Temat jest zamknięty
![;]](/public/style_emoticons/default/cwaniak.gif)
Spoiler
# AdwCleaner v1.801 - Logfile created 08/16/2012 at 21:56:46
# Updated 14/08/2012 by Xplode
# Operating system : Microsoft Windows XP Dodatek Service Pack 2 (32 bits)
# User : iwona - IWONA-3352FB061
# Boot Mode : Normal
# Running from : C:\Documents and Settings\iwona\Pulpit\adwcleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
Folder Deleted : C:\Documents and Settings\iwona\Dane aplikacji\Babylon
Folder Deleted : C:\Documents and Settings\All Users\Dane aplikacji\Babylon
File Deleted : C:\user.js
***** [Registry] *****
[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2417076
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\IMsiDe1egate.Application.1
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
***** [Registre - GUID] *****
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}
***** [Internet Browsers] *****
-\\ Internet Explorer v6.0.2900.2180
[OK] Registry is clean.
*************************
AdwCleaner[S1].txt - [1492 octets] - [16/08/2012 21:56:46]
########## EOF - C:\AdwCleaner[S1].txt - [1620 octets] ##########
# Updated 14/08/2012 by Xplode
# Operating system : Microsoft Windows XP Dodatek Service Pack 2 (32 bits)
# User : iwona - IWONA-3352FB061
# Boot Mode : Normal
# Running from : C:\Documents and Settings\iwona\Pulpit\adwcleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
Folder Deleted : C:\Documents and Settings\iwona\Dane aplikacji\Babylon
Folder Deleted : C:\Documents and Settings\All Users\Dane aplikacji\Babylon
File Deleted : C:\user.js
***** [Registry] *****
[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2417076
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\IMsiDe1egate.Application.1
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
***** [Registre - GUID] *****
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}
***** [Internet Browsers] *****
-\\ Internet Explorer v6.0.2900.2180
[OK] Registry is clean.
*************************
AdwCleaner[S1].txt - [1492 octets] - [16/08/2012 21:56:46]
########## EOF - C:\AdwCleaner[S1].txt - [1620 octets] ##########
Spoiler
GMER 1.0.15.15641 - GMER - Rootkit Detector and Remover
Rootkit scan 2012-08-16 22:21:59
Windows 5.1.2600 Dodatek Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 rev.
Running: omuueff9.exe; Driver: C:\DOCUME~1\iwona\USTAWI~1\Temp\kxndyaow.sys
---- Kernel code sections - GMER 1.0.15 ----
? C:\DOCUME~1\iwona\USTAWI~1\Temp\kxndyaow.sys Nie można odnaleźć określonego pliku. !
---- User code sections - GMER 1.0.15 ----
.text E:\PLAY ONLINE\PLAY ONLINE.exe[368] USER32.dll!GetSysColor 7E368E78 5 Bytes JMP 00452430 E:\PLAY ONLINE\SkinMagicU.dll (SkinMagic Toolkit/Appspeed Inc.)
.text E:\PLAY ONLINE\PLAY ONLINE.exe[368] USER32.dll!GetSysColorBrush 7E368EAB 5 Bytes JMP 00452490 E:\PLAY ONLINE\SkinMagicU.dll (SkinMagic Toolkit/Appspeed Inc.)
.text E:\PLAY ONLINE\PLAY ONLINE.exe[368] USER32.dll!SetScrollInfo 7E369056 7 Bytes JMP 00452320 E:\PLAY ONLINE\SkinMagicU.dll (SkinMagic Toolkit/Appspeed Inc.)
.text E:\PLAY ONLINE\PLAY ONLINE.exe[368] USER32.dll!GetScrollInfo 7E370DA2 7 Bytes JMP 00452270 E:\PLAY ONLINE\SkinMagicU.dll (SkinMagic Toolkit/Appspeed Inc.)
.text E:\PLAY ONLINE\PLAY ONLINE.exe[368] USER32.dll!ShowScrollBar 7E37F2B3 5 Bytes JMP 004523F0 E:\PLAY ONLINE\SkinMagicU.dll (SkinMagic Toolkit/Appspeed Inc.)
.text E:\PLAY ONLINE\PLAY ONLINE.exe[368] USER32.dll!GetScrollPos 7E37F6C4 5 Bytes JMP 004522B0 E:\PLAY ONLINE\SkinMagicU.dll (SkinMagic Toolkit/Appspeed Inc.)
.text E:\PLAY ONLINE\PLAY ONLINE.exe[368] USER32.dll!SetScrollPos 7E37F710 5 Bytes JMP 00452360 E:\PLAY ONLINE\SkinMagicU.dll (SkinMagic Toolkit/Appspeed Inc.)
.text E:\PLAY ONLINE\PLAY ONLINE.exe[368] USER32.dll!GetScrollRange 7E37F747 5 Bytes JMP 004522E0 E:\PLAY ONLINE\SkinMagicU.dll (SkinMagic Toolkit/Appspeed Inc.)
.text E:\PLAY ONLINE\PLAY ONLINE.exe[368] USER32.dll!SetScrollRange 7E37F95B 5 Bytes JMP 004523A0 E:\PLAY ONLINE\SkinMagicU.dll (SkinMagic Toolkit/Appspeed Inc.)
.text E:\PLAY ONLINE\PLAY ONLINE.exe[368] USER32.dll!EnableScrollBar 7E3B7DDD 7 Bytes JMP 00452230 E:\PLAY ONLINE\SkinMagicU.dll (SkinMagic Toolkit/Appspeed Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[2432] ntdll.dll!LdrLoadDll 7C9161CA 5 Bytes JMP 0116B52A C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[2432] kernel32.dll!lstrlenW + 43 7C809A4C 7 Bytes JMP 0141B6F5 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[2432] kernel32.dll!MapViewOfFileEx + 6A 7C80B900 7 Bytes JMP 0141B6D2 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[2432] GDI32.dll!SetDIBitsToDevice + 20C 77F19A8C 7 Bytes JMP 0141B653 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
---- Processes - GMER 1.0.15 ----
Library C:\Documents and Settings\iwona\Pulpit\omuueff9.exe (*** hidden *** ) @ C:\Documents and Settings\iwona\Pulpit\omuueff9.exe [3336] 0x00400000
---- Services - GMER 1.0.15 ----
Service C:\WINDOWS\system32\tlntsvr.exe (*** hidden *** ) [DISABLED] TlntSvr <-- ROOTKIT !!!
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg@Description Serwer Rejestru
Reg HKLM\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg\AllowedPaths
Reg HKLM\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg\AllowedPaths@Machine System\CurrentControlSet\Control\ProductOptions?System\CurrentControlSet\Control\Print\Printers?System\CurrentControlSet\Control\Server Applications?System\CurrentControlSet\Services\Eventlog?Software\Microsoft\OLAP Server?Software\Microsoft\Windows NT\CurrentVersion?System\CurrentControlSet\Control\ContentIndex?System\CurrentControlSet\Control\Terminal Server?System\CurrentControlSet\Control\Terminal Server\UserConfig?System\CurrentControlSet\Control\Terminal Server\DefaultUserConfiguration?
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security@DisplayNameFile %SystemRoot%\System32\els.dll
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security@DisplayNameID 257
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security@File %SystemRoot%\System32\config\SecEvent.Evt
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security@MaxSize 524288
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security@PrimaryModule Security
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security@Retention 604800
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security@Sources Spooler?ServiceModel 3.0.0.0?Security Account Manager?SC Manager?NetDDE Object?LSA?DS?Security?
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security@RestrictGuestAccess 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\DS
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\DS@ParameterMessageFile %SystemRoot%\System32\MsObjs.dll
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\DS\ObjectNames
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\DS\ObjectNames@Directory Service Object 7680
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\LSA
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\LSA@ParameterMessageFile %SystemRoot%\System32\MsObjs.dll
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\LSA\ObjectNames
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\LSA\ObjectNames@PolicyObject 5632
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\LSA\ObjectNames@SecretObject 5648
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\LSA\ObjectNames@TrustedDomainObject 5664
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\LSA\ObjectNames@UserAccountObject 5680
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\NetDDE Object
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\NetDDE Object@ParameterMessageFile %SystemRoot%\System32\MsObjs.dll
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\NetDDE Object\ObjectNames
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\NetDDE Object\ObjectNames@DDE Share 7424
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\SC Manager
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\SC Manager@ParameterMessageFile %SystemRoot%\System32\MsObjs.dll
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\SC Manager\ObjectNames
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\SC Manager\ObjectNames@SC_MANAGER Object 7168
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\SC Manager\ObjectNames@SERVICE Object 7184
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security@CategoryCount 9
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security@CategoryMessageFile %SystemRoot%\System32\MsAuditE.dll
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security@GuidMessageFile %SystemRoot%\System32\NtMarta.dll
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security@EventMessageFile %SystemRoot%\System32\MsAuditE.dll;%SystemRoot%\System32\xpsp2res.dll
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security@ParameterMessageFile %SystemRoot%\System32\MsObjs.dll
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security@TypesSupported 28
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security\ObjectNames
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security\ObjectNames@Channel 5120
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security\ObjectNames@Desktop 6672
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security\ObjectNames@Device 4352
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security\ObjectNames@Directory 4368
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security\ObjectNames@Event 4384
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security\ObjectNames@EventPair 4400
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security\ObjectNames@File 4416
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security\ObjectNames@IoCompletion 4864
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security\ObjectNames@Job 5136
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security\ObjectNames@Key 4432
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security\ObjectNames@MailSlot 4416
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security\ObjectNames@Mutant 4448
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security\ObjectNames@NamedPipe 4416
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security\ObjectNames@Port 4464
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security\ObjectNames@Process 4480
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security\ObjectNames@Profile 4496
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security\ObjectNames@Section 4512
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security\ObjectNames@Semaphore 4528
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security\ObjectNames@SymbolicLink 4544
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security\ObjectNames@Thread 4560
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security\ObjectNames@Timer 4576
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security\ObjectNames@Token 4592
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security\ObjectNames@Type 4608
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security\ObjectNames@WaitablePort 4464
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security\ObjectNames@WindowStation 6656
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security Account Manager
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security Account Manager@ParameterMessageFile %SystemRoot%\System32\MsObjs.dll
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security Account Manager\ObjectNames
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security Account Manager\ObjectNames@SAM_ALIAS 5424
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security Account Manager\ObjectNames@SAM_DOMAIN 5392
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security Account Manager\ObjectNames@SAM_GROUP 5408
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security Account Manager\ObjectNames@SAM_SERVER 5376
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security Account Manager\ObjectNames@SAM_USER 5440
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\ServiceModel 3.0.0.0
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\ServiceModel 3.0.0.0@EventMessageFile C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll.mui
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\ServiceModel 3.0.0.0@TypesSupported 31
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\ServiceModel 3.0.0.0@ParameterMessageFile C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll.mui
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\ServiceModel 3.0.0.0@CategoryCount 3
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\ServiceModel 3.0.0.0@EventSourceFlags 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\ServiceModel 3.0.0.0@CategoryMessageFile %SystemRoot%\System32\MsAuditE.dll
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Spooler
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Spooler@ParameterMessageFile %SystemRoot%\System32\MsObjs.dll
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Spooler\ObjectNames
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Spooler\ObjectNames@Document 6944
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Spooler\ObjectNames@Printer 6928
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Spooler\ObjectNames@Server 6912
Reg HKLM\SYSTEM\CurrentControlSet\Services\TlntSvr@Type 16
Reg HKLM\SYSTEM\CurrentControlSet\Services\TlntSvr@Start 4
Reg HKLM\SYSTEM\CurrentControlSet\Services\TlntSvr@ErrorControl 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\TlntSvr@ImagePath C:\WINDOWS\system32\tlntsvr.exe
Reg HKLM\SYSTEM\CurrentControlSet\Services\TlntSvr@DisplayName Telnet
Reg HKLM\SYSTEM\CurrentControlSet\Services\TlntSvr@DependOnService RPCSS?TCPIP?NTLMSSP?
Reg HKLM\SYSTEM\CurrentControlSet\Services\TlntSvr@DependOnGroup
Reg HKLM\SYSTEM\CurrentControlSet\Services\TlntSvr@ObjectName LocalSystem
Reg HKLM\SYSTEM\CurrentControlSet\Services\TlntSvr@Description Umo?liwia u?ytkownikowi zdalnemu zalogowanie si? na tym komputerze i obs?uguje rozmaitych klient?w us?ugi Telnet TCP/IP, w tym komputery z systemami UNIX i Windows. Je?li ta us?uga zostanie zatrzymana, funkcja dost?pu u?ytkownik?w zdalnych do program?w mo?e sta? si? niedost?pna. Je?li ta us?uga zostanie wy??czona, wszelkie us?ugi jawnie od niej zale?ne przestan? si? uruchamia?.
Reg HKLM\SYSTEM\CurrentControlSet\Services\TlntSvr\Security
Reg HKLM\SYSTEM\CurrentControlSet\Services\TlntSvr\Security@Security 0x01 0x00 0x14 0x80 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\WmiApRpl\Performance
Reg HKLM\SYSTEM\CurrentControlSet\Services\WmiApRpl\Performance@Library C:\WINDOWS\system32\wbem\wmiaprpl.dll
Reg HKLM\SYSTEM\CurrentControlSet\Services\WmiApRpl\Performance@Open WmiOpenPerfData
Reg HKLM\SYSTEM\CurrentControlSet\Services\WmiApRpl\Performance@Collect WmiCollectPerfData
Reg HKLM\SYSTEM\CurrentControlSet\Services\WmiApRpl\Performance@Close WmiClosePerfData
Reg HKLM\SYSTEM\CurrentControlSet\Services\WmiApRpl\Performance@Last Counter 3448
Reg HKLM\SYSTEM\CurrentControlSet\Services\WmiApRpl\Performance@Last Help 3449
Reg HKLM\SYSTEM\CurrentControlSet\Services\WmiApRpl\Performance@First Counter 3424
Reg HKLM\SYSTEM\CurrentControlSet\Services\WmiApRpl\Performance@First Help 3425
Reg HKLM\SYSTEM\CurrentControlSet\Services\WmiApRpl\Performance@Object List 3424 3424 3430 3430 3442 3442
Reg HKLM\SYSTEM\ControlSet002\Control\SecurePipeServers\winreg@Description Serwer Rejestru
Reg HKLM\SYSTEM\ControlSet002\Control\SecurePipeServers\winreg\AllowedPaths (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Control\SecurePipeServers\winreg\AllowedPaths@Machine System\CurrentControlSet\Control\ProductOptions?System\CurrentControlSet\Control\Print\Printers?System\CurrentControlSet\Control\Server Applications?System\CurrentControlSet\Services\Eventlog?Software\Microsoft\OLAP Server?Software\Microsoft\Windows NT\CurrentVersion?System\CurrentControlSet\Control\ContentIndex?System\CurrentControlSet\Control\Terminal Server?System\CurrentControlSet\Control\Terminal Server\UserConfig?System\CurrentControlSet\Control\Terminal Server\DefaultUserConfiguration?
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security@DisplayNameFile %SystemRoot%\System32\els.dll
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security@DisplayNameID 257
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security@File %SystemRoot%\System32\config\SecEvent.Evt
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security@MaxSize 524288
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security@PrimaryModule Security
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security@Retention 604800
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security@Sources Spooler?ServiceModel 3.0.0.0?Security Account Manager?SC Manager?NetDDE Object?LSA?DS?Security?
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security@RestrictGuestAccess 1
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\DS (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\DS@ParameterMessageFile %SystemRoot%\System32\MsObjs.dll
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\DS\ObjectNames (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\DS\ObjectNames@Directory Service Object 7680
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\LSA (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\LSA@ParameterMessageFile %SystemRoot%\System32\MsObjs.dll
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\LSA\ObjectNames (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\LSA\ObjectNames@PolicyObject 5632
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\LSA\ObjectNames@SecretObject 5648
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\LSA\ObjectNames@TrustedDomainObject 5664
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\LSA\ObjectNames@UserAccountObject 5680
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\NetDDE Object (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\NetDDE Object@ParameterMessageFile %SystemRoot%\System32\MsObjs.dll
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\NetDDE Object\ObjectNames (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\NetDDE Object\ObjectNames@DDE Share 7424
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\SC Manager (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\SC Manager@ParameterMessageFile %SystemRoot%\System32\MsObjs.dll
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\SC Manager\ObjectNames (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\SC Manager\ObjectNames@SC_MANAGER Object 7168
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\SC Manager\ObjectNames@SERVICE Object 7184
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security@CategoryCount 9
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security@CategoryMessageFile %SystemRoot%\System32\MsAuditE.dll
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security@GuidMessageFile %SystemRoot%\System32\NtMarta.dll
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security@EventMessageFile %SystemRoot%\System32\MsAuditE.dll;%SystemRoot%\System32\xpsp2res.dll
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security@ParameterMessageFile %SystemRoot%\System32\MsObjs.dll
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security@TypesSupported 28
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security\ObjectNames (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security\ObjectNames@Channel 5120
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security\ObjectNames@Desktop 6672
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security\ObjectNames@Device 4352
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security\ObjectNames@Directory 4368
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security\ObjectNames@Event 4384
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security\ObjectNames@EventPair 4400
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security\ObjectNames@File 4416
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security\ObjectNames@IoCompletion 4864
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security\ObjectNames@Job 5136
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security\ObjectNames@Key 4432
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security\ObjectNames@MailSlot 4416
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security\ObjectNames@Mutant 4448
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security\ObjectNames@NamedPipe 4416
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security\ObjectNames@Port 4464
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security\ObjectNames@Process 4480
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security\ObjectNames@Profile 4496
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security\ObjectNames@Section 4512
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security\ObjectNames@Semaphore 4528
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security\ObjectNames@SymbolicLink 4544
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security\ObjectNames@Thread 4560
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security\ObjectNames@Timer 4576
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security\ObjectNames@Token 4592
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security\ObjectNames@Type 4608
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security\ObjectNames@WaitablePort 4464
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security\ObjectNames@WindowStation 6656
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security Account Manager (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security Account Manager@ParameterMessageFile %SystemRoot%\System32\MsObjs.dll
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security Account Manager\ObjectNames (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security Account Manager\ObjectNames@SAM_ALIAS 5424
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security Account Manager\ObjectNames@SAM_DOMAIN 5392
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security Account Manager\ObjectNames@SAM_GROUP 5408
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security Account Manager\ObjectNames@SAM_SERVER 5376
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security Account Manager\ObjectNames@SAM_USER 5440
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\ServiceModel 3.0.0.0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\ServiceModel 3.0.0.0@EventMessageFile C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll.mui
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\ServiceModel 3.0.0.0@TypesSupported 31
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\ServiceModel 3.0.0.0@ParameterMessageFile C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll.mui
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\ServiceModel 3.0.0.0@CategoryCount 3
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\ServiceModel 3.0.0.0@EventSourceFlags 1
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\ServiceModel 3.0.0.0@CategoryMessageFile %SystemRoot%\System32\MsAuditE.dll
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Spooler (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Spooler@ParameterMessageFile %SystemRoot%\System32\MsObjs.dll
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Spooler\ObjectNames (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Spooler\ObjectNames@Document 6944
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Spooler\ObjectNames@Printer 6928
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Spooler\ObjectNames@Server 6912
Reg HKLM\SYSTEM\ControlSet002\Services\TlntSvr@Type 16
Reg HKLM\SYSTEM\ControlSet002\Services\TlntSvr@Start 4
Reg HKLM\SYSTEM\ControlSet002\Services\TlntSvr@ErrorControl 1
Reg HKLM\SYSTEM\ControlSet002\Services\TlntSvr@ImagePath C:\WINDOWS\system32\tlntsvr.exe
Reg HKLM\SYSTEM\ControlSet002\Services\TlntSvr@DisplayName Telnet
Reg HKLM\SYSTEM\ControlSet002\Services\TlntSvr@DependOnService RPCSS?TCPIP?NTLMSSP?
Reg HKLM\SYSTEM\ControlSet002\Services\TlntSvr@DependOnGroup
Reg HKLM\SYSTEM\ControlSet002\Services\TlntSvr@ObjectName LocalSystem
Reg HKLM\SYSTEM\ControlSet002\Services\TlntSvr@Description Umo?liwia u?ytkownikowi zdalnemu zalogowanie si? na tym komputerze i obs?uguje rozmaitych klient?w us?ugi Telnet TCP/IP, w tym komputery z systemami UNIX i Windows. Je?li ta us?uga zostanie zatrzymana, funkcja dost?pu u?ytkownik?w zdalnych do program?w mo?e sta? si? niedost?pna. Je?li ta us?uga zostanie wy??czona, wszelkie us?ugi jawnie od niej zale?ne przestan? si? uruchamia?.
Reg HKLM\SYSTEM\ControlSet002\Services\TlntSvr\Security (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\TlntSvr\Security@Security 0x01 0x00 0x14 0x80 ...
Reg HKLM\SYSTEM\ControlSet002\Services\WmiApRpl\Performance (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\WmiApRpl\Performance@Library C:\WINDOWS\system32\wbem\wmiaprpl.dll
Reg HKLM\SYSTEM\ControlSet002\Services\WmiApRpl\Performance@Open WmiOpenPerfData
Reg HKLM\SYSTEM\ControlSet002\Services\WmiApRpl\Performance@Collect WmiCollectPerfData
Reg HKLM\SYSTEM\ControlSet002\Services\WmiApRpl\Performance@Close WmiClosePerfData
Reg HKLM\SYSTEM\ControlSet002\Services\WmiApRpl\Performance@Last Counter 3448
Reg HKLM\SYSTEM\ControlSet002\Services\WmiApRpl\Performance@Last Help 3449
Reg HKLM\SYSTEM\ControlSet002\Services\WmiApRpl\Performance@First Counter 3424
Reg HKLM\SYSTEM\ControlSet002\Services\WmiApRpl\Performance@First Help 3425
Reg HKLM\SYSTEM\ControlSet002\Services\WmiApRpl\Performance@Object List 3424 3424 3430 3430 3442 3442
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS@StateIndex 0
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Wdf@
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Wdf\Services
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Wdf\Services@
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Wdf\Services\WpdMtpDr
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Wdf\Services\WpdMtpDr@ImagePath WpdMtpDr.dll
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Wdf\Services\WpdMtpDr@WdfHostProcessGUID {63432f85-815a-4a44-be78-cbdf484acd93}
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Wdf\Services\{63432f85-815a-4a44-be78-cbdf484acd93}
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Wdf\Services\{63432f85-815a-4a44-be78-cbdf484acd93}@WdfHostProcessImagePath C:\WINDOWS\system32\uWDF.exe
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Wdf\Services\{63432f85-815a-4a44-be78-cbdf484acd93}@WdfHostProcessExitTimeout 10
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Wdf\Services\{63432f85-815a-4a44-be78-cbdf484acd93}@WdfHostProcessStartTimeout 10
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Group Policy\AppMgmt
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Group Policy\GroupMembership
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Group Policy\GroupMembership@Group0 S-1-5-21-790525478-1060284298-725345543-513
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Group Policy\GroupMembership@Group1 S-1-1-0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Group Policy\GroupMembership@Group2 S-1-5-32-544
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Group Policy\GroupMembership@Group3 S-1-5-32-545
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Group Policy\GroupMembership@Group4 S-1-5-4
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Group Policy\GroupMembership@Group5 S-1-5-11
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Group Policy\GroupMembership@Group6 S-1-2-0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Group Policy\GroupMembership@Count 7
---- Disk sectors - GMER 1.0.15 ----
Disk \Device\Harddisk0\DR0 sector 00: rootkit-like behavior
---- EOF - GMER 1.0.15 ----
Rootkit scan 2012-08-16 22:21:59
Windows 5.1.2600 Dodatek Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 rev.
Running: omuueff9.exe; Driver: C:\DOCUME~1\iwona\USTAWI~1\Temp\kxndyaow.sys
---- Kernel code sections - GMER 1.0.15 ----
? C:\DOCUME~1\iwona\USTAWI~1\Temp\kxndyaow.sys Nie można odnaleźć określonego pliku. !
---- User code sections - GMER 1.0.15 ----
.text E:\PLAY ONLINE\PLAY ONLINE.exe[368] USER32.dll!GetSysColor 7E368E78 5 Bytes JMP 00452430 E:\PLAY ONLINE\SkinMagicU.dll (SkinMagic Toolkit/Appspeed Inc.)
.text E:\PLAY ONLINE\PLAY ONLINE.exe[368] USER32.dll!GetSysColorBrush 7E368EAB 5 Bytes JMP 00452490 E:\PLAY ONLINE\SkinMagicU.dll (SkinMagic Toolkit/Appspeed Inc.)
.text E:\PLAY ONLINE\PLAY ONLINE.exe[368] USER32.dll!SetScrollInfo 7E369056 7 Bytes JMP 00452320 E:\PLAY ONLINE\SkinMagicU.dll (SkinMagic Toolkit/Appspeed Inc.)
.text E:\PLAY ONLINE\PLAY ONLINE.exe[368] USER32.dll!GetScrollInfo 7E370DA2 7 Bytes JMP 00452270 E:\PLAY ONLINE\SkinMagicU.dll (SkinMagic Toolkit/Appspeed Inc.)
.text E:\PLAY ONLINE\PLAY ONLINE.exe[368] USER32.dll!ShowScrollBar 7E37F2B3 5 Bytes JMP 004523F0 E:\PLAY ONLINE\SkinMagicU.dll (SkinMagic Toolkit/Appspeed Inc.)
.text E:\PLAY ONLINE\PLAY ONLINE.exe[368] USER32.dll!GetScrollPos 7E37F6C4 5 Bytes JMP 004522B0 E:\PLAY ONLINE\SkinMagicU.dll (SkinMagic Toolkit/Appspeed Inc.)
.text E:\PLAY ONLINE\PLAY ONLINE.exe[368] USER32.dll!SetScrollPos 7E37F710 5 Bytes JMP 00452360 E:\PLAY ONLINE\SkinMagicU.dll (SkinMagic Toolkit/Appspeed Inc.)
.text E:\PLAY ONLINE\PLAY ONLINE.exe[368] USER32.dll!GetScrollRange 7E37F747 5 Bytes JMP 004522E0 E:\PLAY ONLINE\SkinMagicU.dll (SkinMagic Toolkit/Appspeed Inc.)
.text E:\PLAY ONLINE\PLAY ONLINE.exe[368] USER32.dll!SetScrollRange 7E37F95B 5 Bytes JMP 004523A0 E:\PLAY ONLINE\SkinMagicU.dll (SkinMagic Toolkit/Appspeed Inc.)
.text E:\PLAY ONLINE\PLAY ONLINE.exe[368] USER32.dll!EnableScrollBar 7E3B7DDD 7 Bytes JMP 00452230 E:\PLAY ONLINE\SkinMagicU.dll (SkinMagic Toolkit/Appspeed Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[2432] ntdll.dll!LdrLoadDll 7C9161CA 5 Bytes JMP 0116B52A C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[2432] kernel32.dll!lstrlenW + 43 7C809A4C 7 Bytes JMP 0141B6F5 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[2432] kernel32.dll!MapViewOfFileEx + 6A 7C80B900 7 Bytes JMP 0141B6D2 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[2432] GDI32.dll!SetDIBitsToDevice + 20C 77F19A8C 7 Bytes JMP 0141B653 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
---- Processes - GMER 1.0.15 ----
Library C:\Documents and Settings\iwona\Pulpit\omuueff9.exe (*** hidden *** ) @ C:\Documents and Settings\iwona\Pulpit\omuueff9.exe [3336] 0x00400000
---- Services - GMER 1.0.15 ----
Service C:\WINDOWS\system32\tlntsvr.exe (*** hidden *** ) [DISABLED] TlntSvr <-- ROOTKIT !!!
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg@Description Serwer Rejestru
Reg HKLM\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg\AllowedPaths
Reg HKLM\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg\AllowedPaths@Machine System\CurrentControlSet\Control\ProductOptions?System\CurrentControlSet\Control\Print\Printers?System\CurrentControlSet\Control\Server Applications?System\CurrentControlSet\Services\Eventlog?Software\Microsoft\OLAP Server?Software\Microsoft\Windows NT\CurrentVersion?System\CurrentControlSet\Control\ContentIndex?System\CurrentControlSet\Control\Terminal Server?System\CurrentControlSet\Control\Terminal Server\UserConfig?System\CurrentControlSet\Control\Terminal Server\DefaultUserConfiguration?
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security@DisplayNameFile %SystemRoot%\System32\els.dll
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security@DisplayNameID 257
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security@File %SystemRoot%\System32\config\SecEvent.Evt
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security@MaxSize 524288
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security@PrimaryModule Security
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security@Retention 604800
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security@Sources Spooler?ServiceModel 3.0.0.0?Security Account Manager?SC Manager?NetDDE Object?LSA?DS?Security?
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security@RestrictGuestAccess 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\DS
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\DS@ParameterMessageFile %SystemRoot%\System32\MsObjs.dll
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\DS\ObjectNames
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\DS\ObjectNames@Directory Service Object 7680
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\LSA
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\LSA@ParameterMessageFile %SystemRoot%\System32\MsObjs.dll
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\LSA\ObjectNames
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\LSA\ObjectNames@PolicyObject 5632
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\LSA\ObjectNames@SecretObject 5648
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\LSA\ObjectNames@TrustedDomainObject 5664
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\LSA\ObjectNames@UserAccountObject 5680
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\NetDDE Object
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\NetDDE Object@ParameterMessageFile %SystemRoot%\System32\MsObjs.dll
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\NetDDE Object\ObjectNames
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\NetDDE Object\ObjectNames@DDE Share 7424
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\SC Manager
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\SC Manager@ParameterMessageFile %SystemRoot%\System32\MsObjs.dll
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\SC Manager\ObjectNames
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\SC Manager\ObjectNames@SC_MANAGER Object 7168
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\SC Manager\ObjectNames@SERVICE Object 7184
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security@CategoryCount 9
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security@CategoryMessageFile %SystemRoot%\System32\MsAuditE.dll
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security@GuidMessageFile %SystemRoot%\System32\NtMarta.dll
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security@EventMessageFile %SystemRoot%\System32\MsAuditE.dll;%SystemRoot%\System32\xpsp2res.dll
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security@ParameterMessageFile %SystemRoot%\System32\MsObjs.dll
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security@TypesSupported 28
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security\ObjectNames
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security\ObjectNames@Channel 5120
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security\ObjectNames@Desktop 6672
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security\ObjectNames@Device 4352
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security\ObjectNames@Directory 4368
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security\ObjectNames@Event 4384
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security\ObjectNames@EventPair 4400
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security\ObjectNames@File 4416
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security\ObjectNames@IoCompletion 4864
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security\ObjectNames@Job 5136
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security\ObjectNames@Key 4432
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security\ObjectNames@MailSlot 4416
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security\ObjectNames@Mutant 4448
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security\ObjectNames@NamedPipe 4416
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security\ObjectNames@Port 4464
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security\ObjectNames@Process 4480
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security\ObjectNames@Profile 4496
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security\ObjectNames@Section 4512
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security\ObjectNames@Semaphore 4528
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security\ObjectNames@SymbolicLink 4544
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security\ObjectNames@Thread 4560
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security\ObjectNames@Timer 4576
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security\ObjectNames@Token 4592
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security\ObjectNames@Type 4608
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security\ObjectNames@WaitablePort 4464
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security\ObjectNames@WindowStation 6656
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security Account Manager
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security Account Manager@ParameterMessageFile %SystemRoot%\System32\MsObjs.dll
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security Account Manager\ObjectNames
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security Account Manager\ObjectNames@SAM_ALIAS 5424
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security Account Manager\ObjectNames@SAM_DOMAIN 5392
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security Account Manager\ObjectNames@SAM_GROUP 5408
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security Account Manager\ObjectNames@SAM_SERVER 5376
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security Account Manager\ObjectNames@SAM_USER 5440
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\ServiceModel 3.0.0.0
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\ServiceModel 3.0.0.0@EventMessageFile C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll.mui
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\ServiceModel 3.0.0.0@TypesSupported 31
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\ServiceModel 3.0.0.0@ParameterMessageFile C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll.mui
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\ServiceModel 3.0.0.0@CategoryCount 3
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\ServiceModel 3.0.0.0@EventSourceFlags 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\ServiceModel 3.0.0.0@CategoryMessageFile %SystemRoot%\System32\MsAuditE.dll
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Spooler
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Spooler@ParameterMessageFile %SystemRoot%\System32\MsObjs.dll
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Spooler\ObjectNames
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Spooler\ObjectNames@Document 6944
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Spooler\ObjectNames@Printer 6928
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Spooler\ObjectNames@Server 6912
Reg HKLM\SYSTEM\CurrentControlSet\Services\TlntSvr@Type 16
Reg HKLM\SYSTEM\CurrentControlSet\Services\TlntSvr@Start 4
Reg HKLM\SYSTEM\CurrentControlSet\Services\TlntSvr@ErrorControl 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\TlntSvr@ImagePath C:\WINDOWS\system32\tlntsvr.exe
Reg HKLM\SYSTEM\CurrentControlSet\Services\TlntSvr@DisplayName Telnet
Reg HKLM\SYSTEM\CurrentControlSet\Services\TlntSvr@DependOnService RPCSS?TCPIP?NTLMSSP?
Reg HKLM\SYSTEM\CurrentControlSet\Services\TlntSvr@DependOnGroup
Reg HKLM\SYSTEM\CurrentControlSet\Services\TlntSvr@ObjectName LocalSystem
Reg HKLM\SYSTEM\CurrentControlSet\Services\TlntSvr@Description Umo?liwia u?ytkownikowi zdalnemu zalogowanie si? na tym komputerze i obs?uguje rozmaitych klient?w us?ugi Telnet TCP/IP, w tym komputery z systemami UNIX i Windows. Je?li ta us?uga zostanie zatrzymana, funkcja dost?pu u?ytkownik?w zdalnych do program?w mo?e sta? si? niedost?pna. Je?li ta us?uga zostanie wy??czona, wszelkie us?ugi jawnie od niej zale?ne przestan? si? uruchamia?.
Reg HKLM\SYSTEM\CurrentControlSet\Services\TlntSvr\Security
Reg HKLM\SYSTEM\CurrentControlSet\Services\TlntSvr\Security@Security 0x01 0x00 0x14 0x80 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\WmiApRpl\Performance
Reg HKLM\SYSTEM\CurrentControlSet\Services\WmiApRpl\Performance@Library C:\WINDOWS\system32\wbem\wmiaprpl.dll
Reg HKLM\SYSTEM\CurrentControlSet\Services\WmiApRpl\Performance@Open WmiOpenPerfData
Reg HKLM\SYSTEM\CurrentControlSet\Services\WmiApRpl\Performance@Collect WmiCollectPerfData
Reg HKLM\SYSTEM\CurrentControlSet\Services\WmiApRpl\Performance@Close WmiClosePerfData
Reg HKLM\SYSTEM\CurrentControlSet\Services\WmiApRpl\Performance@Last Counter 3448
Reg HKLM\SYSTEM\CurrentControlSet\Services\WmiApRpl\Performance@Last Help 3449
Reg HKLM\SYSTEM\CurrentControlSet\Services\WmiApRpl\Performance@First Counter 3424
Reg HKLM\SYSTEM\CurrentControlSet\Services\WmiApRpl\Performance@First Help 3425
Reg HKLM\SYSTEM\CurrentControlSet\Services\WmiApRpl\Performance@Object List 3424 3424 3430 3430 3442 3442
Reg HKLM\SYSTEM\ControlSet002\Control\SecurePipeServers\winreg@Description Serwer Rejestru
Reg HKLM\SYSTEM\ControlSet002\Control\SecurePipeServers\winreg\AllowedPaths (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Control\SecurePipeServers\winreg\AllowedPaths@Machine System\CurrentControlSet\Control\ProductOptions?System\CurrentControlSet\Control\Print\Printers?System\CurrentControlSet\Control\Server Applications?System\CurrentControlSet\Services\Eventlog?Software\Microsoft\OLAP Server?Software\Microsoft\Windows NT\CurrentVersion?System\CurrentControlSet\Control\ContentIndex?System\CurrentControlSet\Control\Terminal Server?System\CurrentControlSet\Control\Terminal Server\UserConfig?System\CurrentControlSet\Control\Terminal Server\DefaultUserConfiguration?
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security@DisplayNameFile %SystemRoot%\System32\els.dll
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security@DisplayNameID 257
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security@File %SystemRoot%\System32\config\SecEvent.Evt
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security@MaxSize 524288
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security@PrimaryModule Security
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security@Retention 604800
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security@Sources Spooler?ServiceModel 3.0.0.0?Security Account Manager?SC Manager?NetDDE Object?LSA?DS?Security?
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security@RestrictGuestAccess 1
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\DS (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\DS@ParameterMessageFile %SystemRoot%\System32\MsObjs.dll
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\DS\ObjectNames (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\DS\ObjectNames@Directory Service Object 7680
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\LSA (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\LSA@ParameterMessageFile %SystemRoot%\System32\MsObjs.dll
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\LSA\ObjectNames (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\LSA\ObjectNames@PolicyObject 5632
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\LSA\ObjectNames@SecretObject 5648
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\LSA\ObjectNames@TrustedDomainObject 5664
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\LSA\ObjectNames@UserAccountObject 5680
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\NetDDE Object (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\NetDDE Object@ParameterMessageFile %SystemRoot%\System32\MsObjs.dll
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\NetDDE Object\ObjectNames (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\NetDDE Object\ObjectNames@DDE Share 7424
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\SC Manager (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\SC Manager@ParameterMessageFile %SystemRoot%\System32\MsObjs.dll
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\SC Manager\ObjectNames (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\SC Manager\ObjectNames@SC_MANAGER Object 7168
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\SC Manager\ObjectNames@SERVICE Object 7184
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security@CategoryCount 9
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security@CategoryMessageFile %SystemRoot%\System32\MsAuditE.dll
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security@GuidMessageFile %SystemRoot%\System32\NtMarta.dll
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security@EventMessageFile %SystemRoot%\System32\MsAuditE.dll;%SystemRoot%\System32\xpsp2res.dll
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security@ParameterMessageFile %SystemRoot%\System32\MsObjs.dll
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security@TypesSupported 28
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security\ObjectNames (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security\ObjectNames@Channel 5120
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security\ObjectNames@Desktop 6672
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security\ObjectNames@Device 4352
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security\ObjectNames@Directory 4368
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security\ObjectNames@Event 4384
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security\ObjectNames@EventPair 4400
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security\ObjectNames@File 4416
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security\ObjectNames@IoCompletion 4864
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security\ObjectNames@Job 5136
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security\ObjectNames@Key 4432
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security\ObjectNames@MailSlot 4416
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security\ObjectNames@Mutant 4448
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security\ObjectNames@NamedPipe 4416
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security\ObjectNames@Port 4464
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security\ObjectNames@Process 4480
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security\ObjectNames@Profile 4496
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security\ObjectNames@Section 4512
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security\ObjectNames@Semaphore 4528
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security\ObjectNames@SymbolicLink 4544
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security\ObjectNames@Thread 4560
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security\ObjectNames@Timer 4576
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security\ObjectNames@Token 4592
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security\ObjectNames@Type 4608
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security\ObjectNames@WaitablePort 4464
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security\ObjectNames@WindowStation 6656
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security Account Manager (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security Account Manager@ParameterMessageFile %SystemRoot%\System32\MsObjs.dll
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security Account Manager\ObjectNames (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security Account Manager\ObjectNames@SAM_ALIAS 5424
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security Account Manager\ObjectNames@SAM_DOMAIN 5392
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security Account Manager\ObjectNames@SAM_GROUP 5408
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security Account Manager\ObjectNames@SAM_SERVER 5376
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Security Account Manager\ObjectNames@SAM_USER 5440
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\ServiceModel 3.0.0.0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\ServiceModel 3.0.0.0@EventMessageFile C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll.mui
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\ServiceModel 3.0.0.0@TypesSupported 31
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\ServiceModel 3.0.0.0@ParameterMessageFile C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll.mui
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\ServiceModel 3.0.0.0@CategoryCount 3
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\ServiceModel 3.0.0.0@EventSourceFlags 1
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\ServiceModel 3.0.0.0@CategoryMessageFile %SystemRoot%\System32\MsAuditE.dll
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Spooler (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Spooler@ParameterMessageFile %SystemRoot%\System32\MsObjs.dll
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Spooler\ObjectNames (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Spooler\ObjectNames@Document 6944
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Spooler\ObjectNames@Printer 6928
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Security\Spooler\ObjectNames@Server 6912
Reg HKLM\SYSTEM\ControlSet002\Services\TlntSvr@Type 16
Reg HKLM\SYSTEM\ControlSet002\Services\TlntSvr@Start 4
Reg HKLM\SYSTEM\ControlSet002\Services\TlntSvr@ErrorControl 1
Reg HKLM\SYSTEM\ControlSet002\Services\TlntSvr@ImagePath C:\WINDOWS\system32\tlntsvr.exe
Reg HKLM\SYSTEM\ControlSet002\Services\TlntSvr@DisplayName Telnet
Reg HKLM\SYSTEM\ControlSet002\Services\TlntSvr@DependOnService RPCSS?TCPIP?NTLMSSP?
Reg HKLM\SYSTEM\ControlSet002\Services\TlntSvr@DependOnGroup
Reg HKLM\SYSTEM\ControlSet002\Services\TlntSvr@ObjectName LocalSystem
Reg HKLM\SYSTEM\ControlSet002\Services\TlntSvr@Description Umo?liwia u?ytkownikowi zdalnemu zalogowanie si? na tym komputerze i obs?uguje rozmaitych klient?w us?ugi Telnet TCP/IP, w tym komputery z systemami UNIX i Windows. Je?li ta us?uga zostanie zatrzymana, funkcja dost?pu u?ytkownik?w zdalnych do program?w mo?e sta? si? niedost?pna. Je?li ta us?uga zostanie wy??czona, wszelkie us?ugi jawnie od niej zale?ne przestan? si? uruchamia?.
Reg HKLM\SYSTEM\ControlSet002\Services\TlntSvr\Security (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\TlntSvr\Security@Security 0x01 0x00 0x14 0x80 ...
Reg HKLM\SYSTEM\ControlSet002\Services\WmiApRpl\Performance (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\WmiApRpl\Performance@Library C:\WINDOWS\system32\wbem\wmiaprpl.dll
Reg HKLM\SYSTEM\ControlSet002\Services\WmiApRpl\Performance@Open WmiOpenPerfData
Reg HKLM\SYSTEM\ControlSet002\Services\WmiApRpl\Performance@Collect WmiCollectPerfData
Reg HKLM\SYSTEM\ControlSet002\Services\WmiApRpl\Performance@Close WmiClosePerfData
Reg HKLM\SYSTEM\ControlSet002\Services\WmiApRpl\Performance@Last Counter 3448
Reg HKLM\SYSTEM\ControlSet002\Services\WmiApRpl\Performance@Last Help 3449
Reg HKLM\SYSTEM\ControlSet002\Services\WmiApRpl\Performance@First Counter 3424
Reg HKLM\SYSTEM\ControlSet002\Services\WmiApRpl\Performance@First Help 3425
Reg HKLM\SYSTEM\ControlSet002\Services\WmiApRpl\Performance@Object List 3424 3424 3430 3430 3442 3442
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS@StateIndex 0
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Wdf@
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Wdf\Services
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Wdf\Services@
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Wdf\Services\WpdMtpDr
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Wdf\Services\WpdMtpDr@ImagePath WpdMtpDr.dll
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Wdf\Services\WpdMtpDr@WdfHostProcessGUID {63432f85-815a-4a44-be78-cbdf484acd93}
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Wdf\Services\{63432f85-815a-4a44-be78-cbdf484acd93}
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Wdf\Services\{63432f85-815a-4a44-be78-cbdf484acd93}@WdfHostProcessImagePath C:\WINDOWS\system32\uWDF.exe
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Wdf\Services\{63432f85-815a-4a44-be78-cbdf484acd93}@WdfHostProcessExitTimeout 10
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Wdf\Services\{63432f85-815a-4a44-be78-cbdf484acd93}@WdfHostProcessStartTimeout 10
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Group Policy\AppMgmt
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Group Policy\GroupMembership
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Group Policy\GroupMembership@Group0 S-1-5-21-790525478-1060284298-725345543-513
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Group Policy\GroupMembership@Group1 S-1-1-0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Group Policy\GroupMembership@Group2 S-1-5-32-544
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Group Policy\GroupMembership@Group3 S-1-5-32-545
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Group Policy\GroupMembership@Group4 S-1-5-4
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Group Policy\GroupMembership@Group5 S-1-5-11
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Group Policy\GroupMembership@Group6 S-1-2-0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Group Policy\GroupMembership@Count 7
---- Disk sectors - GMER 1.0.15 ----
Disk \Device\Harddisk0\DR0 sector 00: rootkit-like behavior
---- EOF - GMER 1.0.15 ----
Spoiler
OTL logfile created on: 2012-08-16 22:27:08 - Run 2
OTL by OldTimer - Version 3.2.57.0 Folder = C:\Documents and Settings\iwona\Pulpit
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
502,05 Mb Total Physical Memory | 87,59 Mb Available Physical Memory | 17,45% Memory free
1,20 Gb Paging File | 0,84 Gb Available in Paging File | 70,38% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 9,77 Gb Total Space | 4,45 Gb Free Space | 45,55% Space Free | Partition Type: NTFS
Drive D: | 19,53 Gb Total Space | 19,39 Gb Free Space | 99,27% Space Free | Partition Type: NTFS
Drive E: | 45,22 Gb Total Space | 43,96 Gb Free Space | 97,22% Space Free | Partition Type: NTFS
Drive H: | 22,19 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive I: | 3,74 Gb Total Space | 3,09 Gb Free Space | 82,76% Space Free | Partition Type: FAT32
Computer Name: IWONA-3352FB061 | User Name: iwona | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days
========== Processes (All) ==========
PRC - [2012-08-16 22:26:09 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\iwona\Pulpit\OTL.exe
PRC - [2012-08-16 20:05:24 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012-07-05 22:07:00 | 000,161,704 | ---- | M] (Oracle Corporation) -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
PRC - [2012-01-17 11:07:54 | 000,252,296 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2011-10-20 07:47:25 | 000,114,688 | ---- | M] () -- E:\PLAY ONLINE\PLAY ONLINE.exe
PRC - [2009-08-18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
PRC - [2009-08-18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
PRC - [2007-06-13 15:23:49 | 001,034,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007-04-10 15:01:48 | 000,337,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WgaTray.exe
PRC - [2005-06-11 01:53:32 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2005-01-28 14:44:28 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe
PRC - [2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2004-08-04 00:44:30 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe
PRC - [2004-08-04 00:44:30 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2004-08-04 00:44:28 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2004-08-04 00:44:28 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2004-08-04 00:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2004-08-04 00:44:20 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2004-08-04 00:44:18 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
========== Modules (All) ==========
MOD - [2012-08-16 22:26:09 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\iwona\Pulpit\OTL.exe
MOD - [2012-08-16 20:05:24 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
MOD - [2012-08-16 20:05:24 | 000,573,920 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\gkmedias.dll
MOD - [2012-08-16 20:05:24 | 000,258,528 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\freebl3.dll
MOD - [2012-08-16 20:05:24 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
MOD - [2012-08-16 20:05:23 | 002,003,424 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012-08-16 20:05:23 | 000,829,920 | ---- | M] (sqlite.org) -- C:\Program Files\Mozilla Firefox\mozsqlite3.dll
MOD - [2012-08-16 20:05:23 | 000,770,384 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\msvcr100.dll
MOD - [2012-08-16 20:05:23 | 000,638,432 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nss3.dll
MOD - [2012-08-16 20:05:23 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\msvcp100.dll
MOD - [2012-08-16 20:05:23 | 000,170,976 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nspr4.dll
MOD - [2012-08-16 20:05:23 | 000,068,576 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\mozglue.dll
MOD - [2012-08-16 20:05:23 | 000,015,840 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\mozalloc.dll
MOD - [2012-08-16 20:05:22 | 000,358,368 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nssckbi.dll
MOD - [2012-08-16 20:05:22 | 000,095,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nssdbm3.dll
MOD - [2012-08-16 20:05:22 | 000,092,640 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nssutil3.dll
MOD - [2012-08-16 20:05:20 | 016,060,384 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\xul.dll
MOD - [2012-08-16 20:05:20 | 000,155,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\softokn3.dll
MOD - [2012-08-16 20:05:20 | 000,145,376 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\ssl3.dll
MOD - [2012-08-16 20:05:20 | 000,091,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\smime3.dll
MOD - [2012-08-16 20:05:20 | 000,021,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\plc4.dll
MOD - [2012-08-16 20:05:20 | 000,020,960 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\plds4.dll
MOD - [2012-08-16 20:05:20 | 000,019,424 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\xpcom.dll
MOD - [2012-07-05 22:07:08 | 000,770,384 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\msvcr100.dll
MOD - [2012-07-05 22:07:00 | 000,161,704 | ---- | M] (Oracle Corporation) -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
MOD - [2012-01-17 11:07:54 | 000,252,296 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
MOD - [2011-10-20 07:47:25 | 000,114,688 | ---- | M] () -- E:\PLAY ONLINE\PLAY ONLINE.exe
MOD - [2010-09-22 18:12:42 | 000,378,264 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll
MOD - [2010-06-14 22:19:04 | 000,264,552 | ---- | M] (Hewlett-Packard Co.) -- C:\WINDOWS\system32\hpinksts8911LM.dll
MOD - [2009-08-18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
MOD - [2009-08-18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
MOD - [2009-08-18 11:24:10 | 000,134,144 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
MOD - [2009-07-12 01:12:06 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
MOD - [2009-02-27 20:04:20 | 000,311,296 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.POL
MOD - [2009-01-26 16:31:02 | 001,879,896 | ---- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
MOD - [2008-07-25 11:17:02 | 000,088,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll
MOD - [2008-07-25 11:17:02 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netfxperf.dll
MOD - [2008-07-25 11:17:00 | 000,089,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
MOD - [2008-07-25 11:16:58 | 005,815,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
MOD - [2008-07-25 11:16:58 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mscoree.dll
MOD - [2008-07-25 11:16:40 | 000,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
MOD - [2008-07-06 14:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
MOD - [2008-05-23 12:25:44 | 000,040,960 | ---- | M] () -- E:\PLAY ONLINE\DeviceOperate.dll
MOD - [2008-05-23 12:25:38 | 000,147,456 | ---- | M] () -- E:\PLAY ONLINE\DetectDev.dll
MOD - [2008-05-23 12:25:28 | 000,524,288 | ---- | M] () -- E:\PLAY ONLINE\atcomm.dll
MOD - [2008-05-23 12:24:38 | 000,061,440 | ---- | M] () -- E:\PLAY ONLINE\XCodec.dll
MOD - [2008-05-21 15:58:18 | 000,135,168 | ---- | M] (TODO: <公司名>) -- E:\PLAY ONLINE\StatusBarMgrPlugin.dll
MOD - [2008-05-21 15:58:14 | 000,294,912 | ---- | M] (TODO: <公司名>) -- E:\PLAY ONLINE\XFramePlugin.dll
MOD - [2008-05-21 15:58:10 | 000,114,688 | ---- | M] () -- E:\PLAY ONLINE\NetInfoPlugin.dll
MOD - [2008-05-21 15:58:08 | 000,057,344 | ---- | M] (TODO: <公司名>) -- E:\PLAY ONLINE\NDISPlugin.dll
MOD - [2008-05-21 12:48:12 | 000,139,264 | ---- | M] () -- E:\PLAY ONLINE\LocaleMgrPlugin.dll
MOD - [2008-05-21 12:48:04 | 000,061,440 | ---- | M] (TODO: <公司名>) -- E:\PLAY ONLINE\ToolBarMgrPlugin.dll
MOD - [2008-05-21 12:47:42 | 000,057,344 | ---- | M] (TODO: <公司名>) -- E:\PLAY ONLINE\MenuMgrPlugin.dll
MOD - [2008-05-21 12:47:32 | 000,159,744 | ---- | M] () -- E:\PLAY ONLINE\SMSPlugin.dll
MOD - [2008-05-21 12:47:12 | 000,069,632 | ---- | M] (TODO: <公司名>) -- E:\PLAY ONLINE\LayoutPlugin.dll
MOD - [2008-05-21 12:46:38 | 000,032,768 | ---- | M] () -- E:\PLAY ONLINE\NotifyServicePlugin.dll
MOD - [2008-05-21 12:45:46 | 000,237,568 | ---- | M] (TODO: <公司名>) -- E:\PLAY ONLINE\SMSUIPlugin.dll
MOD - [2008-05-21 12:44:42 | 000,010,752 | ---- | M] (TODO: <公司名>) -- E:\PLAY ONLINE\TracePlugin.dll
MOD - [2008-05-21 12:44:36 | 000,057,344 | ---- | M] () -- E:\PLAY ONLINE\ConfigFilePlugin.dll
MOD - [2008-05-21 12:44:28 | 000,274,432 | ---- | M] (TODO: <公司名>) -- E:\PLAY ONLINE\NetConnectPlugin.dll
MOD - [2008-05-21 12:43:30 | 000,098,304 | ---- | M] () -- E:\PLAY ONLINE\DeviceMgrPlugin.dll
MOD - [2008-05-21 12:43:14 | 000,147,456 | ---- | M] (Huawei Technologies) -- E:\PLAY ONLINE\AddrBookPlugin.dll
MOD - [2008-05-21 12:39:04 | 000,086,016 | ---- | M] () -- E:\PLAY ONLINE\DialUpPlugin.dll
MOD - [2008-05-21 12:37:34 | 000,155,648 | ---- | M] () -- E:\PLAY ONLINE\DeviceMgrUIPlugin.dll
MOD - [2008-05-21 12:36:24 | 000,118,784 | ---- | M] (TODO: ) -- E:\PLAY ONLINE\NetInfoUIExPlugin.dll
MOD - [2008-05-21 12:35:20 | 000,094,208 | ---- | M] (TODO: <公司名>) -- E:\PLAY ONLINE\DialupUIPlugin.dll
MOD - [2008-05-21 12:31:42 | 000,086,016 | ---- | M] (TODO: <公司名>) -- E:\PLAY ONLINE\Container.dll
MOD - [2008-05-21 12:31:20 | 000,651,264 | ---- | M] () -- E:\PLAY ONLINE\NDISAPI.dll
MOD - [2008-04-29 17:27:22 | 000,090,112 | ---- | M] () -- E:\PLAY ONLINE\FileManager.dll
MOD - [2008-04-29 17:27:20 | 000,446,464 | ---- | M] (TODO: <公司名>) -- E:\PLAY ONLINE\SkinMagicExU.dll
MOD - [2008-04-29 17:27:16 | 000,720,896 | ---- | M] (Appspeed Inc.) -- E:\PLAY ONLINE\SkinMagicU.dll
MOD - [2008-04-29 17:27:14 | 000,014,848 | ---- | M] () -- E:\PLAY ONLINE\isaputrace.dll
MOD - [2008-02-20 08:51:41 | 000,282,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-02-20 07:38:07 | 000,148,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dnsapi.dll
MOD - [2008-02-16 11:05:15 | 001,494,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shdocvw.dll
MOD - [2008-02-16 11:05:15 | 000,662,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wininet.dll
MOD - [2008-02-16 11:05:15 | 000,616,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\urlmon.dll
MOD - [2008-02-16 11:05:15 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2008-02-16 11:05:11 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\jsproxy.dll
MOD - [2008-02-16 11:05:10 | 001,023,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browseui.dll
MOD - [2007-12-04 20:42:02 | 000,550,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2007-11-07 11:29:33 | 000,723,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsasrv.dll
MOD - [2007-10-25 18:57:22 | 008,483,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2007-10-20 07:01:32 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wmasf.dll
MOD - [2007-07-30 20:19:42 | 001,712,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuaueng.dll
MOD - [2007-07-09 15:11:53 | 000,584,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2007-06-13 15:23:49 | 001,034,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
MOD - [2007-04-25 16:23:30 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schannel.dll
MOD - [2007-04-18 18:14:32 | 002,854,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msi.dll
MOD - [2007-04-16 17:54:44 | 001,013,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2007-04-10 15:01:48 | 000,337,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WgaTray.exe
MOD - [2007-04-10 15:01:04 | 000,236,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WgaLogon.dll
MOD - [2007-03-08 17:38:47 | 000,579,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2006-12-28 05:34:14 | 000,499,712 | ---- | M] (Microsoft Corporation) -- E:\PLAY ONLINE\msvcp71.dll
MOD - [2006-12-28 05:34:12 | 001,047,552 | ---- | M] (Microsoft Corporation) -- E:\PLAY ONLINE\MFC71u.dll
MOD - [2006-12-28 05:34:10 | 000,348,160 | ---- | M] (Microsoft Corporation) -- E:\PLAY ONLINE\msvcr71.dll
MOD - [2006-12-19 23:51:04 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shsvcs.dll
MOD - [2006-12-19 20:18:25 | 000,334,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wiaservc.dll
MOD - [2006-12-07 07:29:34 | 002,374,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wmvcore.dll
MOD - [2006-10-20 03:39:31 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sxs.dll
MOD - [2006-10-14 10:13:25 | 000,981,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42u.dll
MOD - [2006-08-25 17:51:15 | 000,617,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comctl32.dll
MOD - [2006-08-25 17:51:13 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
MOD - [2006-08-17 14:30:06 | 000,332,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netapi32.dll
MOD - [2006-08-17 14:30:06 | 000,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wkssvc.dll
MOD - [2006-06-26 19:45:40 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasadhlp.dll
MOD - [2006-06-22 12:54:46 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasmans.dll
MOD - [2006-06-22 07:18:14 | 001,439,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\query.dll
MOD - [2006-05-19 15:26:53 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dhcpcsvc.dll
MOD - [2006-05-19 15:26:53 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iphlpapi.dll
MOD - [2006-03-01 21:44:19 | 000,426,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msdtcprx.dll
MOD - [2006-03-01 21:44:19 | 000,161,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msdtcuiu.dll
MOD - [2006-03-01 21:44:19 | 000,091,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mtxoci.dll
MOD - [2006-03-01 21:44:19 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mtxclu.dll
MOD - [2005-10-21 00:30:53 | 001,092,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\esent.dll
MOD - [2005-10-17 23:21:40 | 000,118,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\t2embed.dll
MOD - [2005-09-01 04:28:38 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\linkinfo.dll
MOD - [2005-08-23 05:40:06 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\umpnpmgr.dll
MOD - [2005-08-22 20:36:16 | 000,197,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netman.dll
MOD - [2005-07-26 06:42:36 | 001,284,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2005-07-26 06:42:36 | 000,397,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcss.dll
MOD - [2005-07-26 06:42:34 | 001,267,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comsvcs.dll
MOD - [2005-07-26 06:42:34 | 000,243,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\es.dll
MOD - [2005-07-26 06:42:33 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2005-07-26 06:42:33 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\colbact.dll
MOD - [2005-07-08 18:29:17 | 000,249,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapisrv.dll
MOD - [2005-06-29 03:52:57 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mscms.dll
MOD - [2005-06-15 19:51:00 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kerberos.dll
MOD - [2005-06-11 01:53:32 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
MOD - [2005-03-02 20:18:38 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\authz.dll
MOD - [2004-12-07 21:34:12 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srvsvc.dll
MOD - [2004-08-04 01:44:32 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdmaud.drv
MOD - [2004-08-04 01:44:00 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hidserv.dll
MOD - [2004-08-04 00:54:52 | 000,359,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsvc.dll
MOD - [2004-08-04 00:54:52 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsapi.dll
MOD - [2004-08-04 00:54:52 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cnbjmon.dll
MOD - [2004-08-04 00:54:52 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hid.dll
MOD - [2004-08-04 00:54:52 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pjlmon.dll
MOD - [2004-08-04 00:44:32 | 000,266,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\h323.tsp
MOD - [2004-08-04 00:44:32 | 000,207,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\unimdm.tsp
MOD - [2004-08-04 00:44:32 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2004-08-04 00:44:32 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ndptsp.tsp
MOD - [2004-08-04 00:44:32 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kmddsp.tsp
MOD - [2004-08-04 00:44:32 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hidphone.tsp
MOD - [2004-08-04 00:44:32 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipconf.tsp
MOD - [2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
MOD - [2004-08-04 00:44:30 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe
MOD - [2004-08-04 00:44:30 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
MOD - [2004-08-04 00:44:28 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
MOD - [2004-08-04 00:44:28 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
MOD - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe
MOD - [2004-08-04 00:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
MOD - [2004-08-04 00:44:16 | 000,437,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvsd.dll
MOD - [2004-08-04 00:44:16 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winhttp.dll
MOD - [2004-08-04 00:44:16 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winmm.dll
MOD - [2004-08-04 00:44:16 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wintrust.dll
MOD - [2004-08-04 00:44:16 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll
MOD - [2004-08-04 00:44:16 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmisvc.dll
MOD - [2004-08-04 00:44:16 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprov.dll
MOD - [2004-08-04 00:44:16 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32spl.dll
MOD - [2004-08-04 00:44:16 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winscard.dll
MOD - [2004-08-04 00:44:16 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiutils.dll
MOD - [2004-08-04 00:44:16 | 000,093,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wlnotify.dll
MOD - [2004-08-04 00:44:16 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiaprpl.dll
MOD - [2004-08-04 00:44:16 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2_32.dll
MOD - [2004-08-04 00:44:16 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscsvc.dll
MOD - [2004-08-04 00:44:16 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winsta.dll
MOD - [2004-08-04 00:44:16 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winipsec.dll
MOD - [2004-08-04 00:44:16 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wsock32.dll
MOD - [2004-08-04 00:44:16 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wshtcpip.dll
MOD - [2004-08-04 00:44:16 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2help.dll
MOD - [2004-08-04 00:44:16 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wtsapi32.dll
MOD - [2004-08-04 00:44:16 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winrnr.dll
MOD - [2004-08-04 00:44:16 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauserv.dll
MOD - [2004-08-04 00:44:14 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2004-08-04 00:44:14 | 000,530,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemcore.dll
MOD - [2004-08-04 00:44:14 | 000,430,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\vssapi.dll
MOD - [2004-08-04 00:44:14 | 000,406,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usp10.dll
MOD - [2004-08-04 00:44:14 | 000,388,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\themeui.dll
MOD - [2004-08-04 00:44:14 | 000,296,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\termsrv.dll
MOD - [2004-08-04 00:44:14 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\webcheck.dll
MOD - [2004-08-04 00:44:14 | 000,273,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemess.dll
MOD - [2004-08-04 00:44:14 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2004-08-04 00:44:14 | 000,214,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemcomn.dll
MOD - [2004-08-04 00:44:14 | 000,182,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapi32.dll
MOD - [2004-08-04 00:44:14 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\w32time.dll
MOD - [2004-08-04 00:44:14 | 000,132,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\upnp.dll
MOD - [2004-08-04 00:44:14 | 000,090,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\trkwks.dll
MOD - [2004-08-04 00:44:14 | 000,078,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\unimdmat.dll
MOD - [2004-08-04 00:44:14 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdigest.dll
MOD - [2004-08-04 00:44:14 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tcpmon.dll
MOD - [2004-08-04 00:44:14 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemsvc.dll
MOD - [2004-08-04 00:44:14 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemprox.dll
MOD - [2004-08-04 00:44:14 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2004-08-04 00:44:14 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usbmon.dll
MOD - [2004-08-04 00:44:14 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uniplat.dll
MOD - [2004-08-04 00:44:12 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srsvc.dll
MOD - [2004-08-04 00:44:12 | 000,153,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shmedia.dll
MOD - [2004-08-04 00:44:12 | 000,122,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\stobject.dll
MOD - [2004-08-04 00:44:12 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolss.dll
MOD - [2004-08-04 00:44:12 | 000,068,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sti.dll
MOD - [2004-08-04 00:44:12 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2004-08-04 00:44:12 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shimeng.dll
MOD - [2004-08-04 00:44:12 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ssdpapi.dll
MOD - [2004-08-04 00:44:10 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2004-08-04 00:44:10 | 000,675,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasdlg.dll
MOD - [2004-08-04 00:44:10 | 000,427,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samsrv.dll
MOD - [2004-08-04 00:44:10 | 000,324,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scesrv.dll
MOD - [2004-08-04 00:44:10 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasapi32.dll
MOD - [2004-08-04 00:44:10 | 000,206,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasppp.dll
MOD - [2004-08-04 00:44:10 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schedsvc.dll
MOD - [2004-08-04 00:44:10 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scecli.dll
MOD - [2004-08-04 00:44:10 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\repdrvfs.dll
MOD - [2004-08-04 00:44:10 | 000,140,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc_os.dll
MOD - [2004-08-04 00:44:10 | 000,112,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rastls.dll
MOD - [2004-08-04 00:44:10 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psbase.dll
MOD - [2004-08-04 00:44:10 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\raschap.dll
MOD - [2004-08-04 00:44:10 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll
MOD - [2004-08-04 00:44:10 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasman.dll
MOD - [2004-08-04 00:44:10 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\resutils.dll
MOD - [2004-08-04 00:44:10 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rastapi.dll
MOD - [2004-08-04 00:44:10 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2004-08-04 00:44:10 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\regapi.dll
MOD - [2004-08-04 00:44:10 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rtutils.dll
MOD - [2004-08-04 00:44:10 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sens.dll
MOD - [2004-08-04 00:44:10 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pstorsvc.dll
MOD - [2004-08-04 00:44:10 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\profmap.dll
MOD - [2004-08-04 00:44:10 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2004-08-04 00:44:10 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\seclogon.dll
MOD - [2004-08-04 00:44:10 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\powrprof.dll
MOD - [2004-08-04 00:44:10 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sensapi.dll
MOD - [2004-08-04 00:44:10 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc.dll
MOD - [2004-08-04 00:44:08 | 001,714,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netshell.dll
MOD - [2004-08-04 00:44:08 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netcfgx.dll
MOD - [2004-08-04 00:44:08 | 000,407,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netlogon.dll
MOD - [2004-08-04 00:44:08 | 000,285,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pdh.dll
MOD - [2004-08-04 00:44:08 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oakley.dll
MOD - [2004-08-04 00:44:08 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbc32.dll
MOD - [2004-08-04 00:44:08 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui1.dll
MOD - [2004-08-04 00:44:08 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntshrui.dll
MOD - [2004-08-04 00:44:08 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll
MOD - [2004-08-04 00:44:08 | 000,091,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mydocs.dll
MOD - [2004-08-04 00:44:08 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2004-08-04 00:44:08 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui0.dll
MOD - [2004-08-04 00:44:08 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdsapi.dll
MOD - [2004-08-04 00:44:08 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\ncprov.dll
MOD - [2004-08-04 00:44:08 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlanman.dll
MOD - [2004-08-04 00:44:08 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfctrs.dll
MOD - [2004-08-04 00:44:08 | 000,038,912 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
MOD - [2004-08-04 00:44:08 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ncobjapi.dll
MOD - [2004-08-04 00:44:08 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfproc.dll
MOD - [2004-08-04 00:44:08 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfdisk.dll
MOD - [2004-08-04 00:44:08 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfos.dll
MOD - [2004-08-04 00:44:08 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcbcp.dll
MOD - [2004-08-04 00:44:08 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\nddeapi.dll
MOD - [2004-08-04 00:44:08 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netrap.dll
MOD - [2004-08-04 00:44:08 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlsapi.dll
MOD - [2004-08-04 00:44:06 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msgina.dll
MOD - [2004-08-04 00:44:06 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll
MOD - [2004-08-04 00:44:06 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2004-08-04 00:44:06 | 000,246,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mswsock.dll
MOD - [2004-08-04 00:44:06 | 000,195,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msutb.dll
MOD - [2004-08-04 00:44:06 | 000,129,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msv1_0.dll
MOD - [2004-08-04 00:44:06 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvfw32.dll
MOD - [2004-08-04 00:44:06 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mstlsapi.dll
MOD - [2004-08-04 00:44:06 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mspatcha.dll
MOD - [2004-08-04 00:44:06 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msidle.dll
MOD - [2004-08-04 00:44:06 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msimg32.dll
MOD - [2004-08-04 00:44:04 | 000,586,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mlang.dll
MOD - [2004-08-04 00:44:04 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll
MOD - [2004-08-04 00:44:04 | 000,155,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\modemui.dll
MOD - [2004-08-04 00:44:04 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mprapi.dll
MOD - [2004-08-04 00:44:04 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.dll
MOD - [2004-08-04 00:44:04 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mpr.dll
MOD - [2004-08-04 00:44:04 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msasn1.dll
MOD - [2004-08-04 00:44:02 | 000,343,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\localspl.dll
MOD - [2004-08-04 00:44:02 | 000,331,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipnathlp.dll
MOD - [2004-08-04 00:44:02 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipsecsvc.dll
MOD - [2004-08-04 00:44:02 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\loadperf.dll
MOD - [2004-08-04 00:44:02 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetpp.dll
MOD - [2004-08-04 00:44:02 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\midimap.dll
MOD - [2004-08-04 00:44:00 | 000,346,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hnetcfg.dll
MOD - [2004-08-04 00:44:00 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imagehlp.dll
MOD - [2004-08-04 00:44:00 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2004-08-04 00:44:00 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\icaapi.dll
MOD - [2004-08-04 00:43:58 | 000,472,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\fastprox.dll
MOD - [2004-08-04 00:43:58 | 000,304,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\duser.dll
MOD - [2004-08-04 00:43:58 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\esscli.dll
MOD - [2004-08-04 00:43:58 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2004-08-04 00:43:58 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\faultrep.dll
MOD - [2004-08-04 00:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eventlog.dll
MOD - [2004-08-04 00:43:58 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ersvc.dll
MOD - [2004-08-04 00:43:58 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\feclient.dll
MOD - [2004-08-04 00:43:56 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2004-08-04 00:43:56 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dbghelp.dll
MOD - [2004-08-04 00:43:56 | 000,601,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\crypt32.dll
MOD - [2004-08-04 00:43:56 | 000,520,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptui.dll
MOD - [2004-08-04 00:43:56 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscui.dll
MOD - [2004-08-04 00:43:56 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2004-08-04 00:43:56 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\credui.dll
MOD - [2004-08-04 00:43:56 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscdll.dll
MOD - [2004-08-04 00:43:56 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptnet.dll
MOD - [2004-08-04 00:43:56 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptsvc.dll
MOD - [2004-08-04 00:43:56 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptdll.dll
MOD - [2004-08-04 00:43:56 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\davclnt.dll
MOD - [2004-08-04 00:43:56 | 000,024,064 | ---- | M] (Microsoft Corp.) -- C:\WINDOWS\system32\dmserver.dll
MOD - [2004-08-04 00:43:56 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drprov.dll
MOD - [2004-08-04 00:43:56 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dciman32.dll
MOD - [2004-08-04 00:43:54 | 000,197,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\certcli.dll
MOD - [2004-08-04 00:43:54 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll
MOD - [2004-08-04 00:43:54 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\avifil32.dll
MOD - [2004-08-04 00:43:54 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browser.dll
MOD - [2004-08-04 00:43:54 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cabinet.dll
MOD - [2004-08-04 00:43:54 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\atl.dll
MOD - [2004-08-04 00:43:54 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clusapi.dll
MOD - [2004-08-04 00:43:54 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\audiosrv.dll
MOD - [2004-08-04 00:43:54 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\batmeter.dll
MOD - [2004-08-04 00:43:52 | 001,852,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\AcGenral.dll
MOD - [2004-08-04 00:43:52 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2004-08-04 00:43:52 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\activeds.dll
MOD - [2004-08-04 00:43:52 | 000,143,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\adsldpc.dll
MOD - [2004-08-04 00:43:52 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\actxprxy.dll
MOD - [2004-08-04 00:43:48 | 000,716,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2004-08-04 00:43:42 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapres.dll
MOD - [2004-08-04 00:43:42 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wmi.dll
MOD - [2004-08-04 00:43:30 | 002,953,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\xpsp2res.dll
MOD - [2004-08-04 00:43:14 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcint.dll
MOD - [2004-08-04 00:43:08 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msprivs.dll
MOD - [2004-08-04 00:42:42 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cfgmgr32.dll
MOD - [2004-08-04 00:42:40 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browselc.dll
MOD - [2004-08-04 00:42:34 | 001,712,128 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\GdiPlus.dll
MOD - [2004-08-03 23:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2004-08-03 22:31:44 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsaenh.dll
MOD - [2004-08-03 22:31:44 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dssenh.dll
MOD - [2003-09-20 11:09:48 | 001,118,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\msxml3.dll
MOD - [2001-10-26 21:30:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.drv
MOD - [2001-10-26 21:29:44 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\traffic.dll
MOD - [2001-10-26 21:29:44 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\utildll.dll
MOD - [2001-10-26 21:29:44 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapiperf.dll
MOD - [2001-10-26 21:29:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfnet.dll
MOD - [2001-10-26 21:29:40 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfts.dll
MOD - [2001-10-26 21:29:40 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pschdprf.dll
MOD - [2001-10-26 21:29:40 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsvpperf.dll
MOD - [2001-10-26 21:28:30 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42loc.dll
MOD - [2001-10-26 21:27:00 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lz32.dll
========== Win32 Services (All) ==========
SRV - [2012-08-16 20:05:23 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-08-15 20:33:50 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-07-05 22:07:00 | 000,161,704 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009-08-18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2008-07-29 21:10:04 | 000,046,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2008-07-29 19:24:50 | 000,881,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2008-07-29 19:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008-07-25 11:17:02 | 000,069,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008-07-25 11:16:40 | 000,034,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state)
SRV - [2008-02-20 07:38:07 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dnsrslvr.dll -- (Dnscache)
SRV - [2007-02-05 22:19:48 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\upnphost.dll -- (upnphost)
SRV - [2007-02-02 02:09:48 | 001,204,416 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI.SP1\RpcSandraSrv.exe -- (SandraTheSrv)
SRV - [2007-02-02 02:06:46 | 000,118,784 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI.SP1\Win32\RpcDataSrv.exe -- (SandraDataSrv)
SRV - [2006-12-19 23:51:04 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (Themes)
SRV - [2006-12-19 23:51:04 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (ShellHWDetection)
SRV - [2006-12-19 23:51:04 | 000,135,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (FastUserSwitchingCompatibility)
SRV - [2006-12-19 20:18:25 | 000,334,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc)
SRV - [2006-08-17 14:30:06 | 000,132,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wkssvc.dll -- (lanmanworkstation)
SRV - [2006-06-22 12:54:46 | 000,181,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\rasmans.dll -- (RasMan)
SRV - [2006-05-19 15:26:53 | 000,111,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dhcpcsvc.dll -- (Dhcp)
SRV - [2006-01-04 05:36:30 | 000,068,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\webclnt.dll -- (WebClient)
SRV - [2005-11-14 02:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2005-08-22 20:36:16 | 000,197,632 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\netman.dll -- (Netman)
SRV - [2005-07-26 06:42:36 | 000,397,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (RpcSs)
SRV - [2005-07-26 06:42:36 | 000,397,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (DcomLaunch)
SRV - [2005-07-26 06:42:34 | 000,243,200 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\es.dll -- (EventSystem)
SRV - [2005-07-08 18:29:17 | 000,249,344 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\tapisrv.dll -- (TapiSrv)
SRV - [2005-06-11 01:53:32 | 000,057,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler)
SRV - [2005-05-04 15:45:36 | 000,078,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\msiexec.exe -- (MSIServer)
SRV - [2005-01-28 14:44:28 | 000,038,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wdfmgr.exe -- (UMWdf)
SRV - [2005-01-28 14:44:28 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\MsPMSNSv.dll -- (WmdmPmSN)
SRV - [2004-12-07 21:34:12 | 000,096,768 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srvsvc.dll -- (lanmanserver)
SRV - [2004-08-04 01:44:00 | 000,021,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\hidserv.dll -- (HidServ)
SRV - [2004-08-04 00:54:52 | 000,359,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wzcsvc.dll -- (WZCSVC)
SRV - [2004-08-04 00:44:30 | 000,291,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\vssvc.exe -- (VSS)
SRV - [2004-08-04 00:44:30 | 000,126,464 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\wbem\wmiapsrv.exe -- (WmiApSrv)
SRV - [2004-08-04 00:44:30 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ups.exe -- (UPS)
SRV - [2004-08-04 00:44:28 | 000,141,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\sessmgr.exe -- (RDSessMgr)
SRV - [2004-08-04 00:44:28 | 000,108,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (PlugPlay)
SRV - [2004-08-04 00:44:28 | 000,108,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (Eventlog)
SRV - [2004-08-04 00:44:28 | 000,098,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\scardsvr.exe -- (SCardSvr)
SRV - [2004-08-04 00:44:28 | 000,091,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\smlogsvc.exe -- (SysmonLog)
SRV - [2004-08-04 00:44:28 | 000,075,264 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\tlntsvr.exe -- (TlntSvr)
SRV - [2004-08-04 00:44:26 | 000,114,688 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDEdsdm)
SRV - [2004-08-04 00:44:26 | 000,114,688 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDE)
SRV - [2004-08-04 00:44:24 | 000,006,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\msdtc.exe -- (MSDTC)
SRV - [2004-08-04 00:44:22 | 000,150,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\imapi.exe -- (ImapiService)
SRV - [2004-08-04 00:44:22 | 000,075,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\locator.exe -- (RpcLocator)
SRV - [2004-08-04 00:44:22 | 000,032,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\mnmsrvc.exe -- (mnmsrvc)
SRV - [2004-08-04 00:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (SamSs)
SRV - [2004-08-04 00:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (ProtectedStorage)
SRV - [2004-08-04 00:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (PolicyAgent)
SRV - [2004-08-04 00:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (NtLmSsp)
SRV - [2004-08-04 00:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (Netlogon)
SRV - [2004-08-04 00:44:20 | 000,225,280 | ---- | M] (Microsoft Corp., Veritas Software) [On_Demand | Stopped] -- C:\WINDOWS\System32\dmadmin.exe -- (dmadmin)
SRV - [2004-08-04 00:44:20 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (SwPrv)
SRV - [2004-08-04 00:44:20 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (COMSysApp)
SRV - [2004-08-04 00:44:18 | 000,129,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\xmlprov.dll -- (xmlprov)
SRV - [2004-08-04 00:44:18 | 000,044,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\alg.exe -- (ALG)
SRV - [2004-08-04 00:44:18 | 000,033,280 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\clipsrv.exe -- (ClipSrv)
SRV - [2004-08-04 00:44:18 | 000,005,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\cisvc.exe -- (CiSvc)
SRV - [2004-08-04 00:44:16 | 000,145,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt)
SRV - [2004-08-04 00:44:16 | 000,081,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wscsvc.dll -- (wscsvc)
SRV - [2004-08-04 00:44:16 | 000,006,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - [2004-08-04 00:44:14 | 000,296,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\termsrv.dll -- (TermService)
SRV - [2004-08-04 00:44:14 | 000,175,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\w32time.dll -- (W32Time)
SRV - [2004-08-04 00:44:14 | 000,090,624 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\trkwks.dll -- (TrkWks)
SRV - [2004-08-04 00:44:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\w3ssl.dll -- (HTTPFilter)
SRV - [2004-08-04 00:44:12 | 000,171,008 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srsvc.dll -- (srservice)
SRV - [2004-08-04 00:44:12 | 000,071,680 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\ssdpsrv.dll -- (SSDPSRV)
SRV - [2004-08-04 00:44:10 | 000,382,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\qmgr.dll -- (BITS)
SRV - [2004-08-04 00:44:10 | 000,192,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\schedsvc.dll -- (Schedule)
SRV - [2004-08-04 00:44:10 | 000,089,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rasauto.dll -- (RasAuto)
SRV - [2004-08-04 00:44:10 | 000,059,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\regsvc.dll -- (RemoteRegistry)
SRV - [2004-08-04 00:44:10 | 000,038,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\sens.dll -- (SENS)
SRV - [2004-08-04 00:44:10 | 000,018,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon)
SRV - [2004-08-04 00:44:08 | 000,435,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc)
SRV - [2004-08-04 00:44:08 | 000,038,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc)
SRV - [2004-08-04 00:44:06 | 000,246,784 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\mswsock.dll -- (Nla)
SRV - [2004-08-04 00:44:06 | 000,033,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\msgsvc.dll -- (Messenger)
SRV - [2004-08-04 00:44:02 | 000,331,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ipnathlp.dll -- (SharedAccess)
SRV - [2004-08-04 00:44:02 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lmhsvc.dll -- (LmHosts)
SRV - [2004-08-04 00:43:58 | 000,023,040 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ersvc.dll -- (ERSvc)
SRV - [2004-08-04 00:43:56 | 000,060,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc)
SRV - [2004-08-04 00:43:56 | 000,024,064 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\WINDOWS\system32\dmserver.dll -- (dmserver)
SRV - [2004-08-04 00:43:54 | 000,172,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\appmgmts.dll -- (AppMgmt)
SRV - [2004-08-04 00:43:54 | 000,077,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\browser.dll -- (Browser)
SRV - [2004-08-04 00:43:54 | 000,042,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\audiosrv.dll -- (AudioSrv)
SRV - [2004-08-04 00:43:54 | 000,017,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter)
SRV - [2004-08-04 00:43:52 | 000,686,080 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\advapi32.dll -- (Wmi)
SRV - [2001-10-26 21:30:02 | 000,132,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rsvp.exe -- (RSVP)
SRV - [2001-10-26 21:29:36 | 000,049,152 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\mprdim.dll -- (RemoteAccess)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\DOCUME~1\iwona\USTAWI~1\Temp\kxndyaow.sys -- (kxndyaow)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2010-07-04 21:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2009-12-30 12:20:54 | 000,027,064 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\revoflt.sys -- (Revoflt)
DRV - [2009-09-10 14:55:52 | 000,102,528 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009-07-24 18:33:24 | 000,100,736 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbdev.sys -- (hwusbdev)
DRV - [2009-02-27 16:39:18 | 000,007,552 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewfiltertdidriver.sys -- (filtertdidriver)
DRV - [2008-10-09 15:42:42 | 000,017,408 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV - [2006-11-30 16:14:14 | 000,086,432 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se45obex.sys -- (se45obex)
DRV - [2006-11-30 16:13:56 | 000,061,536 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se45bus.sys -- (se45bus)
DRV - [2006-08-24 12:47:56 | 000,110,080 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dptrackerd.sys -- (dptrackerd)
DRV - [2006-08-16 12:21:00 | 004,304,384 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService)
DRV - [2006-06-16 13:17:38 | 000,074,752 | R--- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ESM7SK.sys -- (ESMCR)
DRV - [2006-06-16 13:17:38 | 000,040,064 | R--- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ESD7SK.sys -- (ESDCR)
DRV - [2006-06-16 13:17:36 | 000,061,056 | R--- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\EMS7SK.sys -- (EMSCR)
DRV - [2006-05-25 17:28:44 | 000,684,265 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\torususb.sys -- (TaurusUsb)
DRV - [2003-08-12 16:51:00 | 000,060,255 | R--- | M] (STMicroelectronics ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stmatm.sys -- (Stmatm)
DRV - [2003-08-04 14:22:44 | 000,016,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCANDIS5.SYS -- (PCANDIS5)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.co...earch_frame.php
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec....&pvid=19.1.0.28
IE - HKCU\..\SearchScopes,DefaultScope = {AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\3.0.40818.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-08-16 20:05:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2011-09-11 11:06:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\iwona\Dane aplikacji\Mozilla\Extensions
[2012-08-10 16:24:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\iwona\Dane aplikacji\Mozilla\Firefox\Profiles\j2zt0y67.default\extensions
[2012-08-10 16:28:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-08-16 20:05:24 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012-08-16 20:05:20 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2012-08-16 20:05:20 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2012-08-16 20:05:20 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2012-08-16 20:05:20 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2012-08-16 20:05:20 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-08-16 20:05:20 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml
O1 HOSTS File: ([2012-08-16 21:54:17 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKCU..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.)
O4 - HKCU..\Run: [Mobile Partner] E:\PLAY ONLINE\PLAY ONLINE.exe ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data]
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1171E37B-51E8-427B-8465-45132E55E82D}: NameServer = 213.158.199.1 213.158.199.5
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 () - http://download3.pos...apety/55692.jpg
O24 - Desktop Components:1 () - http://www.krainatap.../witcher_33.jpg
O24 - Desktop Components:2 () - http://www.krainatap...pory_roku/4.jpg
O24 - Desktop Components:3 () - http://media3.mojage...oppryypyvbi.jpg
O24 - Desktop Components:4 () - http://media4.mojage...9a0d76c4d9f.jpg
O24 - Desktop Components:5 () - Tapety na pulpit hd :: darmowe tapety na komputer
O24 - Desktop Components:6 (Moja bieżąca strona główna) - about:Home
O24 - Desktop WallPaper: C:\Documents and Settings\iwona\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\iwona\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008-02-02 17:27:49 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009-04-30 19:48:12 | 000,126,976 | R--- | M] (Huawei Technologies Co., Ltd.) - H:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2009-05-03 19:59:04 | 000,000,045 | R--- | M] () - H:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{9cbc1aa2-e23d-11e1-b09d-803a0dc0a951}\Shell - "" = AutoRun
O33 - MountPoints2\{9cbc1aa2-e23d-11e1-b09d-803a0dc0a951}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2009-04-30 19:48:12 | 000,126,976 | R--- | M] (Huawei Technologies Co., Ltd.)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 60 Days ==========
[2012-08-16 22:26:07 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\iwona\Pulpit\OTL.exe
[2012-08-16 20:08:09 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012-08-16 16:52:19 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2012-08-16 16:52:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2012-08-16 16:51:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\iwona\Dane aplikacji\HpUpdate
[2012-08-16 16:50:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\HP
[2012-08-16 16:50:28 | 001,907,560 | ---- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\System32\HPScanMiniDrv_DJ1050_J410.dll
[2012-08-16 16:50:07 | 000,264,552 | ---- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\System32\hpinksts8911LM.dll
[2012-08-16 16:50:07 | 000,232,296 | ---- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\System32\hpinksts8911.dll
[2012-08-16 16:50:07 | 000,213,352 | ---- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\System32\hpinkcoi8911.dll
[2012-08-16 16:49:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\HP
[2012-08-16 16:49:16 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2012-08-16 16:48:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\iwona\Ustawienia lokalne\Dane aplikacji\HP
[2012-08-12 19:57:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\iwona\Dane aplikacji\HD Tune Pro
[2012-08-12 19:56:39 | 001,586,610 | ---- | C] (EFD Software ) -- C:\Documents and Settings\iwona\Pulpit\hdtunepro_500_trial.exe
[2012-08-12 19:43:07 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\iwona\Recent
[2012-08-10 20:14:16 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012-08-10 20:14:15 | 000,070,344 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012-08-10 19:50:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\iwona\Ustawienia lokalne\Dane aplikacji\Sun
[2012-08-10 19:49:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012-08-10 19:49:09 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
[2012-08-10 19:48:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\iwona\Dane aplikacji\Oracle
[2012-08-10 19:48:45 | 000,143,872 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2012-08-10 19:48:43 | 000,772,544 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2012-08-10 19:48:43 | 000,227,760 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012-08-10 19:48:34 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012-08-10 19:48:34 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012-08-10 19:46:27 | 000,893,936 | ---- | C] (Oracle Corporation) -- C:\Documents and Settings\iwona\Pulpit\jxpiinstall.exe
[2012-08-09 18:11:45 | 000,000,000 | ---D | C] -- C:\Program Files\Huawei Modems
[2012-08-09 14:10:01 | 000,000,000 | ---D | C] -- C:\Program Files\CrystalDiskInfo
[2012-08-09 11:40:50 | 000,000,000 | ---D | C] -- C:\Program Files\blueconnect
========== Files - Modified Within 60 Days ==========
[2012-08-16 22:26:09 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\iwona\Pulpit\OTL.exe
[2012-08-16 22:00:20 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\iwona\Pulpit\omuueff9.exe
[2012-08-16 21:57:45 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012-08-16 21:57:34 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012-08-16 21:55:20 | 000,102,232 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-08-16 21:54:17 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2012-08-16 21:53:25 | 000,618,227 | ---- | M] () -- C:\Documents and Settings\iwona\Pulpit\adwcleaner.exe
[2012-08-16 20:01:11 | 000,490,866 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2012-08-16 20:01:11 | 000,432,690 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012-08-16 20:01:11 | 000,084,078 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2012-08-16 20:01:11 | 000,067,646 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012-08-16 16:54:46 | 000,150,237 | ---- | M] () -- C:\Documents and Settings\iwona\Pulpit\Scan.jpg
[2012-08-16 16:12:19 | 000,000,787 | ---- | M] () -- C:\WINDOWS\WININIT.INI
[2012-08-15 20:33:49 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012-08-15 20:33:49 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012-08-12 19:56:42 | 001,586,610 | ---- | M] (EFD Software ) -- C:\Documents and Settings\iwona\Pulpit\hdtunepro_500_trial.exe
[2012-08-12 19:48:25 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\iwona\Pulpit\EVEREST Corporate Edition.lnk
[2012-08-11 22:13:15 | 000,466,944 | ---- | M] () -- C:\Documents and Settings\iwona\Pulpit\GreenMP3_33314.mp3
[2012-08-10 19:48:17 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012-08-10 19:48:17 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012-08-10 19:46:27 | 000,893,936 | ---- | M] (Oracle Corporation) -- C:\Documents and Settings\iwona\Pulpit\jxpiinstall.exe
[2012-07-16 22:14:35 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2012-07-05 22:07:08 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2012-07-05 22:06:48 | 000,227,760 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012-07-05 22:06:30 | 000,772,544 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2012-07-05 22:06:20 | 000,687,544 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
========== Files Created - No Company Name ==========
[2012-08-16 22:00:17 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\iwona\Pulpit\omuueff9.exe
[2012-08-16 21:53:25 | 000,618,227 | ---- | C] () -- C:\Documents and Settings\iwona\Pulpit\adwcleaner.exe
[2012-08-16 16:54:46 | 000,150,237 | ---- | C] () -- C:\Documents and Settings\iwona\Pulpit\Scan.jpg
[2012-08-16 16:51:42 | 000,001,077 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Windows Live ID.lnk
[2012-08-12 19:48:25 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\iwona\Pulpit\EVEREST Corporate Edition.lnk
[2012-07-27 16:41:26 | 000,466,944 | ---- | C] () -- C:\Documents and Settings\iwona\Pulpit\GreenMP3_33314.mp3
[2012-01-14 12:49:20 | 000,071,262 | ---- | C] () -- C:\WINDOWS\Huawei ModemsUninstall.exe
[2011-09-11 11:06:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010-09-28 15:42:26 | 000,064,768 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2008-03-27 19:37:24 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\ezsid.dat
[2008-02-25 11:32:11 | 000,021,763 | ---- | C] () -- C:\Documents and Settings\iwona\Menu Start.rar
[2008-02-14 13:19:43 | 000,000,669 | ---- | C] () -- C:\Documents and Settings\iwona\.plugin140_03.trace
[2008-02-02 17:34:42 | 000,050,688 | ---- | C] () -- C:\Documents and Settings\iwona\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== LOP Check ==========
[2009-09-14 13:19:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\2DBoy
[2011-09-30 08:13:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alawar
[2011-09-30 15:51:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alawar Stargaze
[2011-09-17 15:28:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AlawarWrapper
[2011-12-12 19:54:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2011-12-12 19:51:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software
[2011-10-16 14:04:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG2012
[2012-01-14 20:27:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Birdstep Technology
[2011-11-04 17:44:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Buena Vista Games
[2011-10-16 10:14:48 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files
[2011-09-11 11:10:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2011-10-16 14:02:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MFAData
[2009-08-03 13:08:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NFS Underground Demo
[2008-06-30 22:39:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2009-09-21 19:26:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Total Gameplay
[2011-09-30 08:13:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\iwona\Dane aplikacji\Alawar
[2011-09-19 07:59:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\iwona\Dane aplikacji\Alawar Entertainment
[2011-09-30 15:51:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\iwona\Dane aplikacji\Alawar Stargaze
[2012-08-12 19:45:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\iwona\Dane aplikacji\Auslogics
[2011-10-16 14:04:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\iwona\Dane aplikacji\AVG2012
[2012-08-09 18:13:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\iwona\Dane aplikacji\blueconnect
[2011-10-04 09:55:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\iwona\Dane aplikacji\Boolat Games
[2008-03-28 18:57:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\iwona\Dane aplikacji\CamTrack
[2011-09-21 12:24:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\iwona\Dane aplikacji\Frogwares
[2008-02-04 17:32:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\iwona\Dane aplikacji\Gadu-Gadu
[2012-08-13 16:34:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\iwona\Dane aplikacji\Gadu-Gadu 10
[2012-08-12 19:59:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\iwona\Dane aplikacji\HD Tune Pro
[2008-03-28 20:12:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\iwona\Dane aplikacji\ICQ
[2008-03-25 20:48:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\iwona\Dane aplikacji\ICQ Toolbar
[2011-10-14 07:46:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\iwona\Dane aplikacji\iPlus
[2010-09-28 15:53:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\iwona\Dane aplikacji\Nokia
[2012-08-10 19:48:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\iwona\Dane aplikacji\Oracle
[2012-04-20 15:10:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\iwona\Dane aplikacji\Podatnik.info
[2011-12-12 18:14:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\iwona\Dane aplikacji\Rovio
[2012-01-15 17:32:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\iwona\Dane aplikacji\TeamViewer
[2011-09-17 16:07:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\iwona\Dane aplikacji\VampireSagaHL
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:7E95B6FD
< End of report >
OTL by OldTimer - Version 3.2.57.0 Folder = C:\Documents and Settings\iwona\Pulpit
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
502,05 Mb Total Physical Memory | 87,59 Mb Available Physical Memory | 17,45% Memory free
1,20 Gb Paging File | 0,84 Gb Available in Paging File | 70,38% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 9,77 Gb Total Space | 4,45 Gb Free Space | 45,55% Space Free | Partition Type: NTFS
Drive D: | 19,53 Gb Total Space | 19,39 Gb Free Space | 99,27% Space Free | Partition Type: NTFS
Drive E: | 45,22 Gb Total Space | 43,96 Gb Free Space | 97,22% Space Free | Partition Type: NTFS
Drive H: | 22,19 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive I: | 3,74 Gb Total Space | 3,09 Gb Free Space | 82,76% Space Free | Partition Type: FAT32
Computer Name: IWONA-3352FB061 | User Name: iwona | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days
========== Processes (All) ==========
PRC - [2012-08-16 22:26:09 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\iwona\Pulpit\OTL.exe
PRC - [2012-08-16 20:05:24 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012-07-05 22:07:00 | 000,161,704 | ---- | M] (Oracle Corporation) -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
PRC - [2012-01-17 11:07:54 | 000,252,296 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2011-10-20 07:47:25 | 000,114,688 | ---- | M] () -- E:\PLAY ONLINE\PLAY ONLINE.exe
PRC - [2009-08-18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
PRC - [2009-08-18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
PRC - [2007-06-13 15:23:49 | 001,034,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007-04-10 15:01:48 | 000,337,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WgaTray.exe
PRC - [2005-06-11 01:53:32 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2005-01-28 14:44:28 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe
PRC - [2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2004-08-04 00:44:30 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe
PRC - [2004-08-04 00:44:30 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2004-08-04 00:44:28 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2004-08-04 00:44:28 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2004-08-04 00:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2004-08-04 00:44:20 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2004-08-04 00:44:18 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
========== Modules (All) ==========
MOD - [2012-08-16 22:26:09 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\iwona\Pulpit\OTL.exe
MOD - [2012-08-16 20:05:24 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
MOD - [2012-08-16 20:05:24 | 000,573,920 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\gkmedias.dll
MOD - [2012-08-16 20:05:24 | 000,258,528 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\freebl3.dll
MOD - [2012-08-16 20:05:24 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
MOD - [2012-08-16 20:05:23 | 002,003,424 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012-08-16 20:05:23 | 000,829,920 | ---- | M] (sqlite.org) -- C:\Program Files\Mozilla Firefox\mozsqlite3.dll
MOD - [2012-08-16 20:05:23 | 000,770,384 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\msvcr100.dll
MOD - [2012-08-16 20:05:23 | 000,638,432 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nss3.dll
MOD - [2012-08-16 20:05:23 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\msvcp100.dll
MOD - [2012-08-16 20:05:23 | 000,170,976 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nspr4.dll
MOD - [2012-08-16 20:05:23 | 000,068,576 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\mozglue.dll
MOD - [2012-08-16 20:05:23 | 000,015,840 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\mozalloc.dll
MOD - [2012-08-16 20:05:22 | 000,358,368 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nssckbi.dll
MOD - [2012-08-16 20:05:22 | 000,095,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nssdbm3.dll
MOD - [2012-08-16 20:05:22 | 000,092,640 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nssutil3.dll
MOD - [2012-08-16 20:05:20 | 016,060,384 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\xul.dll
MOD - [2012-08-16 20:05:20 | 000,155,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\softokn3.dll
MOD - [2012-08-16 20:05:20 | 000,145,376 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\ssl3.dll
MOD - [2012-08-16 20:05:20 | 000,091,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\smime3.dll
MOD - [2012-08-16 20:05:20 | 000,021,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\plc4.dll
MOD - [2012-08-16 20:05:20 | 000,020,960 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\plds4.dll
MOD - [2012-08-16 20:05:20 | 000,019,424 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\xpcom.dll
MOD - [2012-07-05 22:07:08 | 000,770,384 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\msvcr100.dll
MOD - [2012-07-05 22:07:00 | 000,161,704 | ---- | M] (Oracle Corporation) -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
MOD - [2012-01-17 11:07:54 | 000,252,296 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
MOD - [2011-10-20 07:47:25 | 000,114,688 | ---- | M] () -- E:\PLAY ONLINE\PLAY ONLINE.exe
MOD - [2010-09-22 18:12:42 | 000,378,264 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll
MOD - [2010-06-14 22:19:04 | 000,264,552 | ---- | M] (Hewlett-Packard Co.) -- C:\WINDOWS\system32\hpinksts8911LM.dll
MOD - [2009-08-18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
MOD - [2009-08-18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
MOD - [2009-08-18 11:24:10 | 000,134,144 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
MOD - [2009-07-12 01:12:06 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
MOD - [2009-02-27 20:04:20 | 000,311,296 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.POL
MOD - [2009-01-26 16:31:02 | 001,879,896 | ---- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
MOD - [2008-07-25 11:17:02 | 000,088,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll
MOD - [2008-07-25 11:17:02 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netfxperf.dll
MOD - [2008-07-25 11:17:00 | 000,089,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
MOD - [2008-07-25 11:16:58 | 005,815,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
MOD - [2008-07-25 11:16:58 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mscoree.dll
MOD - [2008-07-25 11:16:40 | 000,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
MOD - [2008-07-06 14:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
MOD - [2008-05-23 12:25:44 | 000,040,960 | ---- | M] () -- E:\PLAY ONLINE\DeviceOperate.dll
MOD - [2008-05-23 12:25:38 | 000,147,456 | ---- | M] () -- E:\PLAY ONLINE\DetectDev.dll
MOD - [2008-05-23 12:25:28 | 000,524,288 | ---- | M] () -- E:\PLAY ONLINE\atcomm.dll
MOD - [2008-05-23 12:24:38 | 000,061,440 | ---- | M] () -- E:\PLAY ONLINE\XCodec.dll
MOD - [2008-05-21 15:58:18 | 000,135,168 | ---- | M] (TODO: <公司名>) -- E:\PLAY ONLINE\StatusBarMgrPlugin.dll
MOD - [2008-05-21 15:58:14 | 000,294,912 | ---- | M] (TODO: <公司名>) -- E:\PLAY ONLINE\XFramePlugin.dll
MOD - [2008-05-21 15:58:10 | 000,114,688 | ---- | M] () -- E:\PLAY ONLINE\NetInfoPlugin.dll
MOD - [2008-05-21 15:58:08 | 000,057,344 | ---- | M] (TODO: <公司名>) -- E:\PLAY ONLINE\NDISPlugin.dll
MOD - [2008-05-21 12:48:12 | 000,139,264 | ---- | M] () -- E:\PLAY ONLINE\LocaleMgrPlugin.dll
MOD - [2008-05-21 12:48:04 | 000,061,440 | ---- | M] (TODO: <公司名>) -- E:\PLAY ONLINE\ToolBarMgrPlugin.dll
MOD - [2008-05-21 12:47:42 | 000,057,344 | ---- | M] (TODO: <公司名>) -- E:\PLAY ONLINE\MenuMgrPlugin.dll
MOD - [2008-05-21 12:47:32 | 000,159,744 | ---- | M] () -- E:\PLAY ONLINE\SMSPlugin.dll
MOD - [2008-05-21 12:47:12 | 000,069,632 | ---- | M] (TODO: <公司名>) -- E:\PLAY ONLINE\LayoutPlugin.dll
MOD - [2008-05-21 12:46:38 | 000,032,768 | ---- | M] () -- E:\PLAY ONLINE\NotifyServicePlugin.dll
MOD - [2008-05-21 12:45:46 | 000,237,568 | ---- | M] (TODO: <公司名>) -- E:\PLAY ONLINE\SMSUIPlugin.dll
MOD - [2008-05-21 12:44:42 | 000,010,752 | ---- | M] (TODO: <公司名>) -- E:\PLAY ONLINE\TracePlugin.dll
MOD - [2008-05-21 12:44:36 | 000,057,344 | ---- | M] () -- E:\PLAY ONLINE\ConfigFilePlugin.dll
MOD - [2008-05-21 12:44:28 | 000,274,432 | ---- | M] (TODO: <公司名>) -- E:\PLAY ONLINE\NetConnectPlugin.dll
MOD - [2008-05-21 12:43:30 | 000,098,304 | ---- | M] () -- E:\PLAY ONLINE\DeviceMgrPlugin.dll
MOD - [2008-05-21 12:43:14 | 000,147,456 | ---- | M] (Huawei Technologies) -- E:\PLAY ONLINE\AddrBookPlugin.dll
MOD - [2008-05-21 12:39:04 | 000,086,016 | ---- | M] () -- E:\PLAY ONLINE\DialUpPlugin.dll
MOD - [2008-05-21 12:37:34 | 000,155,648 | ---- | M] () -- E:\PLAY ONLINE\DeviceMgrUIPlugin.dll
MOD - [2008-05-21 12:36:24 | 000,118,784 | ---- | M] (TODO: ) -- E:\PLAY ONLINE\NetInfoUIExPlugin.dll
MOD - [2008-05-21 12:35:20 | 000,094,208 | ---- | M] (TODO: <公司名>) -- E:\PLAY ONLINE\DialupUIPlugin.dll
MOD - [2008-05-21 12:31:42 | 000,086,016 | ---- | M] (TODO: <公司名>) -- E:\PLAY ONLINE\Container.dll
MOD - [2008-05-21 12:31:20 | 000,651,264 | ---- | M] () -- E:\PLAY ONLINE\NDISAPI.dll
MOD - [2008-04-29 17:27:22 | 000,090,112 | ---- | M] () -- E:\PLAY ONLINE\FileManager.dll
MOD - [2008-04-29 17:27:20 | 000,446,464 | ---- | M] (TODO: <公司名>) -- E:\PLAY ONLINE\SkinMagicExU.dll
MOD - [2008-04-29 17:27:16 | 000,720,896 | ---- | M] (Appspeed Inc.) -- E:\PLAY ONLINE\SkinMagicU.dll
MOD - [2008-04-29 17:27:14 | 000,014,848 | ---- | M] () -- E:\PLAY ONLINE\isaputrace.dll
MOD - [2008-02-20 08:51:41 | 000,282,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-02-20 07:38:07 | 000,148,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dnsapi.dll
MOD - [2008-02-16 11:05:15 | 001,494,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shdocvw.dll
MOD - [2008-02-16 11:05:15 | 000,662,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wininet.dll
MOD - [2008-02-16 11:05:15 | 000,616,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\urlmon.dll
MOD - [2008-02-16 11:05:15 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2008-02-16 11:05:11 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\jsproxy.dll
MOD - [2008-02-16 11:05:10 | 001,023,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browseui.dll
MOD - [2007-12-04 20:42:02 | 000,550,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2007-11-07 11:29:33 | 000,723,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsasrv.dll
MOD - [2007-10-25 18:57:22 | 008,483,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2007-10-20 07:01:32 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wmasf.dll
MOD - [2007-07-30 20:19:42 | 001,712,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuaueng.dll
MOD - [2007-07-09 15:11:53 | 000,584,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2007-06-13 15:23:49 | 001,034,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
MOD - [2007-04-25 16:23:30 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schannel.dll
MOD - [2007-04-18 18:14:32 | 002,854,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msi.dll
MOD - [2007-04-16 17:54:44 | 001,013,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2007-04-10 15:01:48 | 000,337,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WgaTray.exe
MOD - [2007-04-10 15:01:04 | 000,236,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WgaLogon.dll
MOD - [2007-03-08 17:38:47 | 000,579,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2006-12-28 05:34:14 | 000,499,712 | ---- | M] (Microsoft Corporation) -- E:\PLAY ONLINE\msvcp71.dll
MOD - [2006-12-28 05:34:12 | 001,047,552 | ---- | M] (Microsoft Corporation) -- E:\PLAY ONLINE\MFC71u.dll
MOD - [2006-12-28 05:34:10 | 000,348,160 | ---- | M] (Microsoft Corporation) -- E:\PLAY ONLINE\msvcr71.dll
MOD - [2006-12-19 23:51:04 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shsvcs.dll
MOD - [2006-12-19 20:18:25 | 000,334,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wiaservc.dll
MOD - [2006-12-07 07:29:34 | 002,374,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wmvcore.dll
MOD - [2006-10-20 03:39:31 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sxs.dll
MOD - [2006-10-14 10:13:25 | 000,981,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42u.dll
MOD - [2006-08-25 17:51:15 | 000,617,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comctl32.dll
MOD - [2006-08-25 17:51:13 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
MOD - [2006-08-17 14:30:06 | 000,332,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netapi32.dll
MOD - [2006-08-17 14:30:06 | 000,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wkssvc.dll
MOD - [2006-06-26 19:45:40 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasadhlp.dll
MOD - [2006-06-22 12:54:46 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasmans.dll
MOD - [2006-06-22 07:18:14 | 001,439,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\query.dll
MOD - [2006-05-19 15:26:53 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dhcpcsvc.dll
MOD - [2006-05-19 15:26:53 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iphlpapi.dll
MOD - [2006-03-01 21:44:19 | 000,426,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msdtcprx.dll
MOD - [2006-03-01 21:44:19 | 000,161,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msdtcuiu.dll
MOD - [2006-03-01 21:44:19 | 000,091,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mtxoci.dll
MOD - [2006-03-01 21:44:19 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mtxclu.dll
MOD - [2005-10-21 00:30:53 | 001,092,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\esent.dll
MOD - [2005-10-17 23:21:40 | 000,118,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\t2embed.dll
MOD - [2005-09-01 04:28:38 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\linkinfo.dll
MOD - [2005-08-23 05:40:06 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\umpnpmgr.dll
MOD - [2005-08-22 20:36:16 | 000,197,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netman.dll
MOD - [2005-07-26 06:42:36 | 001,284,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2005-07-26 06:42:36 | 000,397,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcss.dll
MOD - [2005-07-26 06:42:34 | 001,267,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comsvcs.dll
MOD - [2005-07-26 06:42:34 | 000,243,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\es.dll
MOD - [2005-07-26 06:42:33 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2005-07-26 06:42:33 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\colbact.dll
MOD - [2005-07-08 18:29:17 | 000,249,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapisrv.dll
MOD - [2005-06-29 03:52:57 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mscms.dll
MOD - [2005-06-15 19:51:00 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kerberos.dll
MOD - [2005-06-11 01:53:32 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
MOD - [2005-03-02 20:18:38 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\authz.dll
MOD - [2004-12-07 21:34:12 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srvsvc.dll
MOD - [2004-08-04 01:44:32 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdmaud.drv
MOD - [2004-08-04 01:44:00 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hidserv.dll
MOD - [2004-08-04 00:54:52 | 000,359,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsvc.dll
MOD - [2004-08-04 00:54:52 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsapi.dll
MOD - [2004-08-04 00:54:52 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cnbjmon.dll
MOD - [2004-08-04 00:54:52 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hid.dll
MOD - [2004-08-04 00:54:52 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pjlmon.dll
MOD - [2004-08-04 00:44:32 | 000,266,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\h323.tsp
MOD - [2004-08-04 00:44:32 | 000,207,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\unimdm.tsp
MOD - [2004-08-04 00:44:32 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2004-08-04 00:44:32 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ndptsp.tsp
MOD - [2004-08-04 00:44:32 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kmddsp.tsp
MOD - [2004-08-04 00:44:32 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hidphone.tsp
MOD - [2004-08-04 00:44:32 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipconf.tsp
MOD - [2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
MOD - [2004-08-04 00:44:30 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe
MOD - [2004-08-04 00:44:30 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
MOD - [2004-08-04 00:44:28 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
MOD - [2004-08-04 00:44:28 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
MOD - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe
MOD - [2004-08-04 00:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
MOD - [2004-08-04 00:44:16 | 000,437,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvsd.dll
MOD - [2004-08-04 00:44:16 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winhttp.dll
MOD - [2004-08-04 00:44:16 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winmm.dll
MOD - [2004-08-04 00:44:16 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wintrust.dll
MOD - [2004-08-04 00:44:16 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll
MOD - [2004-08-04 00:44:16 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmisvc.dll
MOD - [2004-08-04 00:44:16 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprov.dll
MOD - [2004-08-04 00:44:16 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32spl.dll
MOD - [2004-08-04 00:44:16 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winscard.dll
MOD - [2004-08-04 00:44:16 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiutils.dll
MOD - [2004-08-04 00:44:16 | 000,093,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wlnotify.dll
MOD - [2004-08-04 00:44:16 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiaprpl.dll
MOD - [2004-08-04 00:44:16 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2_32.dll
MOD - [2004-08-04 00:44:16 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscsvc.dll
MOD - [2004-08-04 00:44:16 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winsta.dll
MOD - [2004-08-04 00:44:16 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winipsec.dll
MOD - [2004-08-04 00:44:16 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wsock32.dll
MOD - [2004-08-04 00:44:16 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wshtcpip.dll
MOD - [2004-08-04 00:44:16 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2help.dll
MOD - [2004-08-04 00:44:16 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wtsapi32.dll
MOD - [2004-08-04 00:44:16 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winrnr.dll
MOD - [2004-08-04 00:44:16 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauserv.dll
MOD - [2004-08-04 00:44:14 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2004-08-04 00:44:14 | 000,530,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemcore.dll
MOD - [2004-08-04 00:44:14 | 000,430,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\vssapi.dll
MOD - [2004-08-04 00:44:14 | 000,406,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usp10.dll
MOD - [2004-08-04 00:44:14 | 000,388,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\themeui.dll
MOD - [2004-08-04 00:44:14 | 000,296,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\termsrv.dll
MOD - [2004-08-04 00:44:14 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\webcheck.dll
MOD - [2004-08-04 00:44:14 | 000,273,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemess.dll
MOD - [2004-08-04 00:44:14 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2004-08-04 00:44:14 | 000,214,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemcomn.dll
MOD - [2004-08-04 00:44:14 | 000,182,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapi32.dll
MOD - [2004-08-04 00:44:14 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\w32time.dll
MOD - [2004-08-04 00:44:14 | 000,132,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\upnp.dll
MOD - [2004-08-04 00:44:14 | 000,090,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\trkwks.dll
MOD - [2004-08-04 00:44:14 | 000,078,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\unimdmat.dll
MOD - [2004-08-04 00:44:14 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdigest.dll
MOD - [2004-08-04 00:44:14 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tcpmon.dll
MOD - [2004-08-04 00:44:14 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemsvc.dll
MOD - [2004-08-04 00:44:14 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemprox.dll
MOD - [2004-08-04 00:44:14 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2004-08-04 00:44:14 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usbmon.dll
MOD - [2004-08-04 00:44:14 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uniplat.dll
MOD - [2004-08-04 00:44:12 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srsvc.dll
MOD - [2004-08-04 00:44:12 | 000,153,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shmedia.dll
MOD - [2004-08-04 00:44:12 | 000,122,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\stobject.dll
MOD - [2004-08-04 00:44:12 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolss.dll
MOD - [2004-08-04 00:44:12 | 000,068,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sti.dll
MOD - [2004-08-04 00:44:12 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2004-08-04 00:44:12 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shimeng.dll
MOD - [2004-08-04 00:44:12 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ssdpapi.dll
MOD - [2004-08-04 00:44:10 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2004-08-04 00:44:10 | 000,675,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasdlg.dll
MOD - [2004-08-04 00:44:10 | 000,427,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samsrv.dll
MOD - [2004-08-04 00:44:10 | 000,324,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scesrv.dll
MOD - [2004-08-04 00:44:10 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasapi32.dll
MOD - [2004-08-04 00:44:10 | 000,206,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasppp.dll
MOD - [2004-08-04 00:44:10 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schedsvc.dll
MOD - [2004-08-04 00:44:10 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scecli.dll
MOD - [2004-08-04 00:44:10 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\repdrvfs.dll
MOD - [2004-08-04 00:44:10 | 000,140,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc_os.dll
MOD - [2004-08-04 00:44:10 | 000,112,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rastls.dll
MOD - [2004-08-04 00:44:10 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psbase.dll
MOD - [2004-08-04 00:44:10 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\raschap.dll
MOD - [2004-08-04 00:44:10 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll
MOD - [2004-08-04 00:44:10 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasman.dll
MOD - [2004-08-04 00:44:10 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\resutils.dll
MOD - [2004-08-04 00:44:10 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rastapi.dll
MOD - [2004-08-04 00:44:10 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2004-08-04 00:44:10 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\regapi.dll
MOD - [2004-08-04 00:44:10 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rtutils.dll
MOD - [2004-08-04 00:44:10 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sens.dll
MOD - [2004-08-04 00:44:10 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pstorsvc.dll
MOD - [2004-08-04 00:44:10 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\profmap.dll
MOD - [2004-08-04 00:44:10 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2004-08-04 00:44:10 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\seclogon.dll
MOD - [2004-08-04 00:44:10 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\powrprof.dll
MOD - [2004-08-04 00:44:10 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sensapi.dll
MOD - [2004-08-04 00:44:10 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc.dll
MOD - [2004-08-04 00:44:08 | 001,714,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netshell.dll
MOD - [2004-08-04 00:44:08 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netcfgx.dll
MOD - [2004-08-04 00:44:08 | 000,407,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netlogon.dll
MOD - [2004-08-04 00:44:08 | 000,285,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pdh.dll
MOD - [2004-08-04 00:44:08 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oakley.dll
MOD - [2004-08-04 00:44:08 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbc32.dll
MOD - [2004-08-04 00:44:08 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui1.dll
MOD - [2004-08-04 00:44:08 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntshrui.dll
MOD - [2004-08-04 00:44:08 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll
MOD - [2004-08-04 00:44:08 | 000,091,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mydocs.dll
MOD - [2004-08-04 00:44:08 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2004-08-04 00:44:08 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui0.dll
MOD - [2004-08-04 00:44:08 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdsapi.dll
MOD - [2004-08-04 00:44:08 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\ncprov.dll
MOD - [2004-08-04 00:44:08 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlanman.dll
MOD - [2004-08-04 00:44:08 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfctrs.dll
MOD - [2004-08-04 00:44:08 | 000,038,912 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
MOD - [2004-08-04 00:44:08 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ncobjapi.dll
MOD - [2004-08-04 00:44:08 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfproc.dll
MOD - [2004-08-04 00:44:08 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfdisk.dll
MOD - [2004-08-04 00:44:08 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfos.dll
MOD - [2004-08-04 00:44:08 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcbcp.dll
MOD - [2004-08-04 00:44:08 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\nddeapi.dll
MOD - [2004-08-04 00:44:08 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netrap.dll
MOD - [2004-08-04 00:44:08 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlsapi.dll
MOD - [2004-08-04 00:44:06 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msgina.dll
MOD - [2004-08-04 00:44:06 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll
MOD - [2004-08-04 00:44:06 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2004-08-04 00:44:06 | 000,246,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mswsock.dll
MOD - [2004-08-04 00:44:06 | 000,195,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msutb.dll
MOD - [2004-08-04 00:44:06 | 000,129,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msv1_0.dll
MOD - [2004-08-04 00:44:06 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvfw32.dll
MOD - [2004-08-04 00:44:06 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mstlsapi.dll
MOD - [2004-08-04 00:44:06 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mspatcha.dll
MOD - [2004-08-04 00:44:06 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msidle.dll
MOD - [2004-08-04 00:44:06 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msimg32.dll
MOD - [2004-08-04 00:44:04 | 000,586,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mlang.dll
MOD - [2004-08-04 00:44:04 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll
MOD - [2004-08-04 00:44:04 | 000,155,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\modemui.dll
MOD - [2004-08-04 00:44:04 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mprapi.dll
MOD - [2004-08-04 00:44:04 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.dll
MOD - [2004-08-04 00:44:04 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mpr.dll
MOD - [2004-08-04 00:44:04 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msasn1.dll
MOD - [2004-08-04 00:44:02 | 000,343,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\localspl.dll
MOD - [2004-08-04 00:44:02 | 000,331,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipnathlp.dll
MOD - [2004-08-04 00:44:02 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipsecsvc.dll
MOD - [2004-08-04 00:44:02 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\loadperf.dll
MOD - [2004-08-04 00:44:02 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetpp.dll
MOD - [2004-08-04 00:44:02 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\midimap.dll
MOD - [2004-08-04 00:44:00 | 000,346,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hnetcfg.dll
MOD - [2004-08-04 00:44:00 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imagehlp.dll
MOD - [2004-08-04 00:44:00 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2004-08-04 00:44:00 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\icaapi.dll
MOD - [2004-08-04 00:43:58 | 000,472,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\fastprox.dll
MOD - [2004-08-04 00:43:58 | 000,304,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\duser.dll
MOD - [2004-08-04 00:43:58 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\esscli.dll
MOD - [2004-08-04 00:43:58 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2004-08-04 00:43:58 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\faultrep.dll
MOD - [2004-08-04 00:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eventlog.dll
MOD - [2004-08-04 00:43:58 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ersvc.dll
MOD - [2004-08-04 00:43:58 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\feclient.dll
MOD - [2004-08-04 00:43:56 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2004-08-04 00:43:56 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dbghelp.dll
MOD - [2004-08-04 00:43:56 | 000,601,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\crypt32.dll
MOD - [2004-08-04 00:43:56 | 000,520,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptui.dll
MOD - [2004-08-04 00:43:56 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscui.dll
MOD - [2004-08-04 00:43:56 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2004-08-04 00:43:56 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\credui.dll
MOD - [2004-08-04 00:43:56 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscdll.dll
MOD - [2004-08-04 00:43:56 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptnet.dll
MOD - [2004-08-04 00:43:56 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptsvc.dll
MOD - [2004-08-04 00:43:56 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptdll.dll
MOD - [2004-08-04 00:43:56 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\davclnt.dll
MOD - [2004-08-04 00:43:56 | 000,024,064 | ---- | M] (Microsoft Corp.) -- C:\WINDOWS\system32\dmserver.dll
MOD - [2004-08-04 00:43:56 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drprov.dll
MOD - [2004-08-04 00:43:56 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dciman32.dll
MOD - [2004-08-04 00:43:54 | 000,197,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\certcli.dll
MOD - [2004-08-04 00:43:54 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll
MOD - [2004-08-04 00:43:54 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\avifil32.dll
MOD - [2004-08-04 00:43:54 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browser.dll
MOD - [2004-08-04 00:43:54 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cabinet.dll
MOD - [2004-08-04 00:43:54 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\atl.dll
MOD - [2004-08-04 00:43:54 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clusapi.dll
MOD - [2004-08-04 00:43:54 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\audiosrv.dll
MOD - [2004-08-04 00:43:54 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\batmeter.dll
MOD - [2004-08-04 00:43:52 | 001,852,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\AcGenral.dll
MOD - [2004-08-04 00:43:52 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2004-08-04 00:43:52 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\activeds.dll
MOD - [2004-08-04 00:43:52 | 000,143,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\adsldpc.dll
MOD - [2004-08-04 00:43:52 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\actxprxy.dll
MOD - [2004-08-04 00:43:48 | 000,716,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2004-08-04 00:43:42 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapres.dll
MOD - [2004-08-04 00:43:42 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wmi.dll
MOD - [2004-08-04 00:43:30 | 002,953,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\xpsp2res.dll
MOD - [2004-08-04 00:43:14 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcint.dll
MOD - [2004-08-04 00:43:08 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msprivs.dll
MOD - [2004-08-04 00:42:42 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cfgmgr32.dll
MOD - [2004-08-04 00:42:40 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browselc.dll
MOD - [2004-08-04 00:42:34 | 001,712,128 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\GdiPlus.dll
MOD - [2004-08-03 23:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2004-08-03 22:31:44 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsaenh.dll
MOD - [2004-08-03 22:31:44 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dssenh.dll
MOD - [2003-09-20 11:09:48 | 001,118,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\msxml3.dll
MOD - [2001-10-26 21:30:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.drv
MOD - [2001-10-26 21:29:44 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\traffic.dll
MOD - [2001-10-26 21:29:44 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\utildll.dll
MOD - [2001-10-26 21:29:44 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapiperf.dll
MOD - [2001-10-26 21:29:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfnet.dll
MOD - [2001-10-26 21:29:40 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfts.dll
MOD - [2001-10-26 21:29:40 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pschdprf.dll
MOD - [2001-10-26 21:29:40 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsvpperf.dll
MOD - [2001-10-26 21:28:30 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42loc.dll
MOD - [2001-10-26 21:27:00 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lz32.dll
========== Win32 Services (All) ==========
SRV - [2012-08-16 20:05:23 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-08-15 20:33:50 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-07-05 22:07:00 | 000,161,704 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009-08-18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2008-07-29 21:10:04 | 000,046,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2008-07-29 19:24:50 | 000,881,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2008-07-29 19:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008-07-25 11:17:02 | 000,069,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008-07-25 11:16:40 | 000,034,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state)
SRV - [2008-02-20 07:38:07 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dnsrslvr.dll -- (Dnscache)
SRV - [2007-02-05 22:19:48 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\upnphost.dll -- (upnphost)
SRV - [2007-02-02 02:09:48 | 001,204,416 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI.SP1\RpcSandraSrv.exe -- (SandraTheSrv)
SRV - [2007-02-02 02:06:46 | 000,118,784 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI.SP1\Win32\RpcDataSrv.exe -- (SandraDataSrv)
SRV - [2006-12-19 23:51:04 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (Themes)
SRV - [2006-12-19 23:51:04 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (ShellHWDetection)
SRV - [2006-12-19 23:51:04 | 000,135,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (FastUserSwitchingCompatibility)
SRV - [2006-12-19 20:18:25 | 000,334,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc)
SRV - [2006-08-17 14:30:06 | 000,132,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wkssvc.dll -- (lanmanworkstation)
SRV - [2006-06-22 12:54:46 | 000,181,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\rasmans.dll -- (RasMan)
SRV - [2006-05-19 15:26:53 | 000,111,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dhcpcsvc.dll -- (Dhcp)
SRV - [2006-01-04 05:36:30 | 000,068,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\webclnt.dll -- (WebClient)
SRV - [2005-11-14 02:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2005-08-22 20:36:16 | 000,197,632 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\netman.dll -- (Netman)
SRV - [2005-07-26 06:42:36 | 000,397,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (RpcSs)
SRV - [2005-07-26 06:42:36 | 000,397,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (DcomLaunch)
SRV - [2005-07-26 06:42:34 | 000,243,200 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\es.dll -- (EventSystem)
SRV - [2005-07-08 18:29:17 | 000,249,344 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\tapisrv.dll -- (TapiSrv)
SRV - [2005-06-11 01:53:32 | 000,057,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler)
SRV - [2005-05-04 15:45:36 | 000,078,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\msiexec.exe -- (MSIServer)
SRV - [2005-01-28 14:44:28 | 000,038,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wdfmgr.exe -- (UMWdf)
SRV - [2005-01-28 14:44:28 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\MsPMSNSv.dll -- (WmdmPmSN)
SRV - [2004-12-07 21:34:12 | 000,096,768 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srvsvc.dll -- (lanmanserver)
SRV - [2004-08-04 01:44:00 | 000,021,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\hidserv.dll -- (HidServ)
SRV - [2004-08-04 00:54:52 | 000,359,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wzcsvc.dll -- (WZCSVC)
SRV - [2004-08-04 00:44:30 | 000,291,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\vssvc.exe -- (VSS)
SRV - [2004-08-04 00:44:30 | 000,126,464 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\wbem\wmiapsrv.exe -- (WmiApSrv)
SRV - [2004-08-04 00:44:30 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ups.exe -- (UPS)
SRV - [2004-08-04 00:44:28 | 000,141,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\sessmgr.exe -- (RDSessMgr)
SRV - [2004-08-04 00:44:28 | 000,108,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (PlugPlay)
SRV - [2004-08-04 00:44:28 | 000,108,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (Eventlog)
SRV - [2004-08-04 00:44:28 | 000,098,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\scardsvr.exe -- (SCardSvr)
SRV - [2004-08-04 00:44:28 | 000,091,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\smlogsvc.exe -- (SysmonLog)
SRV - [2004-08-04 00:44:28 | 000,075,264 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\tlntsvr.exe -- (TlntSvr)
SRV - [2004-08-04 00:44:26 | 000,114,688 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDEdsdm)
SRV - [2004-08-04 00:44:26 | 000,114,688 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDE)
SRV - [2004-08-04 00:44:24 | 000,006,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\msdtc.exe -- (MSDTC)
SRV - [2004-08-04 00:44:22 | 000,150,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\imapi.exe -- (ImapiService)
SRV - [2004-08-04 00:44:22 | 000,075,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\locator.exe -- (RpcLocator)
SRV - [2004-08-04 00:44:22 | 000,032,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\mnmsrvc.exe -- (mnmsrvc)
SRV - [2004-08-04 00:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (SamSs)
SRV - [2004-08-04 00:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (ProtectedStorage)
SRV - [2004-08-04 00:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (PolicyAgent)
SRV - [2004-08-04 00:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (NtLmSsp)
SRV - [2004-08-04 00:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (Netlogon)
SRV - [2004-08-04 00:44:20 | 000,225,280 | ---- | M] (Microsoft Corp., Veritas Software) [On_Demand | Stopped] -- C:\WINDOWS\System32\dmadmin.exe -- (dmadmin)
SRV - [2004-08-04 00:44:20 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (SwPrv)
SRV - [2004-08-04 00:44:20 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (COMSysApp)
SRV - [2004-08-04 00:44:18 | 000,129,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\xmlprov.dll -- (xmlprov)
SRV - [2004-08-04 00:44:18 | 000,044,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\alg.exe -- (ALG)
SRV - [2004-08-04 00:44:18 | 000,033,280 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\clipsrv.exe -- (ClipSrv)
SRV - [2004-08-04 00:44:18 | 000,005,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\cisvc.exe -- (CiSvc)
SRV - [2004-08-04 00:44:16 | 000,145,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt)
SRV - [2004-08-04 00:44:16 | 000,081,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wscsvc.dll -- (wscsvc)
SRV - [2004-08-04 00:44:16 | 000,006,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - [2004-08-04 00:44:14 | 000,296,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\termsrv.dll -- (TermService)
SRV - [2004-08-04 00:44:14 | 000,175,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\w32time.dll -- (W32Time)
SRV - [2004-08-04 00:44:14 | 000,090,624 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\trkwks.dll -- (TrkWks)
SRV - [2004-08-04 00:44:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\w3ssl.dll -- (HTTPFilter)
SRV - [2004-08-04 00:44:12 | 000,171,008 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srsvc.dll -- (srservice)
SRV - [2004-08-04 00:44:12 | 000,071,680 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\ssdpsrv.dll -- (SSDPSRV)
SRV - [2004-08-04 00:44:10 | 000,382,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\qmgr.dll -- (BITS)
SRV - [2004-08-04 00:44:10 | 000,192,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\schedsvc.dll -- (Schedule)
SRV - [2004-08-04 00:44:10 | 000,089,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rasauto.dll -- (RasAuto)
SRV - [2004-08-04 00:44:10 | 000,059,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\regsvc.dll -- (RemoteRegistry)
SRV - [2004-08-04 00:44:10 | 000,038,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\sens.dll -- (SENS)
SRV - [2004-08-04 00:44:10 | 000,018,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon)
SRV - [2004-08-04 00:44:08 | 000,435,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc)
SRV - [2004-08-04 00:44:08 | 000,038,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc)
SRV - [2004-08-04 00:44:06 | 000,246,784 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\mswsock.dll -- (Nla)
SRV - [2004-08-04 00:44:06 | 000,033,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\msgsvc.dll -- (Messenger)
SRV - [2004-08-04 00:44:02 | 000,331,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ipnathlp.dll -- (SharedAccess)
SRV - [2004-08-04 00:44:02 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lmhsvc.dll -- (LmHosts)
SRV - [2004-08-04 00:43:58 | 000,023,040 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ersvc.dll -- (ERSvc)
SRV - [2004-08-04 00:43:56 | 000,060,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc)
SRV - [2004-08-04 00:43:56 | 000,024,064 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\WINDOWS\system32\dmserver.dll -- (dmserver)
SRV - [2004-08-04 00:43:54 | 000,172,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\appmgmts.dll -- (AppMgmt)
SRV - [2004-08-04 00:43:54 | 000,077,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\browser.dll -- (Browser)
SRV - [2004-08-04 00:43:54 | 000,042,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\audiosrv.dll -- (AudioSrv)
SRV - [2004-08-04 00:43:54 | 000,017,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter)
SRV - [2004-08-04 00:43:52 | 000,686,080 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\advapi32.dll -- (Wmi)
SRV - [2001-10-26 21:30:02 | 000,132,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rsvp.exe -- (RSVP)
SRV - [2001-10-26 21:29:36 | 000,049,152 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\mprdim.dll -- (RemoteAccess)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\DOCUME~1\iwona\USTAWI~1\Temp\kxndyaow.sys -- (kxndyaow)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2010-07-04 21:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2009-12-30 12:20:54 | 000,027,064 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\revoflt.sys -- (Revoflt)
DRV - [2009-09-10 14:55:52 | 000,102,528 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009-07-24 18:33:24 | 000,100,736 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbdev.sys -- (hwusbdev)
DRV - [2009-02-27 16:39:18 | 000,007,552 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewfiltertdidriver.sys -- (filtertdidriver)
DRV - [2008-10-09 15:42:42 | 000,017,408 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV - [2006-11-30 16:14:14 | 000,086,432 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se45obex.sys -- (se45obex)
DRV - [2006-11-30 16:13:56 | 000,061,536 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se45bus.sys -- (se45bus)
DRV - [2006-08-24 12:47:56 | 000,110,080 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dptrackerd.sys -- (dptrackerd)
DRV - [2006-08-16 12:21:00 | 004,304,384 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService)
DRV - [2006-06-16 13:17:38 | 000,074,752 | R--- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ESM7SK.sys -- (ESMCR)
DRV - [2006-06-16 13:17:38 | 000,040,064 | R--- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ESD7SK.sys -- (ESDCR)
DRV - [2006-06-16 13:17:36 | 000,061,056 | R--- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\EMS7SK.sys -- (EMSCR)
DRV - [2006-05-25 17:28:44 | 000,684,265 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\torususb.sys -- (TaurusUsb)
DRV - [2003-08-12 16:51:00 | 000,060,255 | R--- | M] (STMicroelectronics ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stmatm.sys -- (Stmatm)
DRV - [2003-08-04 14:22:44 | 000,016,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCANDIS5.SYS -- (PCANDIS5)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.co...earch_frame.php
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec....&pvid=19.1.0.28
IE - HKCU\..\SearchScopes,DefaultScope = {AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\3.0.40818.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-08-16 20:05:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2011-09-11 11:06:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\iwona\Dane aplikacji\Mozilla\Extensions
[2012-08-10 16:24:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\iwona\Dane aplikacji\Mozilla\Firefox\Profiles\j2zt0y67.default\extensions
[2012-08-10 16:28:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-08-16 20:05:24 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012-08-16 20:05:20 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2012-08-16 20:05:20 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2012-08-16 20:05:20 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2012-08-16 20:05:20 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2012-08-16 20:05:20 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-08-16 20:05:20 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml
O1 HOSTS File: ([2012-08-16 21:54:17 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKCU..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.)
O4 - HKCU..\Run: [Mobile Partner] E:\PLAY ONLINE\PLAY ONLINE.exe ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data]
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1171E37B-51E8-427B-8465-45132E55E82D}: NameServer = 213.158.199.1 213.158.199.5
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 () - http://download3.pos...apety/55692.jpg
O24 - Desktop Components:1 () - http://www.krainatap.../witcher_33.jpg
O24 - Desktop Components:2 () - http://www.krainatap...pory_roku/4.jpg
O24 - Desktop Components:3 () - http://media3.mojage...oppryypyvbi.jpg
O24 - Desktop Components:4 () - http://media4.mojage...9a0d76c4d9f.jpg
O24 - Desktop Components:5 () - Tapety na pulpit hd :: darmowe tapety na komputer
O24 - Desktop Components:6 (Moja bieżąca strona główna) - about:Home
O24 - Desktop WallPaper: C:\Documents and Settings\iwona\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\iwona\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008-02-02 17:27:49 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009-04-30 19:48:12 | 000,126,976 | R--- | M] (Huawei Technologies Co., Ltd.) - H:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2009-05-03 19:59:04 | 000,000,045 | R--- | M] () - H:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{9cbc1aa2-e23d-11e1-b09d-803a0dc0a951}\Shell - "" = AutoRun
O33 - MountPoints2\{9cbc1aa2-e23d-11e1-b09d-803a0dc0a951}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2009-04-30 19:48:12 | 000,126,976 | R--- | M] (Huawei Technologies Co., Ltd.)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 60 Days ==========
[2012-08-16 22:26:07 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\iwona\Pulpit\OTL.exe
[2012-08-16 20:08:09 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012-08-16 16:52:19 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2012-08-16 16:52:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2012-08-16 16:51:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\iwona\Dane aplikacji\HpUpdate
[2012-08-16 16:50:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\HP
[2012-08-16 16:50:28 | 001,907,560 | ---- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\System32\HPScanMiniDrv_DJ1050_J410.dll
[2012-08-16 16:50:07 | 000,264,552 | ---- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\System32\hpinksts8911LM.dll
[2012-08-16 16:50:07 | 000,232,296 | ---- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\System32\hpinksts8911.dll
[2012-08-16 16:50:07 | 000,213,352 | ---- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\System32\hpinkcoi8911.dll
[2012-08-16 16:49:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\HP
[2012-08-16 16:49:16 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2012-08-16 16:48:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\iwona\Ustawienia lokalne\Dane aplikacji\HP
[2012-08-12 19:57:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\iwona\Dane aplikacji\HD Tune Pro
[2012-08-12 19:56:39 | 001,586,610 | ---- | C] (EFD Software ) -- C:\Documents and Settings\iwona\Pulpit\hdtunepro_500_trial.exe
[2012-08-12 19:43:07 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\iwona\Recent
[2012-08-10 20:14:16 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012-08-10 20:14:15 | 000,070,344 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012-08-10 19:50:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\iwona\Ustawienia lokalne\Dane aplikacji\Sun
[2012-08-10 19:49:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012-08-10 19:49:09 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
[2012-08-10 19:48:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\iwona\Dane aplikacji\Oracle
[2012-08-10 19:48:45 | 000,143,872 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2012-08-10 19:48:43 | 000,772,544 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2012-08-10 19:48:43 | 000,227,760 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012-08-10 19:48:34 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012-08-10 19:48:34 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012-08-10 19:46:27 | 000,893,936 | ---- | C] (Oracle Corporation) -- C:\Documents and Settings\iwona\Pulpit\jxpiinstall.exe
[2012-08-09 18:11:45 | 000,000,000 | ---D | C] -- C:\Program Files\Huawei Modems
[2012-08-09 14:10:01 | 000,000,000 | ---D | C] -- C:\Program Files\CrystalDiskInfo
[2012-08-09 11:40:50 | 000,000,000 | ---D | C] -- C:\Program Files\blueconnect
========== Files - Modified Within 60 Days ==========
[2012-08-16 22:26:09 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\iwona\Pulpit\OTL.exe
[2012-08-16 22:00:20 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\iwona\Pulpit\omuueff9.exe
[2012-08-16 21:57:45 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012-08-16 21:57:34 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012-08-16 21:55:20 | 000,102,232 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-08-16 21:54:17 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2012-08-16 21:53:25 | 000,618,227 | ---- | M] () -- C:\Documents and Settings\iwona\Pulpit\adwcleaner.exe
[2012-08-16 20:01:11 | 000,490,866 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2012-08-16 20:01:11 | 000,432,690 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012-08-16 20:01:11 | 000,084,078 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2012-08-16 20:01:11 | 000,067,646 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012-08-16 16:54:46 | 000,150,237 | ---- | M] () -- C:\Documents and Settings\iwona\Pulpit\Scan.jpg
[2012-08-16 16:12:19 | 000,000,787 | ---- | M] () -- C:\WINDOWS\WININIT.INI
[2012-08-15 20:33:49 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012-08-15 20:33:49 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012-08-12 19:56:42 | 001,586,610 | ---- | M] (EFD Software ) -- C:\Documents and Settings\iwona\Pulpit\hdtunepro_500_trial.exe
[2012-08-12 19:48:25 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\iwona\Pulpit\EVEREST Corporate Edition.lnk
[2012-08-11 22:13:15 | 000,466,944 | ---- | M] () -- C:\Documents and Settings\iwona\Pulpit\GreenMP3_33314.mp3
[2012-08-10 19:48:17 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012-08-10 19:48:17 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012-08-10 19:46:27 | 000,893,936 | ---- | M] (Oracle Corporation) -- C:\Documents and Settings\iwona\Pulpit\jxpiinstall.exe
[2012-07-16 22:14:35 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2012-07-05 22:07:08 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2012-07-05 22:06:48 | 000,227,760 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012-07-05 22:06:30 | 000,772,544 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2012-07-05 22:06:20 | 000,687,544 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
========== Files Created - No Company Name ==========
[2012-08-16 22:00:17 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\iwona\Pulpit\omuueff9.exe
[2012-08-16 21:53:25 | 000,618,227 | ---- | C] () -- C:\Documents and Settings\iwona\Pulpit\adwcleaner.exe
[2012-08-16 16:54:46 | 000,150,237 | ---- | C] () -- C:\Documents and Settings\iwona\Pulpit\Scan.jpg
[2012-08-16 16:51:42 | 000,001,077 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Windows Live ID.lnk
[2012-08-12 19:48:25 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\iwona\Pulpit\EVEREST Corporate Edition.lnk
[2012-07-27 16:41:26 | 000,466,944 | ---- | C] () -- C:\Documents and Settings\iwona\Pulpit\GreenMP3_33314.mp3
[2012-01-14 12:49:20 | 000,071,262 | ---- | C] () -- C:\WINDOWS\Huawei ModemsUninstall.exe
[2011-09-11 11:06:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010-09-28 15:42:26 | 000,064,768 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2008-03-27 19:37:24 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\ezsid.dat
[2008-02-25 11:32:11 | 000,021,763 | ---- | C] () -- C:\Documents and Settings\iwona\Menu Start.rar
[2008-02-14 13:19:43 | 000,000,669 | ---- | C] () -- C:\Documents and Settings\iwona\.plugin140_03.trace
[2008-02-02 17:34:42 | 000,050,688 | ---- | C] () -- C:\Documents and Settings\iwona\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== LOP Check ==========
[2009-09-14 13:19:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\2DBoy
[2011-09-30 08:13:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alawar
[2011-09-30 15:51:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alawar Stargaze
[2011-09-17 15:28:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AlawarWrapper
[2011-12-12 19:54:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2011-12-12 19:51:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software
[2011-10-16 14:04:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG2012
[2012-01-14 20:27:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Birdstep Technology
[2011-11-04 17:44:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Buena Vista Games
[2011-10-16 10:14:48 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files
[2011-09-11 11:10:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2011-10-16 14:02:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MFAData
[2009-08-03 13:08:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NFS Underground Demo
[2008-06-30 22:39:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2009-09-21 19:26:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Total Gameplay
[2011-09-30 08:13:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\iwona\Dane aplikacji\Alawar
[2011-09-19 07:59:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\iwona\Dane aplikacji\Alawar Entertainment
[2011-09-30 15:51:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\iwona\Dane aplikacji\Alawar Stargaze
[2012-08-12 19:45:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\iwona\Dane aplikacji\Auslogics
[2011-10-16 14:04:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\iwona\Dane aplikacji\AVG2012
[2012-08-09 18:13:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\iwona\Dane aplikacji\blueconnect
[2011-10-04 09:55:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\iwona\Dane aplikacji\Boolat Games
[2008-03-28 18:57:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\iwona\Dane aplikacji\CamTrack
[2011-09-21 12:24:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\iwona\Dane aplikacji\Frogwares
[2008-02-04 17:32:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\iwona\Dane aplikacji\Gadu-Gadu
[2012-08-13 16:34:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\iwona\Dane aplikacji\Gadu-Gadu 10
[2012-08-12 19:59:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\iwona\Dane aplikacji\HD Tune Pro
[2008-03-28 20:12:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\iwona\Dane aplikacji\ICQ
[2008-03-25 20:48:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\iwona\Dane aplikacji\ICQ Toolbar
[2011-10-14 07:46:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\iwona\Dane aplikacji\iPlus
[2010-09-28 15:53:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\iwona\Dane aplikacji\Nokia
[2012-08-10 19:48:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\iwona\Dane aplikacji\Oracle
[2012-04-20 15:10:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\iwona\Dane aplikacji\Podatnik.info
[2011-12-12 18:14:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\iwona\Dane aplikacji\Rovio
[2012-01-15 17:32:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\iwona\Dane aplikacji\TeamViewer
[2011-09-17 16:07:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\iwona\Dane aplikacji\VampireSagaHL
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:7E95B6FD
< End of report >
Spoiler
OTL Extras logfile created on: 2012-08-16 22:27:09 - Run 2
OTL by OldTimer - Version 3.2.57.0 Folder = C:\Documents and Settings\iwona\Pulpit
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
502,05 Mb Total Physical Memory | 87,59 Mb Available Physical Memory | 17,45% Memory free
1,20 Gb Paging File | 0,84 Gb Available in Paging File | 70,38% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 9,77 Gb Total Space | 4,45 Gb Free Space | 45,55% Space Free | Partition Type: NTFS
Drive D: | 19,53 Gb Total Space | 19,39 Gb Free Space | 99,27% Space Free | Partition Type: NTFS
Drive E: | 45,22 Gb Total Space | 43,96 Gb Free Space | 97,22% Space Free | Partition Type: NTFS
Drive H: | 22,19 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive I: | 3,74 Gb Total Space | 3,09 Gb Free Space | 82,76% Space Free | Partition Type: FAT32
Computer Name: IWONA-3352FB061 | User Name: iwona | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
"22234:TCP" = 22234:TCP:*:Enabled:BitComet 22234 TCP
"22234:UDP" = 22234:UDP:*:Enabled:BitComet 22234 UDP
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI.SP1\RpcSandraSrv.exe" = C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI.SP1\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service -- (SiSoftware)
"C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI.SP1\Win32\RpcDataSrv.exe" = C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI.SP1\Win32\RpcDataSrv.exe:*:Enabled:SiSoftware Database Agent Service -- (SiSoftware)
"C:\Program Files\NetMeeting\conf.exe" = C:\Program Files\NetMeeting\conf.exe:*:Enabled:Windows® NetMeeting® -- (Microsoft Corporation)
"C:\Program Files\Gadu-Gadu 10\gg.exe" = C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.)
"C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files\Kaspersky Internet Security 7.0.1.325\Polish\setup.exe" = C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files\Kaspersky Internet Security 7.0.1.325\Polish\setup.exe:*:Enabled:Kaspersky Internet Security 7.0 Setup -- (Kaspersky Lab)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java™ 6 Update 30
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java™ 7 Update 5
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1045-7B44-A94000000001}" = Adobe Reader 9.4.0 - Polish
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2096}_is1" = SiSoftware Sandra Lite XI.SP1 (Win64/32/CE)
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D458BBDC-0363-42E0-8FF9-4736E3CB3CA2}" = Acer Screensaver
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"AbiWord2" = AbiWord 2.8.6
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"CCleaner" = CCleaner
"DIVXCodec" = DivX Codec 3.1alpha release
"Dragon Fire" = Quest For Glory V: Dragon Fire Sneak Peek
"EVEREST Corporate Edition_is1" = EVEREST Corporate Edition v5.00
"Gadu-Gadu 10" = Gadu-Gadu 10
"Huawei Modems" = Huawei modem
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 14.0.1 (x86 pl)" = Mozilla Firefox 14.0.1 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"OpenAL" = OpenAL
"PLAY ONLINE" = PLAY ONLINE
"Revo Uninstaller Pro_is1" = Revo Uninstaller Pro wersja 2.5.7
"StmAdsl" = ADSL Modem
"Unlocker" = Unlocker 1.9.1
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format Runtime
"WinRAR archiver" = WinRAR 4.01 (32-bitowy)
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 2012-08-09 11:15:20 | Computer Name = IWONA-3352FB061 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd msconfig.exe, wersja 5.1.2600.2180, moduł
powodujący błąd msconfig.exe, wersja 5.1.2600.2180, adres błędu 0x0000c7c7.
Error - 2012-08-09 11:15:38 | Computer Name = IWONA-3352FB061 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd msconfig.exe, wersja 5.1.2600.2180, moduł
powodujący błąd msconfig.exe, wersja 5.1.2600.2180, adres błędu 0x0000c7c7.
Error - 2012-08-09 11:15:54 | Computer Name = IWONA-3352FB061 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd msconfig.exe, wersja 5.1.2600.2180, moduł
powodujący błąd msconfig.exe, wersja 5.1.2600.2180, adres błędu 0x0000c7c7.
Error - 2012-08-09 11:17:06 | Computer Name = IWONA-3352FB061 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd msconfig.exe, wersja 5.1.2600.2180, moduł
powodujący błąd msconfig.exe, wersja 5.1.2600.2180, adres błędu 0x0000c7c7.
Error - 2012-08-09 11:18:08 | Computer Name = IWONA-3352FB061 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd msconfig.exe, wersja 5.1.2600.2180, moduł
powodujący błąd msconfig.exe, wersja 5.1.2600.2180, adres błędu 0x0000c7c7.
Error - 2012-08-09 11:21:34 | Computer Name = IWONA-3352FB061 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd msconfig.exe, wersja 5.1.2600.2180, moduł
powodujący błąd msconfig.exe, wersja 5.1.2600.2180, adres błędu 0x0000c7c7.
Error - 2012-08-09 11:22:41 | Computer Name = IWONA-3352FB061 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd msconfig.exe, wersja 5.1.2600.2180, moduł
powodujący błąd msconfig.exe, wersja 5.1.2600.2180, adres błędu 0x0000c7c7.
Error - 2012-08-09 11:23:05 | Computer Name = IWONA-3352FB061 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd msconfig.exe, wersja 5.1.2600.2180, moduł
powodujący błąd msconfig.exe, wersja 5.1.2600.2180, adres błędu 0x0000c7c7.
Error - 2012-08-16 14:13:20 | Computer Name = IWONA-3352FB061 | Source = MsiInstaller | ID = 11706
Description = Produkt: HP Deskjet 1050 J410 series Badanie ulepszeń produktu --
Błąd 1706. Nie można znaleźć pakietu instalacyjnego dla programu HP Deskjet 1050
J410 series Badanie ulepszeń produktu. Ponownie uruchom instalatora za pomocą właściwej
kopii pakietu instalacyjnego 'D105Ux86.msi'.
Error - 2012-08-16 15:22:08 | Computer Name = IWONA-3352FB061 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd otl.exe, wersja 3.2.39.2, moduł powodujący
błąd , wersja 0.0.0.0, adres błędu 0x00000000.
[ System Events ]
Error - 2012-08-09 11:16:56 | Computer Name = IWONA-3352FB061 | Source = Service Control Manager | ID = 7001
Description = Usługa Telefonia zależy od usługi Plug and Play, której nie można
uruchomić z powodu następującego błędu: %%1058
Error - 2012-08-09 11:16:56 | Computer Name = IWONA-3352FB061 | Source = Service Control Manager | ID = 7001
Description = Usługa Menedżer połączeń usługi Dostęp zdalny zależy od usługi Telefonia,
której nie można uruchomić z powodu następującego błędu: %%1068
Error - 2012-08-09 11:20:28 | Computer Name = IWONA-3352FB061 | Source = Service Control Manager | ID = 7001
Description = Usługa Telefonia zależy od usługi Plug and Play, której nie można
uruchomić z powodu następującego błędu: %%1058
Error - 2012-08-09 11:20:28 | Computer Name = IWONA-3352FB061 | Source = Service Control Manager | ID = 7001
Description = Usługa Menedżer połączeń usługi Dostęp zdalny zależy od usługi Telefonia,
której nie można uruchomić z powodu następującego błędu: %%1068
Error - 2012-08-09 16:39:27 | Computer Name = IWONA-3352FB061 | Source = Service Control Manager | ID = 7034
Description = Usługa Java Quick Starter niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1.
Error - 2012-08-12 13:43:09 | Computer Name = IWONA-3352FB061 | Source = sr | ID = 1
Description = Filtr Przywracania systemu napotkał nieoczekiwany błąd '0xC0000022'
podczas przetwarzania pliku 'desktop.ini' w woluminie 'HarddiskVolume2'. W rezultacie
zostało zatrzymane monitorowanie woluminu.
Error - 2012-08-12 13:43:09 | Computer Name = IWONA-3352FB061 | Source = sr | ID = 1
Description = Filtr Przywracania systemu napotkał nieoczekiwany błąd '0xC0000022'
podczas przetwarzania pliku 'desktop.ini' w woluminie 'HarddiskVolume3'. W rezultacie
zostało zatrzymane monitorowanie woluminu.
Error - 2012-08-16 14:01:11 | Computer Name = IWONA-3352FB061 | Source = Service Control Manager | ID = 7023
Description = Usługa Karta wydajności WMI zakończyła działanie; wystąpił następujący
błąd: %%2147500037
Error - 2012-08-16 14:40:00 | Computer Name = IWONA-3352FB061 | Source = Schedule | ID = 7901
Description = Uruchomienie polecenia At2.job nie powiodło się, ponieważ wystąpił
następujący błąd: %%2147942403
Error - 2012-08-16 15:54:07 | Computer Name = IWONA-3352FB061 | Source = Service Control Manager | ID = 7034
Description = Usługa Java Quick Starter niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1.
< End of report >
OTL by OldTimer - Version 3.2.57.0 Folder = C:\Documents and Settings\iwona\Pulpit
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
502,05 Mb Total Physical Memory | 87,59 Mb Available Physical Memory | 17,45% Memory free
1,20 Gb Paging File | 0,84 Gb Available in Paging File | 70,38% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 9,77 Gb Total Space | 4,45 Gb Free Space | 45,55% Space Free | Partition Type: NTFS
Drive D: | 19,53 Gb Total Space | 19,39 Gb Free Space | 99,27% Space Free | Partition Type: NTFS
Drive E: | 45,22 Gb Total Space | 43,96 Gb Free Space | 97,22% Space Free | Partition Type: NTFS
Drive H: | 22,19 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive I: | 3,74 Gb Total Space | 3,09 Gb Free Space | 82,76% Space Free | Partition Type: FAT32
Computer Name: IWONA-3352FB061 | User Name: iwona | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
"22234:TCP" = 22234:TCP:*:Enabled:BitComet 22234 TCP
"22234:UDP" = 22234:UDP:*:Enabled:BitComet 22234 UDP
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI.SP1\RpcSandraSrv.exe" = C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI.SP1\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service -- (SiSoftware)
"C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI.SP1\Win32\RpcDataSrv.exe" = C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI.SP1\Win32\RpcDataSrv.exe:*:Enabled:SiSoftware Database Agent Service -- (SiSoftware)
"C:\Program Files\NetMeeting\conf.exe" = C:\Program Files\NetMeeting\conf.exe:*:Enabled:Windows® NetMeeting® -- (Microsoft Corporation)
"C:\Program Files\Gadu-Gadu 10\gg.exe" = C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.)
"C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files\Kaspersky Internet Security 7.0.1.325\Polish\setup.exe" = C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files\Kaspersky Internet Security 7.0.1.325\Polish\setup.exe:*:Enabled:Kaspersky Internet Security 7.0 Setup -- (Kaspersky Lab)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java™ 6 Update 30
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java™ 7 Update 5
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1045-7B44-A94000000001}" = Adobe Reader 9.4.0 - Polish
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2096}_is1" = SiSoftware Sandra Lite XI.SP1 (Win64/32/CE)
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D458BBDC-0363-42E0-8FF9-4736E3CB3CA2}" = Acer Screensaver
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"AbiWord2" = AbiWord 2.8.6
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"CCleaner" = CCleaner
"DIVXCodec" = DivX Codec 3.1alpha release
"Dragon Fire" = Quest For Glory V: Dragon Fire Sneak Peek
"EVEREST Corporate Edition_is1" = EVEREST Corporate Edition v5.00
"Gadu-Gadu 10" = Gadu-Gadu 10
"Huawei Modems" = Huawei modem
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 14.0.1 (x86 pl)" = Mozilla Firefox 14.0.1 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"OpenAL" = OpenAL
"PLAY ONLINE" = PLAY ONLINE
"Revo Uninstaller Pro_is1" = Revo Uninstaller Pro wersja 2.5.7
"StmAdsl" = ADSL Modem
"Unlocker" = Unlocker 1.9.1
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format Runtime
"WinRAR archiver" = WinRAR 4.01 (32-bitowy)
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 2012-08-09 11:15:20 | Computer Name = IWONA-3352FB061 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd msconfig.exe, wersja 5.1.2600.2180, moduł
powodujący błąd msconfig.exe, wersja 5.1.2600.2180, adres błędu 0x0000c7c7.
Error - 2012-08-09 11:15:38 | Computer Name = IWONA-3352FB061 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd msconfig.exe, wersja 5.1.2600.2180, moduł
powodujący błąd msconfig.exe, wersja 5.1.2600.2180, adres błędu 0x0000c7c7.
Error - 2012-08-09 11:15:54 | Computer Name = IWONA-3352FB061 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd msconfig.exe, wersja 5.1.2600.2180, moduł
powodujący błąd msconfig.exe, wersja 5.1.2600.2180, adres błędu 0x0000c7c7.
Error - 2012-08-09 11:17:06 | Computer Name = IWONA-3352FB061 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd msconfig.exe, wersja 5.1.2600.2180, moduł
powodujący błąd msconfig.exe, wersja 5.1.2600.2180, adres błędu 0x0000c7c7.
Error - 2012-08-09 11:18:08 | Computer Name = IWONA-3352FB061 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd msconfig.exe, wersja 5.1.2600.2180, moduł
powodujący błąd msconfig.exe, wersja 5.1.2600.2180, adres błędu 0x0000c7c7.
Error - 2012-08-09 11:21:34 | Computer Name = IWONA-3352FB061 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd msconfig.exe, wersja 5.1.2600.2180, moduł
powodujący błąd msconfig.exe, wersja 5.1.2600.2180, adres błędu 0x0000c7c7.
Error - 2012-08-09 11:22:41 | Computer Name = IWONA-3352FB061 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd msconfig.exe, wersja 5.1.2600.2180, moduł
powodujący błąd msconfig.exe, wersja 5.1.2600.2180, adres błędu 0x0000c7c7.
Error - 2012-08-09 11:23:05 | Computer Name = IWONA-3352FB061 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd msconfig.exe, wersja 5.1.2600.2180, moduł
powodujący błąd msconfig.exe, wersja 5.1.2600.2180, adres błędu 0x0000c7c7.
Error - 2012-08-16 14:13:20 | Computer Name = IWONA-3352FB061 | Source = MsiInstaller | ID = 11706
Description = Produkt: HP Deskjet 1050 J410 series Badanie ulepszeń produktu --
Błąd 1706. Nie można znaleźć pakietu instalacyjnego dla programu HP Deskjet 1050
J410 series Badanie ulepszeń produktu. Ponownie uruchom instalatora za pomocą właściwej
kopii pakietu instalacyjnego 'D105Ux86.msi'.
Error - 2012-08-16 15:22:08 | Computer Name = IWONA-3352FB061 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd otl.exe, wersja 3.2.39.2, moduł powodujący
błąd , wersja 0.0.0.0, adres błędu 0x00000000.
[ System Events ]
Error - 2012-08-09 11:16:56 | Computer Name = IWONA-3352FB061 | Source = Service Control Manager | ID = 7001
Description = Usługa Telefonia zależy od usługi Plug and Play, której nie można
uruchomić z powodu następującego błędu: %%1058
Error - 2012-08-09 11:16:56 | Computer Name = IWONA-3352FB061 | Source = Service Control Manager | ID = 7001
Description = Usługa Menedżer połączeń usługi Dostęp zdalny zależy od usługi Telefonia,
której nie można uruchomić z powodu następującego błędu: %%1068
Error - 2012-08-09 11:20:28 | Computer Name = IWONA-3352FB061 | Source = Service Control Manager | ID = 7001
Description = Usługa Telefonia zależy od usługi Plug and Play, której nie można
uruchomić z powodu następującego błędu: %%1058
Error - 2012-08-09 11:20:28 | Computer Name = IWONA-3352FB061 | Source = Service Control Manager | ID = 7001
Description = Usługa Menedżer połączeń usługi Dostęp zdalny zależy od usługi Telefonia,
której nie można uruchomić z powodu następującego błędu: %%1068
Error - 2012-08-09 16:39:27 | Computer Name = IWONA-3352FB061 | Source = Service Control Manager | ID = 7034
Description = Usługa Java Quick Starter niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1.
Error - 2012-08-12 13:43:09 | Computer Name = IWONA-3352FB061 | Source = sr | ID = 1
Description = Filtr Przywracania systemu napotkał nieoczekiwany błąd '0xC0000022'
podczas przetwarzania pliku 'desktop.ini' w woluminie 'HarddiskVolume2'. W rezultacie
zostało zatrzymane monitorowanie woluminu.
Error - 2012-08-12 13:43:09 | Computer Name = IWONA-3352FB061 | Source = sr | ID = 1
Description = Filtr Przywracania systemu napotkał nieoczekiwany błąd '0xC0000022'
podczas przetwarzania pliku 'desktop.ini' w woluminie 'HarddiskVolume3'. W rezultacie
zostało zatrzymane monitorowanie woluminu.
Error - 2012-08-16 14:01:11 | Computer Name = IWONA-3352FB061 | Source = Service Control Manager | ID = 7023
Description = Usługa Karta wydajności WMI zakończyła działanie; wystąpił następujący
błąd: %%2147500037
Error - 2012-08-16 14:40:00 | Computer Name = IWONA-3352FB061 | Source = Schedule | ID = 7901
Description = Uruchomienie polecenia At2.job nie powiodło się, ponieważ wystąpił
następujący błąd: %%2147942403
Error - 2012-08-16 15:54:07 | Computer Name = IWONA-3352FB061 | Source = Service Control Manager | ID = 7034
Description = Usługa Java Quick Starter niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1.
< End of report >
Użytkownik Tomasz6688 edytował ten post 16 08 2012 - 22:39
