,664 | ---- | C] () -- C:\Documents and Settings\dom.K-060021CD86A64\Pulpit\20110712241.JPG [2011-07-14 11:51:45 | 000,000,601 | ---- | C] () -- C:\WINDOWS\ago.INI [2011-07-13 13:44:35 | 000,000,656 | ---- | C] () -- C:\Documents and Settings\dom.K-060021CD86A64\Pulpit\Easy GIF Animator.lnk [2011-07-12 20:17:25 | 002,541,648 | ---- | C] () -- C:\WINDOWS\System32\exeImagine.IMD [2011-07-12 20:17:25 | 000,399,872 | ---- | C] () -- C:\WINDOWS\System32\nxImagine.ocx [2011-07-04 13:13:44 | 000,077,481 | ---- | C] () -- C:\Documents and Settings\dom.K-060021CD86A64\Pulpit\DSC00151.JPG [2011-07-04 13:13:21 | 000,072,895 | ---- | C] () -- C:\Documents and Settings\dom.K-060021CD86A64\Pulpit\DSC00152.JPG [2011-07-04 13:12:44 | 000,061,553 | ---- | C] () -- C:\Documents and Settings\dom.K-060021CD86A64\Pulpit\DSC00154.JPG [2011-06-29 10:55:48 | 000,000,018 | ---- | C] () -- C:\WINDOWS\avi2divx.INI [2011-06-29 09:23:30 | 000,001,514 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Pulpit\Julian Tuwim.lnk [2011-06-29 09:23:30 | 000,000,215 | ---- | C] () -- C:\WINDOWS\Tuwim.ini [2011-06-22 22:23:29 | 000,000,566 | ---- | C] () -- C:\WINDOWS\System32\SP7302.INI [2011-06-22 14:32:46 | 000,174,735 | ---- | C] () -- C:\WINDOWS\hpoins45.dat [2011-06-22 14:32:46 | 000,000,450 | ---- | C] () -- C:\WINDOWS\hpomdl45.dat [2011-06-16 10:23:13 | 000,020,458 | ---- | C] () -- C:\WINDOWS\hpoins01.dat [2011-06-16 10:23:13 | 000,016,622 | ---- | C] () -- C:\WINDOWS\hpomdl01.dat [2011-06-14 21:16:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2011-06-14 14:39:12 | 000,000,427 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2011-06-14 14:35:39 | 000,000,092 | ---- | C] () -- C:\WINDOWS\CMISETUP.INI [2011-06-14 14:35:39 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CMCDPLAY.INI [2011-06-14 14:35:38 | 000,000,010 | ---- | C] () -- C:\WINDOWS\Wininit.ini [2011-06-14 14:35:37 | 000,411,100 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.exe [2011-06-14 14:35:37 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll [2011-06-14 14:35:36 | 000,116,930 | ---- | C] () -- C:\WINDOWS\Cmuda.ini [2011-06-14 14:35:32 | 000,443,872 | ---- | C] () -- C:\WINDOWS\CMIUninstall.exe [2011-06-14 14:35:32 | 000,402,908 | ---- | C] () -- C:\WINDOWS\CmiRmRedundDir.exe [2011-06-14 14:35:32 | 000,028,672 | ---- | C] () -- C:\WINDOWS\CMIRmDriver.dll [2011-06-14 14:34:31 | 000,002,598 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2011-06-14 14:34:30 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2011-06-14 14:03:34 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2011-06-14 14:01:55 | 000,114,176 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011-06-14 12:32:39 | 000,006,144 | ---- | C] () -- C:\Documents and Settings\dom.K-060021CD86A64\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-06-14 12:16:04 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2011-06-14 12:11:17 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2004-08-04 02:56:48 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin [2004-08-04 02:44:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll [2004-08-02 16:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2004-07-17 13:36:38 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys [2003-04-07 08:21:58 | 000,561,152 | ---- | C] () -- C:\WINDOWS\System32\hpotscl.dll [2001-10-26 20:15:16 | 000,457,678 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat [2001-10-26 20:15:16 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat [2001-10-26 20:15:16 | 000,079,188 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat [2001-10-26 20:15:16 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat [2001-08-23 17:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2001-08-23 17:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2001-08-18 01:30:24 | 000,401,064 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2001-08-18 01:30:24 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2001-08-18 01:30:24 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2001-08-18 01:30:22 | 000,062,344 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2001-08-18 01:15:38 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2001-07-22 02:36:48 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2001-07-22 02:36:04 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2001-07-22 02:24:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [color=#E56717]========== LOP Check ==========[/color] [2011-07-29 08:50:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\DAEMON Tools Lite [2011-07-19 08:08:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\InterAction studios [2011-07-13 13:10:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\PY_Software [2011-07-02 10:20:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dom.K-060021CD86A64\Dane aplikacji\Aidem Media [2011-07-09 15:28:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dom.K-060021CD86A64\Dane aplikacji\AquaSoft [2011-07-27 08:46:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dom.K-060021CD86A64\Dane aplikacji\DAEMON Tools Lite [2011-07-16 17:55:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dom.K-060021CD86A64\Dane aplikacji\gtk-2.0 [2011-06-18 17:32:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dom.K-060021CD86A64\Dane aplikacji\LEGO Company [2011-07-16 10:30:04 | 000,000,386 | ---- | M] () -- C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1308213019.job [color=#E56717]========== Purity Check ==========[/color] < End of report >

Loga z GMERa jakoś nie udało mi się zrobić.
P.S. Skanowałem skanerem online i to jest parite.B. Rmparitem przeskanuję później. DrWebem też wezmę później (może na noc). Trochę się boję, bo format był spowodowany nie wirusem, tylko po prostu chyba antywirus usunął jakieś ważne pliki. Czy za pomocą wersji live Ubuntu da się skopiować/wkleić/zrobić nowe pliki?

**Posty:** 2183 · przez **NieWiem** 29 Lip 2011, 09:44

Da się wkleić pliki, ale nie da się naprawić rejestru windowsa.

Logi to sobie daruj, bo w nich nie zobaczymy nic. Puść Dr Weba. On ma bardzo dobre wyniki w walce z infekcjami wykonywalnych.

**Posty:** 6 · przez **dawid6** 29 Lip 2011, 16:26

Rmparite nagle się wyłącza i komp się loguje (rm mi działa przy uruchamianiu). Niedawno miałem antyvira Emsisoft Anti-Malware, ale jak wziął jakiś plik do kwarantanny to zaczął się robić błąd z explorer.exe i drwtsn32.exe. Antyvira odinstalowałem, ale błąd został.
Co do Dr Weba to czy nie usunie on plików systemowych/nie będzie można uruchomić komputera po wyczyszczeniu Webem? Bo przed formatem to Emsisoft chyba coś usunął i dało się logować, ale po zalogowaniu automatycznie się wylogowywał. Nawet ikon i paska nie było widać

**Posty:** 2183 · przez **NieWiem** 29 Lip 2011, 17:08

1. Emsisoft to nie jest antyvir. To program, który nie leczy, tylko od razu rwie na żywca, więc nie dziw się że się potem takie jaja działy, jak Ci pousuwał pliki systemowe. Właśnie dlatego radzę nigdy nie używać bez konsultacji z kimś mądrzejszym programów, których się nie zna.

2. Dr Web jest na tyle inteligentny, że leczy pliki, a jeśli nawet usunie to wiem jak potem porobić zeby było dobrze.

Twój wybór, rób co chcesz.

**Posty:** 6 · przez **dawid6** 31 Lip 2011, 09:01

Win32:Sality napisał(a):2. Dr Web jest na tyle inteligentny, że leczy pliki, a jeśli nawet usunie to wiem jak potem porobić zeby było dobrze.

Twój wybór, rób co chcesz.

A jak potem zrobić żeby było dobrze?

**Posty:** 2183 · przez **NieWiem** 31 Lip 2011, 09:39

Pomartwimy jak już usunie coś niewłaściwego.
Bo generalnie jakoś nie wierzę, żeby tak dziarsko Dr Web wysłał Ci pół systemu w kosmos.

**Posty:** 6 · przez **dawid6** 22 Sie 2011, 09:10

A te Ý·XľN€ i inne takie co pojawiły mi się w system32 to pliki wirusa i Dr. je usunie? A czy on też czyści pendriva bo właśnie jak był format to nie daliśmy do formatu pendriva i chyba stamtąd wrócił wirus. Jak można go usunąć z pendriva (ręcznie). Jak z pena się usunie wszystkie exe i scr to on zniknie? A czy ten parite to infekuje exe w obrazach płyt i archiwach?

**Posty:** 85 · przez **kominekl** 22 Sie 2011, 13:20

Podłącz wszystkie pamięci przenośne i uruchom Dr.WebCureIT`a. O takie pliki narazie sie nei martw. Główną pracę wykona doktor, a my potem zajmiemy się logami. Na razie skanuj DrWebCureIt`em póki nie będzie nic znajdował. Potem podaj logi z OTL.

Kto jest na forum